[jboss-cvs] JBossAS SVN: r102481 - branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/auth/spi.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Mar 16 14:47:50 EDT 2010
Author: mmoyses
Date: 2010-03-16 14:47:49 -0400 (Tue, 16 Mar 2010)
New Revision: 102481
Modified:
branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java
Log:
JBPAPP-3792: workaround for DNs with special characters
Modified: branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java 2010-03-16 18:45:37 UTC (rev 102480)
+++ branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java 2010-03-16 18:47:49 UTC (rev 102481)
@@ -158,6 +158,7 @@
private static final String SEARCH_TIME_LIMIT_OPT = "searchTimeLimit";
private static final String SEARCH_SCOPE_OPT = "searchScope";
private static final String SECURITY_DOMAIN_OPT = "jaasSecurityDomain";
+ private static final String DISTINGUISHED_NAME_ATTRIBUTE_OPT = "distinguishedNameAttribute";
protected String bindDN;
protected String bindCredential;
@@ -174,6 +175,7 @@
protected int searchScope = SearchControls.SUBTREE_SCOPE;
protected boolean trace;
protected boolean isPasswordValidated = false;
+ protected String distinguishedNameAttribute;
public LdapExtLoginModule()
{
@@ -366,6 +368,10 @@
if ("SUBTREE_SCOPE".equalsIgnoreCase(scope))
searchScope = SearchControls.SUBTREE_SCOPE;
+ distinguishedNameAttribute = (String) options.get(DISTINGUISHED_NAME_ATTRIBUTE_OPT);
+ if (distinguishedNameAttribute == null)
+ distinguishedNameAttribute = "distinguishedName";
+
// Get the admin context for searching
InitialLdapContext ctx = null;
try
@@ -407,6 +413,9 @@
constraints.setReturningAttributes(new String[0]);
constraints.setTimeLimit(searchTimeLimit);
+ String attrList[] = {distinguishedNameAttribute};
+ constraints.setReturningAttributes(attrList);
+
NamingEnumeration results = null;
@@ -421,10 +430,22 @@
SearchResult sr = (SearchResult) results.next();
String name = sr.getName();
String userDN = null;
- if (sr.isRelative() == true)
- userDN = name + ("".equals(baseDN) ? "" : "," + baseDN);
- else
- throw new NamingException("Can't follow referal for authentication: " + name);
+ Attributes attrs = sr.getAttributes();
+ if (attrs != null)
+ {
+ Attribute dn = attrs.get(distinguishedNameAttribute);
+ if (dn != null)
+ {
+ userDN = (String) dn.get();
+ }
+ }
+ if (userDN == null)
+ {
+ if (sr.isRelative() == true)
+ userDN = name + ("".equals(baseDN) ? "" : "," + baseDN);
+ else
+ throw new NamingException("Can't follow referal for authentication: " + name);
+ }
results.close();
results = null;
More information about the jboss-cvs-commits
mailing list