[jira] [Commented] (DIRSERVER-1734) ads-certificatePassword syntax far too restrictive for actual passwords

Fri, 06 Jul 2012 18:58:37 -0700 

    [ 
https://issues.apache.org/jira/browse/DIRSERVER-1734?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13408534#comment-13408534
 ] 

Sean Kelly commented on DIRSERVER-1734:
---------------------------------------

Thanks for giving my issue a second chance.

I'm somewhat tempted to ask for karma on your project, but then again, the way 
of LDAP is also the way of madness—or some say.

You have my sincere thanks and best wishes.
                
> ads-certificatePassword syntax far too restrictive for actual passwords
> -----------------------------------------------------------------------
>
>                 Key: DIRSERVER-1734
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1734
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 2.0.0-M7
>         Environment: CP/M-86 Java 7 on PDP-11
>            Reporter: Sean Kelly
>            Assignee: Emmanuel Lecharny
>             Fix For: 2.0.0-RC1
>
>
> The password for my keystore happens to be "ec7!J>;;x".
> However, specifying that value in my config.ldif as 
> {{ads-certificatePassword: ec7!J>;;x}} results in a startup failure:
> {noformat}
> [18:08:12] WARN [org.apache.directory.shared.ldap.model.entry.DefaultEntry] - 
> The attribute 'ads-certificatepassword' cannot be stored
> org.apache.directory.shared.ldap.model.exception.LdapOtherException: 
> ERR_04447_CANNOT_NORMALIZE_VALUE Cannot normalize the wrapped value 
> ERR_04473_NOT_VALID_VALUE Not a valid value 'ec7!J>;;x' for the AttributeType 
> 'ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.309
>  NAME 'ads-certificatePassword'
>  DESC The certificate passord
>  EQUALITY caseExactMatch
>  ORDERING caseExactOrderingMatch
>  SUBSTR caseExactSubstringsMatch
>  SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
>  SINGLE-VALUE
>  USAGE userApplications
>  )
> '
>       at 
> org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:77)
>       at 
> org.apache.directory.server.ApacheDsService.initConfigPartition(ApacheDsService.java:284)
>       at 
> org.apache.directory.server.ApacheDsService.start(ApacheDsService.java:166)
>       at org.apache.directory.server.UberjarMain.main(UberjarMain.java:58)
> {noformat}
> Apparently the {{ads-certificatePassword}} property's syntax is 
> 1.3.6.1.4.1.1466.115.121.1.44, which, sadly, is far too restrictive for 
> actual in-use passwords.
> I recommend changing the syntax to something a bit more permissive.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to