You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Daniel Henninger (JIRA)" <ji...@apache.org> on 2008/11/02 02:03:44 UTC
[jira] Created: (DIRSERVER-1285) Quotes in DN on simple binds
causes referral error
Quotes in DN on simple binds causes referral error
--------------------------------------------------
Key: DIRSERVER-1285
URL: https://issues.apache.org/jira/browse/DIRSERVER-1285
Project: Directory ApacheDS
Issue Type: Bug
Affects Versions: 1.5.4
Environment: Windows XP, embedded in another java app, jdk 1.6.0
Reporter: Daniel Henninger
A user exists in my database:
uid=openfire,ou=users,ou=system
if I authenticate using that DN, everything is fine
if I authenticate using:
uid="openfire",ou="users",ou="system"
(or any iteration of the quotes)
I get an error:
LDAP: error code 49 - Bind principalDN points to referral.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (DIRSERVER-1285) Quotes in DN on simple binds
causes referral error
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1285?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny reassigned DIRSERVER-1285:
--------------------------------------------
Assignee: Emmanuel Lecharny
> Quotes in DN on simple binds causes referral error
> --------------------------------------------------
>
> Key: DIRSERVER-1285
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1285
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.4
> Environment: Windows XP, embedded in another java app, jdk 1.6.0
> Reporter: Daniel Henninger
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.5
>
>
> A user exists in my database:
> uid=openfire,ou=users,ou=system
> if I authenticate using that DN, everything is fine
> if I authenticate using:
> uid="openfire",ou="users",ou="system"
> (or any iteration of the quotes)
> I get an error:
> LDAP: error code 49 - Bind principalDN points to referral.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-1285) Quotes in DN on simple binds
causes referral error
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1285?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-1285:
-----------------------------------------
Fix Version/s: 1.5.5
> Quotes in DN on simple binds causes referral error
> --------------------------------------------------
>
> Key: DIRSERVER-1285
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1285
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.4
> Environment: Windows XP, embedded in another java app, jdk 1.6.0
> Reporter: Daniel Henninger
> Fix For: 1.5.5
>
>
> A user exists in my database:
> uid=openfire,ou=users,ou=system
> if I authenticate using that DN, everything is fine
> if I authenticate using:
> uid="openfire",ou="users",ou="system"
> (or any iteration of the quotes)
> I get an error:
> LDAP: error code 49 - Bind principalDN points to referral.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1285) Quotes in DN on simple binds
causes referral error
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1285?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12644547#action_12644547 ]
Emmanuel Lecharny commented on DIRSERVER-1285:
----------------------------------------------
I have double checked, and it's clearly a bug in the way we are normalizing the DN with " around the RDN values.
It seems that the value is already normalized once, and that we are trying to normalizing the upValue instead of the normValue.
I have a quick and dirty fix, but I would like to understand first why we are processing the DN the way we do in the lookup method
Index: ldap/src/main/java/org/apache/directory/shared/ldap/name/LdapDN.java
===================================================================
--- ldap/src/main/java/org/apache/directory/shared/ldap/name/LdapDN.java (revision 704239)
+++ ldap/src/main/java/org/apache/directory/shared/ldap/name/LdapDN.java (working copy)
@@ -1365,12 +1365,19 @@
private static void oidNormalize( Rdn rdn, OidNormalizer oidNormalizer ) throws NamingException
{
Object upValue = rdn.getUpValue();
+ Object normValue = rdn.getNormValue();
+
+ if ( normValue != null && upValue != normValue)
+ {
+ upValue = normValue;
+ }
+
String upType = rdn.getUpType();
rdn.clear();
Object normStringValue = DefaultStringNormalizer.normalizeString( ( String ) upValue );
- Object normValue = oidNormalizer.getNormalizer().normalize( normStringValue );
+ Object newNormValue = oidNormalizer.getNormalizer().normalize( normStringValue );
- rdn.addAttributeTypeAndValue( upType, oidNormalizer.getAttributeTypeOid(), upValue, normValue );
+ rdn.addAttributeTypeAndValue( upType, oidNormalizer.getAttributeTypeOid(), upValue, newNormValue );
}
/**
> Quotes in DN on simple binds causes referral error
> --------------------------------------------------
>
> Key: DIRSERVER-1285
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1285
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.4
> Environment: Windows XP, embedded in another java app, jdk 1.6.0
> Reporter: Daniel Henninger
> Fix For: 1.5.5
>
>
> A user exists in my database:
> uid=openfire,ou=users,ou=system
> if I authenticate using that DN, everything is fine
> if I authenticate using:
> uid="openfire",ou="users",ou="system"
> (or any iteration of the quotes)
> I get an error:
> LDAP: error code 49 - Bind principalDN points to referral.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (DIRSERVER-1285) Quotes in DN are not handled
correctly during normalization [was: Quotes in DN on simple binds causes
referral error]
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1285?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny resolved DIRSERVER-1285.
