You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by "Niklas Gustavsson (JIRA)" <ji...@apache.org> on 2008/11/19 16:00:44 UTC

[jira] Commented: (FTPSERVER-220) does not processed correct user's empty password

    [ https://issues.apache.org/jira/browse/FTPSERVER-220?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12649064#action_12649064 ] 

Niklas Gustavsson commented on FTPSERVER-220:
---------------------------------------------

In  org.apache.ftpserver.clienttests.LoginTest.testLoginWithEmptyCorrectPassword() we try to test for this, and in this case testuser3 has the following configuration of the password:
ftpserver.user.testuser3.userpassword=

It seems to work, what am I missing?

> does not processed correct user's empty password
> ------------------------------------------------
>
>                 Key: FTPSERVER-220
>                 URL: https://issues.apache.org/jira/browse/FTPSERVER-220
>             Project: FtpServer
>          Issue Type: Bug
>          Components: Server
>    Affects Versions: 1.0-M3
>            Reporter: Oleg Gorobchuk
>            Assignee: Niklas Gustavsson
>             Fix For: 1.0-M4
>
>
> In the case if user has declared empty password server does not allow to connect user.
> Empty password does not processed for normal user and "anonymous" and for all encrypted modes.
> Sources of problem.
> 1. command PASS blocked using empty password since in this case request contains NULL instead password value and command generates error 501
> 2. In the case of using properties way of user management
> the class PropertiesUserManager, for case of configured empty password, makes decision that user does not exist.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.