You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shiro.apache.org by bd...@apache.org on 2016/10/21 14:26:31 UTC

[3/9] shiro git commit: SHIRO-587 - Expose searchFilter as a property that can be set in the ini

SHIRO-587 - Expose searchFilter as a property that can be set in the ini


Project: http://git-wip-us.apache.org/repos/asf/shiro/repo
Commit: http://git-wip-us.apache.org/repos/asf/shiro/commit/0061bc4e
Tree: http://git-wip-us.apache.org/repos/asf/shiro/tree/0061bc4e
Diff: http://git-wip-us.apache.org/repos/asf/shiro/diff/0061bc4e

Branch: refs/heads/1.4.x
Commit: 0061bc4edd78587afab6ed63d6216f245dffea85
Parents: a85e2d7
Author: opticyclic <op...@gmail.com>
Authored: Wed Sep 28 19:03:54 2016 -0400
Committer: Brian Demers <bd...@apache.org>
Committed: Wed Oct 19 14:46:30 2016 -0400

----------------------------------------------------------------------
 .../shiro/realm/activedirectory/ActiveDirectoryRealm.java    | 2 --
 .../java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java  | 8 ++++++++
 2 files changed, 8 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/shiro/blob/0061bc4e/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java b/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
index 49a8e46..39fa4b6 100644
--- a/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
+++ b/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
@@ -167,8 +167,6 @@ public class ActiveDirectoryRealm extends AbstractLdapRealm {
             userPrincipalName += principalSuffix;
         }
 
-        //SHIRO-115 - prevent potential code injection:
-        String searchFilter = "(&(objectClass=*)(userPrincipalName={0}))";
         Object[] searchArguments = new Object[]{userPrincipalName};
 
         NamingEnumeration answer = ldapContext.search(searchBase, searchFilter, searchArguments, searchCtls);

http://git-wip-us.apache.org/repos/asf/shiro/blob/0061bc4e/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java b/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
index cfd3519..25458c9 100644
--- a/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
+++ b/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
@@ -73,6 +73,9 @@ public abstract class AbstractLdapRealm extends AuthorizingRealm {
 
     protected String systemPassword = null;
 
+    //SHIRO-115 - prevent potential code injection:
+    protected String searchFilter = "(&(objectClass=*)(userPrincipalName={0}))";
+
     private LdapContextFactory ldapContextFactory = null;
 
     /*--------------------------------------------
@@ -157,6 +160,11 @@ public abstract class AbstractLdapRealm extends AuthorizingRealm {
         this.ldapContextFactory = ldapContextFactory;
     }
 
+
+    public void setSearchFilter(String searchFilter) {
+        this.searchFilter = searchFilter;
+    }
+
     /*--------------------------------------------
     |               M E T H O D S                |
     ============================================*/