mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-06-28 14:52:24 +00:00
Fix for SEC-237. Make LDAP Provider reject empty username.
This commit is contained in:
Luke Taylor
parent
743cc9fec7
commit
9c8a4c2f74
@ -21,11 +21,13 @@ import org.acegisecurity.ldap.LdapUserInfo;
|
|||||||
import org.acegisecurity.userdetails.UserDetails;
|
import org.acegisecurity.userdetails.UserDetails;
|
||||||
import org.acegisecurity.userdetails.User;
|
import org.acegisecurity.userdetails.User;
|
||||||
import org.acegisecurity.AuthenticationException;
|
import org.acegisecurity.AuthenticationException;
|
||||||
|
import org.acegisecurity.BadCredentialsException;
|
||||||
|
|
||||||
import org.apache.commons.logging.Log;
|
import org.apache.commons.logging.Log;
|
||||||
import org.apache.commons.logging.LogFactory;
|
import org.apache.commons.logging.LogFactory;
|
||||||
|
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
|
import org.springframework.util.StringUtils;
|
||||||
|
|
||||||
import javax.naming.directory.Attributes;
|
import javax.naming.directory.Attributes;
|
||||||
|
|
||||||
@ -141,6 +143,12 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio
|
|||||||
}
|
}
|
||||||
|
|
||||||
protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
|
protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
|
||||||
|
if(!StringUtils.hasLength(username)) {
|
||||||
|
throw new BadCredentialsException(messages.getMessage(
|
||||||
|
"LdapAuthenticationProvider.emptyUsername",
|
||||||
|
"Empty Username"));
|
||||||
|
}
|
||||||
|
|
||||||
if (logger.isDebugEnabled()) {
|
if (logger.isDebugEnabled()) {
|
||||||
logger.debug("Retrieving user " + username);
|
logger.debug("Retrieving user " + username);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -37,9 +37,11 @@ SwitchUserProcessingFilter.disabled=User is disabled
|
|||||||
SwitchUserProcessingFilter.expired=User account has expired
|
SwitchUserProcessingFilter.expired=User account has expired
|
||||||
SwitchUserProcessingFilter.credentialsExpired=User credentials have expired
|
SwitchUserProcessingFilter.credentialsExpired=User credentials have expired
|
||||||
AbstractAccessDecisionManager.accessDenied=Access is denied
|
AbstractAccessDecisionManager.accessDenied=Access is denied
|
||||||
|
LdapAuthenticationProvider.emptyUsername=Empty username not allowed
|
||||||
DefaultIntitalDirContextFactory.communicationFailure=Unable to connect to LDAP server
|
DefaultIntitalDirContextFactory.communicationFailure=Unable to connect to LDAP server
|
||||||
DefaultIntitalDirContextFactory.badCredentials=Bad credentials
|
DefaultIntitalDirContextFactory.badCredentials=Bad credentials
|
||||||
DefaultIntitalDirContextFactory.unexpectedException=Failed to obtain InitialDirContext due to unexpected exception
|
DefaultIntitalDirContextFactory.unexpectedException=Failed to obtain InitialDirContext due to unexpected exception
|
||||||
PasswordComparisonAuthenticator.badCredentials=Bad credentials
|
PasswordComparisonAuthenticator.badCredentials=Bad credentials
|
||||||
BindAuthenticator.badCredentials=Bad credentials
|
BindAuthenticator.badCredentials=Bad credentials
|
||||||
BindAuthenticator.failedToLoadAttributes=Bad credentials
|
BindAuthenticator.failedToLoadAttributes=Bad credentials
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user