Exception on login with trailing space
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Products.LDAPUserFolder |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Occurs on logging in with a trailing space in username.
Authentication succeeds because the syntax of DN accepts optional spaces before and after "," separator.
LDAPUserFolder code however uses the uid which lacks the space provided by the user input.
I would suggest stripping the uid before using it.
Exception found in Zope log:
Traceback (innermost last):
Module ZPublisher.Publish, line 116, in publish
Module ZPublisher.
Module AccessControl.User, line 662, in validate
Module Products.
Module Products.
Module Products.
IndexError: list index out of range
OBS: Please note that test included in patch fails! It fails because the dataflake fakeldap has different behavior than a real open ldap server: search returns no result when trailing space present.
Changed in ldapuserfolder: | |
status: | New → Triaged |
importance: | Undecided → Medium |
assignee: | nobody → Jens Vagelpohl (dataflake) |
It's now that I notice that spaces are optional on both sides of attribute value
<attribute> ::= <string>
| <key> <optional-space> "=" <optional-space> <string>
So login also succeeds with leading space. Changed rstrip to strip in patch.