[Bug 65373] LDAP authentication failing for some characters in 8.5.66 but works in 8.5.65
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373 Felix Schumacher changed: What|Removed |Added Status|NEW |NEEDINFO --- Comment #1 from Felix Schumacher --- Newer Tomcat versions will escape the attribute values (that is the user name). A backslash '\' and a plus '+' will be encoded as '\22' and '\2B' respectively. Is the user name really 'Testing\+username' or is this already hand escaped and the users name in LDAP would be 'Testing+username'? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65373] LDAP authentication failing for some characters in 8.5.66 but works in 8.5.65
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373 --- Comment #2 from Satya --- username in the ldap is Testing+Username. 'Testing\+username' is authenticated successfully in 8.565 but failed in 8.5.66 please find the attached screen shot -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65373] LDAP authentication failing for some characters in 8.5.66 but works in 8.5.65
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373 --- Comment #3 from Satya --- Created attachment 37895 --> https://bz.apache.org/bugzilla/attachment.cgi?id=37895&action=edit attachement for LDAP users -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65373] LDAP authentication failing for some characters in 8.5.66 but works in 8.5.65
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373 --- Comment #4 from Felix Schumacher --- If the username is 'Testing+Username', try to use it in the authentication process. Tomcat will add the backslash for you. Currently there is no switch to bring back the old behaviour. Are there any reasons (except informing your users) to not use the variant without the backslash? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65373] LDAP authentication failing for some characters in 8.5.66 but works in 8.5.65
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373 --- Comment #5 from Satya --- i will test and post the results soon. This new change is broken the backward compatibility. As per the above description, 8.6.55 has the faulty code and fixed in 8.5.66. is my understanding correct? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65373] LDAP authentication failing for some characters in 8.5.66 but works in 8.5.65
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373 --- Comment #6 from Mark Thomas --- See bug 65224 for details -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65373] LDAP authentication failing for some characters in 8.5.66 but works in 8.5.65
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373 --- Comment #7 from Satya --- one more case i have tested and below are results. Below user exists in LDAP UserName:<>+="#;,rrr Password:<>+="#;,rrr 8.5.65 : our Application sends below credentials and authentication successful UserName: \<\>\+\=\"\#\;\,rrr and Password: <>+="#;,rrr 8.5.66 : After discussions with you, modified username like below and authentication failed UserName: <>+="#;,rrr andPassword:<>+="#;,rrr -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65373] LDAP authentication failing for some characters in 8.5.66 but works in 8.5.65
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373 --- Comment #8 from Felix Schumacher --- You may try to escape the hash sign '#' and the equals sign '='. Tomcat will only escape it, if it is the first char of a value. We tried to model out escaping after RFC 4514. There the '#' and '=' signs are part of group of 'may be escaped' characters only. Out of curiosity, are these test cases of your own? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