------------------------------------------
Resolution: Fixed
Seems to be fixed. I have added JNDI and LdapAPI tests to demonstrate this :
http://svn.apache.org/viewvc?rev=955967&view=rev
http://svn.apache.org/viewvc?rev=955969&view=rev
> Quotes in DN are not handled correctly during normalization [was: Quotes in DN on simple binds causes referral error]
> ---------------------------------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1285
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1285
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.4
> Environment: Windows XP, embedded in another java app, jdk 1.6.0
> Reporter: Daniel Henninger
> Assignee: Emmanuel Lecharny
> Fix For: 2.0.0-RC1
>
>
> A user exists in my database:
> uid=openfire,ou=users,ou=system
> if I authenticate using that DN, everything is fine
> if I authenticate using:
> uid="openfire",ou="users",ou="system"
> (or any iteration of the quotes)
> I get an error:
> LDAP: error code 49 - Bind principalDN points to referral.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-1285) Quotes in DN are not handled
correctly during normalization [was: Quotes in DN on simple binds causes
referral error]
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1285?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-1285:
-----------------------------------------
Fix Version/s: (was: 1.5.5)
2.0.0-RC1
Summary: Quotes in DN are not handled correctly during normalization [was: Quotes in DN on simple binds causes referral error] (was: Quotes in DN on simple binds causes referral error)
The real problem is that we do a pre-normalization during the DN parsing, where the quoted values are stored pristine into the normValue part, but any following normalization is done on the upValue, which still has the quote in it.
As we have to keep the UpValue intact, we should not do normalization on this upValue, but on this pre-normalized value. However, the way escaped chars are handled is problematic, as we remove the '\' during the pre-normalization.
We have to get rid of those problems, and this has to be done when we will refactor the full DN parsing, which has gone totally wild.
Let's do that for 2.0
> Quotes in DN are not handled correctly during normalization [was: Quotes in DN on simple binds causes referral error]
> ---------------------------------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1285
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1285
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.4
> Environment: Windows XP, embedded in another java app, jdk 1.6.0
> Reporter: Daniel Henninger
> Assignee: Emmanuel Lecharny
> Fix For: 2.0.0-RC1
>
>
> A user exists in my database:
> uid=openfire,ou=users,ou=system
> if I authenticate using that DN, everything is fine
> if I authenticate using:
> uid="openfire",ou="users",ou="system"
> (or any iteration of the quotes)
> I get an error:
> LDAP: error code 49 - Bind principalDN points to referral.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1285) Quotes in DN on simple binds
causes referral error
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1285?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12644550#action_12644550 ]
Emmanuel Lecharny commented on DIRSERVER-1285:
----------------------------------------------
The fix works fine in ADS, but has a bad side effect on shared LDAPDN tests... We have to find another way to deal with UpValues, maybe by adding a flag to the RDN elements, indicating that we have enclosing quotes.
> Quotes in DN on simple binds causes referral error
> --------------------------------------------------
>
> Key: DIRSERVER-1285
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1285
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.4
> Environment: Windows XP, embedded in another java app, jdk 1.6.0
> Reporter: Daniel Henninger
> Assignee: Emmanuel Lecharny
> Fix For: 1.5.5
>
>
> A user exists in my database:
> uid=openfire,ou=users,ou=system
> if I authenticate using that DN, everything is fine
> if I authenticate using:
> uid="openfire",ou="users",ou="system"
> (or any iteration of the quotes)
> I get an error:
> LDAP: error code 49 - Bind principalDN points to referral.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.