Skip to content
Permalink
Browse files
[JENKINS-8152] Encode rootDN in provider URL.
  • Loading branch information
Andres Rodriguez committed Jun 15, 2016
1 parent 5156fed commit 5065f52e78fe61a32bf525d8b3f69b27f3276242
Showing with 43 additions and 6 deletions.
  1. +27 −6 src/main/java/hudson/security/LDAPSecurityRealm.java
  2. +16 −0 src/test/java/hudson/security/LDAPSecurityRealm_Test.java
@@ -51,7 +51,9 @@
import java.io.Serializable;
import java.net.InetAddress;
import java.net.Socket;
import java.net.URISyntaxException;
import java.net.UnknownHostException;
import java.net.URI;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
@@ -622,20 +624,39 @@ private String inferRootDN(String server) {
}
}

private static String toProviderUrl(String serverUrl, String rootDN) {
/* package for testing */ static String toProviderUrl(String serverUrl, String rootDN) {
StringBuilder buf = new StringBuilder();
boolean first = true;
for (String s: serverUrl.split("\\s+")) {
if (s.trim().length() == 0) continue;
if (first) first = false; else buf.append(' ');
s = addPrefix(s);
buf.append(s);
if (!s.endsWith("/")) buf.append('/');
buf.append(fixNull(rootDN));
s = getProviderUrl(s, rootDN);
if (s != null) {
if (first) first = false; else buf.append(' ');
buf.append(s);
}
}
return buf.toString();
}

private static String getProviderUrl(String server, String rootDN) {
server = addPrefix(server);
if (!server.endsWith("/")) {
server = server + '/';
}
if (rootDN != null) {
rootDN = rootDN.trim();
if (!rootDN.isEmpty()) {
try {
server = server + new URI(null, null, rootDN, null).toASCIIString();
} catch(URISyntaxException e) {
LOGGER.log(Level.WARNING, "Unable to build URL with rootDN: " + server, e);
return null;
}
}
}
return server;
}

public String getManagerPassword() {
return Secret.toString(managerPasswordSecret);
}
@@ -32,7 +32,9 @@
import jenkins.security.plugins.ldap.FromGroupSearchLDAPGroupMembershipStrategy;
import org.junit.Rule;
import org.junit.Test;
import org.jvnet.hudson.test.Issue;
import org.jvnet.hudson.test.JenkinsRule;
import org.jvnet.hudson.test.WithoutJenkins;
import org.jvnet.hudson.test.recipes.LocalData;

public class LDAPSecurityRealm_Test { // different name so as not to clash with LDAPSecurityRealmTest.groovy
@@ -68,4 +70,18 @@ private void check() {
assertEquals("mAAN", sr.getMailAddressAttributeName());
}

@Issue("JENKINS-8152")
@WithoutJenkins
@Test public void providerUrl() throws Exception {
assertEquals("ldap://example.com/", LDAPSecurityRealm.toProviderUrl("example.com", null));
assertEquals("ldap://example.com/", LDAPSecurityRealm.toProviderUrl("example.com", ""));
assertEquals("ldap://example.com/", LDAPSecurityRealm.toProviderUrl("example.com", " "));
assertEquals("ldap://example.com/ ldap://example.net/", LDAPSecurityRealm.toProviderUrl("example.com ldap://example.net", null));
assertEquals("ldap://example.com/o=O,c=C", LDAPSecurityRealm.toProviderUrl("example.com", "o=O,c=C"));
assertEquals("ldap://example.com/o=O,c=C", LDAPSecurityRealm.toProviderUrl("example.com", " o=O,c=C"));
assertEquals("ldap://example.com/o=O,c=C ldap://example.net/o=O,c=C", LDAPSecurityRealm.toProviderUrl("ldap://example.com example.net", "o=O,c=C"));
assertEquals("ldap://example.com/o=O%20O,c=C", LDAPSecurityRealm.toProviderUrl("example.com", "o=O O,c=C"));
assertEquals("ldap://example.com/o=O%20O,c=C ldap://example.net/o=O%20O,c=C", LDAPSecurityRealm.toProviderUrl("example.com example.net", "o=O O,c=C "));
}

}

0 comments on commit 5065f52

Please sign in to comment.