-
Type: Bug
-
Resolution: Done
-
Priority: Major - P3
-
Affects Version/s: 3.3.5
-
Component/s: None
-
None
-
Fully Compatible
-
ALL
-
Security 14 (05/13/16)
Both LDAP authentication and LDAP authorization perform userToDN mappings. The mapping performed by authentication is persisted and the resulting DN is used as the username during authorization. This is incorrect, because this postprocessed username might not match any rule in the ldapUserToDNMapping.