fix #2369 add ldap.group.name.with.underscores

src/main/java/org/codelibs/fess/ldap/LdapManager.java

@@ -295,11 +295,15 @@ public class LdapManager {
         start += 3;
 
         final int end = entryDn.indexOf(',', start);
-        if (end == -1) {
-            return entryDn.substring(start);
-        } else {
-            return entryDn.substring(start, end);
+        final String value = end == -1 ? entryDn.substring(start) : entryDn.substring(start, end);
+        if (fessConfig.isLdapGroupNameWithUnderscores()) {
+            return replaceWithUnderscores(value);
         }
+        return value;
+    }
+
+    protected String replaceWithUnderscores(final String value) {
+        return value.replaceAll("[/\\\\\\[\\]:;|=,+\\*?<>]", "_");
     }
 
     protected void setAttributeValue(final List<SearchResult> result, final String name, final Consumer<Object> consumer) {

src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java

@@ -1448,6 +1448,9 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
     /** The key of the configuration. e.g. true */
     String LDAP_IGNORE_NETBIOS_NAME = "ldap.ignore.netbios.name";
 
+    /** The key of the configuration. e.g. false */
+    String LDAP_GROUP_NAME_WITH_UNDERSCORES = "ldap.group.name.with.underscores";
+
     /** The key of the configuration. e.g. true */
     String LDAP_ROLE_SEARCH_USER_ENABLED = "ldap.role.search.user.enabled";
 
@@ -6124,6 +6127,20 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
      */
     boolean isLdapIgnoreNetbiosName();
 
+    /**
+     * Get the value for the key 'ldap.group.name.with.underscores'. <br>
+     * The value is, e.g. false <br>
+     * @return The value of found property. (NotNull: if not found, exception but basically no way)
+     */
+    String getLdapGroupNameWithUnderscores();
+
+    /**
+     * Is the property for the key 'ldap.group.name.with.underscores' true? <br>
+     * The value is, e.g. false <br>
+     * @return The determination, true or false. (if not found, exception but basically no way)
+     */
+    boolean isLdapGroupNameWithUnderscores();
+
     /**
      * Get the value for the key 'ldap.role.search.user.enabled'. <br>
      * The value is, e.g. true <br>
@@ -8814,6 +8831,14 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
             return is(FessConfig.LDAP_IGNORE_NETBIOS_NAME);
         }
 
+        public String getLdapGroupNameWithUnderscores() {
+            return get(FessConfig.LDAP_GROUP_NAME_WITH_UNDERSCORES);
+        }
+
+        public boolean isLdapGroupNameWithUnderscores() {
+            return is(FessConfig.LDAP_GROUP_NAME_WITH_UNDERSCORES);
+        }
+
         public String getLdapRoleSearchUserEnabled() {
             return get(FessConfig.LDAP_ROLE_SEARCH_USER_ENABLED);
         }
@@ -9430,6 +9455,7 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
             defaultMap.put(FessConfig.LDAP_AUTH_VALIDATION, "true");
             defaultMap.put(FessConfig.LDAP_MAX_USERNAME_LENGTH, "-1");
             defaultMap.put(FessConfig.LDAP_IGNORE_NETBIOS_NAME, "true");
+            defaultMap.put(FessConfig.LDAP_GROUP_NAME_WITH_UNDERSCORES, "false");
             defaultMap.put(FessConfig.LDAP_ROLE_SEARCH_USER_ENABLED, "true");
             defaultMap.put(FessConfig.LDAP_ROLE_SEARCH_GROUP_ENABLED, "true");
             defaultMap.put(FessConfig.LDAP_ROLE_SEARCH_ROLE_ENABLED, "true");

src/main/resources/fess_config.properties

@@ -769,6 +769,7 @@ ldap.admin.sync.password=true
 ldap.auth.validation=true
 ldap.max.username.length=-1
 ldap.ignore.netbios.name=true
+ldap.group.name.with.underscores=false
 
 ldap.role.search.user.enabled=true
 ldap.role.search.group.enabled=true

src/test/java/org/codelibs/fess/ldap/LdapManagerTest.java

@@ -27,6 +27,10 @@ public class LdapManagerTest extends UnitFessTestCase {
             public boolean isLdapIgnoreNetbiosName() {
                 return true;
             }
+
+            public boolean isLdapGroupNameWithUnderscores() {
+                return false;
+            }
         });
         LdapManager ldapManager = new LdapManager();
         ldapManager.init();
@@ -45,4 +49,27 @@ public class LdapManagerTest extends UnitFessTestCase {
         assertNull(ldapManager.getSearchRoleName("aaa"));
     }
 
+    public void test_replaceWithUnderscores() {
+        LdapManager ldapManager = new LdapManager();
+        ldapManager.init();
+
+        assertEquals("_", ldapManager.replaceWithUnderscores("/"));
+        assertEquals("_", ldapManager.replaceWithUnderscores("\\"));
+        assertEquals("_", ldapManager.replaceWithUnderscores("["));
+        assertEquals("_", ldapManager.replaceWithUnderscores("]"));
+        assertEquals("_", ldapManager.replaceWithUnderscores(":"));
+        assertEquals("_", ldapManager.replaceWithUnderscores(";"));
+        assertEquals("_", ldapManager.replaceWithUnderscores("|"));
+        assertEquals("_", ldapManager.replaceWithUnderscores("="));
+        assertEquals("_", ldapManager.replaceWithUnderscores(","));
+        assertEquals("_", ldapManager.replaceWithUnderscores("+"));
+        assertEquals("_", ldapManager.replaceWithUnderscores("*"));
+        assertEquals("_", ldapManager.replaceWithUnderscores("?"));
+        assertEquals("_", ldapManager.replaceWithUnderscores("<"));
+        assertEquals("_", ldapManager.replaceWithUnderscores(">"));
+
+        assertEquals("_a_", ldapManager.replaceWithUnderscores("/a/"));
+        assertEquals("___", ldapManager.replaceWithUnderscores("///"));
+        assertEquals("a_a", ldapManager.replaceWithUnderscores("a/a"));
+    }
 }