directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kiran Ayyagari (JIRA)" <j...@apache.org>
Subject [jira] Closed: (DIRSERVER-1548) LdapSession must be set to anonymous state after failed simple authentication attempt
Date Mon, 18 Oct 2010 22:21:28 GMT

     [ https://issues.apache.org/jira/browse/DIRSERVER-1548?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Kiran Ayyagari closed DIRSERVER-1548.
-------------------------------------

    Resolution: Fixed
      Assignee: Kiran Ayyagari

Applied the patch along with a new test case here http://svn.apache.org/viewvc?rev=1024045&view=rev
Thank you Victor for the report and patch.

> LdapSession must be set to anonymous state after failed simple authentication attempt
> -------------------------------------------------------------------------------------
>
>                 Key: DIRSERVER-1548
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1548
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: ldap
>    Affects Versions: 1.5.7
>            Reporter: Victor Antonovich
>            Assignee: Kiran Ayyagari
>             Fix For: 2.0.0-RC1
>
>         Attachments: BindFailToAnonymousLdapSession.patch
>
>
> At this moment, failed simple authentication attempt lead to unusable LdapSession, because
any subsequent bind attempt with supplied valid credentials in this LdapSession will fail
with error "ERR_732 Cannot process a Request while binding". It's because BindHandler doesn't
reset LdapSession to anonymous state after bind request failure. 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message