My Oracle Support Banner

JAZN Cannot Authenticate Users With Valid DN Containing SLASH "/" (Doc ID 790738.1)

Last updated on MARCH 01, 2019

Applies to:

Oracle Containers for J2EE - Version 10.1.3.3.0 to 10.1.3.4.0 [Release AS10gR3]
Information in this document applies to any platform.

Symptoms

When a J2EE application is attempting to authenticate users from an LDAP Server and the LDAP server contains entries with the forward slash character, "/", 
this causes LDAP search to return wrong DN values. 

For example, when "cn=<USER1/USER>,cn=<GROUP_NAME>,cn=groups,dc=<COMPANY>,dc=com" 
and the oracle.security.jazn.realm.LDAPPrincipal is instantiated using this DN, 
then the LDAPPrincipal is unable to normalize the DN. 
The normalized DN value is null and authentication fails with invalid username or password. 
the following error occurs at logs:

java.lang.NullPointerException
at oracle.security.jazn.realm.LDAPPrincipal.equals(LDAPPrincipal.java:93)
at java.util.LinkedList.indexOf(LinkedList.java:406)
at java.util.LinkedList.contains(LinkedList.java:176)
at javax.security.auth.Subject$SecureSet.add(Subject.java:1086)
at java.util.Collections$SynchronizedCollection.add(Collections.java:1581)
at testslash.LDAPPrincipalTest.main(LDAPPrincipalTest.java:47)

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.