karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Freeman Fang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (KARAF-2476) Special characters are dropped when generating the LDAP the user and role filters
Date Wed, 18 Sep 2013 04:47:53 GMT

    [ https://issues.apache.org/jira/browse/KARAF-2476?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13770429#comment-13770429
] 

Freeman Fang commented on KARAF-2476:
-------------------------------------

apply patch on behalf of Jonathan Anstey with thanks
http://svn.apache.org/r1524267 for trunk
http://svn.apache.org/r1524266 for 2.3.x branch
http://svn.apache.org/r1524264 for 2.x branch
                
> Special characters are dropped when generating the LDAP the user and role filters
> ---------------------------------------------------------------------------------
>
>                 Key: KARAF-2476
>                 URL: https://issues.apache.org/jira/browse/KARAF-2476
>             Project: Karaf
>          Issue Type: Bug
>            Reporter: Jonathan Anstey
>            Assignee: Freeman Fang
>             Fix For: 2.4.0, 3.0.0, 2.3.4
>
>         Attachments: KARAF-2476-karaf-2.x.patch
>
>
> The current code - org.apache.karaf.jaas.modules.ldap.LDAPLoginModule - forms the userFilter
and roleFilter:
> logger.debug("Looking for the user in LDAP with ");
> logger.debug(" base DN: " + userBaseDN);
> userFilter = userFilter.replaceAll("%u", user);
> logger.debug("Looking for the user roles in LDAP with ");
> logger.debug(" base DN: " + roleBaseDN);
> roleFilter = roleFilter.replaceAll("%u", user);
> roleFilter = roleFilter.replaceAll("%dn", userDN);
> the "replaceAll" method is a regular expression replacement that interprets special characters.
LDAP user names and DN can contain special characters and we do not want to process them.
The filters should be formed as "quotes" - uninterpreted strings.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message