[one-users] Sunstone LDAP and user passwords with special characters

Alvaro Simon asimon at cesga.es
Thu Nov 21 00:19:51 PST 2013


Hi
> We do not use ldap but we have seen a similar issue with opennebula
> authentication with X.509 certificates.  OpenNebula compresses all the
> white space out of the Distinguished Name of the certificate.. I would
> not be surprised if it did the same for ldap.  As far as I know it is 
> meant to be a feature. If you are changing the passwd manually with 
> the oneuser command you have to strip all the whitespace out on your own.
Yes, that's true white spaces are removed from users DNs but we were not 
sure if this feature also affects to users passwords.. probably yes 
based on OpenNebula  LDAP doc:

http://opennebula.org/documentation:rel4.2:ldap#dn_s_with_special_characters

$ oneuser encode 'cn=First Name,dc=institution,dc=country' 'pass word'
cn=First%20Name,dc=institution,dc=country:pass%20word

It seems that you should replace white spaces by URL %20 character...


Cheers
Alvaro
>
> Steve Timm
>
>
> On Wed, 20 Nov 2013, Alvaro Simon wrote:
>
>> Dear ON community
>>
>> We don't know if this is a known issue or not, we are using ON 4.2 
>> and Sunstone with LDAP support. We have notice that special 
>> characters like white spaces are not working from Sunstone using LDAP 
>> auth, we got these errors:
>>
>> Wed Nov 20 09:49:10 2013 [E]: User carlosf could not be authenticated
>> Wed Nov 20 09:49:10 2013 [E]: execution expired
>> Wed Nov 20 09:49:10 2013 [I]: Unauthorized login attempt
>>
>>
>> If we change the user pass (without white spaces), sunstone is able 
>> to authenticate the user again.
>>
>> Have you experienced the same issue? any workaround available?
>>
>> Thanks in advance!
>> Alvaro
>> _______________________________________________
>> Users mailing list
>> Users at lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>
>
> ------------------------------------------------------------------
> Steven C. Timm, Ph.D  (630) 840-8525
> timm at fnal.gov  http://home.fnal.gov/~timm/
> Fermilab Scientific Computing Division, Scientific Computing Services 
> Quad.
> Grid and Cloud Services Dept., Group leader of Grid and Cloud Services 
> Operations.  Lead of FermiCloud Project.




More information about the Users mailing list