Uploaded image for project: 'Magnolia LDAP support'
  1. Magnolia LDAP support
  2. MGNLLDAP-118

AbstractUsersWithGroupResolver#resolveUserName fails if DN contains forward slash

    Details

    • Type: Task
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.9.3, 1.10.1
    • Labels:
      None
    • Sprint:
      Kromeriz 143
    • Story Points:
      2

      Description

      According RFC 2253 forward slash '/' is not special character in LDAP, so LDAP DN can contain it, but it's special character to JNDI and should be escaped. See https://docs.oracle.com/javase/8/docs/api/javax/naming/CompositeName.html rules for escaping special characters in compositeNames.

      2018-04-13 10:05:36,933 WARN  as.sp.ldap.resolver.AbstractUsersWithGroupResolver: Can't resolve users with group [publishers].
      javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]
      	at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3179) ~[?:1.8.0_161]
      	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3100) ~[?:1.8.0_161]
      	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2891) ~[?:1.8.0_161]
      	at com.sun.jndi.ldap.LdapCtx.c_lookup(LdapCtx.java:1033) ~[?:1.8.0_161]
      	at com.sun.jndi.toolkit.ctx.ComponentContext.c_resolveIntermediate_nns(ComponentContext.java:168) ~[?:1.8.0_161]
      	at com.sun.jndi.toolkit.ctx.AtomicContext.c_resolveIntermediate_nns(AtomicContext.java:359) ~[?:1.8.0_161]
      	at com.sun.jndi.toolkit.ctx.ComponentContext.p_resolveIntermediate(ComponentContext.java:397) ~[?:1.8.0_161]
      	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:227) ~[?:1.8.0_161]
      	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:141) ~[?:1.8.0_161]
      	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:129) ~[?:1.8.0_161]
      	at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) ~[?:1.8.0_161]
      	at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:137) ~[?:1.8.0_161]
      	at info.magnolia.jaas.sp.ldap.resolver.AbstractUsersWithGroupResolver.resolveUserName(AbstractUsersWithGroupResolver.java:192) ~[magnolia-ldap-1.9.3-SNAPSHOT.jar:?]
      	at info.magnolia.jaas.sp.ldap.resolver.AbstractUsersWithGroupResolver.evaluateGroupsSearchResult(AbstractUsersWithGroupResolver.java:178) ~[magnolia-ldap-1.9.3-SNAPSHOT.jar:?]
      	at info.magnolia.jaas.sp.ldap.resolver.AbstractUsersWithGroupResolver.resolveUsers(AbstractUsersWithGroupResolver.java:164) ~[magnolia-ldap-1.9.3-SNAPSHOT.jar:?]
      	at info.magnolia.jaas.sp.ldap.resolver.AbstractUsersWithGroupResolver.getUsersWithGroup(AbstractUsersWithGroupResolver.java:133) ~[magnolia-ldap-1.9.3-SNAPSHOT.jar:?]
      	at info.magnolia.jaas.sp.ldap.resolver.AbstractUsersWithGroupResolver.getUsersWithGroup(AbstractUsersWithGroupResolver.java:71) ~[magnolia-ldap-1.9.3-SNAPSHOT.jar:?]
      	at info.magnolia.jaas.sp.ldap.LDAPUserManager.getUsersWithGroup(LDAPUserManager.java:240) ~[magnolia-ldap-1.9.3-SNAPSHOT.jar:?]
      	at info.magnolia.jaas.sp.ldap.LDAPUserManager.getUsersWithGroup(LDAPUserManager.java:216) ~[magnolia-ldap-1.9.3-SNAPSHOT.jar:?]
      

      For more info see e.g. https://bugs.java.com/bugdatabase/view_bug.do?bug_id=4307193

        Attachments

          Activity

            People

            • Assignee:
              mdivilek Milan Divilek
              Reporter:
              mdivilek Milan Divilek
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: