thanks a lot. it seems that this was an additional problem with the firewall(!?) anyway, the firewall is now configured to let through the whole ldap traffic from the xwiki machine. the problem hasn't changed: sometimes, users are randomly logged out with the "wrong passowrd" error message. when they try to log in, they get the very same error message for a couple of times. a few minutes later, they can login again and everything works. this happens spontaniously a couple of times per day.
does any1 experience the same problem? the next issue is that suddenly no (error/warning) messages are generated any more. i will try a tomcat restart in the afternoon, but since we did that a lot of times before i don't think this will help. i would very much apprechiate any kind of help! thank you in advance. steve tmortagne wrote: > > Hi, > > On Mon, Feb 2, 2009 at 9:48 AM, Stefan Woehrer <stefan_woeh...@yahoo.de> > wrote: >> >> Hi, >> >> we just upgraded our XWiki from 1.3.2 to 1.7.1. >> Right afterwards the firewall registers LDAP-Packages from the XWiki >> mashine >> as an attack, saying: >> >> "A malicious LDAP packet may indicate a potential attack. An attacker >> could >> use a modified LDAP message to cause buffer overflows on defective >> systems >> and execute arbitary code. (LDAP message contains malicious data which >> does >> not comply with ASN.1)" >> >> It seems that it has something to to with the changings made since 1.3.2. >> Is >> that possible? > > By default 1.7.1 use the new XWiki LDAP authenticator when 1.3.2 use > the old one. See > http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HLDAPAuthentication > > Now on the technical details it's using exactly the same Novell ldap > client implementation and the differences are more on the XWiki side > so I don't see why it would suddenly send wrong datas. > >> >> Greetings, >> Steve >> -- >> View this message in context: >> http://n2.nabble.com/LDAP-Login-changes-in-new-version-tp2257004p2257004.html >> Sent from the XWiki- Users mailing list archive at Nabble.com. >> >> _______________________________________________ >> users mailing list >> users@xwiki.org >> http://lists.xwiki.org/mailman/listinfo/users >> > > > > -- > Thomas Mortagne > _______________________________________________ > users mailing list > users@xwiki.org > http://lists.xwiki.org/mailman/listinfo/users > > -- View this message in context: http://n2.nabble.com/LDAP-Login-changes-in-new-version-tp2257004p2273948.html Sent from the XWiki- Users mailing list archive at Nabble.com. _______________________________________________ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
