JAZN Cannot Authenticate Users With Valid DN Containing SLASH "/"

(Doc ID 790738.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Containers for J2EE - Version: to - Release: AS10gR3 to AS10gR3
Information in this document applies to any platform.


When a J2EE application is attempting to authenticate users from an LDAP Server and the LDAP server contains entries with the forward slash character, "/", 
this causes LDAP search to return wrong DN values.

For example, when "cn=managers_emea/test,cn=gxchange,cn=groups,dc=oracle,dc=com"
and the oracle.security.jazn.realm.LDAPPrincipal is instantiated using this DN,
then the LDAPPrincipal is unable to normalize the DN.
The normalized DN value is null and authentication fails with invalid username or password.
the following error occurs at logs:

at oracle.security.jazn.realm.LDAPPrincipal.equals(LDAPPrincipal.java:93)
at java.util.LinkedList.indexOf(LinkedList.java:406)
at java.util.LinkedList.contains(LinkedList.java:176)
at javax.security.auth.Subject$SecureSet.add(Subject.java:1086)
at java.util.Collections$SynchronizedCollection.add(Collections.java:1581)
at testslash.LDAPPrincipalTest.main(LDAPPrincipalTest.java:47)


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms