Details

    • Type: Bug Bug
    • Status: Open
    • Priority: Blocker Blocker
    • Resolution: Unresolved
    • Affects Version/s: 2.1.3
    • Fix Version/s: Wish List
    • Component/s: security
    • Security Level: public (Regular issues)
    • Labels:
      None

      Description

      I suggest several important improvements to the LDAP Realm, generally LDAP Realm should support the features of Tomcat's JNDIRealm (http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#JNDIRealm)

      1. a plan should be deployable from the console

      2. LDAP Realm should allow anonymous bind (this is cause for "blocker")

      3. I guess "User Role Search String" means a user attribute the role names are taken from (same as Tomcat's userRoleName property). If this is set, all other role-related attributes should not be necessary. Generally, it should not be necessary to have role-related attributes at all, if you only want the users to log in, but have <role-name>*</role-name>

      4. if "Role User Search String" is empty, there is the wrong error message "option-roleSearchMatching must not be empty"
      There is no Role SearchMatching on the dialog

      5. On the Test Results page: if the test fails, there is only
      Login Failed: LDAP Error
      There should also be the error message and even stacktrace (right now it's in the server log)

        Issue Links

          Activity

          No work has yet been logged on this issue.

            People

            • Assignee:
              Unassigned
              Reporter:
              Jürgen Weber
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:

                Development