[
https://issues.apache.org/jira/browse/CONNECTORS-1644?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Karl Wright reassigned CONNECTORS-1644:
---------------------------------------
Assignee: Karl Wright
> LDAPAuthority.java - group search by dn encoding/escaping
> ---------------------------------------------------------
>
> Key: CONNECTORS-1644
> URL: https://issues.apache.org/jira/browse/CONNECTORS-1644
> Project: ManifoldCF
> Issue Type: Bug
> Components: LDAP authority
> Affects Versions: ManifoldCF 2.15
> Reporter: Uwe Wolfinger
> Assignee: Karl Wright
> Priority: Major
>
> I just came across a problem with escaping, when searching groups by dn.
> A person has the following dn:
> cn=John\2C Doe,ou=Internal,ou=Users,ou=ORG,o=comp
> which results in:
> cn=John\5c2C Doe,ou=Internal,ou=Users,ou=ORG,o=comp
> after passing escapeLDAPSearchFilter.
> With a groupSearch Filter of "(&(objectClass=groupOfNames)(member=\{0}))" the
> String that is sent to the LDAP Server is:
> (&(objectClass=groupOfNames)(member=cn=John5c2C
> Doe,ou=Internal,ou=Users,ou=ORG,o=comp))
> -> this leads to an empty result set, as the \ disappeared.
> Changing
> String searchFilter = groupSearch.replaceAll("\\\{0\\}", escapedDN);
> to
> String searchFilter = groupSearch.replace("\{0}", escapedDN);
> the following searchFilter is used, which is correct and leads to results:
> (&(objectClass=groupOfNames)(member=cn=John\5c2C
> Doe,ou=Internal,ou=Users,ou=ORG,o=comp))
> So it seems that there is a problem with escaping/encoding when using the
> regex based replaceAll method.
> Is there a reason to user replaceAll instead of replace at this position?
> Would it be a problem, to use the simple string replace method?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
