Results 1 to 2 of 2

Thread: Preventing LDAP Injection

  1. Nov 14th, 2006, 11:41 AM #1
    wof
    wof is offline Junior Member
    Join Date
    Sep 2006
    Posts
    2

    Default Preventing LDAP Injection

    Is there an easy way to escape strings used for Ldap operations here in Spring-LDAP?

    ref: http://www.owasp.org/index.php/Preve...ection_in_Java
    Reply With Quote Reply With Quote
  2. Nov 17th, 2006, 05:20 AM #2
    rasky
    rasky is offline Senior Member
    Join Date
    Mar 2005
    Location
    Landskrona, Sweden
    Posts
    505

    Default

    If you use the DistinguishedName and Filter classes, values will be properly encoded, which should prevent injection issues.
    Mattias Arthursson
    Jayway AB (www.jayway.se)
    Spring-LDAP project member
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules