Fixed problem with relative name being used in (member={0}) search in DefaultAuthoritiesPopulator.

core/src/main/java/org/springframework/security/ldap/SpringSecurityLdapTemplate.java

@@ -116,7 +116,8 @@ public class SpringSecurityLdapTemplate extends org.springframework.ldap.core.Ld
 
                     // Object object = ctx.lookup(LdapUtils.getRelativeName(dn, ctx));
 
-                    return new DirContextAdapter(attrs, new DistinguishedName(dn));
+                    return new DirContextAdapter(attrs, new DistinguishedName(dn),
+                            new DistinguishedName(ctx.getNameInNamespace()));
                 }
             });
     }

core/src/main/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulator.java

@@ -19,8 +19,10 @@ import org.springframework.security.GrantedAuthority;
 import org.springframework.security.GrantedAuthorityImpl;
 import org.springframework.security.ldap.SpringSecurityLdapTemplate;
 import org.springframework.security.ldap.LdapAuthoritiesPopulator;
+import org.springframework.security.ldap.LdapUtils;
 import org.springframework.ldap.core.ContextSource;
 import org.springframework.ldap.core.DirContextOperations;
+import org.springframework.ldap.core.DistinguishedName;
 import org.springframework.util.Assert;
 
 import org.apache.commons.logging.Log;
@@ -170,7 +172,7 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
      * @return the set of roles granted to the user.
      */
     public final GrantedAuthority[] getGrantedAuthorities(DirContextOperations user, String username) {
-        String userDn = user.getDn().toString();
+        String userDn = user.getNameInNamespace();
 
         if (logger.isDebugEnabled()) {
             logger.debug("Getting authorities for user " + userDn);

core/src/main/java/org/springframework/security/userdetails/ldap/LdapUserDetailsImpl.java

@@ -99,6 +99,33 @@ public class LdapUserDetailsImpl implements LdapUserDetails {
         return enabled;
     }
 
+    public String toString() {
+        StringBuffer sb = new StringBuffer();
+        sb.append(super.toString()).append(": ");
+        sb.append("Username: ").append(this.username).append("; ");
+        sb.append("Password: [PROTECTED]; ");
+        sb.append("Enabled: ").append(this.enabled).append("; ");
+        sb.append("AccountNonExpired: ").append(this.accountNonExpired).append("; ");
+        sb.append("credentialsNonExpired: ").append(this.credentialsNonExpired).append("; ");
+        sb.append("AccountNonLocked: ").append(this.accountNonLocked).append("; ");
+
+        if (this.getAuthorities() != null) {
+            sb.append("Granted Authorities: ");
+
+            for (int i = 0; i < this.getAuthorities().length; i++) {
+                if (i > 0) {
+                    sb.append(", ");
+                }
+
+                sb.append(this.getAuthorities()[i].toString());
+            }
+        } else {
+            sb.append("Not granted any authorities");
+        }
+
+        return sb.toString();        
+    }
+
     //~ Inner Classes ==================================================================================================
 
     /**

core/src/test/java/org/springframework/security/config/LdapBeanDefinitionParserTests.java

@@ -1,5 +1,10 @@
 package org.springframework.security.config;
 
+import org.springframework.security.providers.ProviderManager;
+import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
+import org.springframework.security.providers.ldap.LdapAuthenticationProvider;
+import org.springframework.security.Authentication;
+import org.springframework.security.userdetails.ldap.LdapUserDetailsImpl;
 import org.springframework.context.support.ClassPathXmlApplicationContext;
 import org.springframework.ldap.core.LdapTemplate;
 import org.springframework.ldap.core.support.BaseLdapPathContextSource;
@@ -40,5 +45,17 @@ public class LdapBeanDefinitionParserTests {
         LdapTemplate template = new LdapTemplate(idcf);
 
         template.lookup("uid=ben,ou=people");
+
+        ProviderManager authManager = (ProviderManager) appContext.getBean(BeanIds.AUTHENTICATION_MANAGER);
+
+        assertEquals(1, authManager.getProviders().size());
+
+        LdapAuthenticationProvider provider = (LdapAuthenticationProvider) authManager.getProviders().get(0);
+
+        Authentication auth = provider.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword"));
+
+        LdapUserDetailsImpl ben = (LdapUserDetailsImpl) auth.getPrincipal();
+
+        assertEquals(2, ben.getAuthorities().length);
     }
 }

core/src/test/java/org/springframework/security/providers/ldap/authenticator/PasswordComparisonAuthenticatorMockTests.java

@@ -50,6 +50,7 @@ public class PasswordComparisonAuthenticatorMockTests extends MockObjectTestCase
 //        mockCtx.expects(once()).method("lookup").with(eq("cn=Bob,ou=people")).will(returnValue(true));
         mockCtx.expects(once()).method("getAttributes").with(eq("cn=Bob,ou=people"), NULL)
                .will(returnValue(attrs));
+        mockCtx.expects(once()).method("getNameInNamespace").will(returnValue("dc=springframework,dc=org"));
 
         // Setup a single return value (i.e. success)
         Attributes searchResults = new BasicAttributes("", null);