Welcome, Guest! Log In | Create Account

Share

Fedora Commons

Tracker: Bugs (Migrated to Jira)

5 LDAP, JNDI, and Servlet Filter issues - ID: 1731608
Last Update: Settings changed ( cwilper )

ISSUES

1. A bug. Confused usage of local (method) variable and instance field
with the same name "authenticated".

2. Unexpected / strange response from JNDI. Again, this is a non-existent
user with no password provided. In the case seen in the log, JNDI does
not throw an exception. I haven't seen any documentation on what to expect
in this case, and certainly didn't expect this behavior for the specific
case of no password provided. In local testing, I've seen exceptions
thrown always on no password provided. The difference could be due to the
directory server used, I guess. I've changed the code defensively, but need
to test before sending the patch. I will also both
(a) trap the lack of password in the Fedora code itself, so that it's an
error to Fedora before JNDI is called; and
(b) treat empty results returned from the results as non-authentication.
Both of these will be configurable, which will allow further testing if we
want/need to tease this out (i.e., ferret out when exceptions are
unexpectedly not thrown).


3. A bug. The cached authentication value is not reset before the
re-authentication attempt. A re-authentication attempt with exception
thrown then results in using the existing cached value. This is puzzling
especially when the the cached value is --incorrectly-- set to true, as set
in the second login attempt with no password and no exception thrown by
JNDI. That is, case 3 (or 4) is the result of both this bug --and-- case
(2) having incorrectly cached a true authentication value. Strange case
and inadequate testing.

bill niebel ( niebel ) - 2007-06-05 18:50

5

Closed

Works For Me

Nobody/Anonymous

None

None

Public


Comments ( 8 )

Date: 2007-07-03 02:20
Sender: sf-robotSourceForge.net Site Admin


This Tracker item was closed automatically by the system. It was
previously set to a Pending status, and the original submitter
did not respond within 14 days (the time period specified by
the administrator of this Tracker).

Date: 2007-06-18 15:17
Sender: niebel


uploaded readme text and zip file for patch 6012 (also incorporates issue
1721620).
also included a separate debugging readme, for dealing with ldap server
behaving
differently in field from what's seen in development.


Date: 2007-06-18 15:08
Sender: niebel


File Added: fedora-2.2.6012.zip

Date: 2007-06-18 14:53
Sender: niebel


File Added: debugging-readme.txt

Date: 2007-06-18 14:52
Sender: niebel


File Added: readme.txt

Date: 2007-06-06 21:34
Sender: niebel


We should add better init protection against inconsistent parms.

Date: 2007-06-06 20:01
Sender: niebel


I've committed defensive programming for 2 to maintenance-2.2 (@ 6012) and
to
trunk (@ 6013). I'll send email re how I tested this.

Date: 2007-06-05 21:25
Sender: niebel


I've committed bug fixes for 1 and 3 to maintenance-2.2 (@ 6010) and to
trunk (@ 6011). Item 2 will be committed separately.


Attached Files ( 3 )

Filename Description Download
readme.txt how to apply the patch Download
debugging-readme.txt how to debug a problem ldap directory config Download
fedora-2.2.6012.zip classes, source, readme files for patch Download

Changes ( 9 )

Field Old Value Date By
summary ldap servlet filter -- fix bugs revealed at hull 2007-08-13 09:49 cwilper
status_id Pending 2007-07-03 02:20 sf-robot
close_date 2007-06-18 15:20 2007-07-03 02:20 sf-robot
resolution_id None 2007-06-18 15:20 niebel
status_id Open 2007-06-18 15:20 niebel
close_date - 2007-06-18 15:20 niebel
File Added 233538: fedora-2.2.6012.zip 2007-06-18 15:08 niebel
File Added 233534: debugging-readme.txt 2007-06-18 14:53 niebel
File Added 233533: readme.txt 2007-06-18 14:52 niebel


About SourceForge

Find Software

Develop Software

Community

Help

Copyright © 2010 Geeknet, Inc. All rights reserved. Terms of Use