directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rudi Wijaya (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRSHARED-143) Provide helper method to escape characters to be used in LDAP Filter literal
Date Fri, 12 Apr 2013 05:39:17 GMT

    [ https://issues.apache.org/jira/browse/DIRSHARED-143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13629817#comment-13629817
] 

Rudi Wijaya commented on DIRSHARED-143:
---------------------------------------

Typo fix:

{code}
final String ldapFilter = FilterEncoder.format("(&(objectclass=person)(|(mail={0})(primaryMail={1})))",
new String[] { tokenUsername, tokenUsername });
{code} 
                
> Provide helper method to escape characters to be used in LDAP Filter literal
> ----------------------------------------------------------------------------
>
>                 Key: DIRSHARED-143
>                 URL: https://issues.apache.org/jira/browse/DIRSHARED-143
>             Project: Directory Shared (Please use DIRAPI instead)
>          Issue Type: Improvement
>    Affects Versions: 1.0.0-M13
>            Reporter: Hendy Irawan
>            Assignee: Stefan Seelmann
>             Fix For: 1.0.0-M14
>
>         Attachments: DIRSHARED-143.patch
>
>
> In order to prevent malicious injection, user-provided input must be escaped (the 5 restricted
characters) before being put in LDAP filter.
> Provide a helper static method to make it convenient and available as public API.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message