You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2021/12/14 03:57:00 UTC

[jira] [Commented] (ARTEMIS-3542) Avoid requesting the root attribute when binding a user to LDAP

    [ https://issues.apache.org/jira/browse/ARTEMIS-3542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17458882#comment-17458882 ] 

ASF subversion and git services commented on ARTEMIS-3542:
----------------------------------------------------------

Commit 47e947ad7b726474b61f5ead8056fcaf5c8f1ec2 in activemq-artemis's branch refs/heads/main from Marlon Müller
[ https://gitbox.apache.org/repos/asf?p=activemq-artemis.git;h=47e947a ]

ARTEMIS-3542 Avoid requesting LDAP root attribute

Check getAttributes with dn of user entry to avoid missing permissions


> Avoid requesting the root attribute when binding a user to LDAP
> ---------------------------------------------------------------
>
>                 Key: ARTEMIS-3542
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-3542
>             Project: ActiveMQ Artemis
>          Issue Type: Improvement
>          Components: JAAS
>    Affects Versions: 2.19.0
>            Reporter: Marlon Müller
>            Priority: Minor
>          Time Spent: 1h
>  Remaining Estimate: 0h
>
> Currently the bindUser-method of the LDAPLoginModule tries to verify the user through requesting the root attribute of the LDAP tree. This check fails if the user is not allowed to access the root element although everything else is working properly. 
> To fix this problem the user should only request its own LDAP attribute as this will always be possible.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)