directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRSERVER-1955) Directory Apacheds sends wrong empty response for password policy request
Date Tue, 04 Feb 2014 13:04:09 GMT

    [ https://issues.apache.org/jira/browse/DIRSERVER-1955?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13890630#comment-13890630
] 

Emmanuel Lecharny commented on DIRSERVER-1955:
----------------------------------------------

I confirm that if we don't send a warning or an error, we should send an empry sequence (ie
0x30 0x00)

> Directory Apacheds sends wrong empty response for password policy request
> -------------------------------------------------------------------------
>
>                 Key: DIRSERVER-1955
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1955
>             Project: Directory ApacheDS
>          Issue Type: Bug
>    Affects Versions: 2.0.0-M15
>            Reporter: Lukas Slebodnik
>         Attachments: 0001-Fix-sending-empty-response-for-password-policy-reque.patch
>
>
> According to ldap password policy draft
> (http://tools.ietf.org/html/draft-behera-ldap-password-policy-10#section-6.2)
> Response Control should contain controlType (1.3.6.1.4.1.42.2.27.8.5.1) and
> the controlValue and the BER encoding of the following type:
>    PasswordPolicyResponseValue ::= SEQUENCE {
>          warning [0] CHOICE {
>             timeBeforeExpiration [0] INTEGER (0 .. maxInt),
>             graceAuthNsRemaining [1] INTEGER (0 .. maxInt) } OPTIONAL,
>          error   [1] ENUMERATED {
>             passwordExpired             (0),
>             accountLocked               (1),
>             changeAfterReset            (2),
>             passwordModNotAllowed       (3),
>             mustSupplyOldPassword       (4),
>             insufficientPasswordQuality (5),
>             passwordTooShort            (6),
>             passwordTooYoung            (7),
>             passwordInHistory           (8) } OPTIONAL }
> Empty response should also contain BER encoding of empty sequence.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message