SEC-1670: SpringSecurityLdapTemplate should use a CompositeName to remove JNDI escaping from SearchResult.getName() #1909

spring-issuemaster opened this Issue Feb 3, 2011 · 0 comments

1 participant


Luke Taylor (Migrated from SEC-1670) said:

SearchResult.getName() returns a CompositeName syntax, so JNDI special characters will be escaped, which we don't want in a pure-LDAP name. The result should be wrapped in a CompositeName() before passing to the constructor for DistinguishedName. The latter knows how to deal with CompositeNames.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.RC1 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment