You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Victor Antonovich (JIRA)" <ji...@apache.org> on 2010/09/14 15:51:35 UTC
[jira] Created: (DIRSERVER-1548) LdapSession must be set to
anonymous state after failed simple authentication attempt
LdapSession must be set to anonymous state after failed simple authentication attempt
-------------------------------------------------------------------------------------
Key: DIRSERVER-1548
URL: https://issues.apache.org/jira/browse/DIRSERVER-1548
Project: Directory ApacheDS
Issue Type: Bug
Components: ldap
Affects Versions: 1.5.7
Reporter: Victor Antonovich
At this moment, failed simple authentication attempt lead to unusable LdapSession, because any subsequent bind attempt with supplied valid credentials in this LdapSession will fail with error "ERR_732 Cannot process a Request while binding". It's because BindHandler doesn't reset LdapSession to anonymous state after bind request failure.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (DIRSERVER-1548) LdapSession must be set to
anonymous state after failed simple authentication attempt
Posted by "Kiran Ayyagari (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1548?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kiran Ayyagari closed DIRSERVER-1548.
-------------------------------------
Resolution: Fixed
Assignee: Kiran Ayyagari
Applied the patch along with a new test case here http://svn.apache.org/viewvc?rev=1024045&view=rev
Thank you Victor for the report and patch.
> LdapSession must be set to anonymous state after failed simple authentication attempt
> -------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1548
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1548
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.5.7
> Reporter: Victor Antonovich
> Assignee: Kiran Ayyagari
> Fix For: 2.0.0-RC1
>
> Attachments: BindFailToAnonymousLdapSession.patch
>
>
> At this moment, failed simple authentication attempt lead to unusable LdapSession, because any subsequent bind attempt with supplied valid credentials in this LdapSession will fail with error "ERR_732 Cannot process a Request while binding". It's because BindHandler doesn't reset LdapSession to anonymous state after bind request failure.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-1548) LdapSession must be set to
anonymous state after failed simple authentication attempt
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1548?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-1548:
-----------------------------------------
Fix Version/s: 2.0.0-RC1
This is a really bad issue. Must be fixed asap.
> LdapSession must be set to anonymous state after failed simple authentication attempt
> -------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1548
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1548
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.5.7
> Reporter: Victor Antonovich
> Fix For: 2.0.0-RC1
>
> Attachments: BindFailToAnonymousLdapSession.patch
>
>
> At this moment, failed simple authentication attempt lead to unusable LdapSession, because any subsequent bind attempt with supplied valid credentials in this LdapSession will fail with error "ERR_732 Cannot process a Request while binding". It's because BindHandler doesn't reset LdapSession to anonymous state after bind request failure.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-1548) LdapSession must be set to
anonymous state after failed simple authentication attempt
Posted by "Victor Antonovich (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1548?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Victor Antonovich updated DIRSERVER-1548:
-----------------------------------------
Attachment: BindFailToAnonymousLdapSession.patch
Bugfix attached.
> LdapSession must be set to anonymous state after failed simple authentication attempt
> -------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1548
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1548
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.5.7
> Reporter: Victor Antonovich
> Attachments: BindFailToAnonymousLdapSession.patch
>
>
> At this moment, failed simple authentication attempt lead to unusable LdapSession, because any subsequent bind attempt with supplied valid credentials in this LdapSession will fail with error "ERR_732 Cannot process a Request while binding". It's because BindHandler doesn't reset LdapSession to anonymous state after bind request failure.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.