Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-28 23:02:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Make sure the username and password are set on the final UserDetails object returned by the provider.

Browse Source
This commit is contained in:
Luke Taylor 2006-05-21 03:03:50 +00:00
parent e1eac8f0ca
commit 53b6735c3e
2 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
core/src/main/java/org/acegisecurity/providers/ldap/LdapAuthenticationProvider.java
View File

@ -153,7 +153,7 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio
LdapUserDetails ldapUser = authenticator.authenticate(username, password); LdapUserDetails ldapUser = authenticator.authenticate(username, password);
return createUserDetails(ldapUser); return createUserDetails(ldapUser, username, password);
} }
/** /**
@ -166,16 +166,20 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio
* <p> * <p>
* Can be overridden to customize the creation of the final UserDetails instance. The * Can be overridden to customize the creation of the final UserDetails instance. The
* default will merge any additional authorities retrieved from the populator with the * default will merge any additional authorities retrieved from the populator with the
* original <tt>ldapUser</tt> object. * propertis of original <tt>ldapUser</tt> object and set the values of the username and password.
* </p> * </p>
* *
* @param ldapUser The intermediate LdapUserDetails instance returned from the authenticator. * @param ldapUser The intermediate LdapUserDetails instance returned by the authenticator.
* @param username the username submitted to the provider
* @param password the password submitted to the provider
* *
* @return The UserDetails for the successfully authenticated user. * @return The UserDetails for the successfully authenticated user.
*/ */
protected UserDetails createUserDetails(LdapUserDetails ldapUser) { protected UserDetails createUserDetails(LdapUserDetails ldapUser, String username, String password) {
LdapUserDetailsImpl.Essence user = new LdapUserDetailsImpl.Essence(ldapUser); LdapUserDetailsImpl.Essence user = new LdapUserDetailsImpl.Essence(ldapUser);
user.setUsername(username);
user.setPassword(password);
GrantedAuthority[] extraAuthorities = authoritiesPopulator.getGrantedAuthorities(ldapUser); GrantedAuthority[] extraAuthorities = authoritiesPopulator.getGrantedAuthorities(ldapUser);

3
core/src/test/java/org/acegisecurity/providers/ldap/LdapAuthenticationProviderTests.java
View File

@ -37,6 +37,8 @@ public class LdapAuthenticationProviderTests extends AbstractLdapServerTestCase
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("bob","bobspassword"); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("bob","bobspassword");
UserDetails user = ldapProvider.retrieveUser("bob", token); UserDetails user = ldapProvider.retrieveUser("bob", token);
assertEquals(2, user.getAuthorities().length); assertEquals(2, user.getAuthorities().length);
assertEquals("bobspassword", user.getPassword());
assertEquals("bob", user.getUsername());
ArrayList authorities = new ArrayList(); ArrayList authorities = new ArrayList();
authorities.add(user.getAuthorities()[0].getAuthority()); authorities.add(user.getAuthorities()[0].getAuthority());
@ -101,6 +103,7 @@ public class LdapAuthenticationProviderTests extends AbstractLdapServerTestCase
if(username.equals("bob") && password.equals("bobspassword")) { if(username.equals("bob") && password.equals("bobspassword")) {
LdapUserDetailsImpl.Essence userEssence = new LdapUserDetailsImpl.Essence(); LdapUserDetailsImpl.Essence userEssence = new LdapUserDetailsImpl.Essence();
userEssence.setDn("cn=bob,ou=people,dc=acegisecurity,dc=org"); userEssence.setDn("cn=bob,ou=people,dc=acegisecurity,dc=org");
userEssence.setPassword("{SHA}anencodedpassword");
userEssence.setAttributes(userAttributes); userEssence.setAttributes(userAttributes);
userEssence.addAuthority(new GrantedAuthorityImpl("ROLE_FROM_ENTRY")); userEssence.addAuthority(new GrantedAuthorityImpl("ROLE_FROM_ENTRY"));
return userEssence.createUserDetails(); return userEssence.createUserDetails();