[jira] Updated: (DIRSERVER-1548) LdapSession must be set to anonymous state after failed simple authentication attempt

Emmanuel Lecharny (JIRA) Tue, 14 Sep 2010 07:09:15 -0700

     [ 
https://issues.apache.org/jira/browse/DIRSERVER-1548?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Emmanuel Lecharny updated DIRSERVER-1548:
-----------------------------------------

    Fix Version/s: 2.0.0-RC1

This is a really bad issue. Must be fixed asap.

> LdapSession must be set to anonymous state after failed simple authentication 
> attempt
> -------------------------------------------------------------------------------------
>
>                 Key: DIRSERVER-1548
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1548
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: ldap
>    Affects Versions: 1.5.7
>            Reporter: Victor Antonovich
>             Fix For: 2.0.0-RC1
>
>         Attachments: BindFailToAnonymousLdapSession.patch
>
>
> At this moment, failed simple authentication attempt lead to unusable 
> LdapSession, because any subsequent bind attempt with supplied valid 
> credentials in this LdapSession will fail with error "ERR_732 Cannot process 
> a Request while binding". It's because BindHandler doesn't reset LdapSession 
> to anonymous state after bind request failure. 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (DIRSERVER-1548) LdapSession must be set to anonymous state after failed simple authentication attempt

Reply via email to