diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java index 19df4839c..2131797a2 100644 --- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java +++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java @@ -295,12 +295,12 @@ public class ConfigurationService { /** * Returns the search filter that should be used when querying the * LDAP server for Guacamole connections. If no filter is specified, - * null is returned. + * the default of objectClass=guacConfigGroup is returned. * * @return * The search filter that should be used when querying the * LDAP server for connections for Guacamole, or - * null if no filter is specified. + * objectClass=guacConfigGroup if no filter is specified. * * @throws GuacamoleException * If guacamole.properties cannot be parsed. diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java index 691a6fca9..5f49a8c9c 100644 --- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java +++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java @@ -165,7 +165,7 @@ public class LDAPGuacamoleProperties { }; /** - * A search filter to apply to the user LDAP query. + * A search filter to apply to user LDAP queries. */ public static final StringGuacamoleProperty LDAP_USER_SEARCH_FILTER = new StringGuacamoleProperty() { @@ -175,7 +175,7 @@ public class LDAPGuacamoleProperties { }; /** - * A search filter to apply to the connection LDAP query. + * A search filter to apply to connection LDAP queries. */ public static final StringGuacamoleProperty LDAP_CONNECTION_SEARCH_FILTER = new StringGuacamoleProperty() { diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/user/UserService.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/user/UserService.java index f58b410c4..94763e6f5 100644 --- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/user/UserService.java +++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/user/UserService.java @@ -85,10 +85,12 @@ public class UserService { try { + // Build a filter using the configured or default user search filter + // to find all user objects in the LDAP tree StringBuilder userSearchFilter = new StringBuilder(); userSearchFilter.append("(&"); userSearchFilter.append(confService.getUserSearchFilter()); - userSearchFilter.append("(" + escapeService.escapeLDAPSearchFilter(usernameAttribute) + "=*)"); + userSearchFilter.append("(" + escapingService.escapeLDAPSearchFilter(usernameAttribute) + "=*)"); userSearchFilter.append(")"); @@ -195,7 +197,7 @@ public class UserService { List usernameAttributes = confService.getUsernameAttributes(); // Build LDAP query for users having at least one username attribute - // with the specified username as its value + // and with the configured or default search filter StringBuilder ldapQuery = new StringBuilder(); ldapQuery.append("(&"); ldapQuery.append(confService.getUserSearchFilter());