Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-25 13:32:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1848: LDAP encode name when using user DN patterns in AbstractLdapAuthenticator.

Browse Source
This commit is contained in:
Luke Taylor 2011-11-01 13:28:56 +00:00
parent 8fd2963e6b
commit 8e1d407e3e
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ldap/src/integration-test/java/org/springframework/security/ldap/authentication/BindAuthenticatorTests.java
View File

@ -55,10 +55,11 @@ public class BindAuthenticatorTests extends AbstractLdapIntegrationTests {
@Test
public void testAuthenticationWithCorrectPasswordSucceeds() {
authenticator.setUserDnPatterns(new String[] {"uid={0},ou=people"});
authenticator.setUserDnPatterns(new String[] {"uid={0},ou=people", "cn={0},ou=people"});
DirContextOperations user = authenticator.authenticate(bob);
assertEquals("bob", user.getStringAttribute("uid"));
authenticator.authenticate(new UsernamePasswordAuthenticationToken("mouse, jerry", "jerryspassword"));
}
@Test

3
ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java
View File

@ -15,6 +15,7 @@
package org.springframework.security.ldap.authentication;
import org.springframework.ldap.core.LdapEncoder;
import org.springframework.security.core.SpringSecurityMessageSource;
import org.springframework.security.ldap.search.LdapUserSearch;
import org.springframework.beans.factory.InitializingBean;
@ -91,7 +92,7 @@ public abstract class AbstractLdapAuthenticator implements LdapAuthenticator, In
}
List<String> userDns = new ArrayList<String>(userDnFormat.length);
String[] args = new String[] {username};
String[] args = new String[] {LdapEncoder.nameEncode(username)};
synchronized (userDnFormat) {
for (MessageFormat formatter : userDnFormat) {