You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shiro.apache.org by bd...@apache.org on 2016/10/21 14:26:31 UTC
[3/9] shiro git commit: SHIRO-587 - Expose searchFilter as a property
that can be set in the ini
SHIRO-587 - Expose searchFilter as a property that can be set in the ini
Project: http://git-wip-us.apache.org/repos/asf/shiro/repo
Commit: http://git-wip-us.apache.org/repos/asf/shiro/commit/0061bc4e
Tree: http://git-wip-us.apache.org/repos/asf/shiro/tree/0061bc4e
Diff: http://git-wip-us.apache.org/repos/asf/shiro/diff/0061bc4e
Branch: refs/heads/1.4.x
Commit: 0061bc4edd78587afab6ed63d6216f245dffea85
Parents: a85e2d7
Author: opticyclic <op...@gmail.com>
Authored: Wed Sep 28 19:03:54 2016 -0400
Committer: Brian Demers <bd...@apache.org>
Committed: Wed Oct 19 14:46:30 2016 -0400
----------------------------------------------------------------------
.../shiro/realm/activedirectory/ActiveDirectoryRealm.java | 2 --
.../java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java | 8 ++++++++
2 files changed, 8 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/shiro/blob/0061bc4e/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java b/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
index 49a8e46..39fa4b6 100644
--- a/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
+++ b/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
@@ -167,8 +167,6 @@ public class ActiveDirectoryRealm extends AbstractLdapRealm {
userPrincipalName += principalSuffix;
}
- //SHIRO-115 - prevent potential code injection:
- String searchFilter = "(&(objectClass=*)(userPrincipalName={0}))";
Object[] searchArguments = new Object[]{userPrincipalName};
NamingEnumeration answer = ldapContext.search(searchBase, searchFilter, searchArguments, searchCtls);
http://git-wip-us.apache.org/repos/asf/shiro/blob/0061bc4e/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java b/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
index cfd3519..25458c9 100644
--- a/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
+++ b/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
@@ -73,6 +73,9 @@ public abstract class AbstractLdapRealm extends AuthorizingRealm {
protected String systemPassword = null;
+ //SHIRO-115 - prevent potential code injection:
+ protected String searchFilter = "(&(objectClass=*)(userPrincipalName={0}))";
+
private LdapContextFactory ldapContextFactory = null;
/*--------------------------------------------
@@ -157,6 +160,11 @@ public abstract class AbstractLdapRealm extends AuthorizingRealm {
this.ldapContextFactory = ldapContextFactory;
}
+
+ public void setSearchFilter(String searchFilter) {
+ this.searchFilter = searchFilter;
+ }
+
/*--------------------------------------------
| M E T H O D S |
============================================*/