Configured Confluence to keep and manage users in its internal database, but to first try to use LDAP for authentication only, via the new interface. Debug output suggests Confluence is not bothering to check the LDAP at any point during the authentication process. More detail is available here: https://support.atlassian.com/browse/CSP-61137
{"id": "CONFSERVER-22444", "vendorId": null, "type": "atlassian", "bulletinFamily": "software", "title": "When configured for Internal Database with LDAP for Authentication Only, Confluence does not check the LDAP when authenticating users", "description": "Configured Confluence to keep and manage users in its internal database, but to first try to use LDAP for authentication only, via the new interface. Debug output suggests Confluence is not bothering to check the LDAP at any point during the authentication process. More detail is available here: https://support.atlassian.com/browse/CSP-61137", "published": "2011-05-06T20:26:00", "modified": "2018-10-11T09:01:35", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://jira.atlassian.com/browse/CONFSERVER-22444", "reporter": "e6f532a6136c", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2022-01-05T06:54:46", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "atlassian", "idList": ["ATLASSIAN:CONFSERVER-22444"]}], "rev": 4}, "score": {"value": 1.6, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "affected_software": {"major_version": [{"name": "confluence server and data center", "version": 3}]}, "vulnersScore": 1.6}, "affectedSoftware": [{"version": "3.5.2", "operator": "le", "name": "confluence server and data center"}], "_state": {"dependencies": 1646314616, "score": 1659853389, "affected_software_major_version": 1666695388}, "_internal": {"score_hash": "bfed32c9e260587a87eb64be9120c462"}}
When configured for Internal Database with LDAP for Authentication Only, Confluence does not check the LDAP when authenticating users