jbertram commented on a change in pull request #2516: ARTEMIS-2192 fix listener for LegacyLDAPSecuritySettingPlugin URL: https://github.com/apache/activemq-artemis/pull/2516#discussion_r250717165
########## File path: artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/LegacyLDAPSecuritySettingPlugin.java ########## @@ -333,14 +333,14 @@ private void processSearchResult(Map<String, Set<Role>> securityRoles, String destination = null; String destinationType = "unknown"; List<Rdn> rdns = searchResultLdapName.getRdns(); - if (rdns.size() != 3) { + if (rdns.size() < 3) { if (logger.isDebugEnabled()) { logger.debug("\tSkipping unexpected search result with " + rdns.size() + " RDNs."); } return; } // we can count on the RNDs being in order from right to left - Rdn rdn = rdns.get(0); + Rdn rdn = rdns.get(rdns.size() - 3); Review comment: The problem with the hard-coded rdns is that the plugin won't work for anybody who doesn't use the same values. I don't see duplicates as being a problem with this code. It simply takes the first three rdns and interprets them as permission-type, destination-name, & destination-type. It doesn't care about the rdns past that. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services