Author: baedke Date: Thu Jan 19 17:07:37 2017 New Revision: 1779497 URL: http://svn.apache.org/viewvc?rev=1779497&view=rev Log: OAK-5490: Add validation for LdapIdentityProvider config
Added check for empty strings. Modified: jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java Modified: jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java?rev=1779497&r1=1779496&r2=1779497&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java (original) +++ jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java Thu Jan 19 17:07:37 2017 @@ -17,11 +17,14 @@ package org.apache.jackrabbit.oak.security.authentication.ldap.impl; import java.util.Arrays; +import java.util.LinkedList; +import java.util.List; import javax.annotation.CheckForNull; import javax.annotation.Nonnull; import javax.annotation.Nullable; +import org.apache.directory.api.util.Strings; import org.apache.felix.scr.annotations.Component; import org.apache.felix.scr.annotations.Property; import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters; @@ -1003,7 +1006,7 @@ public class LdapProviderConfig { */ @Nonnull public LdapProviderConfig setCustomAttributes(@Nonnull String[] customAttributes) { - this.customAttributes = customAttributes; + this.customAttributes = this.removeEmptyStrings(customAttributes); return this; } @@ -1128,6 +1131,20 @@ public class LdapProviderConfig { return (sb == null ? value : sb.toString()); } + //OAK-5490 + private String[] removeEmptyStrings(@Nonnull String[] params) { + List<String> list = Arrays.asList(params); + if (!list.contains(Strings.EMPTY_STRING)) { + return params; + } + List<String> resultList = new LinkedList<>(list); + while (resultList.contains(Strings.EMPTY_STRING)) { + resultList.remove(Strings.EMPTY_STRING); + } + String[] result = new String[resultList.size()]; + return resultList.toArray(result); + } + @Override public String toString() { final StringBuilder sb = new StringBuilder("LdapProviderConfig{"); Modified: jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java?rev=1779497&r1=1779496&r2=1779497&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java (original) +++ jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java Thu Jan 19 17:07:37 2017 @@ -29,6 +29,7 @@ import java.util.Map; import javax.jcr.SimpleCredentials; import javax.security.auth.login.LoginException; +import org.apache.directory.api.util.Strings; import org.apache.directory.server.constants.ServerDNConstants; import org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider; import org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapProviderConfig; @@ -50,6 +51,7 @@ import static junit.framework.Assert.ass import static junit.framework.Assert.assertTrue; import static junit.framework.Assert.fail; +import static org.junit.Assert.assertArrayEquals; import static org.junit.Assert.assertThat; public class LdapProviderTest { @@ -406,6 +408,11 @@ public class LdapProviderTest { assertEquals("Intermediate path must be the split dn", TEST_USER5_PATH, user.getIntermediatePath()); } + @Test + public void testRemoveEmptyString() throws Exception { + providerConfig.setCustomAttributes(new String[] {"a", Strings.EMPTY_STRING, "b" }); + assertArrayEquals("Array must not contain empty strings", new String[] {"a", "b" }, providerConfig.getCustomAttributes()); + } public static void assertIfEquals(String message, String[] expected, Iterable<ExternalIdentityRef> result) { List<String> dns = new LinkedList<String>();