LDAP password case sensitive?
jasonlawrencd Nov 13, 2015 12:51 PMAll,
First time user, so forgive me if this is the wrong place to be asking this question.
We currently validate users against LDAP. A question was asked whether or not we can ignore case when validating against LDAP....meaning a user types PASSWORD or password, and both are accepted. Below is out LDAP module setting from the login-config.xml. Is there a setting to disable case sensitivity when validating the user?
<application-policy name="thePolicy">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.provider.url">ldap://ldapserver:port</module-option>
<module-option name="bindDN">cn=Directory Manager</module-option>
<module-option name="bindCredential">password</module-option>
<module-option name="baseCtxDN">cn=Users,cn=ia,cn=wac</module-option>
<module-option name="baseFilter">(cn={0})</module-option>
<module-option name="rolesCtxDN">cn=Groups,cn=ia,cn=wac</module-option>
<module-option name="roleFilter">(uniquemember={1})</module-option>
<module-option name="roleAttributeID">cn</module-option>
<module-option name="roleAttributeIsDN">false</module-option>
<module-option name="roleNameAttributeID">cn</module-option>
<module-option name="roleRecursion">2</module-option>
<module-option name="searchTimeLimit">5000</module-option>
<module-option name="searchScope">ONELEVEL_SCOPE</module-option>
<module-option name="allowEmptyPasswords">true</module-option>
<module-option name="debug">true</module-option>
</login-module>
<login-module code="org.jboss.security.auth.spi.RoleMappingLoginModule" flag="required">
<module-option name="rolesProperties">RoleMappings.properties</module-option>
<module-option name="replaceRole">true</module-option>
</login-module>
</authentication>
</application-policy>
Any help is greatly appreciated.
Jason