[Bug 65373] LDAP authentication failing for some characters in 8.5.66 but works in 8.5.65
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373 --- Comment #9 from Felix Schumacher --- To be more precise: Tomcat will not escape the '#' sign if it is not the first character of a value, i.e. '#abc' => it will be escaped, 'a#bc' => it will not be escaped. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat 9 [2021/06/13]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |53602|Ver|Enh|2012-07-25|Support for HTTP status code 451 | |57505|New|Enh|2015-01-27|Add integration tests for JspC| |58530|New|Enh|2015-10-23|Proposal for new Manager HTML GUI | |58548|Inf|Enh|2015-10-26|support certifcate transparency | |58859|New|Enh|2016-01-14|Allow to limit charsets / encodings supported by T| |59750|New|Enh|2016-06-24|Amend "authenticate" method with context by means | |60997|New|Enh|2017-04-17|Enhance SemaphoreValve to support denied status an| |61971|New|Enh|2018-01-06|documentation for using tomcat with systemd | |62048|New|Enh|2018-01-25|Missing logout function in Manager and Host-Manage| |62072|New|Enh|2018-02-01|Add support for request compression | |62312|New|Enh|2018-04-18|Add Proxy Authentication support to websocket clie| |62405|New|Enh|2018-05-23|Add Rereadable Request Filter | |62488|New|Enh|2018-06-25|Obtain dependencies from Maven Central where possi| |62611|Inf|Enh|2018-08-09|Compress log files after rotation | |62723|New|Enh|2018-09-14|Clarify "channelSendOptions" value in cluster docu| |62773|New|Enh|2018-09-28|Change DeltaManager to handle session deserializat| |62814|New|Enh|2018-10-10|Use readable names for cluster channel/map options| |62843|New|Enh|2018-10-22|Tomcat Russian localization | |62964|Inf|Enh|2018-11-29|Add RFC7807 conformant Problem Details for HTTP st| |63023|New|Enh|2018-12-20|Provide a way to load SecurityProviders into the s| |63049|New|Enh|2018-12-31|Add support in system properties override from com| |63237|New|Enh|2019-03-06|Consider processing mbeans-descriptors.xml at comp| |63389|New|Enh|2019-04-27|Enable Servlet Warmup for Containerization| |63493|New|Enh|2019-06-10|enhancement - add JMX counters to monitor authenti| |63505|New|Enh|2019-06-14|enhancement - support of stored procedures for Dat| |63545|New|Enh|2019-07-06|enhancement - add a new pattern attribute for logg| |63943|Opn|Enh|2019-11-20|Add possibility to overwrite remote port with info| |63983|Ver|Cri|2019-12-03|Jasper builds-up open files until garbage collecti| |64144|New|Enh|2020-02-14|Add an option for rejecting requests that have bot| |64230|New|Enh|2020-03-15|Allow to configure session manager to skip expirin| |64395|New|Enh|2020-04-30|Windows Installer should offer an option to select| |65208|New|Enh|2021-03-29|Multi-threaded loading of servlets| |65302|New|Enh|2021-05-12|Add support for setting com.sun.jndi.ldap.tls.cbty| |65350|Inf|Nor|2021-06-03|The index ID of the request header that Jetty sent| |65368|New|Nor|2021-06-09|enhance error message "Unable to unwrap data, inva| |65369|New|Nor|2021-06-10|Windows Service not open modules for Java 16 | +-+---+---+--+--+ | Total 36 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Taglibs [2021/06/13]
+---+
| Bugzilla Bug ID |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned|
| | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) |
| | +-+
| | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major |
| | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial |
| | | +-+
| | | | Date Posted |
| | | | +--+
| | | | | Description |
| | | | | |
|38193|Ass|Enh|2006-01-09|[RDC] BuiltIn Grammar support for Field |
|38600|Ass|Enh|2006-02-10|[RDC] Enable RDCs to be used in X+V markup (X+RDC)|
|42413|New|Enh|2007-05-14|[PATCH] Log Taglib enhancements |
|46052|New|Nor|2008-10-21|SetLocaleSupport is slow to initialize when many l|
|48333|New|Enh|2009-12-02|TLD generator |
