[jboss-cvs] Picketlink SVN: r438 - idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Thu Oct 7 08:21:46 EDT 2010 

Author: bdaw
Date: 2010-10-07 08:21:45 -0400 (Thu, 07 Oct 2010)
New Revision: 438

Modified:
   idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java
Log:
- PLIDM-24 names in LDAP search filter are not escaped properly - additional patch by mputz

Modified: idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java
===================================================================
--- idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java	2010-10-06 23:28:39 UTC (rev 437)
+++ idm/branches/1.1.0/picketlink-idm-ldap/src/main/java/org/picketlink/idm/impl/store/ldap/LDAPIdentityStoreImpl.java	2010-10-07 12:21:45 UTC (rev 438)
@@ -1247,12 +1247,12 @@
                .append("=");
             if (checkedTypeConfiguration.isParentMembershipAttributeDN())
             {
-               af.append(ldapIO.getDn());
+               af.append(Tools.escapeLDAPSearchFilter(ldapIO.getDn()));
             }
             else
             {
                //TODO: this doesn't make much sense unless parent/child are same identity types and resides in the same LDAP context
-               af.append(ldapIO.getName());
+               af.append(Tools.escapeLDAPSearchFilter(ldapIO.getName()));
             }
             af.append(")");
          }
@@ -1264,12 +1264,12 @@
                .append("=");
             if (checkedTypeConfiguration.isChildMembershipAttributeDN())
             {
-               af.append(ldapIO.getDn());
+               af.append(Tools.escapeLDAPSearchFilter(ldapIO.getDn()));
             }
             else
             {
                //TODO: this doesn't make much sense unless parent/child are same identity types and resides in the same LDAP context
-               af.append(ldapIO.getName());
+               af.append(Tools.escapeLDAPSearchFilter(ldapIO.getName()));
             }
             af.append(")");
          }
@@ -1296,6 +1296,7 @@
          else
          {
             filter = "(".concat(checkedTypeConfiguration.getIdAttributeName()).concat("=").concat(nameFilter).concat(")");
+			 
             sr = searchIdentityObjects(ctx,
                entryCtxs,
                "(&(" + filter + ")" + af.toString() + ")",

More information about the jboss-cvs-commits mailing list