This content has been marked as final.
Show 3 replies
-
1. Re: LdapIdentityStore successfully authenticates blank username and password
shane.bryzak Oct 22, 2008 4:34 AM (in response to hermida.leandro.hermida.gmail.com)I've updated IdentityManager to reject empty usernames, however I'm still surprised that at least no exception was thrown for you. I tried this with the seamspace example and it threw an LDAP exception.
-
2. Re: LdapIdentityStore successfully authenticates blank username and password
hermida.leandro.hermida.gmail.com Oct 31, 2008 10:10 PM (in response to hermida.leandro.hermida.gmail.com)Hi,
I will give this a try again with a new Seam Web Project using 2.1.0.GA and report back whether I get an LDAP exception or not.
leandro
-
3. Re: LdapIdentityStore successfully authenticates blank username and password
rogerwbmd Dec 5, 2008 4:34 PM (in response to hermida.leandro.hermida.gmail.com)I am also new to ldap authentication. I have same problem couple days ago. I fixed this by putting
<module-option name="allowEmptyPasswords">false</module-option>
in my ldap application-policy in login-config.xml.
The thing I don't understand is should we do the same thing in LdapIdentyStore. I have not used to it and I wonder if i can use it to pull information (like first name,email out of the ldap)
-Roger