You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@guacamole.apache.org by "Jens Schleede (Jira)" <ji...@apache.org> on 2021/11/18 12:02:00 UTC
[jira] [Created] (GUACAMOLE-1462) German umlauts in LDAP user search filter do not work
Jens Schleede created GUACAMOLE-1462:
----------------------------------------
Summary: German umlauts in LDAP user search filter do not work
Key: GUACAMOLE-1462
URL: https://issues.apache.org/jira/browse/GUACAMOLE-1462
Project: Guacamole
Issue Type: Bug
Components: guacamole-auth-ldap
Environment: Docker, MacOS
Reporter: Jens Schleede
I need to use German umlauts within the ldap-user-search-filter keyword, like
{code:java}
ldap-user-search-filter: (&(objectClass=person)(memberOf=CN=mem,OU=1234 - Universität,DC=ad,DC=example,DC=org))
{code}
But Guacamole seems not be able to generate a correct LDAP query and so the query does not return anything. Testing the same query with Apache Directory Studio (that uses the same LDAP code?) works.
The trace/debug output looks something like
{code:java}
TRACE o.a.g.auth.ldap.ObjectQueryService - Sending LDAP filter: "(&(&(objectClass=person)(memberOf=\43\4E\3D\6D\65\6D\2C\4F\55\3D\31\32\33\34\20\2D\20\55\6E\69\76\65\72\73\69\74\C3\83\C2\A4\74\2C\44\43\3D\61\64\2C\44\43\3D\65\78\61\6D\70\6C\65\2C\44\43\3D\6F\72\67))(|(sAMAccountName=testuser))){code}
The attributeValue of memberOf is somehow converted to (ascii) hexcode. The german umlaut ä is converted to \c3\a4 (utf hex). Is this intended behaviour?
For testing I used a docker compose project that uses the official Guacamole Client and Server Docker images. LDAP server is MS Active Directory.
I made sure Java/Tomcat uses UTF-8 with environment variable JAVA_TOOL_OPTIONS: "-Dfile.encoding=UTF-8 -Dsun.jnu.encoding=UTF-8". But that did not change behaviour.
I also checked the generated guacamole.properties which is valid utf8.
I also tried some escaped variations of the umlaut in the attributeValue in guacamole.properties without luck.
I suspect there is something wrong with the string handling of the LDAP parser.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)