Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-26 05:42:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

OPEN - issue SEC-960: DN Encoding in LDAPUserDetailsManager.changePassword() causes bind errors

Browse Source 
http://jira.springframework.org/browse/SEC-960. Replaced call to toUrl() with toString() to prevent URL encoding when setting up principal name for reconnect() in changePassword() method.
This commit is contained in:
Luke Taylor 2008-09-05 13:49:38 +00:00
parent c45b4e0989
commit 8661e17df9
2 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/src/main/java/org/springframework/security/userdetails/ldap/LdapUserDetailsManager.java
View File

@ -184,7 +184,7 @@ public class LdapUserDetailsManager implements UserDetailsManager {
public Object executeWithContext(DirContext dirCtx) throws NamingException {
LdapContext ctx = (LdapContext) dirCtx;
ctx.removeFromEnvironment("com.sun.jndi.ldap.connect.pool");
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, LdapUtils.getFullDn(dn, ctx).toUrl());
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, LdapUtils.getFullDn(dn, ctx).toString());
ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, oldPassword);
// TODO: reconnect doesn't appear to actually change the credentials
try {