You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by ba...@apache.org on 2017/01/19 17:07:37 UTC
svn commit: r1779497 - in /jackrabbit/oak/trunk/oak-auth-ldap/src:
main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java
test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java
Author: baedke
Date: Thu Jan 19 17:07:37 2017
New Revision: 1779497
URL: http://svn.apache.org/viewvc?rev=1779497&view=rev
Log:
OAK-5490: Add validation for LdapIdentityProvider config
Added check for empty strings.
Modified:
jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java
Modified: jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java?rev=1779497&r1=1779496&r2=1779497&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java (original)
+++ jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapProviderConfig.java Thu Jan 19 17:07:37 2017
@@ -17,11 +17,14 @@
package org.apache.jackrabbit.oak.security.authentication.ldap.impl;
import java.util.Arrays;
+import java.util.LinkedList;
+import java.util.List;
import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
+import org.apache.directory.api.util.Strings;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Property;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
@@ -1003,7 +1006,7 @@ public class LdapProviderConfig {
*/
@Nonnull
public LdapProviderConfig setCustomAttributes(@Nonnull String[] customAttributes) {
- this.customAttributes = customAttributes;
+ this.customAttributes = this.removeEmptyStrings(customAttributes);
return this;
}
@@ -1128,6 +1131,20 @@ public class LdapProviderConfig {
return (sb == null ? value : sb.toString());
}
+ //OAK-5490
+ private String[] removeEmptyStrings(@Nonnull String[] params) {
+ List<String> list = Arrays.asList(params);
+ if (!list.contains(Strings.EMPTY_STRING)) {
+ return params;
+ }
+ List<String> resultList = new LinkedList<>(list);
+ while (resultList.contains(Strings.EMPTY_STRING)) {
+ resultList.remove(Strings.EMPTY_STRING);
+ }
+ String[] result = new String[resultList.size()];
+ return resultList.toArray(result);
+ }
+
@Override
public String toString() {
final StringBuilder sb = new StringBuilder("LdapProviderConfig{");
Modified: jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java?rev=1779497&r1=1779496&r2=1779497&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java (original)
+++ jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java Thu Jan 19 17:07:37 2017
@@ -29,6 +29,7 @@ import java.util.Map;
import javax.jcr.SimpleCredentials;
import javax.security.auth.login.LoginException;
+import org.apache.directory.api.util.Strings;
import org.apache.directory.server.constants.ServerDNConstants;
import org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider;
import org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapProviderConfig;
@@ -50,6 +51,7 @@ import static junit.framework.Assert.ass
import static junit.framework.Assert.assertTrue;
import static junit.framework.Assert.fail;
+import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertThat;
public class LdapProviderTest {
@@ -406,6 +408,11 @@ public class LdapProviderTest {
assertEquals("Intermediate path must be the split dn", TEST_USER5_PATH, user.getIntermediatePath());
}
+ @Test
+ public void testRemoveEmptyString() throws Exception {
+ providerConfig.setCustomAttributes(new String[] {"a", Strings.EMPTY_STRING, "b" });
+ assertArrayEquals("Array must not contain empty strings", new String[] {"a", "b" }, providerConfig.getCustomAttributes());
+ }
public static void assertIfEquals(String message, String[] expected, Iterable<ExternalIdentityRef> result) {
List<String> dns = new LinkedList<String>();