If an LDAP user's DN contains a backslash (\) character, JBoss ON fails to authenticate the user

Solution Verified - Updated -

Issue

  • Authentication fails when user has "\," in it's LDAP CN

  • server.log contains this error:

    INFO  [org.rhq.enterprise.server.core.jaas.LdapLoginModule] Failed to validate password: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1

  • User login fails and the following error appears in the server log:

    INFO  [org.rhq.enterprise.server.core.jaas.LdapLoginModule] Failed to validate password: [LDAP: error code 49 - cannot bind the principalDn.]

  • Backslashes (\) are not properly handled when they appear in a distinguished name (DN)

Environment

  • Red Hat JBoss Operations Network (ON) 3.1.2
  • JBoss ON server has been configured to use LDAP for user authentication

  • Affected user has a backslash () in their DN:

    dn: cn=Charles H\\Samlin,ou=users,dc=test,dc=rhq,dc=redhat,dc=com

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content