LdapAuthoritiesPopulator should be postProcessed

To enable customizations through withObjectPostProcessor
This commit is contained in:
Filip Hanik 2020-12-10 10:50:32 -08:00 committed by Josh Cummings
parent 4374905801
commit ae08608011
2 changed files with 50 additions and 1 deletions

View File

@ -141,7 +141,7 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
defaultAuthoritiesPopulator.setGroupSearchFilter(this.groupSearchFilter);
defaultAuthoritiesPopulator.setSearchSubtree(this.groupSearchSubtree);
defaultAuthoritiesPopulator.setRolePrefix(this.rolePrefix);
this.ldapAuthoritiesPopulator = defaultAuthoritiesPopulator;
this.ldapAuthoritiesPopulator = postProcess(defaultAuthoritiesPopulator);
return defaultAuthoritiesPopulator;
}

View File

@ -19,11 +19,23 @@ package org.springframework.security.config.annotation.authentication.configurer
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.mapping.NullAuthoritiesMapper;
import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
import org.springframework.security.ldap.authentication.NullLdapAuthoritiesPopulator;
import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator;
import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;
import org.springframework.test.util.ReflectionTestUtils;
import java.util.Collection;
import static org.assertj.core.api.Assertions.assertThat;
import static org.springframework.test.util.ReflectionTestUtils.getField;
import static org.springframework.test.util.ReflectionTestUtils.invokeMethod;
public class LdapAuthenticationProviderConfigurerTests {
@ -42,4 +54,41 @@ public class LdapAuthenticationProviderConfigurerTests {
assertThat(this.configurer.getAuthoritiesMapper()).isInstanceOf(NullAuthoritiesMapper.class);
}
@Test
public void customAuthoritiesPopulator() throws Exception {
assertThat(getField(this.configurer, "ldapAuthoritiesPopulator")).isNull();
this.configurer.ldapAuthoritiesPopulator(new NullLdapAuthoritiesPopulator());
assertThat(getField(this.configurer, "ldapAuthoritiesPopulator")).isInstanceOf(NullLdapAuthoritiesPopulator.class);
}
@Test
public void authoritiesPopulatorIsPostProcessed() throws Exception {
assertThat(getField(this.configurer, "ldapAuthoritiesPopulator")).isNull();
this.configurer.contextSource(new DefaultSpringSecurityContextSource("ldap://localhost:389"));
this.configurer.addObjectPostProcessor(
new ObjectPostProcessor<LdapAuthoritiesPopulator>() {
@Override
public <O extends LdapAuthoritiesPopulator> O postProcess(O object) {
if (object instanceof DefaultLdapAuthoritiesPopulator) {
return (O)new TestPostProcessLdapAuthoritiesPopulator();
}
else {
return object;
}
}
}
);
invokeMethod(this.configurer, "getLdapAuthoritiesPopulator");
assertThat(getField(this.configurer, "ldapAuthoritiesPopulator"))
.isInstanceOf(TestPostProcessLdapAuthoritiesPopulator.class);
}
private static class TestPostProcessLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator {
@Override
public Collection<? extends GrantedAuthority> getGrantedAuthorities(
DirContextOperations userData, String username) {
return null;
}
}
}