-
Bug
-
Resolution: Fixed
-
Major
-
None
-
None
LdapAuthenticationModule blindly passes LDAP group names to GroupManager in collectRoleNames() and collectGroupNames; this can lead to RepositoryExceptions being thrown if a group name contains a ' for instance (which seem to happen on default french AD installations: Administrateurs de l'entreprise)
We should either log/ignore those (specific) exceptions or filter the names...
Acceptance criteria
- is related to
-
MAGNOLIA-6915 Invalid principalName should not throw InvalidQueryException
- Closed
-
MGNLLDAP-97 LDAP groups can have names which are illegal in JCR
- Closed
-
MGNLLDAP-53 UserID needs to be escaped when substituted into a DN string
- Closed