From 336c9dfb6dc31a84844802d92ee7ac23e408aff6 Mon Sep 17 00:00:00 2001
From: Brian Major <brian.major@nrc-cnrc.gc.ca>
Date: Thu, 19 Feb 2015 10:53:16 -0800
Subject: [PATCH] s1736 - Order DN in 'java' format on user search

---
 .../nrc/cadc/ac/server/ldap/LdapUserDAO.java   | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
index 63e12252..469ffd7b 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
@@ -406,9 +406,21 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
                     "Unsupported principal type " + user.getUserID()
                             .getClass());
         }
-
-        searchField = "(" + searchField + "=" + user.getUserID().getName()
-                      + ")";
+        
+        // change the DN to be in the 'java' format
+        if (user.getUserID() instanceof X500Principal)
+        {
+            X500Principal orderedPrincipal = AuthenticationUtil.getOrderedForm(
+                (X500Principal) user.getUserID());
+            searchField = "(" + searchField + "=" + orderedPrincipal.toString() + ")";
+        }
+        else
+        {
+            searchField = "(" + searchField + "=" + user.getUserID().getName()
+                    + ")";
+        }
+        
+        logger.debug("Search field is: " + searchField);
 
         SearchResultEntry searchResult = null;
         try
-- 
GitLab