Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BugFix] Fix LDAP authentication bug where empty password can successfully login on AD server (backport #41982) #42476

Merged
merged 1 commit into from Mar 12, 2024
Merged

[BugFix] Fix LDAP authentication bug where empty password can successfully login on AD server (backport #41982) #42476

merged 1 commit into from Mar 12, 2024

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented Mar 12, 2024
edited by wanpengfei-git

This is an automatic backport of pull request #41982 done by Mergify.

Mergify commands and options

More conditions and actions can be found in the documentation.

You can also trigger Mergify actions by commenting on this pull request:

  • @Mergifyio refresh will re-evaluate the rules
  • @Mergifyio rebase will rebase this PR on its base branch
  • @Mergifyio update will merge the base branch into this PR
  • @Mergifyio backport <destination> will backport this PR on <destination> branch

Additionally, on Mergify dashboard you can:

  • look at your merge queues
  • generate the Mergify configuration with the config editor.

Finally, you can contact us on https://mergify.com

## Why I'm doing: If you supply an empty string, an empty byte/char array, or null to the Context.SECURITY_CREDENTIALS environment property, then the authentication mechanism will be "none". This is because the LDAP requires the password to be nonempty for simple authentication. The protocol automatically converts the authentication to "none" if a password is not supplied. https://docs.oracle.com/javase/jndi/tutorial/ldap/security/simple.html

What I'm doing:

Reject empty password.

Fixes #issue

What type of PR is this:

  • BugFix
  • Feature
  • Enhancement
  • Refactor
  • UT
  • Doc
  • Tool

Does this PR entail a change in behavior?

  • Yes, this PR will result in a change in behavior.
  • No, this PR will not result in a change in behavior.

If yes, please specify the type of change:

  • Interface/UI changes: syntax, type conversion, expression evaluation, display information
  • Parameter changes: default values, similar parameters but with different default values
  • Policy changes: use new policy to replace old one, functionality automatically enabled
  • Feature removed
  • Miscellaneous: upgrade & downgrade compatibility, etc.

Checklist:

  • I have added test cases for my bug fix or my new feature
  • This pr needs user documentation (for new or modified features or behaviors)
    • I have added documentation for my new feature or new function
  • This is a backport pr

@gengjun-git @mergify
[BugFix] Fix LDAP authentication bug where empty password can success…
1f7d650 
…fully login on AD server (#41982)

Signed-off-by: gengjun-git <gengjun@starrocks.com>
(cherry picked from commit e8c1313)
@mergify mergify bot mentioned this pull request Mar 12, 2024
Merged
23 tasks
@wanpengfei-git wanpengfei-git enabled auto-merge (squash) March 12, 2024 03:25
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Mar 12, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@wanpengfei-git wanpengfei-git merged commit 12059c7 into branch-3.1 Mar 12, 2024
34 checks passed
@wanpengfei-git wanpengfei-git deleted the mergify/bp/branch-3.1/pr-41982 branch March 12, 2024 08:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gengjun-git gengjun-git gengjun-git approved these changes

Assignees

@gengjun-git gengjun-git

Labels
automerge version:3.1.10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@gengjun-git @wanpengfei-git