Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-1670: SpringSecurityLdapTemplate should use a CompositeName to remove JNDI escaping from SearchResult.getName() #1909

spring-issuemaster opened this Issue Feb 3, 2011 · 0 comments


None yet
1 participant

Luke Taylor (Migrated from SEC-1670) said:

SearchResult.getName() returns a CompositeName syntax, so JNDI special characters will be escaped, which we don't want in a pure-LDAP name. The result should be wrapped in a CompositeName() before passing to the constructor for DistinguishedName. The latter knows how to deal with CompositeNames.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.RC1 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment