LDAP: Escape username in case we are using userbased bind.

Jani Averbach

2014-03-30 c30c2b332cf498efef9a01609ff4aa5bd7f8cc14

LDAP: Escape username in case we are using userbased bind.

 src/main/java/com/gitblit/auth/LdapAuthProvider.java

@@ -299,7 +299,7 @@
                String bindPattern = settings.getString(Keys.realm.ldap.bindpattern, "");
                if (!StringUtils.isEmpty(bindPattern)) {
                    try {
                        String bindUser = StringUtils.replace(bindPattern, "${username}", simpleUsername);
                        String bindUser = StringUtils.replace(bindPattern, "${username}", escapeLDAPSearchFilter(simpleUsername));
                        ldapConnection.bind(bindUser, new String(password));
                        
                        alreadyAuthenticated = true;