You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by at...@apache.org on 2007/12/07 01:30:06 UTC
svn commit: r601929 -
/portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java
Author: ate
Date: Thu Dec 6 16:30:04 2007
New Revision: 601929
URL: http://svn.apache.org/viewvc?rev=601929&view=rev
Log:
Fix for JS2-826: Invalid DN values in group/role member attributes result in null pointer dereferences in the BasePrincipalImpl class
Dennis Dam provided the patch which makes the code more robust and guarding against configuratiion errors.
Thanks a lot Dennis!
Modified:
portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java
Modified: portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java?rev=601929&r1=601928&r2=601929&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java (original)
+++ portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java Thu Dec 6 16:30:04 2007
@@ -99,7 +99,9 @@
String cnfull = (String)it.next();
if(cnfull.toLowerCase().indexOf(getGroupFilterBase().toLowerCase())!=-1) {
String cn = extractLdapAttr(cnfull,getRoleUidAttribute());
- groupUids.add(cn);
+ if (cn != null){
+ groupUids.add(cn);
+ }
}
}
//List uids = getAttributes(getAttribute(getUserGroupMembershipAttribute(), userAttributes),getGroupFilterBase());
@@ -152,7 +154,9 @@
String cnfull = (String)it.next();
if(cnfull.toLowerCase().indexOf(getRoleFilterBase().toLowerCase())!=-1) {
String cn = extractLdapAttr(cnfull,getRoleUidAttribute());
- newAttrs.add(cn);
+ if (cn != null){
+ newAttrs.add(cn);
+ }
}else{
// No conversion required (I think!)
String cn = cnfull;
@@ -196,7 +200,9 @@
if (!StringUtils.isEmpty(uidfull)) {
if (uidfull.toLowerCase().indexOf(getUserFilterBase().toLowerCase())!=-1) {
String uid = extractLdapAttr(uidfull,getUserIdAttribute());
- newAttrs.add(uid);
+ if (uid != null){
+ newAttrs.add(uid);
+ }
}
}
}
@@ -330,7 +336,9 @@
String uidfull = (String)it.next();
if (!StringUtils.isEmpty(uidfull)) {
String uid = extractLdapAttr(uidfull,getUserIdAttribute());
- userPrincipalUids.add(uid);
+ if (uid!=null){
+ userPrincipalUids.add(uid);
+ }
}
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org