[Bug 307144] New: LDAP credentials saved wrongly if password cotains a colon

Jörg Schaible joerg.schaible at gmx.de
Fri Sep 21 09:52:39 BST 2012 

https://bugs.kde.org/show_bug.cgi?id=307144

            Bug ID: 307144
          Severity: normal
           Version: 4.8
          Priority: NOR
          Assignee: kdepim-bugs at kde.org
           Summary: LDAP credentials saved wrongly if password cotains a
                    colon
    Classification: Unclassified
                OS: Linux
          Reporter: joerg.schaible at gmx.de
          Hardware: Other
            Status: UNCONFIRMED
         Component: kldap
           Product: kdepimlibs

Using an LDAP resource for the address book with an user who has a colon in its
password, the credentials are constantly mixed up, because parts of the
password are used for the user's name.

Reproducible: Always

Steps to Reproduce:
1. Create an LDAP resource and connect with an user that has a colon in its
password
2. Start Kmail, create a new email and start typing in the address field
3. Auto-completion tries to access the LDAP, fails and a dialog appears to
enter user name and password
4. Enter correct values, check box to save values and press OK
5. Auto-completion worked, results are visible in the drop-down box
6. Press next character

Actual Results:  
LDAP dialog appears again (obviously LDAP connection failed again) and this
time the dialog field for the user contains additionally parts of the password
as default

Expected Results:  
It should have been possible to establish the LDAP connection again without
problems

Example connecting to an Active Directory server with LDAP:
- Username: "DOMAIN\me"
- Password: "my:pwd"

The dialog will use later as wrong defaults:
- Username: "DOMAIN\me:my"
- Password: "pwd"

It looks like that some component has problems with URL encoding and/or URL
interpretation. The LDAP URL should be something like:

ldaps://DOMAIN%92me:my%58password@host:port/...

However, if some component fails to URL encode the values, you get:

ldaps://DOMAIN\me:my:password@host:port/...

In this case it is now moot to guess how this URL has to be interpreted, but
the wrong default values in the LDAP dialog get obvious.

Since the LDAP connection works right directly after entering the proper
values, the error must be later either when the values are saved for later
reuse or when the URL is built again.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the Kdepim-bugs mailing list