Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-28 18:39:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1084: Retain Authentication.details when authenticating in LdapAuthenticationProvider.

Browse Source
This commit is contained in:
Luke Taylor 2009-04-20 05:02:42 +00:00
parent 2ff089af62
commit 350f75f7f3
2 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java
View File

@ -234,7 +234,7 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa
messages.getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports",
"Only UsernamePasswordAuthenticationToken is supported"));
UsernamePasswordAuthenticationToken userToken = (UsernamePasswordAuthenticationToken)authentication;
final UsernamePasswordAuthenticationToken userToken = (UsernamePasswordAuthenticationToken)authentication;
String username = userToken.getName();
@ -287,7 +287,10 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa
UserDetails user) {
Object password = useAuthenticationRequestCredentials ? authentication.getCredentials() : user.getPassword();
return new UsernamePasswordAuthenticationToken(user, password, user.getAuthorities());
UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(user, password, user.getAuthorities());
result.setDetails(authentication.getDetails());
return result;
}
public boolean supports(Class<? extends Object> authentication) {

3
ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java
View File

@ -124,8 +124,11 @@ public class LdapAuthenticationProviderTests {
assertNotNull(ldapProvider.getAuthoritiesPopulator());
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken("ben", "benspassword");
Object authDetails = new Object();
authRequest.setDetails(authDetails);
Authentication authResult = ldapProvider.authenticate(authRequest);
assertEquals("benspassword", authResult.getCredentials());
assertSame(authDetails, authResult.getDetails());
UserDetails user = (UserDetails) authResult.getPrincipal();
assertEquals(2, user.getAuthorities().size());
assertEquals("{SHA}nFCebWjxfaLbHHG1Qk5UU4trbvQ=", user.getPassword());