--- a/src/pyams_ldap/plugin.py Fri Nov 16 15:19:21 2018 +0100
+++ b/src/pyams_ldap/plugin.py Fri Jan 18 13:42:21 2019 +0100
@@ -13,25 +13,27 @@
__docformat__ = 'restructuredtext'
import logging
-logger = logging.getLogger('PyAMS (ldap)')
-
-import ldap3
import re
-from pyams_ldap.interfaces import ILDAPPlugin, ILDAPUserInfo, ILDAPGroupInfo
-from pyams_mail.interfaces import IPrincipalMailInfo
-from zope.intid.interfaces import IIntIds
-
+import ldap3
from beaker.cache import cache_region
+from ldap3.utils.conv import escape_filter_chars
from persistent import Persistent
-from pyams_ldap.query import LDAPQuery
-from pyams_security.principal import PrincipalInfo
-from pyams_utils.adapter import adapter_config, ContextAdapter
-from pyams_utils.registry import query_utility
from zope.container.contained import Contained
from zope.interface import implementer
+from zope.intid.interfaces import IIntIds
from zope.schema.fieldproperty import FieldProperty
+from pyams_ldap.interfaces import ILDAPGroupInfo, ILDAPPlugin, ILDAPUserInfo
+from pyams_ldap.query import LDAPQuery
+from pyams_mail.interfaces import IPrincipalMailInfo
+from pyams_security.principal import PrincipalInfo
+from pyams_utils.adapter import ContextAdapter, adapter_config
+from pyams_utils.registry import query_utility
+
+
+logger = logging.getLogger('PyAMS (ldap)')
+
managers = {}
@@ -269,7 +271,7 @@
conn = self.get_connection()
search = LDAPQuery(self.base_dn, self.login_query, self.search_scope, (self.login_attribute,
self.uid_attribute))
- result = search.execute(conn, login=login, password=password)
+ result = search.execute(conn, login=escape_filter_chars(login))
if not result or len(result) > 1:
return None
result = result[0]