Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Investigate why LDAP Channel Binding breaks authentication #2220

Open
benedeki opened this issue Sep 12, 2024 · 1 comment
Open

Investigate why LDAP Channel Binding breaks authentication #2220

benedeki opened this issue Sep 12, 2024 · 1 comment
Labels
bug Something isn't working Menas Menas component affected priority: high Critical to the health of the project security Relates to application security

Comments

@benedeki
Copy link
Collaborator

Describe the bug

When LDAP Channel Binding is switched on on the server, it breaks authentication of Menas

Expected behavior

LDAP Channel Binding setup does not break the application

Screenshots

[WARN]  2024-09-10 20:04:48,754 [https-openssl-apr-8443-exec-1] za.co.absa.enceladus.menas.auth.MenasAuthenticationFailureHandler - Authentication exception
za.co.absa.enceladus.menas.auth.exceptions.BadLdapHostException: java.security.PrivilegedActionException: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090346: LdapErr: DSID-0C0905E4, comment: AcceptSecurityContext error, data 80090346, v3839^@]
[INFO]  2024-08-23 05:02:26,121 [main] org.springframework.ldap.core.support.AbstractContextSource - Property 'userDn' not set - anonymous context will be used for read-write operations
[INFO]  2024-08-23 05:29:07,914 [https-openssl-apr-8443-exec-8] org.springframework.ldap.core.support.AbstractContextSource - Property 'userDn' not set - anonymous context will be used for read-write operations
@benedeki benedeki added bug Something isn't working Menas Menas component affected security Relates to application security priority: high Critical to the health of the project labels Sep 12, 2024
@benedeki benedeki changed the title Investigate why LDAP Channel Binding Investigate why LDAP Channel Binding breaks authentication Sep 12, 2024
@benedeki
Copy link
Collaborator Author

From quick search by @Zejnilovic

https://bugs.openjdk.org/browse/JDK-8245527

spring-projects/spring-security#8037

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working Menas Menas component affected priority: high Critical to the health of the project security Relates to application security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@benedeki