Uploaded image for project: 'FishEye'
  1. FishEye
  2. FE-3184

Cannot authenticate LDAP Usernames with '/' in CN

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Medium
    • 4.0.0
    • 2.4.0, 2.4.1
    • None

    Description

      Authentication for a LDAP user with a '/' in CN fails with a similar exception:

      performing search: (CN=another/one) on dc=atlassian,dc=com (authenticated)
LDAP: Initial connect and search successful, but authenticating user as '"cn=another/one,ou=users",dc=atlassian,dc=com' failed.
javax.naming.InvalidNameException - [LDAP: error code 34 - Incorrect DN given : "cn=another/one,ou=users",dc=atlassian,dc=com (0x22 0x63 0x6E 0x3D 0x61 0x6E 0x6F 0x74 0x68 0x65 0x72 0x2F 0x6F 0x6E 0x65 0x2C 0x6F 0x75 0x3D 0x75 0x73 0x65 0x72 0x73 0x22 0x2C 0x64 0x63 0x3D 0x61 0x74 0x6C 0x61 0x73 0x73 0x69 0x61 0x6E 0x2C 0x64 0x63 0x3D 0x63 0x6F 0x6D ) is invalid]
LDAP password check for another/one in 7ms

      where cn='another/one'

      Logs:

      12:37:18 ERROR - LDAP: Initial connect and search successful, but authenticating user as '"cn=another/one,ou=users",dc=atlassian,dc=com' failed.
      javax.naming.InvalidNameException: [LDAP: error code 34 - Incorrect DN given : "cn=another/one,ou=users",dc=atlassian,dc=com (0x22 0x63 0x6E 0x3D 0x61 0x6E 0x6F 0x74 0x68 0x65 0x72 0x2F 0x6F 0x6E 0x65 0x2C 0x6F 0x75 0x3D 0x75 0x73 0x65 0x72 0x73 0x22 0x2C 0x64 0x63 0x3D 0x61 0x74 0x6C 0x61 0x73 0x73 0x69 0x61 0x6E 0x2C 0x64 0x63 0x3D 0x63 0x6F 0x6D ) is invalid]
      at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2926)
      at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732)
      at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2646)
      at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
      at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
      at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
      at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
      at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
      at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
      at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247)
      at javax.naming.InitialContext.init(InitialContext.java:223)
      at javax.naming.InitialContext.<init>(InitialContext.java:197)
      at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. CWD-2898 Use LdapName consistently when manipulating DNs

          • Medium - Medium priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. FE-1940 Apostrophe in username should be valid character

          • Medium - Medium priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-13470 LDAP authentication fail when slash "/" exist in DN

          • Medium - Medium priority issues
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. FE-6195 Failed LDAP authentication if user CN contains parenthesis

          • Low - Low priority issues
          • Closed
          mentioned in

          Page Loading...

          Page Loading...

          Wiki Page Loading...

          Activity

            People

              Unassigned Unassigned
              pswiecicki Piotr Swiecicki
              Votes:
              2 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: