Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure proper escaping for LDAP #20510

Closed
hmlnarik opened this issue May 23, 2023 · 2 comments · Fixed by #20518
Closed

Ensure proper escaping for LDAP #20510

hmlnarik opened this issue May 23, 2023 · 2 comments · Fixed by #20518
Assignees
@ahus1
Labels
area/storage Indicates an issue that touches storage (change in data layout or data manipulation) kind/bug Categorizes a PR related to a bug
Milestone
22.0.0

Comments

@hmlnarik
Copy link
Contributor

From #20396
[...] I used the command line to do some interactive testing using

./kcadm.sh get users -q "search=Wilson"

The results are ok.

Examples:

  • Wil*son -> finds entries with wildcard in LDAP, but not in JPA, as JPA only replaces asterisks at the beginning and the end, and * is a natural wildcard in LDAP.
  • Wil%son -> finds entries with wildcard in JPA, but not LDAP, as % is a natural wildcard in JPA
  • Wil)son -> returns a 400 error as the LDAP doesn't properly escape braces in this search mode

Possible changes in that follow-up PR:

  • Define which wildcards would be supported in the frontend (possibly only *?)
  • For JPA, replace all * with %, and escape all other wildcards like _
  • For LDAP, keep all *, and escape all other characters

Originally posted by @ahus1 in #20396 (review)
@hmlnarik hmlnarik added kind/bug Categorizes a PR related to a bug area/storage Indicates an issue that touches storage (change in data layout or data manipulation) team/store labels May 23, 2023
@ahus1 ahus1 self-assigned this May 23, 2023
@ahus1 ahus1 added this to the 22.0.0 milestone May 23, 2023
ahus1 added a commit to ahus1/keycloak that referenced this issue May 23, 2023
@ahus1
Add escaping for fields with wildcard search
17101cd 
Closes keycloak#20510
ahus1 added a commit to ahus1/keycloak that referenced this issue May 23, 2023
@ahus1
Add escaping for fields with wildcard search
76678cc 
Closes keycloak#20510
@ahus1 ahus1 mentioned this issue May 23, 2023
Merged
@ahus1
Copy link
Contributor

ahus1 commented May 23, 2023

There is now a PR #20518 which adds the escaping for LDAP when the wildcard search is used.

ahus1 added a commit to ahus1/keycloak that referenced this issue May 25, 2023
@ahus1
Add escaping for fields with wildcard search
58bbf7b 
Closes keycloak#20510
@ahus1 ahus1 mentioned this issue May 26, 2023
Closed
2 tasks
@ahus1
Copy link
Contributor

ahus1 commented May 26, 2023

JPA will be handled in #20610

hmlnarik pushed a commit that referenced this issue May 31, 2023
@ahus1 @hmlnarik
Add escaping for fields with wildcard search
512e30b 
Closes #20510
jonkoops pushed a commit to jonkoops/keycloak that referenced this issue Feb 27, 2024
@ahus1 @pskopek
Add escaping for fields with wildcard search
9f0de9e 
Closes keycloak#20510
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ahus1 ahus1

Labels
area/storage Indicates an issue that touches storage (change in data layout or data manipulation) kind/bug Categorizes a PR related to a bug
Projects
Storage
Status: Done
Milestone
22.0.0
Development

Successfully merging a pull request may close this issue.

Add escaping for fields with wildcard search ahus1/keycloak
2 participants
@ahus1 @hmlnarik