From 68beb68c2b1a168e5007dc6494dd481e1cf54c27 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 25 Nov 2025 19:52:10 +0000
Subject: [PATCH 1/3] Initial plan


From 40e4fe79ea6dd06718740674962374ecd49f4339 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 25 Nov 2025 20:14:06 +0000
Subject: [PATCH 2/3] Remove hardcoded LDAP password from LDAPManager

Co-authored-by: felickz <1760475+felickz@users.noreply.github.com>
---
 .../org/owasp/benchmark/helpers/LDAPManager.java   | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/main/java/org/owasp/benchmark/helpers/LDAPManager.java b/src/main/java/org/owasp/benchmark/helpers/LDAPManager.java
index 66ac4b711c..bbef754794 100644
--- a/src/main/java/org/owasp/benchmark/helpers/LDAPManager.java
+++ b/src/main/java/org/owasp/benchmark/helpers/LDAPManager.java
@@ -59,7 +59,19 @@ protected Hashtable<Object, Object> createEnv() {
         env.put(Context.PROVIDER_URL, "ldap://localhost:10389");
         env.put(Context.SECURITY_AUTHENTICATION, "simple");
         env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
-        env.put(Context.SECURITY_CREDENTIALS, "secret");
+
+        // Load password from environment variable or system property
+        String ldapPassword = System.getenv("LDAP_ADMIN_PASSWORD");
+        if (ldapPassword == null || ldapPassword.trim().isEmpty()) {
+            ldapPassword = System.getProperty("ldap.admin.password");
+            if (ldapPassword == null || ldapPassword.trim().isEmpty()) {
+                System.err.println(
+                        "WARNING: Using default LDAP password. Set LDAP_ADMIN_PASSWORD environment variable or ldap.admin.password system property for secure configuration.");
+                ldapPassword = "secret";
+            }
+        }
+
+        env.put(Context.SECURITY_CREDENTIALS, ldapPassword);
         env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
         return env;
     }

From a9e901bdff9ad8d7e70575740643159643871586 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 25 Nov 2025 20:16:13 +0000
Subject: [PATCH 3/3] Fix code review issues: properly trim password values

Co-authored-by: felickz <1760475+felickz@users.noreply.github.com>
---
 .../java/org/owasp/benchmark/helpers/LDAPManager.java  | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/owasp/benchmark/helpers/LDAPManager.java b/src/main/java/org/owasp/benchmark/helpers/LDAPManager.java
index bbef754794..12cf38921e 100644
--- a/src/main/java/org/owasp/benchmark/helpers/LDAPManager.java
+++ b/src/main/java/org/owasp/benchmark/helpers/LDAPManager.java
@@ -62,9 +62,15 @@ protected Hashtable<Object, Object> createEnv() {
 
         // Load password from environment variable or system property
         String ldapPassword = System.getenv("LDAP_ADMIN_PASSWORD");
-        if (ldapPassword == null || ldapPassword.trim().isEmpty()) {
+        if (ldapPassword != null) {
+            ldapPassword = ldapPassword.trim();
+        }
+        if (ldapPassword == null || ldapPassword.isEmpty()) {
             ldapPassword = System.getProperty("ldap.admin.password");
-            if (ldapPassword == null || ldapPassword.trim().isEmpty()) {
+            if (ldapPassword != null) {
+                ldapPassword = ldapPassword.trim();
+            }
+            if (ldapPassword == null || ldapPassword.isEmpty()) {
                 System.err.println(
                         "WARNING: Using default LDAP password. Set LDAP_ADMIN_PASSWORD environment variable or ldap.admin.password system property for secure configuration.");
                 ldapPassword = "secret";