diff --git a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/OpenLdapUserManagerImpl.java b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/OpenLdapUserManagerImpl.java index a3e82af3dcc..81d48b29cfb 100644 --- a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/OpenLdapUserManagerImpl.java +++ b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/OpenLdapUserManagerImpl.java @@ -83,7 +83,7 @@ public class OpenLdapUserManagerImpl implements LdapUserManager { usernameFilter.append("("); usernameFilter.append(_ldapConfiguration.getUsernameAttribute(domainId)); usernameFilter.append("="); - usernameFilter.append((username == null ? "*" : username)); + usernameFilter.append((username == null ? "*" : LdapUtils.escapeLDAPSearchFilter(username))); usernameFilter.append(")"); String memberOfAttribute = _ldapConfiguration.getUserMemberOfAttribute(domainId); @@ -154,7 +154,7 @@ public class OpenLdapUserManagerImpl implements LdapUserManager { groupNameFilter.append("("); groupNameFilter.append(_ldapConfiguration.getCommonNameAttribute()); groupNameFilter.append("="); - groupNameFilter.append((groupName == null ? "*" : groupName)); + groupNameFilter.append((groupName == null ? "*" : LdapUtils.escapeLDAPSearchFilter(groupName))); groupNameFilter.append(")"); final StringBuilder result = new StringBuilder(); @@ -194,7 +194,7 @@ public class OpenLdapUserManagerImpl implements LdapUserManager { usernameFilter.append("("); usernameFilter.append(_ldapConfiguration.getUsernameAttribute(domainId)); usernameFilter.append("="); - usernameFilter.append((username == null ? "*" : username)); + usernameFilter.append((username == null ? "*" : LdapUtils.escapeLDAPSearchFilter(username))); usernameFilter.append(")"); final StringBuilder memberOfFilter = new StringBuilder();