Uploaded image for project: 'LDAP'
  1. LDAP
  2. LDAP-108

Group mapping fails if group name needs escaping

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 9.5.7
    • 9.5.6
    • Application
    • None
    • Unknown

    Description

      Similar to https://github.com/xwikisas/application-activedirectory/issues/55 :

       
      Add a test user and group with something like this ldif file in an empty openldap server (slapd) via ldapadd:

      dn: dc=localhost,dc=nodomain
objectClass: top
objectClass: dcObject
objectClass: organization
o: localhost
dc: localhost

dn: ou=xwiki,dc=localhost,dc=nodomain
objectClass: top
objectClass: organizationalUnit
ou: xwiki
description: root for xwiki test ou

dn: ou=users,ou=xwiki,dc=localhost,dc=nodomain
objectClass: top
objectClass: organizationalUnit
ou: users

dn: cn=testuser,ou=users,ou=xwiki,dc=localhost,dc=nodomain
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: testuser
givenName: Test
sn: User
userPassword: whatever

dn: ou=groups,ou=xwiki,dc=localhost,dc=nodomain
objectClass: top
objectClass: organizationalUnit
ou: groups

dn: cn=\\\#New Test,ou=groups,ou=xwiki,dc=localhost,dc=nodomain
changetype: add
objectClass: top
objectClass: groupOfNames
cn: \#New Test
member: cn=testuser,ou=users,ou=xwiki,dc=localhost,dc=nodomain

      Map this the created ldap group CN=#New Test" to a XWiki group "StrangeGroup" :

      Login as testuser.

      Expected: testuser is member of "StrangeGroup" after login
      Expected: testuser is not member of "StrangeGroup" after login

      Debug log shows:

      DEBUG o.x.c.l.XWikiLDAPConfig        - Groupmapping found [XWiki.AStrangeGroup] [[cn=\#New Test,ou=groups,ou=xwiki,dc=localhost,dc=nodomain]]

DEBUG o.x.c.l.XWikiLDAPUtils         - Retrieving Members of the group [cn=\#New Test,ou=groups,ou=xwiki,dc=localhost,dc=nodomain] 
DEBUG o.x.c.l.XWikiLDAPUtils         - [cn=\#New Test,ou=groups,ou=xwiki,dc=localhost,dc=nodomain] is a valid DN, lets try to get corresponding entry. 
DEBUG o.x.c.l.PagedLDAPSearchResults - LDAP pagined search: base=[cn=\#New Test,ou=groups,ou=xwiki,dc=localhost,dc=nodomain] query=[null] attrs=[[objectClass, uniquemember, memberuid, member, cn]] scope=[2] typesOnly=[false] pageSize=[500], cookie=[null] 
DEBUG o.x.c.l.XWikiLDAPUtils         - Failed to get group members com.novell.ldap.LDAPException: No Such Object

      If the ldap group DN in the mapping configuration is defined with 6 backslashes, then the mapping works.

      Attachments

        Activity

          People

            camil7 Clemens Robbenhaar
            camil7 Clemens Robbenhaar
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: