Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-1356: Update createUser method in LdapUserDetailsManager to create the LDAP entry before adding authorities. Prevents removal of authorities for an existing user.

This commit is contained in:
Luke Taylor 2010-01-20 18:51:29 +00:00
parent 0c10efbbf8
commit 10cd080090
1 changed files with 6 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java
View File

@ -224,30 +224,26 @@ public class LdapUserDetailsManager implements UserDetailsManager {
return roleCollector.getList(); return roleCollector.getList();
} }
// protected String getRoleFilter(DistinguishedName dn, String username) {
// return new EqualsFilter("uniquemember", dn.toString()).encode();
// }
public void createUser(UserDetails user) { public void createUser(UserDetails user) {
DirContextAdapter ctx = new DirContextAdapter(); DirContextAdapter ctx = new DirContextAdapter();
copyToContext(user, ctx); copyToContext(user, ctx);
DistinguishedName dn = usernameMapper.buildDn(user.getUsername()); DistinguishedName dn = usernameMapper.buildDn(user.getUsername());
// Check for any existing authorities which might be set for this DN
logger.debug("Creating new user '"+ user.getUsername() + "' with DN '" + dn + "'");
template.bind(dn, ctx, null);
// Check for any existing authorities which might be set for this DN and remove them
List<GrantedAuthority> authorities = getUserAuthorities(dn, user.getUsername()); List<GrantedAuthority> authorities = getUserAuthorities(dn, user.getUsername());
if(authorities.size() > 0) { if(authorities.size() > 0) {
removeAuthorities(dn, authorities); removeAuthorities(dn, authorities);
} }
logger.debug("Creating new user '"+ user.getUsername() + "' with DN '" + dn + "'");
template.bind(dn, ctx, null);
addAuthorities(dn, user.getAuthorities()); addAuthorities(dn, user.getAuthorities());
} }
public void updateUser(UserDetails user) { public void updateUser(UserDetails user) {
// Assert.notNull(attributesToRetrieve, "Configuration must specify a list of attributes in order to use update.");
DistinguishedName dn = usernameMapper.buildDn(user.getUsername()); DistinguishedName dn = usernameMapper.buildDn(user.getUsername());
logger.debug("Updating user '"+ user.getUsername() + "' with DN '" + dn + "'"); logger.debug("Updating user '"+ user.getUsername() + "' with DN '" + dn + "'");