0 Replies Latest reply on Mar 15, 2010 7:36 PM by Victor Yelevich

    LdapExtLoginModule userDN quoted when the OU contains a slash

    Victor Yelevich Newbie

      I apologize in advance if this question has already been answered, but I can't seem to find an answer to this issue. I'm using the LdapExtLoginModule on JBoss 4.2.3 GA to authenticate our users against the Active Directory and I ran into an issue with a user that's in an OU which contains a forward slash. I stepped through the code and it seems that the javax.naming.directory.SearchResult#getName() returns a quoted value.


      I found that a similar issue was reported and fixed in the rolesSearch() method in a much earlie version of JBoss by removing the quotes from the SearchResult#getName value. This fix however was not applied to the bindDNAuthentication()




      Here  is the module source:



      Does anyone know if there is a valid reason that the bindDNAuthentication method was not updated and if there is a work around for this issue? As you can imagine having the name of the OU changed is going to be a tough sell.


      SearchResult#getName() for the following user is returns "CN=Smith\, John,OU=Cons/Temps" (with the quotes).


      User's DN:

      CN=Smith\, John,OU=Cons/Temps,OU=Accounts,DC=MYCORP,DC=ORG


      I have the following configuration and since most of my users are in the OU=Accounts,DC=MYCORP,DC=ORG I can't change the baseCtxDN.


      baseFilter: (sAMAccountName={0})
      baseCtxDN: OU=Accounts,DC=MYCORP,DC=ORG


      It also looks like there are no fixes for this issue in the most current version of JBoss. I may however simply be looking in the wrong location. I though this is the current home of the module.




      Thanks in advance for your help.