Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] Escaping search filter?

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] Escaping search filter?

Chronological Thread 
  • From: Jeffrey Williams <>
  • To: "Pete St. Onge" <>
  • Cc: "" <>
  • Subject: Re: [grouper-users] Escaping search filter?
  • Date: Thu, 14 Nov 2019 13:03:00 -0500

Hi Pete,

There is an escapeLdapFilter(String FilterString) in: 

 So perhaps you can use ${utils.escapeLdapFilter(} in your groupCreationLdifTemplate and singleGroupSearchFilter lines and see if that works for you?


On Thu, Oct 24, 2019 at 10:27 AM Pete St. Onge <> wrote:
As we transition from an earlier version of Grouper to current (2.4.0,
pretty much all of the API patches, we may be behind some of the most
recent, > 70).

I should note at this point that we opted to use businessCategory LDAP
attribute to hold the fully-qualified group name to facilitate how PSPNG
provisions into our OpenLDAP directory.

I'm seeing this error in logs, around a set of names

2019-10-24 10:01:39,350: [DefaultQuartzScheduler_Worker-5] ERROR
Provisioner.prepareGroupCache(781) -  - Problem fetching information on
edu.internet2.middleware.grouper.pspng.PspException: Problem checking
ldap filter {}:
(searchsp))), parameters={}]

2019-10-24 10:10:52,343: [DefaultQuartzScheduler_Worker-6] ERROR
LdapObject.matchesLdapFilter(265) -  - Problem checking ldap filter in
(searchsp))), parameters={}]
LDAPException(resultCode=87 (filter error), errorMessage='Unexpected
opening parenthesis found at position 132 of the filter string.')

The line is:

changeLog.consumer.pspng_utorable.groupCreationLdifTemplate = dn:
"cn","ou")}||cn: ${grouperUtil.extensionFromName(name)}||objectclass:
top||objectclass: groupOfNames||description:
${description}||businessCategory: ${}||member:

and the search line is

changeLog.consumer.pspng_utorable.singleGroupSearchFilter =

Is there a way that the search filter could have the open and closed
paren be escaped? I looked at grouper/ but my untrained
eyes didn't find that escape function.

Thanks in advance, -- pete

Peter St. Onge                           
Information Security Architect                     (416)978-5030
Business Continuity and Communications
Information + Technology Services          University of Toronto

Jeffrey Williams 
Identity Engineer
Identity & Access Services

  • Re: [grouper-users] Escaping search filter?, Jeffrey Williams, 11/14/2019

Archive powered by MHonArc 2.6.19.

Top of Page