You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Pierre-Arnaud Marcelot (Created) (JIRA)" <ji...@apache.org> on 2012/01/20 08:34:40 UTC
[jira] [Created] (DIRAPI-68) Unable to bind on an Active Directory
server using 'domain\userid'
Unable to bind on an Active Directory server using 'domain\userid'
------------------------------------------------------------------
Key: DIRAPI-68
URL: https://issues.apache.org/jira/browse/DIRAPI-68
Project: Directory Client API
Issue Type: Bug
Reporter: Pierre-Arnaud Marcelot
Assignee: Pierre-Arnaud Marcelot
Priority: Critical
Unable to bind on an Active Directory server using 'domain\userid'.
The Apache Directory LDAP API doesn't currently handles this and expect a DN as name for a bind request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (DIRAPI-68) Unable to bind on an Active
Directory server using 'domain\userid'
Posted by "Emmanuel Lecharny (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRAPI-68?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13189733#comment-13189733 ]
Emmanuel Lecharny commented on DIRAPI-68:
-----------------------------------------
Forgot to mention that the server should reject BindRequest without any Dn.
This should be done in the BindHandler class, handleSimpleAuth method :
// Stores the Dn of the user to check, and its password
bindContext.setDn( bindRequest.getName() ); <== Here, if the getName() is null and if the String is not null, that means we have not received a valid Dn.
> Unable to bind on an Active Directory server using 'domain\userid'
> ------------------------------------------------------------------
>
> Key: DIRAPI-68
> URL: https://issues.apache.org/jira/browse/DIRAPI-68
> Project: Directory Client API
> Issue Type: Bug
> Affects Versions: 1.0.0-M9
> Reporter: Pierre-Arnaud Marcelot
> Assignee: Pierre-Arnaud Marcelot
> Priority: Critical
> Fix For: 1.0.0-M10
>
>
> Unable to bind on an Active Directory server using 'domain\userid'.
> The Apache Directory LDAP API doesn't currently handles this and expect a DN as name for a bind request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (DIRAPI-68) Unable to bind on an Active Directory
server using 'domain\userid'
Posted by "Pierre-Arnaud Marcelot (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRAPI-68?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pierre-Arnaud Marcelot updated DIRAPI-68:
-----------------------------------------
Affects Version/s: 1.0.0-M9
Fix Version/s: 1.0.0-M10
> Unable to bind on an Active Directory server using 'domain\userid'
> ------------------------------------------------------------------
>
> Key: DIRAPI-68
> URL: https://issues.apache.org/jira/browse/DIRAPI-68
> Project: Directory Client API
> Issue Type: Bug
> Affects Versions: 1.0.0-M9
> Reporter: Pierre-Arnaud Marcelot
> Assignee: Pierre-Arnaud Marcelot
> Priority: Critical
> Fix For: 1.0.0-M10
>
>
> Unable to bind on an Active Directory server using 'domain\userid'.
> The Apache Directory LDAP API doesn't currently handles this and expect a DN as name for a bind request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (DIRAPI-68) Unable to bind on an Active Directory
server using 'domain\userid'
Posted by "Pierre-Arnaud Marcelot (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRAPI-68?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pierre-Arnaud Marcelot resolved DIRAPI-68.
------------------------------------------
Resolution: Fixed
Fixed at revision 1233926.
http://svn.apache.org/viewvc?rev=1233926&view=rev
> Unable to bind on an Active Directory server using 'domain\userid'
> ------------------------------------------------------------------
>
> Key: DIRAPI-68
> URL: https://issues.apache.org/jira/browse/DIRAPI-68
> Project: Directory Client API
> Issue Type: Bug
> Affects Versions: 1.0.0-M9
> Reporter: Pierre-Arnaud Marcelot
> Assignee: Pierre-Arnaud Marcelot
> Priority: Critical
> Fix For: 1.0.0-M10
>
> Attachments: apacheds.diff, shared.diff
>
>
> Unable to bind on an Active Directory server using 'domain\userid'.
> The Apache Directory LDAP API doesn't currently handles this and expect a DN as name for a bind request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (DIRAPI-68) Unable to bind on an Active
Directory server using 'domain\userid'
Posted by "Emmanuel Lecharny (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRAPI-68?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13189695#comment-13189695 ]
Emmanuel Lecharny commented on DIRAPI-68:
-----------------------------------------
There are a few things to change if we want to support domain\userid in a BindRequest.
Currently, using the API, we can sent a bind() using those methods :
- bind( String name )
- bind( Dn name )
- bind( String name, String credentials )
- bind( Dn name, String credentials )
- bind( BindRequest bindRequest )
The first thing would be to allow a user to pass a "domain\userId" with the bind( String [, credentials] ) method. Currently, we convert the String to a DN, and throw an exception if it's not a valid Dn. We can relax that, as the server will anyway validate the name.
The second thing we will have to do is to allow a user to create a BindRequest by passing a String instead of a Dn for the name. ATM, we expect a Dn. Changing that would be quite easy, we just have to add a new field in the BindRequest class, a String. Of course, we can trnslate it to a Dn if it's a valid one.
The third thing would also be to change the codec to generate a correct PDU, when we have a String stored for the name. That's quite easy to do.
Last, not least, in order to be consistent, we must also change the decoder to allow String instead of Dn in a BindRequest PDU.
All those operations are easy, and we must absolutely allow a String for a bind, otherwise the API will be totally useless when connected to a M$ LDAP server (damn M$, which "invented" a new way to connect to his crappy AD server, when SASL was the way to go...)
> Unable to bind on an Active Directory server using 'domain\userid'
> ------------------------------------------------------------------
>
> Key: DIRAPI-68
> URL: https://issues.apache.org/jira/browse/DIRAPI-68
> Project: Directory Client API
> Issue Type: Bug
> Affects Versions: 1.0.0-M9
> Reporter: Pierre-Arnaud Marcelot
> Assignee: Pierre-Arnaud Marcelot
> Priority: Critical
> Fix For: 1.0.0-M10
>
>
> Unable to bind on an Active Directory server using 'domain\userid'.
> The Apache Directory LDAP API doesn't currently handles this and expect a DN as name for a bind request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (DIRAPI-68) Unable to bind on an Active Directory
server using 'domain\userid'
Posted by "Pierre-Arnaud Marcelot (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRAPI-68?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pierre-Arnaud Marcelot updated DIRAPI-68:
-----------------------------------------
Attachment: apacheds.diff
shared.diff
Here are two patches for Shared and ApacheDS trunks.
> Unable to bind on an Active Directory server using 'domain\userid'
> ------------------------------------------------------------------
>
> Key: DIRAPI-68
> URL: https://issues.apache.org/jira/browse/DIRAPI-68
> Project: Directory Client API
> Issue Type: Bug
> Affects Versions: 1.0.0-M9
> Reporter: Pierre-Arnaud Marcelot
> Assignee: Pierre-Arnaud Marcelot
> Priority: Critical
> Fix For: 1.0.0-M10
>
> Attachments: apacheds.diff, shared.diff
>
>
> Unable to bind on an Active Directory server using 'domain\userid'.
> The Apache Directory LDAP API doesn't currently handles this and expect a DN as name for a bind request.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira