Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.5.5
-
None
-
None
-
WinXPx64, JDK 1_5_0_22, Tomcat 5.0.19, ADS 1.5.5, ADStudio 1.5.0.v20091102
A partition of type:
objectClass=dcObject
objectClass=organization
objectClass=top
dc=example
o=org
Description
1. scenario RDN with escaped leading blank:
private Attribute createObjectClassPerson()
{ Attribute objectClass = new BasicAttribute("objectClass"); objectClass.add("top"); objectClass.add("person"); objectClass.add("organizationalPerson"); objectClass.add("inetOrgPerson"); return objectClass; }public void insert() {
Attributes attributes = new BasicAttributes(false);
attributes.put(createObjectClassPerson());
// attributes.put("cn", "
User"); // This MUST be set if used with leading or trailing blanks! In all the other cases not!
attributes.put("sn", "
Name
");
try { getLdapContext().createSubcontext("cn=\\ User", attributes); }
catch (NamingException e) { e.printStackTrace(); }
}
The result is:
Two cn entries, one with a leading blank and one with an escaped leading blank and a warning
WARN [org.apache.directory.server.core.normalization.NormalizationInterceptor] - The RDN 'cn=
User' is not present in the entry
objectClass=inetOrgPerson
objectClass=organizationalPerson
objectClass=person
objectClass=top
cn= User
cn=\ User
sn=\ Name\
2. scenario RDN with escaped trailing blank:
private Attribute createObjectClassPerson() { Attribute objectClass = new BasicAttribute("objectClass"); objectClass.add("top"); objectClass.add("person"); objectClass.add("organizationalPerson"); objectClass.add("inetOrgPerson"); return objectClass; }
public void insert() {
Attributes attributes = new BasicAttributes(false);
attributes.put(createObjectClassPerson());
// attributes.put("cn", "User
"); // This MUST be set if used with leading or trailing blanks! In all the other cases not!
attributes.put("sn", "
Name
");
try
catch (NamingException e)
{ e.printStackTrace(); }}
The result is a NamingException
javax.naming.NamingException: [LDAP: error code 80 - OTHER: failed for Add Request :
ClientEntry
dn: cn=User\ ,dc=ietpx.bwb,dc=org
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
sn: \ Name\
cn: User
: Unescaped special characters are not allowed]; remaining name 'cn=User\ '
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3085)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(LdapCtx.java:788)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_createSubcontext(ComponentDirContext.java:319)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:248)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:236)
at javax.naming.directory.InitialDirContext.createSubcontext(InitialDirContext.java:178)
at test.BlankTest.insert(BlankTest.java:84)
at test.BlankTest.main(BlankTest.java:92)
Conclusion:
Forgetting to set the RDN attribute explicitely remains undetected until one stores RDN values with leading and/or trailing blanks.
Attachments
Issue Links
- relates to
-
DIRSHARED-40 DN parser, LdapDN, Rdn, Atav issues
- Closed