[SERVER-25709] Allow failed LDAP binding to fallback onto native LDAP authentication user Created: 19/Aug/16  Updated: 06/Dec/22

Status: Backlog
Project: Core Server
Component/s: Internal Code, Security
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Spencer Jackson Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Server Security
Participants:

 Description   

If no LDAP bind user has been specified, we currently attempt to perform LDAP authorization queries without binding as a user. Many LDAP servers will disallow anonymous binds. We may want to reattempt queries which fail for this reason, binding with the same user and password as the authentication user, which will likely be authorized to perform queries for its own groups.


Generated at Thu Feb 08 04:09:58 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.