Directory ApacheDS
  1. Directory ApacheDS
  2. DIRSERVER-1803

When the SimpleAuthenticator is disabled, and the auth level is set to SIMPLE, we can bind freely

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Blocker Blocker
    • Resolution: Fixed
    • Affects Version/s: 2.0.0-M10
    • Fix Version/s: 2.0.0-M11
    • Component/s: None
    • Labels:
      None

      Description

      Disable the SimpleAuthenticator, do a SIMPLE bind with a user and a password which don't exist on theserver : you get connected !

      dn: aaa=b
      pwd : azerty

      Connected !

        Activity

          People

          • Assignee:
            Unassigned
            Reporter:
            Emmanuel Lecharny
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development