Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-3249

Active Directory lookup fails for members of groups with special characters in the name

    Details

    • Similar Issues:

      Description

      If the user is a member of a group which contains a special character as defined
      by javax.naming.CompositeName an exception will happen and the user will be
      unable to log in.

        • Looking at the patch will help to understand the following note **

      The string that we pass into getAttributes is placed into a
      javax.naming.CompositeName. If the string that we pass in has a special
      character ('/' in our case for example) the string that is passed in is
      misunderstood and ends up causing an exception (forget which one right now - had
      this patch in production for a few weeks) and does not allow the user to log in.
      The string that we pass down needs to be properly escaped - I did this by
      enclosing the string in " but it can be done other ways. This will obviously
      fail if the string already contains a " so a better approach might need to be
      taken. Been a few weeks since I have done the investigation, but I think this
      is something that should come back to the mainstream.

      Brian

        Attachments

          Activity

          nairb774 nairb774 created issue -
          Hide
          nairb774 nairb774 added a comment -

          Created an attachment (id=601)
          The patch relating to the initial description

          Show
          nairb774 nairb774 added a comment - Created an attachment (id=601) The patch relating to the initial description
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in hudson
          User: : kohsuke
          Path:
          trunk/hudson/plugins/active-directory/src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java
          http://fisheye4.cenqua.com/changelog/hudson/?cs=16662
          Log:
          [FIXED JENKINS-3249] Active Directory lookup fails for members of groups with special characters in the name

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in hudson User: : kohsuke Path: trunk/hudson/plugins/active-directory/src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java http://fisheye4.cenqua.com/changelog/hudson/?cs=16662 Log: [FIXED JENKINS-3249] Active Directory lookup fails for members of groups with special characters in the name
          scm_issue_link SCM/JIRA link daemon made changes -
          Field Original Value New Value
          Status Open [ 1 ] Resolved [ 5 ]
          Resolution Fixed [ 1 ]
          abayer Andrew Bayer made changes -
          Status Resolved [ 5 ] Closed [ 6 ]
          rtyler R. Tyler Croy made changes -
          Workflow JNJira [ 133322 ] JNJira + In-Review [ 202079 ]

            People

            • Assignee:
              Unassigned
              Reporter:
              nairb774 nairb774
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: