From b255478b1404963d55af360d0e3f47e72f95dcdd Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Mon, 16 Jun 2014 15:29:22 -0500 Subject: [PATCH] SEC-2658: Java Config triggers usePasswordAttrCompare to be set --- .../LdapAuthenticationProviderConfigurer.java | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-) diff --git a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java index c76c6adfbc..045d9c97c1 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java @@ -64,7 +64,7 @@ public class LdapAuthenticationProviderConfigurer passwordEncoder(final org.springframework.security.crypto.password.PasswordEncoder passwordEncoder) { Assert.notNull(passwordEncoder, "passwordEncoder must not be null."); - passwordEncoder(new PasswordEncoder() { - public String encodePassword(String rawPass, Object salt) { - checkSalt(salt); - return passwordEncoder.encode(rawPass); - } - - public boolean isPasswordValid(String encPass, String rawPass, Object salt) { - checkSalt(salt); - return passwordEncoder.matches(rawPass, encPass); - } - - private void checkSalt(Object salt) { - Assert.isNull(salt, "Salt value must be null when used with crypto module PasswordEncoder"); - } - }); + this.passwordEncoder = passwordEncoder; return this; }