LdapUserProvider searchFilter bug (too many parenthesis)!

I’ve encountered a bug in LdapUserProvider.

My configuration is:

  •     Openfire 3.6.0a
  •     OpenLdap 2.4.11
  •     searchFilter is set to **(&(objectClass=csiSIPuser)(csiSIPdisabled=FALSE))**

With this configuration, I’m able to login and chat with Spark and other XMPP clients correctly, but I’m not able to search for other users using integrated search plugin.

I’ve discovered a bug in LdapUserProvider class in the findUsers method.

The user search filter, which is built from the configured ‘searchFilter’, contains a double parenthesis that leads to an incorrect Ldap query syntax.

For example, with my configuration, the resulting user search filter is:


where (&((&(uid={0})… should be (&(&(uid={0})… instead.

Note that this Ldap query runs smooth with Fedora Directory Server, but doesn’t run on OpenLdap.

I attach a simple patch for this bug.