search

ditaoctavia / pwm

Automatically exported from code.google.com/p/pwm
0 stars 0 forks source link

‘Forgotton password’ procedure does not work when the mail attribute, used as username, contains a '.' and a '+' in the local part #659

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?

1. PWM configuration: Set LDAP naming attribute to 'mail' and Username Search 
filter to '(mail=%USERNAME%)
2. Click 'Forgotten password' and enter a mail address with a '.' and a '+' in 
the local part of the email address.

- observed behaviour: PWM does not do a directory search, but returns 
immediately with 5006 ERROR_RESPONSES_NORESPONSES 
PWM log:
2015-03-11 14:55:07, TRACE, pwm.SessionFilter, {mq} POST request for: 
/pwm/public/ForgottenPassword  [193.191.148.1/visitors.ibbt.be]
  mail='test.user+QAS@example.org'
  pwmFormID='xyuks1v7FKehKIYuyRNRmj0Af5u1QQRR14c091db733i5q5dj'
  processAction='search'
2015-03-11 14:55:09, DEBUG, servlet.ForgottenPasswordServlet, {mq} 5006 
ERROR_RESPONSES_NORESPONSES fields: [Email Address] 

PWM does not even attempt to contact the LDAP server.

- expected behaviour : PWM searches user in LDAP directory (demonstrated below 
by replacing the ‘.’ with an ‘_’.
2015-03-11 16:02:00, TRACE, pwm.SessionFilter, {mt} POST request for: 
/pwm/public/ForgottenPassword  [193.191.148.1/visitors.ibbt.be]
  mail='test_user+QAS@example.org'
  pwmFormID='aMMqDEdY6O40ZSIS3PMnwEosKU4EIAsL14c09583e10u6hhrd'
  processAction='search'
2015-03-11 16:02:00, DEBUG, operations.UserSearchEngine, {mt} beginning user 
search process [193.191.148.1/visitors.ibbt.be]
2015-03-11 16:02:00, DEBUG, operations.UserSearchEngine, {mt} performing ldap 
search for user, base=ou=apps,ou=users,dc=qas,dc=viaa,dc=be 
filter=SearchHelper: filter: 
(&(objectClass=person)(mail=test_user+QAS@example.org)), scope: SUBTREE, 
attributes: [] [193.191.148.1/visitors.ibbt.be]
2015-03-11 16:02:00, TRACE, provider.WireTraceWrapper, begin id=199,op#73 
method search(ou=apps,ou=users,dc=qas,dc=viaa,dc=be,SearchHelper: filter: 
(&(objectClass=person)(mail=test_user+QAS@example.org)), scope: SUBTREE, 
attributes: [])
2015-03-11 16:02:00, TRACE, provider.WireTraceWrapper, begin id=229,op#2 method 
search(ou=apps,ou=users,dc=qas,dc=viaa,dc=be,SearchHelper: filter: 
(&(objectClass=person)(mail=test_user+QAS@example.org)), scope: SUBTREE, 
attributes: [])
2015-03-11 16:02:00, TRACE, provider.WireTraceWrapper, finish id=229,op#2 
result: {} (5ms)
2015-03-11 16:02:00, TRACE, provider.WireTraceWrapper, finish id=199,op#73 
result: {} (6ms)
2015-03-11 16:02:00, TRACE, operations.UserSearchEngine, {mt} user not found in 
context ou=apps,ou=users,dc=qas,dc=viaa,dc=be [193.191.148.1/visitors.ibbt.be]

What version of PWM are you using?
1.7.1

What ldap directory and version are you using?
openLDAP 2.4.31

Original issue reported on code.google.com by herwig.b...@viaa.be on 11 Mar 2015 at 3:06