Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-67270

LDAP queries do not escape all allowed special characters

    Details

      Description

      Steps to Reproduce

      1. Use the following commands in a command prompt on the Active Directory server, changing the "ou=grouptest,dc=windows2003,dc=ntlm" and "@windows2003.ntlm" to match your server's details

      dsadd user "cn=Test Space 2 ,ou=grouptest,dc=windows2003,dc=ntlm" -samid tspace2 -pwd "test" -upn tspace2@windows2003.ntlm -fn "Test" -ln "Space 2 " -display "Test Space 2 " -disabled no -mustchpwd yes
      dsadd user "cn= Test Space 3,ou=grouptest,dc=windows2003,dc=ntlm" -samid tspace3 -pwd "test" -upn tspace3@windows2003.ntlm -fn " Test" -ln "Space 3" -display " Test Space 3" -disabled no -mustchpwd yes
      

      2. Add both of these users to a group in AD
      3. Log in as both of these users
      4. Assert neither user is associated with the group

      Note that you may need to reset the user's password in order to log in. Also, this behavior is broken for all special characters except comma that Active Directory allows: http://social.technet.microsoft.com/wiki/contents/articles/5312.active-directory-characters-to-escape.aspx

      The comma was fixed on LPS-14020.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  3 years, 5 weeks, 4 days ago

                  Packages

                  Version Package
                  7.0.0 DXP FP32
                  7.0.5 CE GA6
                  7.0.X
                  7.1.X
                  Master