aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/org/traccar/database/LdapProvider.java
diff options
context:
space:
mode:
authorjcardus <joaquim.cardeira@gmail.com>2020-03-25 17:25:19 +0000
committerjcardus <joaquim.cardeira@gmail.com>2020-03-25 17:25:19 +0000
commitfeac85bad4004fb3e316a88285626e12840398d2 (patch)
treed268a79d63b9d1f27b6e433fedc90de7b427b172 /src/main/java/org/traccar/database/LdapProvider.java
parent7b669e3181f637f06b31b55bd930584c7b08e897 (diff)
parentf3d465abe7f255ec44e976caade642e4c2fd7598 (diff)
downloadtrackermap-server-feac85bad4004fb3e316a88285626e12840398d2.tar.gz
trackermap-server-feac85bad4004fb3e316a88285626e12840398d2.tar.bz2
trackermap-server-feac85bad4004fb3e316a88285626e12840398d2.zip
Merge remote-tracking branch 'origin/master'
Diffstat (limited to 'src/main/java/org/traccar/database/LdapProvider.java')
-rw-r--r--src/main/java/org/traccar/database/LdapProvider.java36
1 files changed, 33 insertions, 3 deletions
diff --git a/src/main/java/org/traccar/database/LdapProvider.java b/src/main/java/org/traccar/database/LdapProvider.java
index d8b5c9f52..a8220ea8e 100644
--- a/src/main/java/org/traccar/database/LdapProvider.java
+++ b/src/main/java/org/traccar/database/LdapProvider.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2017 Anton Tananaev (anton@traccar.org)
+ * Copyright 2017 - 2020 Anton Tananaev (anton@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -81,7 +81,7 @@ public class LdapProvider {
if (this.adminFilter != null) {
try {
InitialDirContext context = initContext();
- String searchString = adminFilter.replace(":login", accountName);
+ String searchString = adminFilter.replace(":login", encodeForLdap(accountName));
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration<SearchResult> results = context.search(searchBase, searchString, searchControls);
@@ -107,7 +107,7 @@ public class LdapProvider {
private SearchResult lookupUser(String accountName) throws NamingException {
InitialDirContext context = initContext();
- String searchString = searchFilter.replace(":login", accountName);
+ String searchString = searchFilter.replace(":login", encodeForLdap(accountName));
SearchControls searchControls = new SearchControls();
String[] attributeFilter = {idAttribute, nameAttribute, mailAttribute};
@@ -176,4 +176,34 @@ public class LdapProvider {
return false;
}
+ public String encodeForLdap(String input) {
+ if (input == null) {
+ return null;
+ }
+ StringBuilder sb = new StringBuilder();
+ for (int i = 0; i < input.length(); i++) {
+ char c = input.charAt(i);
+ switch (c) {
+ case '\\':
+ sb.append("\\5c");
+ break;
+ case '*':
+ sb.append("\\2a");
+ break;
+ case '(':
+ sb.append("\\28");
+ break;
+ case ')':
+ sb.append("\\29");
+ break;
+ case '\0':
+ sb.append("\\00");
+ break;
+ default:
+ sb.append(c);
+ }
+ }
+ return sb.toString();
+ }
+
}