From 1a654a3466f8b6ce5242d1d7eb8d06bdcac1f981 Mon Sep 17 00:00:00 2001
From: Ivan Gomes <ivan-gomes@users.noreply.github.com>
Date: Thu, 6 Oct 2022 22:54:49 -0400
Subject: [PATCH] fix(ldap): encode group search filter

---
 .../main/java/org/openmbee/mms/ldap/LdapSecurityConfig.java    | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ldap/src/main/java/org/openmbee/mms/ldap/LdapSecurityConfig.java b/ldap/src/main/java/org/openmbee/mms/ldap/LdapSecurityConfig.java
index 48e7c14c5..56791c6e0 100644
--- a/ldap/src/main/java/org/openmbee/mms/ldap/LdapSecurityConfig.java
+++ b/ldap/src/main/java/org/openmbee/mms/ldap/LdapSecurityConfig.java
@@ -21,6 +21,7 @@
 import org.springframework.ldap.core.support.BaseLdapPathContextSource;
 import org.springframework.ldap.core.support.LdapContextSource;
 import org.springframework.ldap.filter.*;
+import org.springframework.ldap.support.LdapEncoder;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer;
@@ -185,7 +186,7 @@ public Collection<? extends GrantedAuthority> getGrantedAuthorities(
 
                 AndFilter andFilter = new AndFilter();
                 HardcodedFilter groupsFilter = new HardcodedFilter(
-                    groupSearchFilter.replace("{0}", userDn));
+                    groupSearchFilter.replace("{0}", LdapEncoder.filterEncode(userDn)));
                 andFilter.and(groupsFilter);
                 andFilter.and(orFilter);