Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make sure the username and password are set on the final UserDetails object returned by the provider.

This commit is contained in:
Luke Taylor 2006-05-21 03:03:50 +00:00
parent e1eac8f0ca
commit 53b6735c3e
2 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
core/src/main/java/org/acegisecurity/providers/ldap/LdapAuthenticationProvider.java
View File

@ -153,7 +153,7 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio
LdapUserDetails ldapUser = authenticator.authenticate(username, password);
return createUserDetails(ldapUser);
return createUserDetails(ldapUser, username, password);
}
/**
@ -166,16 +166,20 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio
* <p>
* Can be overridden to customize the creation of the final UserDetails instance. The
* default will merge any additional authorities retrieved from the populator with the
* original <tt>ldapUser</tt> object.
* propertis of original <tt>ldapUser</tt> object and set the values of the username and password.
* </p>
*
* @param ldapUser The intermediate LdapUserDetails instance returned from the authenticator.
* @param ldapUser The intermediate LdapUserDetails instance returned by the authenticator.
* @param username the username submitted to the provider
* @param password the password submitted to the provider
*
* @return The UserDetails for the successfully authenticated user.
*/
protected UserDetails createUserDetails(LdapUserDetails ldapUser) {
protected UserDetails createUserDetails(LdapUserDetails ldapUser, String username, String password) {
LdapUserDetailsImpl.Essence user = new LdapUserDetailsImpl.Essence(ldapUser);
user.setUsername(username);
user.setPassword(password);
GrantedAuthority[] extraAuthorities = authoritiesPopulator.getGrantedAuthorities(ldapUser);

3
core/src/test/java/org/acegisecurity/providers/ldap/LdapAuthenticationProviderTests.java
View File

@ -37,6 +37,8 @@ public class LdapAuthenticationProviderTests extends AbstractLdapServerTestCase
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("bob","bobspassword");
UserDetails user = ldapProvider.retrieveUser("bob", token);
assertEquals(2, user.getAuthorities().length);
assertEquals("bobspassword", user.getPassword());
assertEquals("bob", user.getUsername());
ArrayList authorities = new ArrayList();
authorities.add(user.getAuthorities()[0].getAuthority());
@ -101,6 +103,7 @@ public class LdapAuthenticationProviderTests extends AbstractLdapServerTestCase
if(username.equals("bob") && password.equals("bobspassword")) {
LdapUserDetailsImpl.Essence userEssence = new LdapUserDetailsImpl.Essence();
userEssence.setDn("cn=bob,ou=people,dc=acegisecurity,dc=org");
userEssence.setPassword("{SHA}anencodedpassword");
userEssence.setAttributes(userAttributes);
userEssence.addAuthority(new GrantedAuthorityImpl("ROLE_FROM_ENTRY"));
return userEssence.createUserDetails();