diff --git a/core/src/main/java/org/acegisecurity/providers/ldap/DefaultInitialDirContextFactory.java b/core/src/main/java/org/acegisecurity/providers/ldap/DefaultInitialDirContextFactory.java
index 4fb2e01e6b..2798fe27cc 100644
--- a/core/src/main/java/org/acegisecurity/providers/ldap/DefaultInitialDirContextFactory.java
+++ b/core/src/main/java/org/acegisecurity/providers/ldap/DefaultInitialDirContextFactory.java
@@ -129,7 +129,7 @@ public class DefaultInitialDirContextFactory implements InitialDirContextFactory
Assert.hasLength(url, "An LDAP connection URL must be supplied.");
- if(url.startsWith("ldap:")) {
+ if (url.startsWith("ldap:")) {
URI uri = LdapUtils.parseLdapUrl(url);
@@ -140,7 +140,7 @@ public class DefaultInitialDirContextFactory implements InitialDirContextFactory
rootDn = url;
}
- if(rootDn.startsWith("/")) {
+ if (rootDn.startsWith("/")) {
rootDn = rootDn.substring(1);
}
@@ -171,7 +171,7 @@ public class DefaultInitialDirContextFactory implements InitialDirContextFactory
Hashtable env = getEnvironment();
// Don't pool connections for individual users
- if(!username.equals(managerDn)) {
+ if (!username.equals(managerDn)) {
env.remove(CONNECTION_POOL_KEY);
}
@@ -205,10 +205,10 @@ public class DefaultInitialDirContextFactory implements InitialDirContextFactory
private InitialDirContext connect(Hashtable env) {
- if(logger.isDebugEnabled()) {
+ if (logger.isDebugEnabled()) {
Hashtable envClone = (Hashtable)env.clone();
- if(envClone.containsKey(Context.SECURITY_CREDENTIALS)) {
+ if (envClone.containsKey(Context.SECURITY_CREDENTIALS)) {
envClone.put(Context.SECURITY_CREDENTIALS, "******");
}
diff --git a/core/src/main/java/org/acegisecurity/providers/ldap/LdapAuthenticationProvider.java b/core/src/main/java/org/acegisecurity/providers/ldap/LdapAuthenticationProvider.java
index c869b45d0f..d483cf513e 100644
--- a/core/src/main/java/org/acegisecurity/providers/ldap/LdapAuthenticationProvider.java
+++ b/core/src/main/java/org/acegisecurity/providers/ldap/LdapAuthenticationProvider.java
@@ -138,7 +138,7 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio
}
protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
- if(logger.isDebugEnabled()) {
+ if (logger.isDebugEnabled()) {
logger.debug("Retrieving user " + username);
}
diff --git a/core/src/main/java/org/acegisecurity/providers/ldap/LdapUtils.java b/core/src/main/java/org/acegisecurity/providers/ldap/LdapUtils.java
index e3eddb8b07..14bbf3c3df 100644
--- a/core/src/main/java/org/acegisecurity/providers/ldap/LdapUtils.java
+++ b/core/src/main/java/org/acegisecurity/providers/ldap/LdapUtils.java
@@ -96,11 +96,11 @@ public class LdapUtils {
public static String getRelativeName(String fullDn, Context baseCtx) throws NamingException {
String baseDn = baseCtx.getNameInNamespace();
- if(baseDn.length() == 0) {
+ if (baseDn.length() == 0) {
return fullDn;
}
- if(baseDn.equals(fullDn)) {
+ if (baseDn.equals(fullDn)) {
return "";
}
diff --git a/core/src/main/java/org/acegisecurity/providers/ldap/authenticator/BindAuthenticator.java b/core/src/main/java/org/acegisecurity/providers/ldap/authenticator/BindAuthenticator.java
index 848ffff0e4..3cacaf1015 100644
--- a/core/src/main/java/org/acegisecurity/providers/ldap/authenticator/BindAuthenticator.java
+++ b/core/src/main/java/org/acegisecurity/providers/ldap/authenticator/BindAuthenticator.java
@@ -60,7 +60,7 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator {
// Otherwise use the configured locator to find the user
// and authenticate with the returned DN.
- if(user == null && getUserSearch() != null) {
+ if (user == null && getUserSearch() != null) {
LdapUserInfo userFromSearch = getUserSearch().searchForUser(username);
user = authenticateWithDn(userFromSearch.getDn(), password);
}
@@ -80,7 +80,7 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator {
LdapUserInfo user = null;
Attributes attributes = null;
- if(logger.isDebugEnabled()) {
+ if (logger.isDebugEnabled()) {
logger.debug("Attempting to bind with DN = " + userDn);
}
@@ -98,7 +98,7 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator {
} catch(BadCredentialsException e) {
// This will be thrown if an invalid user name is used and the method may
// be called multiple times to try different names, so we trap the exception.
- if(logger.isDebugEnabled()) {
+ if (logger.isDebugEnabled()) {
logger.debug("Failed to bind as " + userDn + ": " + e.getCause());
}
} finally {
diff --git a/core/src/main/java/org/acegisecurity/providers/ldap/authenticator/PasswordComparisonAuthenticator.java b/core/src/main/java/org/acegisecurity/providers/ldap/authenticator/PasswordComparisonAuthenticator.java
index cf64299f05..664c494855 100644
--- a/core/src/main/java/org/acegisecurity/providers/ldap/authenticator/PasswordComparisonAuthenticator.java
+++ b/core/src/main/java/org/acegisecurity/providers/ldap/authenticator/PasswordComparisonAuthenticator.java
@@ -91,11 +91,11 @@ public final class PasswordComparisonAuthenticator extends AbstractLdapAuthentic
ctx.getAttributes(relativeName, getUserAttributes()));
}
- if(user == null && getUserSearch() != null) {
+ if (user == null && getUserSearch() != null) {
user = getUserSearch().searchForUser(username);
}
- if(user == null) {
+ if (user == null) {
throw new UsernameNotFoundException(username);
}
@@ -104,19 +104,19 @@ public final class PasswordComparisonAuthenticator extends AbstractLdapAuthentic
if(passwordAttribute != null) {
Object retrievedPassword = passwordAttribute.get();
- if(!(retrievedPassword instanceof String)) {
+ if (!(retrievedPassword instanceof String)) {
// Assume it's binary
retrievedPassword = new String((byte[])retrievedPassword);
}
- if(!verifyPassword(password, (String)retrievedPassword)) {
+ if (!verifyPassword(password, (String)retrievedPassword)) {
throw new BadCredentialsException(messages.getMessage(
"PasswordComparisonAuthenticator.badCredentials",
"Bad credentials"));
}
} else {
- if(logger.isDebugEnabled()) {
+ if (logger.isDebugEnabled()) {
logger.debug("Password attribute " + passwordAttributeName
+ " wasn't retrieved for user " + username);
}
@@ -136,7 +136,7 @@ public final class PasswordComparisonAuthenticator extends AbstractLdapAuthentic
* Allows the use of both simple and hashed passwords in the directory.
*/
private boolean verifyPassword(String password, String ldapPassword) {
- if(ldapPassword.equals(password)) {
+ if (ldapPassword.equals(password)) {
return true;
}
@@ -148,7 +148,7 @@ public final class PasswordComparisonAuthenticator extends AbstractLdapAuthentic
}
private void doPasswordCompare(DirContext ctx, String name, String password) throws NamingException {
- if(logger.isDebugEnabled()) {
+ if (logger.isDebugEnabled()) {
logger.debug("Performing LDAP compare of password for " + name);
}
diff --git a/core/src/main/java/org/acegisecurity/providers/ldap/package.html b/core/src/main/java/org/acegisecurity/providers/ldap/package.html
new file mode 100644
index 0000000000..494eb4b36f
--- /dev/null
+++ b/core/src/main/java/org/acegisecurity/providers/ldap/package.html
@@ -0,0 +1,15 @@
+
+
+
+The LDAP authentication provider package. Interfaces are provided for
+both authentication and retrieval of user roles from an LDAP server.
+
+
+The main provider class is LdapAuthenticationProvider.
+This is configured with an LdapAuthenticator instance and
+an LdapAuthoritiesPopulator. The latter is used to obtain the
+list of roles for the user.
+
+
+
+
diff --git a/core/src/main/java/org/acegisecurity/providers/ldap/populator/DefaultLdapAuthoritiesPopulator.java b/core/src/main/java/org/acegisecurity/providers/ldap/populator/DefaultLdapAuthoritiesPopulator.java
index da69097736..2faf81b271 100644
--- a/core/src/main/java/org/acegisecurity/providers/ldap/populator/DefaultLdapAuthoritiesPopulator.java
+++ b/core/src/main/java/org/acegisecurity/providers/ldap/populator/DefaultLdapAuthoritiesPopulator.java
@@ -211,7 +211,7 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
return null;
}
- if(logger.isDebugEnabled()) {
+ if (logger.isDebugEnabled()) {
logger.debug("Searching for roles for user '"
+ userDn + "', with filter "+ groupSearchFilter
+ " in search base '" + groupSearchBase + "'");
@@ -246,7 +246,7 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
LdapUtils.closeContext(ctx);
}
- if(logger.isDebugEnabled()) {
+ if (logger.isDebugEnabled()) {
logger.debug("Roles from search: " + userRoles);
}
@@ -254,7 +254,7 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
}
private void addAttributeValuesToRoleSet(Attribute roleAttribute, Set roles) {
- if(roleAttribute == null) {
+ if (roleAttribute == null) {
return;
}
diff --git a/core/src/main/java/org/acegisecurity/providers/ldap/populator/package.html b/core/src/main/java/org/acegisecurity/providers/ldap/populator/package.html
new file mode 100644
index 0000000000..2571b3e762
--- /dev/null
+++ b/core/src/main/java/org/acegisecurity/providers/ldap/populator/package.html
@@ -0,0 +1,5 @@
+
+
+LdapAuthoritiesPopulator implementations.
+
+
diff --git a/core/src/main/java/org/acegisecurity/providers/ldap/search/package.html b/core/src/main/java/org/acegisecurity/providers/ldap/search/package.html
new file mode 100644
index 0000000000..67544641b9
--- /dev/null
+++ b/core/src/main/java/org/acegisecurity/providers/ldap/search/package.html
@@ -0,0 +1,6 @@
+
+
+LdapUserSearch implementations. These may be used by the
+authenticator to locate the user in the directory.
+
+