通过“ ObjectGUID”进行Spring LDAP搜索
[英]Spring LDAP search by “ObjectGUID”
问题描述
I am trying to query my ldapTemplate with "objectGUID" as - 
我正在尝试使用“ objectGUID”查询我的ldapTemplate-
String myGuid = "\\00\\B2\\15\\6C\\7D\\1B\\4B\\C8\\BF\\87\\C5\\36\\86\\A8\\B0\\16";
List<Object> attributes = ldapTemplate.search("", new EqualsFilter("objectGUID", myGuid).encode(), new MyGUIDMapper());
I do have a my base environment setting mapped as - 我的基本环境设置确实映射为-
<beans:entry key="java.naming.ldap.attributes.binary" value="objectGUID objectSid"/>
This is able to fetch objectGUID as byte[] . 这样就可以将objectGUID提取为byte[] 。 But while querying the ldapTemplate I am not getting any result back. 但是在查询ldapTemplate时,我没有得到任何结果。
Is this correct implementation of querying by objectGUID ? 这是objectGUID查询的正确实现吗?
1 个解决方案
解决方案1
0 2018-03-19 12:17:55
The problem is that EqualsFilter (or any other subclass of the CompareFilter ) only expects plain-text fields and encodes them to avoid LDAP code injection. 的问题是, EqualsFilter (或任何其它亚类CompareFilter )仅预计纯文本字段和对它们进行编码,以避免LDAP代码注入。
To avoid this encoding, you can use a HardcodedFilter instead. 为了避免这种编码,您可以改用HardcodedFilter 。 If needed, you could validate the value before searching to avoid any injections, if you didn't actually encode the plain-text GUID yourself. 如果需要,您可以在搜索之前先验证该值,以避免任何注入,如果您自己实际上并未对纯文本GUID进行编码。
This also works if you want to use the objectSID field. 如果要使用objectSID字段,这也可以使用。
ldapTemplate.search("", new HardcodedFilter("(objectGUID=" + myGuid + ")").encode(), new MyGUIDMapper());
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.