[
https://issues.apache.org/jira/browse/DIRSHARED-143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13490082#comment-13490082
]
Stefan Seelmann commented on DIRSHARED-143:
-------------------------------------------
Another option to create such a filter with escaped special characters is to
use the classes from org.apache.directory.shared.ldap.model.filter package, for
example:
{code}
AndNode andNode = new AndNode();
andNode.addNode( new EqualityNode<String>( "uid", new StringValue( "(*)" ) ) );
andNode.addNode( new SubstringNode( "cn", "H*n", null ) );
System.out.println(andNode.toString());
// =>(&(uid=\28\2A\29)(cn=H\2An*))
{code}
I see that it is not always intuitive to use those classes, I think they are
not intended to be used by API users.
> Provide helper method to escape characters to be used in LDAP Filter literal
> ----------------------------------------------------------------------------
>
> Key: DIRSHARED-143
> URL: https://issues.apache.org/jira/browse/DIRSHARED-143
> Project: Directory Shared
> Issue Type: Improvement
> Affects Versions: 1.0.0-M13
> Reporter: Hendy Irawan
> Attachments: DIRSHARED-143.patch
>
>
> In order to prevent malicious injection, user-provided input must be escaped
> (the 5 restricted characters) before being put in LDAP filter.
> Provide a helper static method to make it convenient and available as public
> API.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
