You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@karaf.apache.org by ff...@apache.org on 2013/09/18 03:06:14 UTC

svn commit: r1524266 - /karaf/branches/karaf-2.3.x/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java

Author: ffang
Date: Wed Sep 18 01:06:14 2013
New Revision: 1524266

URL: http://svn.apache.org/r1524266
Log:
[KARAF-2476]Special characters are dropped when generating the LDAP the user and role filters

Modified:
    karaf/branches/karaf-2.3.x/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java

Modified: karaf/branches/karaf-2.3.x/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
URL: http://svn.apache.org/viewvc/karaf/branches/karaf-2.3.x/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java?rev=1524266&r1=1524265&r2=1524266&view=diff
==============================================================================
--- karaf/branches/karaf-2.3.x/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java (original)
+++ karaf/branches/karaf-2.3.x/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java Wed Sep 18 01:06:14 2013
@@ -35,6 +35,8 @@ import java.security.Principal;
 import java.util.HashSet;
 import java.util.Hashtable;
 import java.util.Map;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 
 /**
  * Karaf JAAS login module which uses a LDAP backend.
@@ -186,7 +188,7 @@ public class LDAPLoginModule extends Abs
             }
             logger.debug("Looking for the user in LDAP with ");
             logger.debug("  base DN: " + userBaseDN);
-            userFilter = userFilter.replaceAll("%u", user);
+            userFilter = userFilter.replaceAll(Pattern.quote("%u"), Matcher.quoteReplacement(user));
             logger.debug("  filter: " + userFilter);
             NamingEnumeration namingEnumeration = context.search(userBaseDN, userFilter, controls);
             if (!namingEnumeration.hasMore()) {
@@ -249,8 +251,8 @@ public class LDAPLoginModule extends Abs
             }
             logger.debug("Looking for the user roles in LDAP with ");
             logger.debug("  base DN: " + roleBaseDN);
-            roleFilter = roleFilter.replaceAll("%u", user);
-            roleFilter = roleFilter.replaceAll("%dn", userDN);
+            roleFilter = roleFilter.replaceAll(Pattern.quote("%u"), Matcher.quoteReplacement(user));
+            roleFilter = roleFilter.replaceAll(Pattern.quote("%dn"), Matcher.quoteReplacement(userDN));
             logger.debug("  filter: " + roleFilter);
             NamingEnumeration namingEnumeration = context.search(roleBaseDN, roleFilter, controls);
             while (namingEnumeration.hasMore()) {