[DIRSERVER-1955] Directory Apacheds sends wrong empty response for password policy request - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.0-M15
Fix Version/s: 2.0.0-M16
Component/s: None
Labels:
None

Description

According to ldap password policy draft
(http://tools.ietf.org/html/draft-behera-ldap-password-policy-10#section-6.2)
Response Control should contain controlType (1.3.6.1.4.1.42.2.27.8.5.1) and
the controlValue and the BER encoding of the following type:

PasswordPolicyResponseValue ::= SEQUENCE {
warning [0] CHOICE

{ timeBeforeExpiration [0] INTEGER (0 .. maxInt), graceAuthNsRemaining [1] INTEGER (0 .. maxInt) }

OPTIONAL,
error [1] ENUMERATED

{ passwordExpired (0), accountLocked (1), changeAfterReset (2), passwordModNotAllowed (3), mustSupplyOldPassword (4), insufficientPasswordQuality (5), passwordTooShort (6), passwordTooYoung (7), passwordInHistory (8) }

OPTIONAL }

Empty response should also contain BER encoding of empty sequence.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

0001-Fix-sending-empty-response-for-password-policy-reque.patch
04/Feb/14 10:10
5 kB
Lukas Slebodnik

Activity

People

Assignee:: Kiran Ayyagari

Reporter:: Lukas Slebodnik

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 04/Feb/14 10:05

Updated:: 04/Feb/14 13:05

Resolved:: 04/Feb/14 13:05