httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 35327] - mod_auth_ldap: white space in user name ignored
Date Tue, 06 Dec 2005 16:42:03 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=35327>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=35327





------- Additional Comments From bnicholes@apache.org  2005-12-06 17:42 -------
The user field in the request_rec is assigned the exact value that was sent by 
the user in the request.  This value is then assigned to the REMOTE_USER 
environment variable without any manipulation at all.  The same user value 
(with white spaces) is also sent to ldap for authentication.  It is the ldap 
library that decides to strip trailing white space.  Since the user field is 
assigned during the call to ap_get_basic_auth_pw() and the REMOTE_USER 
variable is assigned during the call to ap_add_common_vars(), both of which 
are core API's, the issue is not unique to mod_auth_ldap.  It only manifests 
itself because of the underlaying way in which authentication happens.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message