Hello all.
We have an issue and i wanted to ask if we can find a solution.
WE are using wildfly 9.0.2 which is using picketbox-4.9.2
This means that we can login to our web app using ldap and also using
<module-option name="rolesCtxDN" value=""/>
In wildfly 10.0.0, which is using picketbox-4.9.4 this is not feasible due to this snippet of class LdapExtLoginModule
protected void rolesSearch(LdapContext ctx, SearchControls constraints, String user, String userDN,
int recursionMax, int nesting) throws NamingException
{
if (rolesCtxDN == null || roleFilter == null || rolesCtxDN.isEmpty() || roleFilter.isEmpty()) {
// no role search initial DN nor role filter specified, so assigning no roles
return;
}
which prevents us from using empty DN for role search.
WE are using JaaS but when i ported it to spring security, it worked fine.
So the question is.. can we find a way of getting this work like picketbox 4.9.2 with empty rolesCtxDN?
Or do we have to stay to version 9.0.2?
Thank you