Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-9574

Nexus Repository 2 makes two LDAP user search queries per configured LDAP server when the inbound request userid is not found

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Won't Fix
    • Affects Version/s: 2.11.4, 2.14.13, 2.15.1
    • Fix Version/s: None
    • Component/s: LDAP
    • Labels:

      Description

      Configure Nexus for LDAP using standard settings in the LDAP connection, then try to access a resource with a user ID that doesn't exist in the LDAP server

      curl -u fubar:fubar http://localhost:8081/nexus/service/local/status
      

      You will see that the exact same query is made twice to the LDAP server.

      For successful authentication the query is only made once.

      Expected

      A single LDAP search query per configured LDAP server should be all that is needed per inbound request, to attempt to authenticate the provided user name.

        Attachments

        1. ldap.xml
          1 kB
        2. nexus.log
          53 kB
        3. wiresharktest.pcapng
          1 kB

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            rseddon Rich Seddon
            Last Updated By:
            Peter Lynch Peter Lynch
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Date of First Response:

                tigCommentSecurity.panel-title