Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-23204

LDAP config breaks with passwords with a # pound symbol


    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.19.1
    • Fix Version/s: None
    • Component/s: LDAP
    • Labels:
    • Environment:
      Nexus on CentOS 7 (all system packages and kernel are up to date as of march 16, 2020)


      We configured our Nexus Repository Manager OSS 3.19.1-01 with a LDAP connection to the AD server (didn't test on later versions). Which works fine for most users. Authentication is working properly for the docker registry being hosted by Nexus. But also directly on the Nexus GUI itself to browse through other repositories.

      Apparently when a user has a # (pound) symbol in the password things just stop working during the authentication process. We've repeatedly tested this by ONLY changing the password for the user on AD site and trying to connect to Nexus (via "verify login" on the LDAP tab, and via "docker login my.nexus.repo:5000" ).

      Having a pound # in the password doesn't work. On docker login it replies with a 401, and with "verify login" it yields
      Failed to connect to LDAP Server: User 'CN=myCN,OU=myOU,OU=otherOU,DC=myDC,DC=otherDC' cannot be authenticated. [Caused by javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0c09042A, comment: AcceptSecurityContext error, data52e, v3839]]

      When changing the password back to a password without a # pound it works perfectly fine.

      Also tried a local account with a # symbol, but that works perfectly fine as well. So it seems LDAP / AD related


          Issue Links



              Unassigned Unassigned
              markri Marco
              Last Updated By:
              Joe Tom Joe Tom
              0 Vote for this issue
              2 Start watching this issue


                Date of First Response: