DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42579>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42579 Summary: JNDIRealm fails to parse absolute names Product: Tomcat 5 Version: 5.5.9 Platform: All OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] Active Directory can respond to a query with SearchResult's that are not relative. We discovered this happening with a directory hosted across many servers when the userBase was not sufficient to identify a single server. In getUserBySearch, JNDIRealm assumes that the SearchResult is relative and goes about creating a DN for the user by appending together the various bits of names it gets back. This is definitely wrong for absolute names which are URL's of the form: ldap://server/encoded_user_dn I discovered this issue in Tomcat 5.5 and a cursory look at the SVN repo for Tomcat 6.0 reveals that this bug is also present there. I have a patch for this issue which I will attach. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
