Commit d066f600 authored by Amadeu Andrade Barbosa Junior's avatar Amadeu Andrade Barbosa Junior
Browse files

[OPENBUS-2455] Validador de senha do LDAP valida entidade vazia

 - Inclui verificacao se o nome de usuario ou a senha possuem apenas caracteres
   brancos (%s), de controle (%c) ou byte zero (%z) e retorno um erro de "ldap
   invalid name or password" nesses casos. Assim impedimos bind anonimo no LDAP.


git-svn-id: https://subversion.tecgraf.puc-rio.br/engdist/openbus/core/branches/02_00_00@150038 ae0415b3-e90b-0410-900d-d0be9363c56b
parent ca384ca8
......@@ -35,6 +35,11 @@ return function(configs)
end
-- validate function to be used in runtime
return function(name, password)
local blankpatt ="^[%s%c%z]*$"
if type(name) ~= "string" or name:match(blankpatt) or
type(password) ~= "string" or password:match(blankpatt) then
return nil, msg.LdapInvalidNameOrPassword
end
local errmsg = {}
for _, url in ipairs(urls) do
for _, pattern in ipairs(patterns) do
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment