Open
Description
Hello,
Describe the bug
If we enable OTP for LDAP auth on our usermanagment (webadm), then login fails with LDAP OK, but OTP failed.
Set up
- Version: v0.4.0
- Puppet / Yaml config:
...
env:
...
- SPRING_LDAP_URLS=ldap://%{hiera('yubiauth_host')}:389
- SPRING_LDAP_USERFILTER_SEARCHBASE=ou=People,dc=example,dc=com
- SPRING_LDAP_USERFILTER_SEARCHFILTER=(&(uid={0})(objectClass=inetOrgPerson))
- SPRING_LDAP_ADMINUSER=cn=webadmin,ou=Accounts,dc=example,dc=com
- SPRING_LDAP_ADMINPASSWORD=%{hiera('global_ldap_webadmin')}
Enable OTP for Useraccount, on LDAP, so it looks like: userpasswordLooooooonnnnnnggggggYubiOTP string
So the string is based on the LDAP userpassword + OTP which is 45 chars long. The password can than be up to 80 chars long or longer.
I can see on the LDAP logs, that the user is found, so admin password and search works. I will try later to disable OTP for my account to see, if it help, but it could be possible, that there is a char limit for the password field.
cu denny