directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Seelmann <>
Subject Re: svn commit: r748560 - /directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/
Date Fri, 27 Feb 2009 17:11:43 GMT wrote:
> URL:
> Log:
> Fixed an error message. If the PrincipalDN was not found, the server sent back a Referral
error. Not very cool ...
> ...
> +                result.setErrorMessage( "Bind principalDn has not
> been found in the server." );

Hm, a potential attacker gets useful information that the DN doesn't
exist. Maybe it is better to return the same error message as if the
password is wrong?

49 - INVALID_CREDENTIALS: Bind failed: Cannot authenticate user

On the other hand, for debugging is is better to get the real cause...

Kind Regards,

View raw message