Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-29923

SASL authentication session factory should use dynamically LDAP server list

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: 3.4.5
    • Fix Version/s: 3.7.2
    • Component/s: Security, Usability
    • Labels:
      None
    • Backwards Compatibility:
      Fully Compatible
    • Operating System:
      ALL
    • Sprint:
      Platforms 2018-02-12

      Description

      The SASL authentication session factory uses the presence of an LDAP server in the startup flags to figure out if it should route PLAIN authentication attempts on $external to the native LDAP authentication code. However, if no LDAP server was set on startup, but one was specified dynamically via a setParameter, the factory will not realize that it can produce a native LDAP SASL session, and will incorrectly produce a CyrusSasl authentication session, which will try to use saslauthd which may not be configured.

        Attachments

          Activity

            People

            • Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: