Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Done
Priority: Major - P3
Fix Version/s: None
Affects Version/s: None
Component/s: Security
Labels:
None

Operating System:
ALL
Sprint:
Security 15 (06/03/16), Security 16 (06/24/16)
Confidence Status:
None
Work Order:
3
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

The plain authentication mechanism is truncating the username if the string contains the character "@".

It seems to be caused by the UserName class used during the Sasl PLAIN conversation.

This is avoiding the user to authenticate using the mail field in LDAP directories.

is related to

SERVER-20365 "authentication failed, storedKey mismatch" on synthetic users and databases with '@'

Closed

Assignee:: Spencer Jackson
Reporter:: Ricardo Lorenzo (Inactive)
Participants:: Ricardo Lorenzo, Spencer Jackson
Votes:: 0 Vote for this issue
Watchers:: 7 Start watching this issue

Created:: Apr 29 2016 08:34:07 AM UTC
Updated:: Jul 14 2016 04:04:57 PM UTC
Resolved:: Jun 07 2016 03:48:56 PM UTC