Uploaded image for project: 'Directory ApacheDS'
  1. Directory ApacheDS
  2. DIRSERVER-1955

Directory Apacheds sends wrong empty response for password policy request

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.0-M15
    • Fix Version/s: 2.0.0-M16
    • Component/s: None
    • Labels:
      None

      Description

      According to ldap password policy draft
      (http://tools.ietf.org/html/draft-behera-ldap-password-policy-10#section-6.2)
      Response Control should contain controlType (1.3.6.1.4.1.42.2.27.8.5.1) and
      the controlValue and the BER encoding of the following type:

      PasswordPolicyResponseValue ::= SEQUENCE {
      warning [0] CHOICE

      { timeBeforeExpiration [0] INTEGER (0 .. maxInt), graceAuthNsRemaining [1] INTEGER (0 .. maxInt) }

      OPTIONAL,
      error [1] ENUMERATED

      { passwordExpired (0), accountLocked (1), changeAfterReset (2), passwordModNotAllowed (3), mustSupplyOldPassword (4), insufficientPasswordQuality (5), passwordTooShort (6), passwordTooYoung (7), passwordInHistory (8) }

      OPTIONAL }

      Empty response should also contain BER encoding of empty sequence.

        Attachments

          Activity

            People

            • Assignee:
              akiran Kiran Ayyagari
              Reporter:
              slebodnikl Lukas Slebodnik
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: