Apache
/
activemq-artemis
mirror of https://github.com/apache/activemq-artemis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ARTEMIS-3542 Avoid requesting LDAP root attribute 

Check getAttributes with dn of user entry to avoid missing permissions
This commit is contained in:
Marlon Müller 2021-10-27 14:11:07 +02:00 committed by Justin Bertram
parent c502e94ade
commit 47e947ad7b
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/security/jaas/LDAPLoginModule.java
View File

@ -579,7 +579,12 @@ public class LDAPLoginModule implements AuditLoginModule {
context.addToEnvironment(Context.SECURITY_PRINCIPAL, dn);
context.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
try {
context.getAttributes("", null);
String baseDn = getLDAPPropertyValue(ConfigKey.CONNECTION_URL).replaceFirst(".*/", ",");
String userDn = dn.replace(baseDn, "");
if (logger.isDebugEnabled()) {
logger.debug("Get user Attributes with dn " + userDn);
}
context.getAttributes(userDn, null);
isValid = true;
if (logger.isDebugEnabled()) {
logger.debug("User " + dn + " successfully bound.");