You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by ba...@apache.org on 2017/01/19 17:07:37 UTC
svn commit: r1779497 - in /jackrabbit/oak/trunk/oak-auth-ldap/src: main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java

Author: baedke
Date: Thu Jan 19 17:07:37 2017
New Revision: 1779497

URL: http://svn.apache.org/viewvc?rev=1779497&view=rev
Log:
OAK-5490: Add validation for LdapIdentityProvider config

Added check for empty strings.

Modified:
    jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java
    jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java

Modified: jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java?rev=1779497&r1=1779496&r2=1779497&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java (original)
+++ jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java Thu Jan 19 17:07:37 2017
@@ -17,11 +17,14 @@
 package org.apache.jackrabbit.oak.security.authentication.ldap.impl;
 
 import java.util.Arrays;
+import java.util.LinkedList;
+import java.util.List;
 
 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 
+import org.apache.directory.api.util.Strings;
 import org.apache.felix.scr.annotations.Component;
 import org.apache.felix.scr.annotations.Property;
 import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
@@ -1003,7 +1006,7 @@ public class LdapProviderConfig {
      */
     @Nonnull
     public LdapProviderConfig setCustomAttributes(@Nonnull String[] customAttributes) {
-        this.customAttributes = customAttributes;
+        this.customAttributes = this.removeEmptyStrings(customAttributes);
         return this;
     }
 
@@ -1128,6 +1131,20 @@ public class LdapProviderConfig {
         return (sb == null ? value : sb.toString());
     }
 
+    //OAK-5490
+    private String[] removeEmptyStrings(@Nonnull String[] params) {
+        List<String> list = Arrays.asList(params);
+        if (!list.contains(Strings.EMPTY_STRING)) {
+            return params;
+        }
+        List<String> resultList = new LinkedList<>(list);
+        while (resultList.contains(Strings.EMPTY_STRING)) {
+            resultList.remove(Strings.EMPTY_STRING);
+        }
+        String[] result = new String[resultList.size()];
+        return resultList.toArray(result);
+    }
+
     @Override
     public String toString() {
         final StringBuilder sb = new StringBuilder("LdapProviderConfig{");

Modified: jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java?rev=1779497&r1=1779496&r2=1779497&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java (original)
+++ jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java Thu Jan 19 17:07:37 2017
@@ -29,6 +29,7 @@ import java.util.Map;
 import javax.jcr.SimpleCredentials;
 import javax.security.auth.login.LoginException;
 
+import org.apache.directory.api.util.Strings;
 import org.apache.directory.server.constants.ServerDNConstants;
 import org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider;
 import org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapProviderConfig;
@@ -50,6 +51,7 @@ import static junit.framework.Assert.ass
 import static junit.framework.Assert.assertTrue;
 import static junit.framework.Assert.fail;
 
+import static org.junit.Assert.assertArrayEquals;
 import static org.junit.Assert.assertThat;
 
 public class LdapProviderTest {
@@ -406,6 +408,11 @@ public class LdapProviderTest {
         assertEquals("Intermediate path must be the split dn", TEST_USER5_PATH, user.getIntermediatePath());
     }
 
+    @Test
+    public void testRemoveEmptyString() throws Exception {
+        providerConfig.setCustomAttributes(new String[] {"a", Strings.EMPTY_STRING, "b" });
+        assertArrayEquals("Array must not contain empty strings", new String[] {"a", "b" }, providerConfig.getCustomAttributes());
+    }
 
     public static void assertIfEquals(String message, String[] expected, Iterable<ExternalIdentityRef> result) {
         List<String> dns = new LinkedList<String>();