Re: Cannot find Apache Directory Studio LDAP Browser ---- Tools

2012-05-30 Thread Pierre-Arnaud Marcelot 
Hi,

If you're running an ApacheDS launched within Apache Directory Studio in the 
ApacheDS plugin, you need to locate the Admistrator Account of the directory 
server:
uid=admin,ou=system

Then open this entry and double-click the 'userCertificate' attribute, this is 
where the certificate of the server is located.

Here you have the Certificate Editor and should be able to export the 
certificate.

Hope this helps,
Pierre-Arnaud


On 15 mai 2012, at 15:06, Murthy, Avaneesh (Avaneesh) wrote:

 Hi,
 
 
 
 I am using ApacheDirectoryStudio-win32-1.5.3.v20100330.exe on windows
 XP. I am trying to configure Apache LDAP with IBM's Websphere
 application server.
 
 
 
 I need to get the certificates from the LDAP server and add it to a
 keystore on Websphere. To be able to save the certificates, I found out
 from the help that one would have navigate to Apache Directory Studio
 LDAP Browser
 http://127.0.0.1:1711/help/topic/org.apache.directory.studio.ldapbrowse
 r.help/html/index.html   Tools
 http://127.0.0.1:1711/help/topic/org.apache.directory.studio.ldapbrowse
 r.help/html/tools.html   Value Editors
 http://127.0.0.1:1711/help/topic/org.apache.directory.studio.ldapbrowse
 r.help/html/tools_value_editors.htmlCertificate Editor.
 
 
 
 I cannot find this navigation path on the LDAP browser. Could you please
 let me know how to get to Tools under LDAP Browser  or could please
 provide me with a phone number with whom I could work with ?
 
 
 
 Thanks,
 
 Avaneesh

How to Escape LDAP Filter Query ?

2012-05-30 Thread Hendy Irawan 
Dear Apache Directory users,

How do I escape an LDAP filter query ?

e.g.

String searchTerm = ...; // from user input
String filter = ((objectclass=person)(cn=* + escapeFunction(searchTerm)
+ *));

What is this escapeFunction ?

-- 
Hendy Irawan - on Twitter http://twitter.com/hendybippo - on
LinkedInhttp://id.linkedin.com/in/hendyirawan
Web Developer | Bippo Indonesia http://www.bippo.co.id/ | Akselerator
Bisnis | Bandung

Re: How to Escape LDAP Filter Query ?

2012-05-30 Thread David Parker 

On 05/30/2012 12:55 PM, Hendy Irawan wrote:

Dear Apache Directory users,

How do I escape an LDAP filter query ?

e.g.

String searchTerm = ...; // from user input
String filter = ((objectclass=person)(cn=* + escapeFunction(searchTerm)
+ *));

What is this escapeFunction ?



Hello,

What exactly do you want to escape in searchTerm?  Are you trying to 
prevent someone from entering something like 
johndoe,o=x.com,dc=x,dc=com as the search term?  If that is the case, 
then you could sanitize the input using something like this:


if( searchTerm.contains(,) )
searchTerm = searchTerm.substring(0,searchTerm.indexOf(,));

Or you could simply sanitize the user input by checking for various 
characters ( | ! , etc.) and rejecting the input if one of these is 
found in the string.


I'm not much of a Java programmer, so there is probably a better way, 
but I hope this helps.


- Dave

--

Dave Parker
Systems Administrator
Utica College
Integrated Information Technology Services
(315) 792-3229
Registered Linux User #408177

Re: How to Escape LDAP Filter Query ?

2012-05-30 Thread Emmanuel Lécharny 

Le 5/30/12 10:08 PM, David Parker a écrit :

On 05/30/2012 12:55 PM, Hendy Irawan wrote:

Dear Apache Directory users,

How do I escape an LDAP filter query ?

e.g.

String searchTerm = ...; // from user input
String filter = ((objectclass=person)(cn=* + 
escapeFunction(searchTerm)

+ *));

What is this escapeFunction ?



Hello,

What exactly do you want to escape in searchTerm?  Are you trying to 
prevent someone from entering something like 
johndoe,o=x.com,dc=x,dc=com as the search term?  If that is the 
case, then you could sanitize the input using something like this:


if( searchTerm.contains(,) )
searchTerm = searchTerm.substring(0,searchTerm.indexOf(,));

Or you could simply sanitize the user input by checking for various 
characters ( | ! , etc.) and rejecting the input if one of these is 
found in the string.


I'm not much of a Java programmer, so there is probably a better way, 
but I hope this helps.


- Dave

I guess expect something like a Filter.escape( String ) method that 
creates a filter with escaped chars.


So if you call Filter.escape( (myAttr=I'm a \u002a) ), it will return 
the escaped string (myAttr=I'm a \\2A)


Filter special chars in values are :
'*' translates to \2A
'(' translates to \28
')' translates to \29
'\' translates to \5C
0x00 translates to \00

Note that you still have to provide a String that distinguishes those 5 
characters, so at some point, it's probably enough to do the escaping by 
hand. The method I described would just be a bit superfluous...


Also note that no other character needs to be escaped but those 5 ones. 
There is no risk that a , | or ! can be confused with an operator in a 
value.


--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com