shiro-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bdem...@apache.org
Subject shiro git commit: SHIRO-587 - Expose searchFilter as a property that can be set in the ini
Date Fri, 30 Sep 2016 16:11:33 GMT
Repository: shiro
Updated Branches:
  refs/heads/master 03927e2f8 -> 28c95ee33


SHIRO-587 - Expose searchFilter as a property that can be set in the ini


Project: http://git-wip-us.apache.org/repos/asf/shiro/repo
Commit: http://git-wip-us.apache.org/repos/asf/shiro/commit/28c95ee3
Tree: http://git-wip-us.apache.org/repos/asf/shiro/tree/28c95ee3
Diff: http://git-wip-us.apache.org/repos/asf/shiro/diff/28c95ee3

Branch: refs/heads/master
Commit: 28c95ee33531fb9b573836d92e4ebee0a30cb554
Parents: 03927e2
Author: opticyclic <opticyclic@gmail.com>
Authored: Wed Sep 28 19:03:54 2016 -0400
Committer: opticyclic <opticyclic@gmail.com>
Committed: Wed Sep 28 20:40:31 2016 -0400

----------------------------------------------------------------------
 .../shiro/realm/activedirectory/ActiveDirectoryRealm.java    | 2 --
 .../java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java  | 8 ++++++++
 2 files changed, 8 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/shiro/blob/28c95ee3/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
b/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
index 49a8e46..39fa4b6 100644
--- a/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
+++ b/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
@@ -167,8 +167,6 @@ public class ActiveDirectoryRealm extends AbstractLdapRealm {
             userPrincipalName += principalSuffix;
         }
 
-        //SHIRO-115 - prevent potential code injection:
-        String searchFilter = "(&(objectClass=*)(userPrincipalName={0}))";
         Object[] searchArguments = new Object[]{userPrincipalName};
 
         NamingEnumeration answer = ldapContext.search(searchBase, searchFilter, searchArguments,
searchCtls);

http://git-wip-us.apache.org/repos/asf/shiro/blob/28c95ee3/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java b/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
index cfd3519..25458c9 100644
--- a/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
+++ b/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
@@ -73,6 +73,9 @@ public abstract class AbstractLdapRealm extends AuthorizingRealm {
 
     protected String systemPassword = null;
 
+    //SHIRO-115 - prevent potential code injection:
+    protected String searchFilter = "(&(objectClass=*)(userPrincipalName={0}))";
+
     private LdapContextFactory ldapContextFactory = null;
 
     /*--------------------------------------------
@@ -157,6 +160,11 @@ public abstract class AbstractLdapRealm extends AuthorizingRealm {
         this.ldapContextFactory = ldapContextFactory;
     }
 
+
+    public void setSearchFilter(String searchFilter) {
+        this.searchFilter = searchFilter;
+    }
+
     /*--------------------------------------------
     |               M E T H O D S                |
     ============================================*/


Mime
View raw message