jbertram commented on a change in pull request #2516: ARTEMIS-2192 fix listener
for LegacyLDAPSecuritySettingPlugin
URL: https://github.com/apache/activemq-artemis/pull/2516#discussion_r250717165
##########
File path:
artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/LegacyLDAPSecuritySettingPlugin.java
##########
@@ -333,14 +333,14 @@ private void processSearchResult(Map<String, Set<Role>>
securityRoles,
String destination = null;
String destinationType = "unknown";
List<Rdn> rdns = searchResultLdapName.getRdns();
- if (rdns.size() != 3) {
+ if (rdns.size() < 3) {
if (logger.isDebugEnabled()) {
logger.debug("\tSkipping unexpected search result with " +
rdns.size() + " RDNs.");
}
return;
}
// we can count on the RNDs being in order from right to left
- Rdn rdn = rdns.get(0);
+ Rdn rdn = rdns.get(rdns.size() - 3);
Review comment:
The problem with the hard-coded rdns is that the plugin won't work for
anybody who doesn't use the same values. I don't see duplicates as being a
problem with this code. It simply takes the first three rdns and interprets
them as permission-type, destination-name, & destination-type. It doesn't care
about the rdns past that.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
