If an LDAP user's DN contains a backslash (\) character, JBoss ON fails to authenticate the user

Solution Verified - Updated -

Issue

  • Authentication fails when user has "\," in it's LDAP CN

  • server.log contains this error:

    INFO  [org.rhq.enterprise.server.core.jaas.LdapLoginModule] Failed to validate password: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1

  • User login fails and the following error appears in the server log:

    INFO  [org.rhq.enterprise.server.core.jaas.LdapLoginModule] Failed to validate password: [LDAP: error code 49 - cannot bind the principalDn.]

  • Backslashes (\) are not properly handled when they appear in a distinguished name (DN)

Environment

  • Red Hat JBoss Operations Network (ON) 3.1.2
  • JBoss ON server has been configured to use LDAP for user authentication

  • Affected user has a backslash () in their DN:

    dn: cn=Charles H\\Samlin,ou=users,dc=test,dc=rhq,dc=redhat,dc=com

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.