Apache Directory Project - [jira] Closed: (DIREVE-284) Simple bind fails for entries with certain partition suffi

This is Interesting: Free IT Magazines  
Home > Archive > Apache Directory Project > October 2005 > [jira] Closed: (DIREVE-284) Simple bind fails for entries with certain partition suffi





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author [jira] Closed: (DIREVE-284) Simple bind fails for entries with certain partition suffi
Stefan Zoerner (JIRA)

2005-10-25, 5:45 pm

[ http://issues.apache.org/jira/brows...VE-284?page=all ]

Stefan Zoerner closed DIREVE-284:
---------------------------------


I have rebuilt the server and retested the functionality with the problematic partition suffix names I encountered ("dc=aPache,dc=org" and "o=sevenSeas"). Bind ops from users within these partitions have worked as expected. Hence I close this one. Thanks
Alex for fixing it!

> Simple bind fails for entries with certain partition suffix names
> -----------------------------------------------------------------
>
> Key: DIREVE-284
> URL: http://issues.apache.org/jira/browse/DIREVE-284
> Project: Directory Server
> Type: Bug
> Reporter: Stefan Zoerner
> Assignee: Alex Karasulu
> Fix For: 0.9.3

>
> Some users (i.e. person entries with userPassword attribute) can't authenticate to the server via simple bind. The problem does not exist with entries located in ou=system or dc=apache,dc=org. To give an example:
> I used the default server.xml from
> http://svn.apache.org/viewcvs.cgi/d...main/server.xml
> to start the server and added the following entry:
> dn: cn=Kate Bush,dc=apache,dc=org
> cn: Kate Bush
> objectclass: top
> objectclass: person
> sn: Bush
> userPassword: Aerial
> After that, the following works as expected:
> $ ldapsearch -h magritte -p 10389 -D "cn=Kate Bush,dc=apache,dc=org" -w Aerial -b "dc=apache,dc=org" "(sn=Bush)" cn
> cn=Kate Bush,dc=apache,dc=org
> cn=Kate Bush
> $
> and providing a wrong password leads to an "invalid credentials".
> But if I use "dc=aPache,dc=org" as suffix within the partition configuration, i.e.
> <property name="suffix"><value>dc=aPache,dc=org</value></property>
> adjust other occurrences of dc=apache as well and import the person entry above with DN "cn=Kate Bush,dc=aPache,dc=org", the following happens:
> $ ldapsearch -h magritte -p 10389 -D "cn=Kate Bush,dc=aPache,dc=org" -w Aerial -b "dc=aPache,dc=org" "(sn=Bush)" cn
> ldap_simple_bind: Invalid credentials
> $
> But this still works:
> $ ldapsearch -h magritte -p 10389 -D "uid=admin,ou=system" -w secret -b "dc=aPache,dc=org" "(sn=Bush)"
> cn=Kate Bush,dc=aPache,dc=org
> sn=Bush
> cn=Kate Bush
> objectclass=person
> objectclass=top
> userPassword=Aerial
> $
> I have the same problem with suffix "o=sevenSeas" (actually it was the first occurrence I found), and the defect disappears with "o=sevenseas".
> I therefore assume that the authenticator used for simple binds has problems with the mixed characters in the suffices.

--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secur...nistrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com