DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=16511>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=16511 no-secure passwords not allowed with LDAP Summary: no-secure passwords not allowed with LDAP Product: Jetspeed Version: 1.4b3 Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: Other Component: Security AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] Login cause a StringIndexOutOfBoundsException in LDAPAuthentication.java at line 145 (Jetspeed 1.4b3) when services.JetspeedSecurity.secure.passwords=false The password is stored in plain-text in LDAP, but when LDAPAuthenticatio.login() method checks it, there is a test for an encrypted password. Sorry, but i've no patch to submit, i discoverd this with a bad configuration file, because we use always secure passwords. This bug could comes with bug# 14914 -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
