Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Obsolete
Priority: Medium
Fix Version/s: 4.3
Affects Version/s: 4.0
Component/s: User Management - LDAP Integration
Labels:

Introduced in Version:
4
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Steps to replicate:

Configure on the LDAP repository the Bind DN user to use a password with an XML special character e.g. atlassian&8 .

In JIRA provide all required information in the Configure LDAP authentication page and generate osuser.xml .

<!-- osuser.xml autogenerated by user 'test' on 19/Oct/09 for JIRA 4.0 -->
<opensymphony-user>
    <authenticator class="com.opensymphony.user.authenticator.SmartAuthenticator"/>    
    <provider class="com.opensymphony.user.provider.ldap.LDAPCredentialsProvider">
     <property name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</property>
     <property name="java.naming.provider.url">ldap://172.20.4.147:389</property>
     <property name="searchBase">cn=Users,dc=test2,dc=local</property>
     <property name="uidSearchName">sAMAccountName</property>
     <property name="java.naming.security.principal">administrator</property>
     <property name="java.naming.security.credentials">atlassian&8</property>   
     <property name="exclusive-access">true</property>
    </provider>
    <provider class="com.atlassian.core.ofbiz.osuser.CoreOFBizCredentialsProvider">
        <property name="exclusive-access">true</property>
    </provider>
    <provider class="com.opensymphony.user.provider.ofbiz.OFBizProfileProvider">
        <property name="exclusive-access">true</property>
    </provider>
    <provider class="com.opensymphony.user.provider.ofbiz.OFBizAccessProvider">
        <property name="exclusive-access">true</property>
    </provider>
</opensymphony-user>

Note <property name="java.naming.security.credentials">atlassian&8</property>

Configure JIRA to use the generated osuser.xml .
Restart JIRA to apply the change.

JIRA returns the 404 http status and in the log file reports:

2009-10-19 11:01:17,176 main ERROR     [opensymphony.user.util.ConfigLoader] Could not parse config XML
org.xml.sax.SAXParseException: The entity name must immediately follow the '&' in the entity reference.
	at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source)
	at org.apache.xerces.util.ErrorHandlerWrapper.fatalError(Unknown Source)
	at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
	at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
	at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
	at org.apache.xerces.impl.XMLScanner.reportFatalError(Unknown Source)
	at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanEntityReference(Unknown Source)
	at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source)
	at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
	at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)

Workaround
Manually replace any XML special characters with their escaped form.
In the above osuser.xml should read:

<property name="java.naming.security.credentials">atlassian&amp;8</property>

Attachments

Activity

People

Assignee:: Trevor Campbell (Inactive)

Reporter:: Bogdan Dziedzic [Atlassian]

Votes:: 1 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 19/Oct/2009 12:18 AM

Updated:: 27/Mar/2019 11:57 PM

Resolved:: 22/Nov/2010 3:26 AM