Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Dilip Kumar Nagaraj (DilipKumarN)
Accenture
Dilip Kumar Nagaraj
Accenture
GB
DilipKumarN Member since 2013 13 posts
Accenture
Posted: Nov 27, 2017
Last activity: Nov 27, 2017
Posted: 27 Nov 2017 2:29 EST
Last activity: 27 Nov 2017 11:19 EST
Closed

LDAP authentication with incorrect password

Hi Friends,

In our project we are implementing LDAP authentication (No Single Sign On)

We are using the OOTB authentication service /WebLDAP2 and the authentication activity is AuthenticationLDAPWebVerifyCredentials

We are able to successfully do the test connectivity using the client provided BindUserName & password.

#1. When we try to login with incorrect user id ,system is throwing user doesnot exist in directory (i.e, expected behavior)

#2. When we try to login with correct user id & incorrect password,system is still allowing the user to login and the ldap attributes such as email, phone number are getting mapped to the operator record which is an unexpected behavior. Im not able to find any logic in OOTB activity AuthenticationLDAPWebVerifyCredentials user password is validated. Not sure how to validate the incorrect password

Any help / suggestions for #2 is appreciated

Thanks,

Dilip

To see attachments, please log in.
Security

Posted: 6 years ago
Posted: 27 Nov 2017 11:19 EST
Praveen Kumar Nandagopal (Praveen Kumar N)
Serendebyte
Praveen Kumar Nandagopal
Serendebyte
IN

Hi Dilip,

    The OOTB Activity "AuthenticationLDAPWebVerifyCredentials" doesnot verify the password, It just checks whether the user is found in LDAP directory. Try to use the other activity "AuthenticationLDAPVerifyCredentials", This checks for user availability as well as the password match.Hope this helps.

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice