shiro-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bdem...@apache.org
Subject [3/9] shiro git commit: SHIRO-587 - Expose searchFilter as a property that can be set in the ini
Date Fri, 21 Oct 2016 14:26:31 GMT
SHIRO-587 - Expose searchFilter as a property that can be set in the ini


Project: http://git-wip-us.apache.org/repos/asf/shiro/repo
Commit: http://git-wip-us.apache.org/repos/asf/shiro/commit/0061bc4e
Tree: http://git-wip-us.apache.org/repos/asf/shiro/tree/0061bc4e
Diff: http://git-wip-us.apache.org/repos/asf/shiro/diff/0061bc4e

Branch: refs/heads/1.4.x
Commit: 0061bc4edd78587afab6ed63d6216f245dffea85
Parents: a85e2d7
Author: opticyclic <opticyclic@gmail.com>
Authored: Wed Sep 28 19:03:54 2016 -0400
Committer: Brian Demers <bdemers@apache.org>
Committed: Wed Oct 19 14:46:30 2016 -0400

----------------------------------------------------------------------
 .../shiro/realm/activedirectory/ActiveDirectoryRealm.java    | 2 --
 .../java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java  | 8 ++++++++
 2 files changed, 8 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/shiro/blob/0061bc4e/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
b/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
index 49a8e46..39fa4b6 100644
--- a/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
+++ b/core/src/main/java/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.java
@@ -167,8 +167,6 @@ public class ActiveDirectoryRealm extends AbstractLdapRealm {
             userPrincipalName += principalSuffix;
         }
 
-        //SHIRO-115 - prevent potential code injection:
-        String searchFilter = "(&(objectClass=*)(userPrincipalName={0}))";
         Object[] searchArguments = new Object[]{userPrincipalName};
 
         NamingEnumeration answer = ldapContext.search(searchBase, searchFilter, searchArguments,
searchCtls);

http://git-wip-us.apache.org/repos/asf/shiro/blob/0061bc4e/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java b/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
index cfd3519..25458c9 100644
--- a/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
+++ b/core/src/main/java/org/apache/shiro/realm/ldap/AbstractLdapRealm.java
@@ -73,6 +73,9 @@ public abstract class AbstractLdapRealm extends AuthorizingRealm {
 
     protected String systemPassword = null;
 
+    //SHIRO-115 - prevent potential code injection:
+    protected String searchFilter = "(&(objectClass=*)(userPrincipalName={0}))";
+
     private LdapContextFactory ldapContextFactory = null;
 
     /*--------------------------------------------
@@ -157,6 +160,11 @@ public abstract class AbstractLdapRealm extends AuthorizingRealm {
         this.ldapContextFactory = ldapContextFactory;
     }
 
+
+    public void setSearchFilter(String searchFilter) {
+        this.searchFilter = searchFilter;
+    }
+
     /*--------------------------------------------
     |               M E T H O D S                |
     ============================================*/


Mime
View raw message