Details
-
Bug
-
Resolution: Fixed
-
Major
-
None
-
None
Description
LdapAuthenticationModule blindly passes LDAP group names to GroupManager in collectRoleNames() and collectGroupNames; this can lead to RepositoryExceptions being thrown if a group name contains a ' for instance (which seem to happen on default french AD installations: Administrateurs de l'entreprise)
We should either log/ignore those (specific) exceptions or filter the names...
Checklists
Acceptance criteria
Attachments
Issue Links
- is related to
-
MAGNOLIA-6915 Invalid principalName should not throw InvalidQueryException
-
- Closed
-
-
MGNLLDAP-97 LDAP groups can have names which are illegal in JCR
-
- Closed
-
-
MGNLLDAP-53 UserID needs to be escaped when substituted into a DN string
-
- Closed
-