Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 24568 invoked from network); 8 Feb 2009 21:27:23 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 8 Feb 2009 21:27:23 -0000 Received: (qmail 2855 invoked by uid 500); 8 Feb 2009 21:27:22 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 2814 invoked by uid 500); 8 Feb 2009 21:27:22 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 2805 invoked by uid 99); 8 Feb 2009 21:27:22 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 08 Feb 2009 13:27:22 -0800 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 08 Feb 2009 21:27:20 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id A1DC6234C4AB for ; Sun, 8 Feb 2009 13:26:59 -0800 (PST) Message-ID: <577186757.1234128419661.JavaMail.jira@brutus> Date: Sun, 8 Feb 2009 13:26:59 -0800 (PST) From: "Stefan Zoerner (JIRA)" To: dev@directory.apache.org Subject: [jira] Updated: (DIRSERVER-1309) Connecting with null password causes wrong LDAP result code In-Reply-To: <710749244.1234128182047.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/DIRSERVER-1309?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Zoerner updated DIRSERVER-1309: -------------------------------------- Attachment: NullPasswordBindTest.java Simple testcase to demonstrate the "problem". > Connecting with null password causes wrong LDAP result code > ----------------------------------------------------------- > > Key: DIRSERVER-1309 > URL: https://issues.apache.org/jira/browse/DIRSERVER-1309 > Project: Directory ApacheDS > Issue Type: Bug > Affects Versions: 1.5.4 > Environment: Windows XP > Java(TM) SE Runtime Environment (build 1.6.0_10-b33) > ApacheDS 1.5.4 > Sun ONE Directory SDK for Java 4.1 > Reporter: Stefan Zoerner > Priority: Minor > Fix For: 2.0.0-RC1 > > Attachments: NullPasswordBindTest.java > > > If a client tries to bind to the server with password value "null", the bind fails (OK) and the return code is 53 (LDAP_UNWILLING_TO_PERFORM). > The expected behaviour according to the Open Group is different: > Either we return error code 48 (LDAP_INAPPROPRIATE_AUTH) or 49 (LDAP_INVALID_CREDENTIALS), or we bind successfully, but accepts this as an anonymous client. > IBM Tivoli Directory Server 6.0 for instance raises an RC 48. > Sun Java System Directory Server 5.2 has chosen option 2 (accepting as anonymous bind). > Please note that it is tricky to reproduce with JNDI. If you set the password in JNDI explicitly to null, you cause an NPE on the client. I will continue to find a solution here. In the maentime, find attached a test case with Sun ONE Directory SDK for Java 4.1. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.