清理 Java 中的 LDAP 查询
Sanitizing the LDAP Queries in Java
有人可以指导我使用以下代码吗,
public String escapeDN (String name) {
//From RFC 2253 and the / character for JNDI
final char[] META_CHARS = {'+', '"', '<', '>', ';', '/'};
String escapedStr = new String(name);
//Backslash is both a Java and an LDAP escape character, so escape it first
escapedStr = escapedStr.replaceAll("\\\\","\\\\");
//Positional characters - see RFC 2253
escapedStr = escapedStr.replaceAll("\^#","\\\\#");
escapedStr = escapedStr.replaceAll("\^ | $","\\\\ ");
for (int i=0;i < META_CHARS.length;i++) {
escapedStr = escapedStr.replaceAll("\\"+META_CHARS[i],"\\\\" + META_CHARS[i]);
}
return escapedStr;
}
public String escapeSearchFilter (String filter) {
//From RFC 2254
String escapedStr = new String(filter);
escapedStr = escapedStr.replaceAll("\\\\","\\\\5c");
escapedStr = escapedStr.replaceAll("\\\*","\\\\2a");
escapedStr = escapedStr.replaceAll("\\(","\\\\28");
escapedStr = escapedStr.replaceAll("\\)","\\\\29");
escapedStr = escapedStr.replaceAll("\\"+Character.toString('\u0000'), "\\\\00");
return escapedStr;
}
在上面的代码中,我可以理解 LDAP baseDN 和 searchFilter 值在执行之前已经过清理,但我不明白为什么以及如何使用这些方法...
提前致谢!!!
以通用方式解析 DN 是一项艰巨的任务。我建议您使用特定的 LDAP API,例如 UnboundID or Apache LDAP.
如果您想了解一些复杂的内容,请查看:https://docs.ldap.com/ldap-sdk/docs/javadoc/src-html/com/unboundid/ldap/sdk/DN.html#line.280
-吉姆
有人可以指导我使用以下代码吗,
public String escapeDN (String name) {
//From RFC 2253 and the / character for JNDI
final char[] META_CHARS = {'+', '"', '<', '>', ';', '/'};
String escapedStr = new String(name);
//Backslash is both a Java and an LDAP escape character, so escape it first
escapedStr = escapedStr.replaceAll("\\\\","\\\\");
//Positional characters - see RFC 2253
escapedStr = escapedStr.replaceAll("\^#","\\\\#");
escapedStr = escapedStr.replaceAll("\^ | $","\\\\ ");
for (int i=0;i < META_CHARS.length;i++) {
escapedStr = escapedStr.replaceAll("\\"+META_CHARS[i],"\\\\" + META_CHARS[i]);
}
return escapedStr;
}
public String escapeSearchFilter (String filter) {
//From RFC 2254
String escapedStr = new String(filter);
escapedStr = escapedStr.replaceAll("\\\\","\\\\5c");
escapedStr = escapedStr.replaceAll("\\\*","\\\\2a");
escapedStr = escapedStr.replaceAll("\\(","\\\\28");
escapedStr = escapedStr.replaceAll("\\)","\\\\29");
escapedStr = escapedStr.replaceAll("\\"+Character.toString('\u0000'), "\\\\00");
return escapedStr;
}
在上面的代码中,我可以理解 LDAP baseDN 和 searchFilter 值在执行之前已经过清理,但我不明白为什么以及如何使用这些方法...
提前致谢!!!
以通用方式解析 DN 是一项艰巨的任务。我建议您使用特定的 LDAP API,例如 UnboundID or Apache LDAP.
如果您想了解一些复杂的内容,请查看:https://docs.ldap.com/ldap-sdk/docs/javadoc/src-html/com/unboundid/ldap/sdk/DN.html#line.280
-吉姆