Gitblit devel
parent: beb02147 | patch | commit | ignore whitespace
James Moger
2014-03-31 e5c982fa61f9f1b289d7454bdb92ee3167ee784d 
Merge pull request #164 from jaa127/ldap-bind-escape

Ldap bind escape
2 files modified
15 ■■■■■ changed files
src/main/java/com/gitblit/auth/LdapAuthProvider.java 2 ●●● patch | view | raw | blame | history
src/test/java/com/gitblit/tests/LdapAuthenticationTest.java 13 ●●●●● patch | view | raw | blame | history 
 src/main/java/com/gitblit/auth/LdapAuthProvider.java


@@ -299,7 +299,7 @@


                String bindPattern = settings.getString(Keys.realm.ldap.bindpattern, "");


                if (!StringUtils.isEmpty(bindPattern)) {


                    try {


                        String bindUser = StringUtils.replace(bindPattern, "${username}", simpleUsername);


                        String bindUser = StringUtils.replace(bindPattern, "${username}", escapeLDAPSearchFilter(simpleUsername));


                        ldapConnection.bind(bindUser, new String(password));


                        


                        alreadyAuthenticated = true;




 src/test/java/com/gitblit/tests/LdapAuthenticationTest.java


@@ -258,6 +258,19 @@


        assertNull(userThreeModel.getTeam("git_admins"));


        assertTrue(userThreeModel.canAdmin);


    }


	


    @Test


    public void testBindWithUser() {


        settings.put(Keys.realm.ldap.bindpattern, "CN=${username},OU=US,OU=Users,OU=UserControl,OU=MyOrganization,DC=MyDomain");


        settings.put(Keys.realm.ldap.username, "");


        settings.put(Keys.realm.ldap.password, "");




        UserModel userOneModel = auth.authenticate("UserOne", "userOnePassword".toCharArray());


        assertNotNull(userOneModel);


		


        UserModel userOneModelFailedAuth = auth.authenticate("UserOne", "userTwoPassword".toCharArray());


        assertNull(userOneModelFailedAuth);


    }




    private int countLdapUsersInUserManager() {


        int ldapAccountCount = 0;