[
https://jira.nuxeo.com/browse/NXP-7071?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Florent Guillaume updated NXP-7071:
-----------------------------------
Fix Version/s: 5.4.3
> Nuxeo LDAP service not handling special characters in DN
> --------------------------------------------------------
>
> Key: NXP-7071
> URL: https://jira.nuxeo.com/browse/NXP-7071
> Project: Nuxeo Enterprise Platform
> Issue Type: Bug
> Components: Directory
> Reporter: François-Denis Gonthier
> Priority: Major
> Fix For: 5.4.3
>
>
> We are trying to link Nuxeo with an Active Directory server. Both
> userDirectory and groupDirectory work well but it is currently impossible to
> list the groups the user is a member of.
> The source of the problem was tracked down to the pseudoNormalizeDn method:
> protected static String pseudoNormalizeDn(String dn) {
> // this method does not respect the LDAP DN RFCs
> // but this is enough to compare our base dns in getLdapTargetIds
> dn = dn.replaceAll(", ", ",");
> return dn.toLowerCase();
> }
> The problem is caused by the fact that the target Active Directory is
> configured to use [lastname], [firstname] as the CN as opposed to the more
> traditional [firstname] [lastname]. That, and pseudoNormalizeDn, means that
> DN like cn=tremblay,jean-jacques,dc=ldap,dc=example,dc=com are being searched
> by Nuxeo instead of cn=tremblay\, jean-jacques,dc=example,dc=com.
> I believe using javax.naming functions instead of custom parsing with strings
> would suit Nuxeo better and serve a more reliable behavior in the long run.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
ECM-tickets mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm-tickets
