honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Do not add domain to the bind user when it is a DN 

This change fixes the creation of the bind DN string for active directory realms so that they do
not add the `@domain` suffix to the bind DN, when it is a actual DN value.

Original commit: elastic/x-pack-elasticsearch@bd04c07e16
This commit is contained in:
jaymode 2017-07-13 12:15:08 -06:00
parent f4b9dff71a
commit 20c06578f6
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
plugin/src/main/java/org/elasticsearch/xpack/security/authc/ldap/ActiveDirectorySessionFactory.java
View File

@ -190,7 +190,7 @@ class ActiveDirectorySessionFactory extends PoolingSessionFactory {
static String getBindDN(Settings settings) { static String getBindDN(Settings settings) {
String bindDN = BIND_DN.get(settings); String bindDN = BIND_DN.get(settings);
if (bindDN.isEmpty() == false && bindDN.indexOf('\\') < 0 && bindDN.indexOf('@') < 0) { if (bindDN.isEmpty() == false && bindDN.indexOf('\\') < 0 && bindDN.indexOf('@') < 0 && bindDN.indexOf('=') < 0) {
bindDN = bindDN + "@" + settings.get(AD_DOMAIN_NAME_SETTING); bindDN = bindDN + "@" + settings.get(AD_DOMAIN_NAME_SETTING);
} }
return bindDN; return bindDN;