Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-2730

LDAP Identity Provide should correctly handle empty string

    XMLWordPrintable

Details

    Description

      When providing an empty password string to the checkPassword method we encounter an OperationNotSupportedException. Please find attached the complete stacktrace as well as a unit test to reproduce.

      When using the Microsoft LDAP implementation however an empty password string results in a positive return value. So anyone and everyone is able to login when leaving the password field in Tasklist empty.

      public void testLdapLoginEmptyPassword()

      { assertFalse(identityService.checkPassword("roman", "")); }

      mgm-controller-panel

        This is the controller panel for Smart Panels app

        Attachments

          Issue Links

            Activity

              People

                sebastian.menski Sebastian Menski
                masroor Masroor Ahmad
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Salesforce