Uwe Wolfinger created CONNECTORS-1644: -----------------------------------------
Summary: LDAPAuthority.java - group search by dn encoding/escaping Key: CONNECTORS-1644 URL: https://issues.apache.org/jira/browse/CONNECTORS-1644 Project: ManifoldCF Issue Type: Bug Components: LDAP authority Affects Versions: ManifoldCF 2.15 Reporter: Uwe Wolfinger I just came across a problem with escaping, when searching groups by dn. A person has the following dn: cn=John\2C Doe,ou=Internal,ou=Users,ou=ORG,o=comp which results in: cn=John\5c2C Doe,ou=Internal,ou=Users,ou=ORG,o=comp after passing escapeLDAPSearchFilter. With a groupSearch Filter of "(&(objectClass=groupOfNames)(member=\{0}))" the String that is sent to the LDAP Server is: (&(objectClass=groupOfNames)(member=cn=John5c2C Doe,ou=Internal,ou=Users,ou=ORG,o=comp)) -> this leads to an empty result set, as the \ disappeared. Changing String searchFilter = groupSearch.replaceAll("\\\{0\\}", escapedDN); to String searchFilter = groupSearch.replace("\{0}", escapedDN); the following searchFilter is used, which is correct and leads to results: (&(objectClass=groupOfNames)(member=cn=John\5c2C Doe,ou=Internal,ou=Users,ou=ORG,o=comp)) So it seems that there is a problem with escaping/encoding when using the regex based replaceAll method. Is there a reason to user replaceAll instead of replace at this position? Would it be a problem, to use the simple string replace method? -- This message was sent by Atlassian Jira (v8.3.4#803005)