diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java index 4246d22190..0661de7a47 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java @@ -95,6 +95,20 @@ public class DefaultSpringSecurityContextSourceTests extends AbstractLdapIntegra assertTrue(ctxSrc.isPooled()); } + // SEC-2308 + @Test + public void instantiationSuceedsWithEmtpyBaseDn() throws Exception { + String baseDn = ""; + List serverUrls = new ArrayList(); + serverUrls.add("ldap://foo:789"); + serverUrls.add("ldap://bar:389"); + serverUrls.add("ldaps://blah:636"); + DefaultSpringSecurityContextSource ctxSrc = new DefaultSpringSecurityContextSource(serverUrls, baseDn); + + assertFalse(ctxSrc.isAnonymousReadOnly()); + assertTrue(ctxSrc.isPooled()); + } + @Test(expected=IllegalArgumentException.class) public void instantiationFailsWithIncorrectServerUrl() throws Exception { List serverUrls = new ArrayList(); diff --git a/ldap/src/main/java/org/springframework/security/ldap/DefaultSpringSecurityContextSource.java b/ldap/src/main/java/org/springframework/security/ldap/DefaultSpringSecurityContextSource.java index d7492c91c1..729873403a 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/DefaultSpringSecurityContextSource.java +++ b/ldap/src/main/java/org/springframework/security/ldap/DefaultSpringSecurityContextSource.java @@ -123,9 +123,6 @@ public class DefaultSpringSecurityContextSource extends LdapContextSource { if ("".equals(trimmedUrl)) { continue; } - if (trimmedUrl.contains(trimmedBaseDn)) { - throw new IllegalArgumentException("LDAP URL string must not include the base DN! '" + trimmedUrl + "'"); - } providerUrl.append(trimmedUrl); if (! trimmedUrl.endsWith("/")) {