JDK-7041125 : LDAP API does not catch malformed filters that contain two operands for the ! operator
- Type: Bug
- Component: core-libs
- Sub-Component: javax.naming
- Affected Version: 6u24
- Priority: P3
- Status: Closed
- Resolution: Fixed
- OS: generic
- CPU: generic
- Submitted: 2011-05-02
- Updated: 2013-09-12
- Resolved: 2012-06-13
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 6 | JDK 7 | JDK 8 |
|---|---|---|
| 6u26-rev b25Fixed | 7u2Fixed  |
8Fixed |
Description
The following filter validates OK with 6u24 but an OpenLDAP library throws error. The filter in question is: (&(objectclass=user)(!(objectclass=Computer))(!(UserAccountControl:1.2.840.113556.1.4.803:=2)(telephonenumber=+*))) The issue is due to the misplacement of a parenthesis the second"!" is given two operands. The filter should be rewriiten as: (&(objectclass=user)(!(objectclass=Computer))(!(UserAccountControl:1.2.840.113556.1.4.803:=2))(telephonenumber=+*)) The open LDAP library Openldap-2_4_19 throws the following error message: 13:33:20.526 |LDAP Search complete. Code: -7|*^*^* 13:33:20.526 |Failed to find user in directory: LDAP code: -7|*^*^* 13:33:20.526 |LDAP failure getting user entry: Bad search filter|*^*^
Comments
|