You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I agree to follow the Code of Conduct that this project adheres to.
I have searched the issue tracker for an issue that matches the one I want to file, without success.
I am not looking for support or already pursued the available support channels without success.
Version
2.35.3
Storage Type
etcd
Installation Type
Other (specify below)
Expected Behavior
I would expect Dex to use the inputted credentials for authentication, rather than doing automatic escape sequences that I can't prevent it from doing.
Actual Behavior
When the Bind DN looks like this:
CN=ExampleName\, Example Account (example),OU=ExampleNames,DC=company,DC=country
The result (after attempting login) becomes:
time="2024-03-27T16:08:50Z" level=error msg="Failed to login user: ldap: initial bind for user \"CN=ExampleName\\\\, Example Account (example),OU=ExampleNames,DC=company,DC=country\" failed: LDAP Result Code 49 \"Invalid Credentials\": 80090308: LdapErr: DSID-0C090449, comment: AcceptSecurityContext error, data 52e, v3839\x00"
As seen, Dex seemingly escapes the backslash several times further, causing the final Bind DN to be incorrect.
I have also attempted using two backslashes (which is what I do when using ldapsearch to test), but it just adds further backslashes to the escape sequence.
Steps To Reproduce
Create an account with a backslash in its Bind DN
Configure Dex for LDAP authentication
Additional Information
No response
Configuration
No response
Logs
No response
The text was updated successfully, but these errors were encountered:
I believe the issue might've stemmed from a lack of quotationmarks in the ArgoCD configmap that referred to the Dex secret. This in turn led to escapes happening. I can seemingly access it fine now with that change.
Closing this out :)
Preflight Checklist
Version
2.35.3
Storage Type
etcd
Installation Type
Other (specify below)
Expected Behavior
I would expect Dex to use the inputted credentials for authentication, rather than doing automatic escape sequences that I can't prevent it from doing.
Actual Behavior
When the Bind DN looks like this:
The result (after attempting login) becomes:
As seen, Dex seemingly escapes the backslash several times further, causing the final Bind DN to be incorrect.
I have also attempted using two backslashes (which is what I do when using
ldapsearch
to test), but it just adds further backslashes to the escape sequence.Steps To Reproduce
Additional Information
No response
Configuration
No response
Logs
No response
The text was updated successfully, but these errors were encountered: