shiro-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bdem...@apache.org
Subject shiro git commit: SHIRO-587 - Expose searchFilter as a property that can be set in the ini
Date Fri, 30 Sep 2016 16:11:28 GMT
Repository: shiro
Updated Branches:
  refs/heads/1.3.x faa77dd65 -> 643d1b324


SHIRO-587 - Expose searchFilter as a property that can be set in the ini


Project: http://git-wip-us.apache.org/repos/asf/shiro/repo
Commit: http://git-wip-us.apache.org/repos/asf/shiro/commit/643d1b32
Tree: http://git-wip-us.apache.org/repos/asf/shiro/tree/643d1b32
Diff: http://git-wip-us.apache.org/repos/asf/shiro/diff/643d1b32

Branch: refs/heads/1.3.x
Commit: 643d1b3245381a64f9c44c6771f06b77ab34c24e
Parents: faa77dd
Author: opticyclic <opticyclic@gmail.com>
Authored: Wed Sep 28 19:03:54 2016 -0400
Committer: Brian Demers <bdemers@apache.org>
Committed: Fri Sep 30 12:06:24 2016 -0400

----------------------------------------------------------------------
 .../shiro/realm/activedirectory/ActiveDirectoryRealm.java    | 2 --
 .../java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java  | 8 ++++++++
 2 files changed, 8 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/shiro/blob/643d1b32/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
b/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
index 49a8e46..39fa4b6 100644
--- a/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
+++ b/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
@@ -167,8 +167,6 @@ public class ActiveDirectoryRealm extends AbstractLdapRealm {
             userPrincipalName += principalSuffix;
         }
 
-        //SHIRO-115 - prevent potential code injection:
-        String searchFilter = "(&(objectClass=*)(userPrincipalName={0}))";
         Object[] searchArguments = new Object[]{userPrincipalName};
 
         NamingEnumeration answer = ldapContext.search(searchBase, searchFilter, searchArguments,
searchCtls);

http://git-wip-us.apache.org/repos/asf/shiro/blob/643d1b32/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java b/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
index cfd3519..25458c9 100644
--- a/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
+++ b/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
@@ -73,6 +73,9 @@ public abstract class AbstractLdapRealm extends AuthorizingRealm {
 
     protected String systemPassword = null;
 
+    //SHIRO-115 - prevent potential code injection:
+    protected String searchFilter = "(&(objectClass=*)(userPrincipalName={0}))";
+
     private LdapContextFactory ldapContextFactory = null;
 
     /*--------------------------------------------
@@ -157,6 +160,11 @@ public abstract class AbstractLdapRealm extends AuthorizingRealm {
         this.ldapContextFactory = ldapContextFactory;
     }
 
+
+    public void setSearchFilter(String searchFilter) {
+        this.searchFilter = searchFilter;
+    }
+
     /*--------------------------------------------
     |               M E T H O D S                |
     ============================================*/


Mime
View raw message