|57548|New|Min|2015-02-08|Auto-generate the value for org.apache.taglibs.sta|
|57684|New|Min|2015-03-10|Version info should be taken from project version |
|59359|New|Enh|2016-04-20|(Task) Extend validity period for signing KEY - be|
|59668|New|Nor|2016-06-06|x:forEach retains the incorrect scope when used in|
|61875|New|Nor|2017-12-08|Investigate whether Xalan can be removed |
|64649|New|Nor|2020-08-06|XSLT transformation - document('') doesn't return |
+-+---+---+--+--+
| Total 11 bugs |
+---+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat 8 [2021/06/13]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |55243|New|Enh|2013-07-11|Add special search string for nested roles| |55470|New|Enh|2013-08-23|Help users for ClassNotFoundExceptions during star| |55477|New|Enh|2013-08-23|Add a solution to map a realm name to a security r| |55675|New|Enh|2013-10-18|Checking and handling invalid configuration option| |55788|New|Enh|2013-11-16|TagPlugins should key on tag QName rather than imp| |56148|New|Enh|2014-02-17|support (multiple) ocsp stapling | |56166|New|Enh|2014-02-20|Suggestions for exception handling (avoid potentia| |56300|New|Enh|2014-03-22|[Tribes] No useful examples, lack of documentation| |56398|New|Enh|2014-04-11|Support Arquillian-based unit testing | |56402|New|Enh|2014-04-11|Add support for HTTP Upgrade to AJP components| |56438|New|Enh|2014-04-21|If jar scan does not find context config or TLD co| |56448|New|Enh|2014-04-23|Implement a robust solution for client initiated S| |56522|Opn|Enh|2014-05-14|jasper-el 8 does not comply to EL Spec 3.0 regardi| |56546|New|Enh|2014-05-19|Improve thread trace logging in WebappClassLoader.| |56614|New|Enh|2014-06-12|Add a switch to ignore annotations detection on ta| |56713|New|Enh|2014-07-12|Limit time that incoming request waits while webap| |56787|New|Enh|2014-07-29|Simplified jndi name parsing | |57130|New|Enh|2014-10-22|Allow digest.sh to accept password from a file or | |57367|New|Enh|2014-12-18|If JAR scan experiences a stack overflow, give the| |57421|New|Enh|2015-01-07|Farming default directories | |57486|New|Enh|2015-01-23|Improve reuse of ProtectedFunctionMapper instances| |57701|New|Enh|2015-03-13|Implement "[Redeploy]" button for a web applicatio| |57827|New|Enh|2015-04-17|Enable adding/removing of members via jmx in a sta| |57830|New|Enh|2015-04-18|Add support for ProxyProtocol | |57872|New|Enh|2015-04-29|Do not auto-switch session cookie to version=1 due| |58052|Opn|Enh|2015-06-19|RewriteValve: Implement additional RewriteRule dir| |58072|New|Enh|2015-06-23|ECDH curve selection | |58935|Opn|Enh|2016-01-29|Re-deploy from war without deleting context | |59232|New|Enh|2016-03-24|Make the context name of an app available via JNDI| |59758|New|Enh|2016-06-27|Add http proxy username-password credentials suppo| |60597|New|Enh|2017-01-17|Add ability to set cipher suites for websocket cli| |60849|New|Enh|2017-03-13|Tomcat NIO Connector not able to handle SSL renego| |61877|New|Enh|2017-12-08|use web.xml from CATALINA_HOME by default | |61917|New|Enh|2017-12-19|AddDefaultCharsetFilter only supports text/* respo| |62214|New|Enh|2018-03-22|The "userSubtree=true" and "roleSubtree=true" in J| |62245|New|Enh|2018-04-02|[Documentation] Mention contextXsltFile in Default| |63080|New|Enh|2019-01-16|Support rfc7239 Forwarded header | |63167|New|Enh|2019-02-12|Network Requirements To Resolve No Members Active | |63195|Inf|Enh|2019-02-21|Add easy way to test RemoteIpValve works properly | |65373|Inf|Cri|2021-06-11|LDAP authentication failing for some characters in| +-+---+---+--+--+ | Total 40 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat Modules [2021/06/13]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |50571|Inf|Nor|2011-01-11|Tomcat 7 JDBC connection pool exception enhancemen| |51595|Inf|Nor|2011-08-01|org.apache.tomcat.jdbc.pool.jmx.ConnectionPool sho| |51879|Inf|Enh|2011-09-22|Improve access to Native Connection