Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-4476

[Java broker] SimpleLDAPAuthenticationManager returns different Principal name formats for sasl vs non-sasl usage

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.18, 0.20
    • Fix Version/s: 0.20, 0.21
    • Component/s: Broker-J
    • Labels:
      None

      Description

      The SimpleLDAPAuthenticationManager returns different Principal name formats for sasl vs non-sasl usage.

      In the sasl case, the PlainSaslServer returns the basic username that was originally provided, but in the non-sasl case the SimpleLDAPAuthenticationManager returns a Principal based on the search context/filter. This leads to inconsistent behaviour between e.g. AMQP and JMX interface authentication, and in the later case means it is not possible to specify the user be included as part of an group.

      The non-sasl behaviour should be updated to be consistent with the sasl behaviour.

        Attachments

          Activity

            People

            • Assignee:
              rgodfrey Rob Godfrey
              Reporter:
              gemmellr Robbie Gemmell
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: