Github user necouchman commented on a diff in the pull request:
https://github.com/apache/guacamole-client/pull/345#discussion_r241933797
--- Diff:
extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ObjectQueryService.java
---
@@ -188,46 +183,50 @@ public String generateQuery(String filter,
* information required to execute the query cannot be read from
* guacamole.properties.
*/
- public List<LDAPEntry> search(LDAPConnection ldapConnection,
- String baseDN, String query) throws GuacamoleException {
+ public List<Entry> search(LdapConnection ldapConnection,
+ Dn baseDN, ExprNode query) throws GuacamoleException {
logger.debug("Searching \"{}\" for objects matching \"{}\".",
baseDN, query);
try {
+ LdapConnectionConfig ldapConnectionConfig =
+ ((LdapNetworkConnection) ldapConnection).getConfig();
+
// Search within subtree of given base DN
- LDAPSearchResults results = ldapConnection.search(baseDN,
- LDAPConnection.SCOPE_SUB, query, null, false,
- confService.getLDAPSearchConstraints());
+ SearchRequest request = ldapService.getSearchRequest(baseDN,
+ query);
+
+ SearchCursor results = ldapConnection.search(request);
// Produce list of all entries in the search result,
automatically
// following referrals if configured to do so
- List<LDAPEntry> entries = new ArrayList<>(results.getCount());
- while (results.hasMore()) {
+ List<Entry> entries = new ArrayList<>();
+ while (results.next()) {
- try {
- entries.add(results.next());
+ Response response = results.get();
+ if (response instanceof SearchResultEntry) {
+ entries.add(((SearchResultEntry) response).getEntry());
}
-
- // Warn if referrals cannot be followed
- catch (LDAPReferralException e) {
- if (confService.getFollowReferrals()) {
- logger.error("Could not follow referral: {}",
e.getFailedReferral());
- logger.debug("Error encountered trying to follow
referral.", e);
- throw new GuacamoleServerException("Could not
follow LDAP referral.", e);
- }
- else {
- logger.warn("Given a referral, but referrals are
disabled. Error was: {}", e.getMessage());
- logger.debug("Got a referral, but configured to
not follow them.", e);
+ else if (response instanceof SearchResultReference &&
+ request.isFollowReferrals()) {
+
+ Referral referral = ((SearchResultReference)
response).getReferral();
+ int referralHop = 0;
+ for (String url : referral.getLdapUrls()) {
+ LdapConnection referralConnection =
ldapService.referralConnection(
+ new LdapUrl(url), ldapConnectionConfig,
referralHop++);
+ entries.addAll(search(referralConnection, baseDN,
query));
--- End diff --
Took a stab at this, as well - not entirely sure this is the best/cleanest
way, but let me know what you think. As usual, I'm open to suggestions for how
to approach it.
---
