Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BugFix] Fix LDAP authentication bug where empty password can successfully login on AD server (backport #41982) #42566

Merged
merged 1 commit into from
Mar 13, 2024
Merged

[BugFix] Fix LDAP authentication bug where empty password can successfully login on AD server (backport #41982) #42566

merged 1 commit into from
Mar 13, 2024

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented Mar 13, 2024

Why I'm doing:

If you supply an empty string, an empty byte/char array, or null to the Context.SECURITY_CREDENTIALS environment property, then the authentication mechanism will be "none". This is because the LDAP requires the password to be nonempty for simple authentication. The protocol automatically converts the authentication to "none" if a password is not supplied.
https://docs.oracle.com/javase/jndi/tutorial/ldap/security/simple.html

What I'm doing:

Reject empty password.

Fixes #issue

What type of PR is this:

  • BugFix
  • Feature
  • Enhancement
  • Refactor
  • UT
  • Doc
  • Tool

Does this PR entail a change in behavior?

  • Yes, this PR will result in a change in behavior.
  • No, this PR will not result in a change in behavior.

If yes, please specify the type of change:

  • Interface/UI changes: syntax, type conversion, expression evaluation, display information
  • Parameter changes: default values, similar parameters but with different default values
  • Policy changes: use new policy to replace old one, functionality automatically enabled
  • Feature removed
  • Miscellaneous: upgrade & downgrade compatibility, etc.

Checklist:

  • I have added test cases for my bug fix or my new feature
  • This pr needs user documentation (for new or modified features or behaviors)
    • I have added documentation for my new feature or new function
  • This is a backport pr

Bugfix cherry-pick branch check:

  • I have checked the version labels which the pr will be auto-backported to the target branch
    • 3.2
    • 3.1
    • 3.0
    • 2.5
This is an automatic backport of pull request #41982 done by [Mergify](https://mergify.com).

@gengjun-git @mergify
[BugFix] Fix LDAP authentication bug where empty password can success…
384c7ae 
…fully login on AD server (#41982)

Signed-off-by: gengjun-git <[email protected]>
(cherry picked from commit e8c1313)
@mergify mergify bot mentioned this pull request Mar 13, 2024
Merged
23 tasks
@gengjun-git gengjun-git merged commit 674b701 into branch-2.2-walmart Mar 13, 2024
19 of 21 checks passed
@gengjun-git gengjun-git deleted the mergify/bp/branch-2.2-walmart/pr-41982 branch March 13, 2024 10:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wanpengfei-git wanpengfei-git wanpengfei-git approved these changes

Assignees
No one assigned
Labels
automerge
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@wanpengfei-git @gengjun-git