LDAP-97: Escaping of weird characters in DistinguishedNames is inconsistent #137
Milestone
Comments
|
Mattias Hellborg Arthursson said: It’s kind of unclear, but the DistinguishedName RFC seems to allow this, so our parser should probably do so as well. |
|
Mattias Hellborg Arthursson said: On closer examination of the relevant RFCs it turned out that the LDAP v2 DN RFC explicitly forbids ‘\r’, whereas the LDAP v3 DN RFC allows it. We should be as compliant as possible so we’re now allowing ‘\r’. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I can create a DistinguishedName that contains a \r, I can bind and unbind with the given DN, but I cannot do a LdapTemplate.search() with a ParametrizedContextMapper where the search matches the entry with the weird dn even if the contextmapper doesn’t even touch the DirContextAdapter. Not that I really want to put carriage returns in my DNs, but I guess this might be considered as a bug anyway.:)
Sample code that generates a org.springframework.ldap.BadLdapGrammarException:
```
EqualsFilter filter = new EqualsFilter(“sn”, “lisadotter”); List foo = ldapTemplate.search("", filter.encode(), new ParameterizedContextMapper(){ public String mapFromContext(Object arg0) { return “foo”; } }); } finally { ldapTemplate.unbind(dn); }DirContextAdapter ctx=new DirContextAdapter();
ctx.addAttributeValue(“objectclass”, “person”);
ctx.addAttributeValue(“sn”, “lisadotter”);
DistinguishedName dn=new DistinguishedName();
dn.add(“cn”,“lisa \r lisadotter”);
try{
ldapTemplate.bind(dn, ctx, null);
```
Exception in thread “main” org.springframework.ldap.UncategorizedLdapException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: problem generating object using object factory [Root exception is org.springframework.ldap.BadLdapGrammarException: Failed to parse DN; nested exception is org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column 9. Encountered: “\r” (13), after : ""]; remaining name ‘’
Caused by: javax.naming.NamingException: problem generating object using object factory [Root exception is org.springframework.ldap.BadLdapGrammarException: Failed to parse DN; nested exception is org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column 9. Encountered: “\r” (13), after : ""]; remaining name ’’
at com.sun.jndi.ldap.LdapSearchEnumeration.createItem(LdapSearchEnumeration.java:111)
at com.sun.jndi.ldap.LdapNamingEnumeration.nextAux(LdapNamingEnumeration.java:256)
at com.sun.jndi.ldap.LdapNamingEnumeration.nextImpl(LdapNamingEnumeration.java:236)
at com.sun.jndi.ldap.LdapNamingEnumeration.next(LdapNamingEnumeration.java:184)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:275)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:234)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:583)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:497)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:447)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:468)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:486)
at se.kth.infosys.ldapperformance.TestBug.main(TestBug.java:39)
Caused by: org.springframework.ldap.BadLdapGrammarException: Failed to parse DN; nested exception is org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column 9. Encountered: “\r” (13), after : ""
at org.springframework.ldap.core.DistinguishedName.parse(DistinguishedName.java:145)
at org.springframework.ldap.core.DistinguishedName.(DistinguishedName.java:100)
at org.springframework.ldap.core.DirContextAdapter.(DirContextAdapter.java:139)
at org.springframework.ldap.core.support.DefaultDirObjectFactory.getObjectInstance(DefaultDirObjectFactory.java:61)
at javax.naming.spi.DirectoryManager.createObjectFromFactories(DirectoryManager.java:218)
at javax.naming.spi.DirectoryManager.getObjectInstance(DirectoryManager.java:197)
at com.sun.jndi.ldap.LdapSearchEnumeration.createItem(LdapSearchEnumeration.java:105)
… 11 more
Caused by: org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column 9. Encountered: “\r” (13), after : ""
at org.springframework.ldap.core.DnParserImplTokenManager.getNextToken(DnParserImplTokenManager.java:690)
at org.springframework.ldap.core.DnParserImpl.jj_ntk(DnParserImpl.java:249)
at org.springframework.ldap.core.DnParserImpl.attributeTypeAndValue(DnParserImpl.java:98)
at org.springframework.ldap.core.DnParserImpl.rdn(DnParserImpl.java:58)
at org.springframework.ldap.core.DnParserImpl.dn(DnParserImpl.java:23)
at org.springframework.ldap.core.DistinguishedName.parse(DistinguishedName.java:139)
… 17 more
(I guess it is related to that a “new DistinguishedName(”cn=foo \r bar")" will throw the same exception, but in that case I think it is pretty fair even if I would prefer a different behavior, since the constructor documentation says that the string should be a correct rdn.)
The text was updated successfully, but these errors were encountered: