LPS-67271 SF rename

modules/apps/portal-security/portal-security-ldap-api/build.gradle

@@ -4,6 +4,7 @@ targetCompatibility = "1.8"
 dependencies {
 	compileOnly group: "biz.aQute.bnd", name: "biz.aQute.bndlib", version: "3.1.0"
 	compileOnly group: "com.liferay.portal", name: "com.liferay.portal.kernel", version: "default"
+	compileOnly group: "commons-lang", name: "commons-lang", version: "2.6"
 	compileOnly group: "org.osgi", name: "org.osgi.service.cm", version: "1.5.0"
 	compileOnly project(":apps:portal-security:portal-security-export-import-api")
 	compileOnly project(":apps:static:portal-configuration:portal-configuration-metatype-api")

modules/apps/portal-security/portal-security-ldap-api/src/main/java/com/liferay/portal/security/ldap/util/LDAPUtil.java

@@ -17,6 +17,7 @@
 import com.liferay.petra.string.CharPool;
 import com.liferay.petra.string.StringPool;
 import com.liferay.portal.kernel.util.DateFormatFactoryUtil;
+import com.liferay.portal.kernel.util.StringUtil;
 import com.liferay.portal.kernel.util.Validator;
 
 import java.text.DateFormat;
@@ -28,6 +29,8 @@
 import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
 
+import org.apache.commons.lang.StringEscapeUtils;
+
 /**
  * @author Toma Bedolla
  * @author Michael Young
@@ -37,6 +40,22 @@
  */
 public class LDAPUtil {
 
+	public static String escapeCharacters(String attribute) {
+		if (attribute.contains(StringPool.BACK_SLASH)) {
+			String escapedSingleBackSlash = StringPool.DOUBLE_BACK_SLASH.concat(
+				StringPool.BACK_SLASH);
+
+			attribute = attribute.replace(
+				StringPool.BACK_SLASH, escapedSingleBackSlash);
+		}
+		else {
+			attribute = StringEscapeUtils.escapeJava(attribute);
+		}
+
+		return StringUtil.replace(
+			attribute, _INVALID_CHARS, _INVALID_CHARS_SUBS);
+	}
+
 	public static Object getAttributeObject(
 			Attributes attributes, Properties properties, String key)
 		throws NamingException {
@@ -213,4 +232,18 @@ else if (date.indexOf(CharPool.PERIOD) != -1) {
 		return dateFormat.parse(date);
 	}
 
+	private static final String[] _INVALID_CHARS = {
+		StringPool.GREATER_THAN, StringPool.LESS_THAN, StringPool.PLUS,
+		StringPool.POUND, StringPool.QUOTE, StringPool.SEMICOLON
+	};
+
+	private static final String[] _INVALID_CHARS_SUBS = {
+		StringPool.DOUBLE_BACK_SLASH.concat(StringPool.GREATER_THAN),
+		StringPool.DOUBLE_BACK_SLASH.concat(StringPool.LESS_THAN),
+		StringPool.DOUBLE_BACK_SLASH.concat(StringPool.PLUS),
+		StringPool.DOUBLE_BACK_SLASH.concat(StringPool.POUND),
+		StringPool.DOUBLE_BACK_SLASH.concat(StringPool.QUOTE),
+		StringPool.DOUBLE_BACK_SLASH.concat(StringPool.SEMICOLON)
+	};
+
 }

modules/apps/portal-security/portal-security-ldap-api/src/main/resources/com/liferay/portal/security/ldap/util/packageinfo

@@ -1 +1 @@
-version 1.0.0
+version 1.1.0

modules/apps/portal-security/portal-security-ldap-impl/src/main/java/com/liferay/portal/security/ldap/internal/DefaultPortalLDAP.java

@@ -36,6 +36,7 @@
 import com.liferay.portal.security.ldap.configuration.ConfigurationProvider;
 import com.liferay.portal.security.ldap.configuration.LDAPServerConfiguration;
 import com.liferay.portal.security.ldap.configuration.SystemLDAPConfiguration;
+import com.liferay.portal.security.ldap.util.LDAPUtil;
 import com.liferay.portal.security.ldap.validator.LDAPFilterValidator;
 
 import java.util.ArrayList;
@@ -538,7 +539,8 @@ public Binding getUser(
 				_ldapServerConfigurationProvider.getConfiguration(
 					companyId, ldapServerId);
 
-			String baseDN = ldapServerConfiguration.baseDN();
+			String baseDN = LDAPUtil.escapeCharacters(
+				ldapServerConfiguration.baseDN());
 
 			String userSearchFilter =
 				ldapServerConfiguration.userSearchFilter();
@@ -911,6 +913,8 @@ public byte[] searchLDAP(
 			List<SearchResult> searchResults)
 		throws Exception {
 
+		baseDN = LDAPUtil.escapeCharacters(baseDN);
+
 		SearchControls searchControls = new SearchControls(
 			SearchControls.SUBTREE_SCOPE, maxResults, 0, attributeIds, false,
 			false);

modules/apps/portal-security/portal-security-ldap-impl/src/main/java/com/liferay/portal/security/ldap/internal/authenticator/LDAPAuth.java

@@ -43,6 +43,7 @@
 import com.liferay.portal.security.ldap.constants.LDAPConstants;
 import com.liferay.portal.security.ldap.exportimport.LDAPUserImporter;
 import com.liferay.portal.security.ldap.exportimport.configuration.LDAPImportConfiguration;
+import com.liferay.portal.security.ldap.util.LDAPUtil;
 
 import java.util.HashMap;
 import java.util.Hashtable;
@@ -299,7 +300,8 @@ protected int authenticate(
 				_ldapServerConfigurationProvider.getConfiguration(
 					companyId, ldapServerId);
 
-			String baseDN = ldapServerConfiguration.baseDN();
+			String baseDN = LDAPUtil.escapeCharacters(
+				ldapServerConfiguration.baseDN());
 
 			//  Process LDAP auth search filter
 

modules/apps/portal-security/portal-security-ldap-impl/src/main/java/com/liferay/portal/security/ldap/internal/exportimport/LDAPUserImporterImpl.java

@@ -171,7 +171,8 @@ public User importUser(
 				_ldapServerConfigurationProvider.getConfiguration(
 					companyId, ldapServerId);
 
-			String baseDN = ldapServerConfiguration.baseDN();
+			String baseDN = LDAPUtil.escapeCharacters(
+				ldapServerConfiguration.baseDN());
 
 			ldapContext = _portalLDAP.getContext(ldapServerId, companyId);