From 4aed6797efec96b0a39666025a32aa96f13cfc3a Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Fri, 9 Feb 2024 14:49:28 -0700 Subject: [PATCH] Polish ActiveDirectoryLdapAuthenticationProvider#setAuthoritiesPopulator Issue gh-4490 --- .../ad/ActiveDirectoryLdapAuthenticationProvider.java | 8 +++++--- .../ad/DefaultActiveDirectoryAuthoritiesPopulator.java | 1 + 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProvider.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProvider.java index 18bc258f882..c34f17f1a8e 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProvider.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProvider.java @@ -143,7 +143,6 @@ public ActiveDirectoryLdapAuthenticationProvider(String domain, String url, Stri this.domain = StringUtils.hasText(domain) ? domain.toLowerCase() : null; this.url = url; this.rootDn = StringUtils.hasText(rootDn) ? rootDn.toLowerCase() : null; - this.setAuthoritiesPopulator(this.authoritiesPopulator); } /** @@ -155,7 +154,6 @@ public ActiveDirectoryLdapAuthenticationProvider(String domain, String url) { this.domain = StringUtils.hasText(domain) ? domain.toLowerCase() : null; this.url = url; this.rootDn = (this.domain != null) ? rootDnFromDomain(this.domain) : null; - this.setAuthoritiesPopulator(this.authoritiesPopulator); } @Override @@ -179,6 +177,10 @@ protected DirContextOperations doAuthentication(UsernamePasswordAuthenticationTo } } + /** + * Creates the user authority list from the values of the {@code memberOf} attribute + * obtained from the user's Active Directory entry. + */ @Override protected Collection loadUserAuthorities(DirContextOperations userData, String username, String password) { @@ -389,7 +391,7 @@ public void setContextEnvironmentProperties(Map environment) { * @since 6.3 */ public void setAuthoritiesPopulator(LdapAuthoritiesPopulator authoritiesPopulator) { - Assert.notNull(authoritiesPopulator, "An LdapAuthoritiesPopulator must be supplied"); + Assert.notNull(authoritiesPopulator, "authoritiesPopulator must not be null"); this.authoritiesPopulator = authoritiesPopulator; } diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/DefaultActiveDirectoryAuthoritiesPopulator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/DefaultActiveDirectoryAuthoritiesPopulator.java index 6e179f2fe33..1f51b4de10d 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/DefaultActiveDirectoryAuthoritiesPopulator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/DefaultActiveDirectoryAuthoritiesPopulator.java @@ -38,6 +38,7 @@ * * @author Luke Taylor * @author Roman Zabaluev + * @since 6.3 */ public final class DefaultActiveDirectoryAuthoritiesPopulator implements LdapAuthoritiesPopulator {