diff --git a/jbpm-human-task/jbpm-human-task-core/src/main/java/org/jbpm/services/task/identity/LDAPUserGroupCallbackImpl.java b/jbpm-human-task/jbpm-human-task-core/src/main/java/org/jbpm/services/task/identity/LDAPUserGroupCallbackImpl.java index 440ef12010..fc839494f2 100644 --- a/jbpm-human-task/jbpm-human-task-core/src/main/java/org/jbpm/services/task/identity/LDAPUserGroupCallbackImpl.java +++ b/jbpm-human-task/jbpm-human-task-core/src/main/java/org/jbpm/services/task/identity/LDAPUserGroupCallbackImpl.java @@ -43,6 +43,7 @@ *
  • ldap.user.id.dn (optional, is user id a DN, instructs the callback to query for user DN before searching for roles, default false)
  • *
  • ldap.search.scope (optional, if not given 'ONELEVEL_SCOPE' will be used) possible values are: OBJECT_SCOPE, ONELEVEL_SCOPE, SUBTREE_SCOPE
  • *
  • ldap.name.escape (optional, instructs to escape - illegal character in user/group name before the query - currently escapes only comma) by default is set to true
  • + *
  • ldap.entity.ignore.case (optional, perform case insensitive comparison for exitsEntity) by default is set to false to ensure backward compatibility
  • *
  • java.naming.factory.initial
  • *
  • java.naming.security.authentication
  • *
  • java.naming.security.protocol
  • @@ -66,6 +67,7 @@ public class LDAPUserGroupCallbackImpl extends AbstractLDAPUserGroupInfo impleme public static final String IS_USER_ID_DN = "ldap.user.id.dn"; public static final String SEARCH_SCOPE = "ldap.search.scope"; public static final String LDAP_NAME_ESCAPE = "ldap.name.escape"; + public static final String LDAP_ENTIY_IGNORE_CASE = "ldap.entity.ignore.case"; private static final String[] REQUIRED_PROPERTIES = {USER_CTX, ROLE_CTX, USER_FILTER, ROLE_FILTER, USER_ROLES_FILTER}; @@ -109,7 +111,8 @@ public boolean existsGroup(String groupId) { private boolean existsEntity(String entityId, String context, String filter, String attributeId) { entityId = escapeIllegalChars(entityId); String ldapEntityId = ldapSearcher.search(context, filter, entityId).getSingleAttributeResult(attributeId); - return entityId.equals(ldapEntityId); + return isIgnoreCase() ? entityId.equalsIgnoreCase(ldapEntityId) : entityId.equals(ldapEntityId) ; + } @Override @@ -139,6 +142,10 @@ private boolean isUserIdDn() { private boolean escapeOn() { return Boolean.parseBoolean(getConfigProperty(LDAP_NAME_ESCAPE, "true")); } + + private boolean isIgnoreCase() { + return Boolean.parseBoolean(getConfigProperty(LDAP_ENTIY_IGNORE_CASE, "false")); + } protected String escapeIllegalChars(String entityId) { if (!escapeOn()) {