archiva-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sascha Vogt <sascha.v...@gmail.com>
Subject Redback / Active Directory issue
Date Thu, 28 May 2015 09:51:42 GMT
Hi all,

yesterday we upgraded to Archiva 2.2.0 and found that LDAP groups were
no longer correctly assigned to the user.

I think I found the issue:
https://github.com/apache/archiva-redback-core/commit/221aa62c8f733adbfd2aacdf62333bd0a708bffc

In DefaultLdapRoleMapper[1] line 395 groupEntry gets escaped. I think
escaping is only needed in the filter string. In line 439 groupEntry is
used to check if the user is a member (not sure why this double checking
is necessary at all, we already filtered for all groups containing the
user, the result should not return other groups, but anyhow) against the
escaped string. That obviously doesn't match.

Moving the escaping to line 399 (directly in the append(groupEntry))
fixed the issue.

Any objections to that? If not I'll issue a PR.

Greetings
-Sascha-

[1]https://github.com/apache/archiva-redback-core/blob/master/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/DefaultLdapRoleMapper.java

Mime
View raw message