Methods | |52024|Inf|Enh|2011-10-13|Custom interceptor to support automatic failover o| |53199|Inf|Enh|2012-05-07|Refactor ConnectionPool to use ScheduledExecutorSe| |54437|New|Enh|2013-01-16|Update PoolProperties javadoc for ConnectState int| |54929|Inf|Nor|2013-05-05|jdbc-pool cannot be used with Java 1.5, "java.lang| |55078|New|Nor|2013-06-07|Configuring a DataSource Resource with dataSourceJ| |55662|New|Enh|2013-10-17|Add a way to set an instance of java.sql.Driver di| |56046|New|Enh|2014-01-21|org.apache.tomcat.jdbc.pool.XADataSource InitSQL p| |56088|New|Maj|2014-01-29|AbstractQueryReport$StatementProxy throws exceptio| |56310|Inf|Maj|2014-03-25|PooledConnection and XAConnection not handled corr| |56586|New|Nor|2014-06-02|initSQL should be committed if defaultAutoCommit =| |56775|New|Nor|2014-07-28|PoolCleanerTime schedule issue| |56779|New|Nor|2014-07-28|Allow multiple connection initialization statement| |56790|New|Nor|2014-07-29|Resizing pool.maxActive to a higher value at runti| |56798|New|Nor|2014-07-31|Idle eviction strategy could perform better (and i| |56804|New|Nor|2014-08-02|Use a default validationQueryTimeout other than "f| |56805|New|Nor|2014-08-02|datasource.getConnection() may be unnecessarily bl| |56837|New|Nor|2014-08-11|if validationQuery have error with timeBetweenEvic| |56970|New|Nor|2014-09-11|MaxActive vs. MaxTotal for commons-dbcp and tomcat| |57460|New|Nor|2015-01-19|[DB2]Connection broken after few hours but not rem| |57729|New|Enh|2015-03-20|Add QueryExecutionReportInterceptor to log query e| |58489|Opn|Maj|2015-10-08|QueryStatsComparator throws IllegalArgumentExcepti| |59077|New|Nor|2016-02-26|DataSourceFactory creates a neutered data source | |59569|New|Nor|2016-05-18|isWrapperFor/unwrap implementations incorrect | |59879|New|Nor|2016-07-18|StatementCache interceptor returns ResultSet objec| |60195|New|Nor|2016-10-02|No javadoc in Maven Central | |60522|New|Nor|2016-12-27|An option for setting if the transaction should be| |60524|Inf|Nor|2016-12-28|NPE in SlowQueryReport in tomcat-jdbc-7.0.68 | |60645|New|Nor|2017-01-25|StatementFinalizer is not thread-safe | |61032|New|Nor|2017-04-24|min pool size is not being respected | |61103|New|Nor|2017-05-18|StatementCache potentially caching non-functional | |61302|New|Enh|2017-07-15|Refactoring of DataSourceProxy| |61303|New|Enh|2017-07-15|Refactoring of ConnectionPool | |62432|New|Nor|2018-06-06|Memory Leak in Statement Finalizer? | |62598|New|Enh|2018-08-04|support pool with multiple JDBC data sources | |62910|Inf|Nor|2018-11-15|tomcat-jdbc global pool transaction problem | |63612|Inf|Cri|2019-07-26|PooledConnection#connectUsingDriver, Thread.curren| |63705|New|Nor|2019-08-29|The tomcat pool doesn't register all connection th| |64083|New|Nor|2020-01-17|JDBC pool keeps closed connection as available| |64107|New|Maj|2020-01-30|PreparedStatements correctly closed are not return| |64231|New|Nor|2020-03-16|Tomcat jdbc pool behaviour| |64570|New|Nor|2020-07-01|Transaction not rollbacked if autocommit is false | |64809|New|Nor|2020-10-13|Connection properties not reset to defaults when C| |65347|New|Nor|2021-06-02|The equals method from statements generated by the| +-+---+---+--+--+ | Total 46 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: d
Bug report for Tomcat Connectors [2021/06/13]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |46767|New|Enh|2009-02-25|mod_jk to send DECLINED in case no fail-over tomca| |47327|New|Enh|2009-06-07|Return tomcat authenticated user back to mod_jk (A| |47750|New|Maj|2009-08-27|ISAPI: Loss of worker settings when changing via j| |48830|New|Nor|2010-03-01|IIS shutdown blocked in endpoint service when serv| |49822|New|Enh|2010-08-25|Add hash lb worker method | |49903|New|Enh|2010-09-09|Make workers file reloadable | |52483|New|Enh|2012-01-18|Print JkOptions's options in log file and jkstatus| |54621|New|Enh|2013-02-28|[PATCH] custom mod_jk availability checks | |56489|New|Enh|2014-05-05|Include a directory for configuration files | |56576|New|Enh|2014-05-29|Websocket support | |57402|New|Enh|2014-12-30|Provide correlation ID between mod_jk log and acce| |57403|New|Enh|2014-12-30|Persist configuration changes made via status work| |57407|New|Enh|2014-12-31|Make session_cookie, session_path and session_cook| |57790|New|Enh|2015-04-03|Check worker names for typos | |61476|New|Enh|2017-09-01|Allow reset of an individual worker stat value| |61621|New|Enh|2017-10-15|Content-Type is forced to lowercase when it goes t| |62093|New|Enh|2018-02-09|Allow use_server_errors to apply to specific statu| |63808|Opn|Enh|2019-10-05|the fact that JkMount makes other directives ineff| |64775|New|Nor|2020-09-28|mod_jk is sending both Content-Length and Transfer| |64878|New|Nor|2020-11-06|Can not determine the proper size for pid_t / pthr| +-+---+---+--+--+ | Total 20 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat Native [2021/06/13]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |62911|New|Enh|2018-11-15|Add support for proxying ocsp requests via ProxyH| |64826|New|Maj|2020-10-19|libtcnative prompts for private key password in so| |64862|New|Enh|2020-10-30|Improve LibreSSL support | |65344|New|Enh|2021-05-31|OpenSSL configuration | +-+---+---+--+--+ | Total4 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Expand test case to cover example from BZ 65373
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 356c8ec Expand test case to cover example from BZ 65373
356c8ec is described below
commit 356c8ecc774a2c227b1efcc50f159bb57d48b0c5
Author: Mark Thomas
AuthorDate: Sun Jun 13 09:42:38 2021 +0100
Expand test case to cover example from BZ 65373
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373
---
.../apache/catalina/realm/TestJNDIRealmIntegration.java | 15 +++
1 file changed, 15 insertions(+)
diff --git a/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
b/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
index 99d537d..9e7595f 100644
--- a/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
+++ b/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
@@ -85,6 +85,9 @@ public class TestJNDIRealmIntegration {
"t=", "test", new String[] {"TestGroup*3"},
userRoleAttribute });
parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
"norole", "test", new String[0], userRoleAttribute });
+// Bug 65373
+parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
+"<>+=\"#;,rrr", "<>+=\"#;,rrr", new String[0],
userRoleAttribute });
}
@@ -278,6 +281,18 @@ public class TestJNDIRealmIntegration {
"member:
cn=testsub,ou=s\\;ub,ou=people,dc=example,dc=com");
result = conn.processOperation(addGroupTest4);
Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
+
+// Bug 65373
+AddRequest addUserBug65373 = new AddRequest(
+"dn:
cn=\\3C\\3E\\2B=\\22#\\3B\\2Crrr,ou=people,dc=example,dc=com",
+"objectClass: top",
+"objectClass: person",
+"objectClass: organizationalPerson",
+"cn: <>+=\"#;,rrr",
+"sn: Bug 65373",
+"userPassword: <>+=\"#;,rrr");
+result = conn.processOperation(addUserBug65373);
+Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Expand test case to cover example from BZ 65373
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new 4cff252 Expand test case to cover example from BZ 65373
4cff252 is described below
commit 4cff252d8029c717fb0eb7f2726ba2668ffc5ae7
Author: Mark Thomas
AuthorDate: Sun Jun 13 09:42:38 2021 +0100
Expand test case to cover example from BZ 65373
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373
---
.../apache/catalina/realm/TestJNDIRealmIntegration.java | 15 +++
1 file changed, 15 insertions(+)
diff --git a/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
b/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
index 99d537d..9e7595f 100644
--- a/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
+++ b/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
