[
https://issues.apache.org/jira/browse/JS2-847?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Martin Petras updated JS2-847:
------------------------------
Attachment: LdapPrincipalDaoImpl.patch
This patch solves the problem. It adds an extra lookup in LDAP when the user DN
is resolving.
> LDAP user dn is not resolved correctly when user is in hierarchy
> ----------------------------------------------------------------
>
> Key: JS2-847
> URL: https://issues.apache.org/jira/browse/JS2-847
> Project: Jetspeed 2
> Issue Type: Bug
> Components: Security
> Affects Versions: 2.1.3, 2.2
> Reporter: Martin Petras
> Attachments: LdapPrincipalDaoImpl.patch
>
>
> Users in my LDAP are in hierarchy (which represents supervising).
> For example (rootContext is dc=company,dc=com and userFilterBase is o=users):
> dn: uid=bigboss,o=users,dc=company,dc=com
> dn: uid=employer,uid=bigboss,o=users,dc=company,dc=com
> Now method
> org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDaoImpl.getUserDN(String,
> boolean)
> returns invalid DN: uid=employer,o=users,dc=company,dc=com
> This cause that roles and groups are not resolved.
> Let say I have a role:
> dn: cn=admin,o=roles,dc=company,dc=com
> objectClass: groupOfUniqueNames
> objectClass: top
> cn: admin
> uniqueMember: uid=employer,uid=bigboss,o=users,dc=company,dc=com
> but role admin is not assigned to user employer.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
