| CODENOTIFIER | HelpYou are not signed inSign in |
Project: Acegi
Revision: 3271
Author: luke_t
Date: 05 Sep 2008 09:49:38
Changes:OPEN - issue SEC-960: DN Encoding in LDAPUserDetailsManager.changePassword() causes bind errors
http://jira.springframework.org/browse/SEC-960. Replaced call to toUrl() with toString() to prevent URL encoding when setting up principal name for reconnect() in changePassword() method.
| ...... | @@ -184,7 +184,7 @@ | |
| 184 | 184 | public Object executeWithContext(DirContext dirCtx) throws NamingException { |
| 185 | 185 | LdapContext ctx = (LdapContext) dirCtx; |
| 186 | 186 | ctx.removeFromEnvironment("com.sun.jndi.ldap.connect.pool"); |
| 187 | ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, LdapUtils.getFullDn(dn, ctx).toUrl()); | |
| 187 | ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, LdapUtils.getFullDn(dn, ctx).toString()); | |
| 188 | 188 | ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, oldPassword); |
| 189 | 189 | // TODO: reconnect doesn't appear to actually change the credentials |
| 190 | 190 | try { |
| ...... | @@ -46,8 +46,8 @@ | |
| 46 | 46 | DirContextAdapter ctx = new DirContextAdapter(); |
| 47 | 47 | |
| 48 | 48 | ctx.setAttributeValue("objectclass", "organizationalUnit"); |
| 49 | ctx.setAttributeValue("ou", "testpeople"); | |
| 50 | template.bind("ou=testpeople", ctx, null); | |
| 49 | ctx.setAttributeValue("ou", "test people"); | |
| 50 | template.bind("ou=test people", ctx, null); | |
| 51 | 51 | |
| 52 | 52 | ctx.setAttributeValue("ou", "testgroups"); |
| 53 | 53 | template.bind("ou=testgroups", ctx, null); |
| ...... | @@ -56,13 +56,13 @@ | |
| 56 | 56 | |
| 57 | 57 | group.setAttributeValue("objectclass", "groupOfNames"); |
| 58 | 58 | group.setAttributeValue("cn", "clowns"); |
| 59 | group.setAttributeValue("member", "cn=nobody,ou=testpeople,dc=springframework,dc=org"); | |
| 59 | group.setAttributeValue("member", "cn=nobody,ou=test people,dc=springframework,dc=org"); | |
| 60 | 60 | template.bind("cn=clowns,ou=testgroups", group, null); |
| 61 | 61 | |
| 62 | 62 | group.setAttributeValue("cn", "acrobats"); |
| 63 | 63 | template.bind("cn=acrobats,ou=testgroups", group, null); |
| 64 | 64 | |
| 65 | mgr.setUsernameMapper(new DefaultLdapUsernameToDnMapper("ou=testpeople","uid")); | |
| 65 | mgr.setUsernameMapper(new DefaultLdapUsernameToDnMapper("ou=test people","uid")); | |
| 66 | 66 | mgr.setGroupSearchBase("ou=testgroups"); |
| 67 | 67 | mgr.setGroupRoleAttributeName("cn"); |
| 68 | 68 | mgr.setGroupMemberAttributeName("member"); |
| ...... | @@ -79,7 +79,7 @@ | |
| 79 | 79 | // template.unbind((String) people.next() + ",ou=testpeople"); |
| 80 | 80 | // } |
| 81 | 81 | |
| 82 | template.unbind("ou=testpeople",true); | |
| 82 | template.unbind("ou=test people",true); | |
| 83 | 83 | template.unbind("ou=testgroups",true); |
| 84 | 84 | |
| 85 | 85 | SecurityContextHolder.clearContext(); |
| ...... | @@ -116,7 +116,7 @@ | |
| 116 | 116 | @Test |
| 117 | 117 | public void testCreateNewUserSucceeds() { |
| 118 | 118 | InetOrgPerson.Essence p = new InetOrgPerson.Essence(); |
| 119 | p.setCarLicense("XXX"); | |
| 119 | p.setCarLicense("XXX"); | |
| 120 | 120 | p.setCn(new String[] {"Joe Smeth"}); |
| 121 | 121 | p.setDepartmentNumber("5679"); |
| 122 | 122 | p.setDescription("Some description"); |
| ...... | @@ -130,7 +130,7 @@ | |
| 130 | 130 | p.setRoomNumber("500X"); |
| 131 | 131 | p.setSn("Smeth"); |
| 132 | 132 | p.setUid("joe"); |
| 133 | ||
| 133 | ||
| 134 | 134 | p.setAuthorities(TEST_AUTHORITIES); |
| 135 | 135 | |
| 136 | 136 | mgr.createUser(p.createUserDetails()); |
| ...... | @@ -182,7 +182,7 @@ | |
| 182 | 182 | |
| 183 | 183 | mgr.changePassword("yossarianspassword", "yossariansnewpassword"); |
| 184 | 184 | |
| 185 | assertTrue(template.compare("uid=johnyossarian,ou=testpeople", | |
| 185 | assertTrue(template.compare("uid=johnyossarian,ou=test people", | |
| 186 | 186 | "userPassword", "yossariansnewpassword")); |
| 187 | 187 | } |
| 188 | 188 |