-
Task
-
Resolution: Fixed
-
Major
-
None
-
None
-
-
Empty show more show less
-
Empty show more show less
-
Kromeriz 143
-
2
According RFC 2253 forward slash '/' is not special character in LDAP, so LDAP DN can contain it, but it's special character to JNDI and should be escaped. See https://docs.oracle.com/javase/8/docs/api/javax/naming/CompositeName.html rules for escaping special characters in compositeNames.
2018-04-13 10:05:36,933 WARN as.sp.ldap.resolver.AbstractUsersWithGroupResolver: Can't resolve users with group [publishers].
javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3179) ~[?:1.8.0_161]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3100) ~[?:1.8.0_161]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2891) ~[?:1.8.0_161]
at com.sun.jndi.ldap.LdapCtx.c_lookup(LdapCtx.java:1033) ~[?:1.8.0_161]
at com.sun.jndi.toolkit.ctx.ComponentContext.c_resolveIntermediate_nns(ComponentContext.java:168) ~[?:1.8.0_161]
at com.sun.jndi.toolkit.ctx.AtomicContext.c_resolveIntermediate_nns(AtomicContext.java:359) ~[?:1.8.0_161]
at com.sun.jndi.toolkit.ctx.ComponentContext.p_resolveIntermediate(ComponentContext.java:397) ~[?:1.8.0_161]
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:227) ~[?:1.8.0_161]
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:141) ~[?:1.8.0_161]
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:129) ~[?:1.8.0_161]
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) ~[?:1.8.0_161]
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:137) ~[?:1.8.0_161]
at info.magnolia.jaas.sp.ldap.resolver.AbstractUsersWithGroupResolver.resolveUserName(AbstractUsersWithGroupResolver.java:192) ~[magnolia-ldap-1.9.3-SNAPSHOT.jar:?]
at info.magnolia.jaas.sp.ldap.resolver.AbstractUsersWithGroupResolver.evaluateGroupsSearchResult(AbstractUsersWithGroupResolver.java:178) ~[magnolia-ldap-1.9.3-SNAPSHOT.jar:?]
at info.magnolia.jaas.sp.ldap.resolver.AbstractUsersWithGroupResolver.resolveUsers(AbstractUsersWithGroupResolver.java:164) ~[magnolia-ldap-1.9.3-SNAPSHOT.jar:?]
at info.magnolia.jaas.sp.ldap.resolver.AbstractUsersWithGroupResolver.getUsersWithGroup(AbstractUsersWithGroupResolver.java:133) ~[magnolia-ldap-1.9.3-SNAPSHOT.jar:?]
at info.magnolia.jaas.sp.ldap.resolver.AbstractUsersWithGroupResolver.getUsersWithGroup(AbstractUsersWithGroupResolver.java:71) ~[magnolia-ldap-1.9.3-SNAPSHOT.jar:?]
at info.magnolia.jaas.sp.ldap.LDAPUserManager.getUsersWithGroup(LDAPUserManager.java:240) ~[magnolia-ldap-1.9.3-SNAPSHOT.jar:?]
at info.magnolia.jaas.sp.ldap.LDAPUserManager.getUsersWithGroup(LDAPUserManager.java:216) ~[magnolia-ldap-1.9.3-SNAPSHOT.jar:?]
For more info see e.g. https://bugs.java.com/bugdatabase/view_bug.do?bug_id=4307193
Acceptance criteria