Uploaded image for project: 'ManifoldCF'
  1. ManifoldCF
  2. CONNECTORS-1644

LDAPAuthority.java - group search by dn encoding/escaping

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • ManifoldCF 2.15
    • ManifoldCF 2.17
    • LDAP authority
    • None

    Description

      I just came across a problem with escaping, when searching groups by dn.

      A person has the following dn:
      cn=John\2C Doe,ou=Internal,ou=Users,ou=ORG,o=comp
      which results in:
      cn=John\5c2C Doe,ou=Internal,ou=Users,ou=ORG,o=comp
      after passing escapeLDAPSearchFilter.
      With a groupSearch Filter of "(&(objectClass=groupOfNames)(member={0}))" the String that is sent to the LDAP Server is:
      (&(objectClass=groupOfNames)(member=cn=John5c2C Doe,ou=Internal,ou=Users,ou=ORG,o=comp))
      -> this leads to an empty result set, as the \ disappeared.
      Changing
      String searchFilter = groupSearch.replaceAll("\\\{0
      }", escapedDN);
      to
      String searchFilter = groupSearch.replace("{0}", escapedDN);
      the following searchFilter is used, which is correct and leads to results:
      (&(objectClass=groupOfNames)(member=cn=John\5c2C Doe,ou=Internal,ou=Users,ou=ORG,o=comp))

      So it seems that there is a problem with escaping/encoding when using the regex based replaceAll method.

      Is there a reason to user replaceAll instead of replace at this position? Would it be a problem, to use the simple string replace method?

      Attachments

        Activity

          People

            kwright@metacarta.com Karl Wright
            wolfingeru Uwe Wolfinger
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: