Closed janhoelscher closed 7 months ago
I have investigated. Basic authentication was not handling utf8 characters, that will be fixed in 5.0.1 The user now arrives correctly at the server end, unfortunately, I haven't found a correct way to encode the username so ldap is happy. I tried hex encoding, for example "\00\FC" => ü, but that didn't work. So for the moment I don't know how to fix it. I'm using the ldapjs library which is up to date. Maybe I need to encode the username when sending to ldap, but need to find how and then I can fix this. TBC
found it... and fixed in 5.0.1
building 5.0.1 beta now
Maybe I need to encode the username when sending to ldap, but need to find how and then I can fix this.
I had to decode instead, ldap return encoded Distinguished name and to bind ldap, I must send utf8, so had to build an unescape function.
Hello @ansibleguy76
Thanks for your workaround, but it doesn't work for these cases
\e2\82\a0 => ₠ \f0\9f\98\80 => 😀
I have read the test file available here: https://github.com/ldapjs/dn/blob/master/lib/utils/escape-value.test.js
I have written a simple version, which I will share with you here
const unescapeLdapDnString = input => {
// Convert \\xXX to %XX
const convertedStr = input.replace(/\\([0-9A-Fa-f]{2})/g, (_, hex) => '%' + hex);
return decodeURIComponent(convertedStr);
};
Have a nice day, qfdk
Describe the bug I have configured authentication via an Active Directory Server. Users without a german "Umlaut" can login without any problems. But users with an "Umlaut" in there CN getting "Ldap: Invalid Credentials" as a response on the login page. It has been double checked with two users having this issue.
To Reproduce Steps to reproduce the behavior:
Expected behavior User should login without any errors.
Version ansibleforms v5.0.0
Deployment Deployed ansibleforms with :
Additional context Logs only shows error: Error connecting to
ldap : Invalid Credentials but credentials
are correct.Full DN from user account look similar than this
CN=<here is sAMAccountName>_(<forename>_<surname>),OU=user,OU=<censored>,DC=<censored>,DC=<censored>,DC=de
as<surname>
contains an "Ö"