@@ -85,6 +85,9 @@ public class TestJNDIRealmIntegration {
"t=", "test", new String[] {"TestGroup*3"},
userRoleAttribute });
parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
"norole", "test", new String[0], userRoleAttribute });
+// Bug 65373
+parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
+"<>+=\"#;,rrr", "<>+=\"#;,rrr", new String[0],
userRoleAttribute });
}
@@ -278,6 +281,18 @@ public class TestJNDIRealmIntegration {
"member:
cn=testsub,ou=s\\;ub,ou=people,dc=example,dc=com");
result = conn.processOperation(addGroupTest4);
Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
+
+// Bug 65373
+AddRequest addUserBug65373 = new AddRequest(
+"dn:
cn=\\3C\\3E\\2B=\\22#\\3B\\2Crrr,ou=people,dc=example,dc=com",
+"objectClass: top",
+"objectClass: person",
+"objectClass: organizationalPerson",
+"cn: <>+=\"#;,rrr",
+"sn: Bug 65373",
+"userPassword: <>+=\"#;,rrr");
+result = conn.processOperation(addUserBug65373);
+Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Expand test case to cover example from BZ 65373
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 61eaa3a Expand test case to cover example from BZ 65373
61eaa3a is described below
commit 61eaa3a26ed69b9481f05b3af89d09db3e4f355f
Author: Mark Thomas
AuthorDate: Sun Jun 13 09:42:38 2021 +0100
Expand test case to cover example from BZ 65373
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373
---
.../apache/catalina/realm/TestJNDIRealmIntegration.java | 15 +++
1 file changed, 15 insertions(+)
diff --git a/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
b/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
index 99d537d..9e7595f 100644
--- a/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
+++ b/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
@@ -85,6 +85,9 @@ public class TestJNDIRealmIntegration {
"t=", "test", new String[] {"TestGroup*3"},
userRoleAttribute });
parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
"norole", "test", new String[0], userRoleAttribute });
+// Bug 65373
+parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
+"<>+=\"#;,rrr", "<>+=\"#;,rrr", new String[0],
userRoleAttribute });
}
@@ -278,6 +281,18 @@ public class TestJNDIRealmIntegration {
"member:
cn=testsub,ou=s\\;ub,ou=people,dc=example,dc=com");
result = conn.processOperation(addGroupTest4);
Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
+
+// Bug 65373
+AddRequest addUserBug65373 = new AddRequest(
+"dn:
cn=\\3C\\3E\\2B=\\22#\\3B\\2Crrr,ou=people,dc=example,dc=com",
+"objectClass: top",
+"objectClass: person",
+"objectClass: organizationalPerson",
+"cn: <>+=\"#;,rrr",
+"sn: Bug 65373",
+"userPassword: <>+=\"#;,rrr");
+result = conn.processOperation(addUserBug65373);
+Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Expand test case to cover example from BZ 65373
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 69e9724 Expand test case to cover example from BZ 65373
69e9724 is described below
commit 69e97248c86d35129e42d20a9903658837475000
Author: Mark Thomas
AuthorDate: Sun Jun 13 09:42:38 2021 +0100
Expand test case to cover example from BZ 65373
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373
---
.../apache/catalina/realm/TestJNDIRealmIntegration.java | 15 +++
1 file changed, 15 insertions(+)
diff --git a/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
b/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
index 99d537d..9e7595f 100644
--- a/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
+++ b/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
@@ -85,6 +85,9 @@ public class TestJNDIRealmIntegration {
"t=", "test", new String[] {"TestGroup*3"},
userRoleAttribute });
parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
"norole", "test", new String[0], userRoleAttribute });
+// Bug 65373
+parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
+"<>+=\"#;,rrr", "<>+=\"#;,rrr", new String[0],
userRoleAttribute });
}
@@ -278,6 +281,18 @@ public class TestJNDIRealmIntegration {
"member:
cn=testsub,ou=s\\;ub,ou=people,dc=example,dc=com");
result = conn.processOperation(addGroupTest4);
Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
+
+// Bug 65373
+AddRequest addUserBug65373 = new AddRequest(
+"dn:
cn=\\3C\\3E\\2B=\\22#\\3B\\2Crrr,ou=people,dc=example,dc=com",
+"objectClass: top",
+"objectClass: person",
+"objectClass: organizationalPerson",
+"cn: <>+=\"#;,rrr",
+"sn: Bug 65373",
+"userPassword: <>+=\"#;,rrr");
+result = conn.processOperation(addUserBug65373);
+Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
}
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65373] LDAP authentication failing for some characters in 8.5.66 but works in 8.5.65
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373 --- Comment #10 from Mark Thomas --- I've just added this exact example to the Tomcat test cases and it passes. https://github.com/apache/tomcat/commit/356c8ecc I'll note that you need to be VERY careful setting up these tests to ensure that values are correctly escaped and that escapes are applied in the correct order. I'll also note that not all LDAP servers seem to follow all of the requirements of RFC 2254 and RFC 4514. To summarise the escaping requirements: Original String:<>+="#;,rrr Original + Java escapes:<>+=\"#;,rrr Original + LDAP escapes:\3C\3E\2B=\22#\3B\2Crrr Original + LDAP + Java escapes: \\3C\\3E\\2B=\\22#\\3B\\2Crrr I haven't yet seen anything to confirm that there is a Tomcat bug here. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65373] LDAP authentication failing for some characters in 8.5.66 but works in 8.5.65
https://bz.apache.org/bugzilla/show_bug.cgi?id=65373 --- Comment #11 from Satya --- Hi Thomas, Below user exists in LDAP UserName:<>+="#;,rrr Password:<>+="#;,rrr 8.5.65 : our Application sends below credentials and LDAP authentication successful UserName: \<\>\+\=\"\#\;\,rrr and Password: <>+="#;,rrr 8.5.66 : As per above mail, modified username like below and LDAP authentication failed UserName: <>+=\"#;,rrr andPassword:<>+=\"#;,rrr could you please suggest any issues. what was the modification from 8.5.65 to 8.5.66 ?? we are planning to upgrade to 8.5.66 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62343] CORS security: reflecting any origin header value when configured to * is dangerous
https://bz.apache.org/bugzilla/show_bug.cgi?id=62343 --- Comment #3 from hotmail --- I'm glad that the issues has been fixed .If you want to know how to login into hotmail account . https://tangent.com/engl/facebook-login/ -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65375] New: IIS 10.0 as Tomcat reverse proxy does not send auth_type and remote_user AJP heder
https://bz.apache.org/bugzilla/show_bug.cgi?id=65375 Bug ID: 65375 Summary: IIS 10.0 as Tomcat reverse proxy does not send auth_type and remote_user AJP heder Product: Tomcat Connectors Version: 1.2.46 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: isapi Assignee: dev@tomcat.apache.org Reporter: clerici.pa...@gmail.com Target Milestone: --- I use IIS 10.0 as a reverse proxy of Tomcat 7. IIS 10.0 use Windows Authentication. When I run the javax.servlet.http.HttpServletRequest.getAuthType() method I get the null value. When I run the javax.servlet.http.HttpServletRequest.getRemoteUser() method I get the null value. Using IIS 6.1 with the same version of Tomcat everything works fine. When I run the javax.servlet.http.HttpServletRequest.getAuthType() method I get "NTLM" string. When I run the javax.servlet.http.HttpServletRequest.getRemoteUser() method I get the name of the user who authenticated with IIS. The configuration of the two versions of IIS appears to be the same. Seems to be missing some AJP headers including: remote_user (0x03) and auth_type (0x04) which instead are sent from IIS 6.1 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
