From f0b6206ddeacaa986a0bc24e8b972eb1eaffad12 Mon Sep 17 00:00:00 2001
From: Ludovic Poitou <ludovic.poitou@forgerock.com>
Date: Thu, 26 Nov 2015 11:49:42 +0000
Subject: [PATCH] OPENDJ-1908: Apply best practices and optimize search filters.

---
 opendj-rest2ldap-servlet/src/main/webapp/WEB-INF/classes/opendj-rest2ldap-config.json |    2 +-
 opendj-server-legacy/resource/config/http-config.json                                 |   10 +++++-----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/opendj-rest2ldap-servlet/src/main/webapp/WEB-INF/classes/opendj-rest2ldap-config.json b/opendj-rest2ldap-servlet/src/main/webapp/WEB-INF/classes/opendj-rest2ldap-config.json
index 0381038..5e5d744 100644
--- a/opendj-rest2ldap-servlet/src/main/webapp/WEB-INF/classes/opendj-rest2ldap-config.json
+++ b/opendj-rest2ldap-servlet/src/main/webapp/WEB-INF/classes/opendj-rest2ldap-config.json
@@ -128,7 +128,7 @@
         // client-provided username, using LDAP filter string character escaping.
         "searchBaseDN"         : "ou=people,dc=example,dc=com",
         "searchScope"          : "sub", // Or "one".
-        "searchFilterTemplate" : "(&(objectClass=inetOrgPerson)(uid=%s))"
+        "searchFilterTemplate" : "(&(uid=%s)(objectClass=inetOrgPerson))"
 
         // TODO: support for HTTP sessions?
     },
diff --git a/opendj-server-legacy/resource/config/http-config.json b/opendj-server-legacy/resource/config/http-config.json
index 0879018..5c6daa4 100644
--- a/opendj-server-legacy/resource/config/http-config.json
+++ b/opendj-server-legacy/resource/config/http-config.json
@@ -9,21 +9,21 @@
     "authenticationFilter" : {
         // Indicates whether the filter should allow HTTP BASIC authentication.
         "supportHTTPBasicAuthentication" : true,
-        
+
         // Indicates whether the filter should allow alternative authentication
         // and, if so, which HTTP headers it should obtain the username and
         // password from.
-        "supportAltAuthentication"        : true, 
+        "supportAltAuthentication"        : true,
         "altAuthenticationUsernameHeader" : "X-OpenIDM-Username",
         "altAuthenticationPasswordHeader" : "X-OpenIDM-Password",
-        
+
         // The search parameters to use for "search-simple" authentication. The
         // %s filter format parameters will be substituted with the
         // client-provided username, using LDAP filter string character escaping.
         "searchBaseDN"         : "ou=people,dc=example,dc=com",
         "searchScope"          : "sub", // Or "one".
-        "searchFilterTemplate" : "(&(objectClass=inetOrgPerson)(uid=%s))"
-        
+        "searchFilterTemplate" : "(&(uid=%s)(objectClass=inetOrgPerson))"
+
         // TODO: support for HTTP sessions?
     },
 

--
Gitblit v1.10.0