diff --git a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java index 9fb16743fbb52a67faf47f47c66b117914b921b1..698899a1fe2ef4ed3576e0c7fc2fffdefd276cc1 100755 --- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java +++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java @@ -520,7 +520,9 @@ public class LdapUserDAO extends LdapDAO { name = userID.getName(); } - Filter filter = Filter.createEqualityFilter(searchField, name); + Filter notFilter = Filter.createNOTFilter(Filter.createPresenceFilter(LDAP_NSACCOUNTLOCK)); + Filter equalsFilter = Filter.createEqualityFilter(searchField, name); + Filter filter = Filter.createANDFilter(notFilter, equalsFilter); logger.debug("getUser: search filter = " + filter); SearchRequest searchRequest = new SearchRequest(usersDN, SearchScope.ONE, filter, userAttribs); @@ -620,8 +622,10 @@ public class LdapUserDAO extends LdapDAO Filter filter = null; try { - filter = Filter.createEqualityFilter("email", emailAddress); - logger.debug("getUserByEmailAddress: search filter = " + filter); + Filter notFilter = Filter.createNOTFilter(Filter.createPresenceFilter(LDAP_NSACCOUNTLOCK)); + Filter equalsFilter = Filter.createEqualityFilter("email", emailAddress); + filter = Filter.createANDFilter(notFilter, equalsFilter); + logger.debug("search filter: " + filter); SearchRequest searchRequest = new SearchRequest(usersDN, SearchScope.ONE, filter, userAttribs); @@ -695,7 +699,11 @@ public class LdapUserDAO extends LdapDAO { name = userID.getName(); } - Filter filter = Filter.createEqualityFilter(searchField, name); + + Filter notFilter = Filter.createNOTFilter(Filter.createPresenceFilter(LDAP_NSACCOUNTLOCK)); + Filter equalsFilter = Filter.createEqualityFilter(searchField, name); + Filter filter = Filter.createANDFilter(notFilter, equalsFilter); + profiler.checkpoint("getAugmentedUser.createFilter"); logger.debug("getAugmentedUser: search filter = " + filter); @@ -811,7 +819,9 @@ public class LdapUserDAO extends LdapDAO { final Collection<User> users = new ArrayList<User>(); - Filter filter = Filter.createPresenceFilter(LDAP_UID); + Filter notFilter = Filter.createNOTFilter(Filter.createPresenceFilter(LDAP_NSACCOUNTLOCK)); + Filter presenceFilter = Filter.createPresenceFilter(LDAP_UID); + Filter filter = Filter.createANDFilter(notFilter, presenceFilter); logger.debug("search filter: " + filter); final String[] attributes = new String[]