Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
ManifoldCF 2.15
-
None
Description
I just came across a problem with escaping, when searching groups by dn.
A person has the following dn:
cn=John\2C Doe,ou=Internal,ou=Users,ou=ORG,o=comp
which results in:
cn=John\5c2C Doe,ou=Internal,ou=Users,ou=ORG,o=comp
after passing escapeLDAPSearchFilter.
With a groupSearch Filter of "(&(objectClass=groupOfNames)(member={0}))" the String that is sent to the LDAP Server is:
(&(objectClass=groupOfNames)(member=cn=John5c2C Doe,ou=Internal,ou=Users,ou=ORG,o=comp))
-> this leads to an empty result set, as the \ disappeared.
Changing
String searchFilter = groupSearch.replaceAll("\\\{0
}", escapedDN);
to
String searchFilter = groupSearch.replace("{0}", escapedDN);
the following searchFilter is used, which is correct and leads to results:
(&(objectClass=groupOfNames)(member=cn=John\5c2C Doe,ou=Internal,ou=Users,ou=ORG,o=comp))
So it seems that there is a problem with escaping/encoding when using the regex based replaceAll method.
Is there a reason to user replaceAll instead of replace at this position? Would it be a problem, to use the simple string replace method?