Nuxeo LDAP service not handling special characters in DN
--------------------------------------------------------
Key: NXP-7118
URL: https://jira.nuxeo.com/browse/NXP-7118
Project: Nuxeo Enterprise Platform
Issue Type: Bug
Components: Directory
Affects Versions: 5.4.1
Reporter: Patrick Turcotte
Priority: Major
We are trying to link Nuxeo with an Active Directory server. Both userDirectory
and groupDirectory work well but it is currently impossible to list the groups
the user is a member of.
The source of the problem was tracked down to the pseudoNormalizeDn method:
{code}
protected static String pseudoNormalizeDn(String dn) {
// this method does not respect the LDAP DN RFCs
// but this is enough to compare our base dns in getLdapTargetIds
dn = dn.replaceAll(", ", ",");
return dn.toLowerCase();
}
{code}
The problem is caused by the fact that the target Active Directory is
configured to use [lastname], [firstname] as the CN as opposed to the more
traditional [firstname] [lastname]. That, and pseudoNormalizeDn, means that DN
like cn=tremblay,jean-jacques,dc=ldap,dc=example,dc=com are being searched by
Nuxeo instead of cn=tremblay\, jean-jacques,dc=example,dc=com.
I believe using javax.naming functions instead of custom parsing with strings
would suit Nuxeo better and serve a more reliable behavior in the long run.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
ECM-tickets mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm-tickets
