auth-provider: Fix LDAP login filter

Using a substring filter is certainly wrong here. We need an exact match.
cs3org · Apr 13, 2022 · 9fb4ccd · 9fb4ccd
1 parent 120c059
commit 9fb4ccd
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/pkg/auth/manager/ldap/ldap.go b/pkg/auth/manager/ldap/ldap.go
@@ -203,7 +203,7 @@ func (am *mgr) Authenticate(ctx context.Context, clientID, clientSecret string)
 func (am *mgr) getLoginFilter(login string) string {
 	var filter string
 	for _, attr := range am.c.LoginAttributes {
-		filter = fmt.Sprintf("%s(%s=%s*)", filter, attr, ldap.EscapeFilter(login))
+		filter = fmt.Sprintf("%s(%s=%s)", filter, attr, ldap.EscapeFilter(login))
 	}
 
 	return fmt.Sprintf("(&%s(objectclass=%s)(|%s))",