Начало Каталог Помощ
Регистрация Вход
github
/
spring-security
огледало от https://github.com/spring-projects/spring-security
2
0
Разклонения 0
Файлове Задачи 0 Уики
Преглед на файлове

SEC-1084: Retain Authentication.details when authenticating in LdapAuthenticationProvider.

Luke Taylor преди 16 години
родител
2ff089af62
ревизия
350f75f7f3
променени са 2 файла, в които са добавени 8 реда и са изтрити 2 реда
Разделен изглед Покажи статистика за разликите
  1. 5 2
      ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java
  2. 3 0
      ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java

+ 5 - 2
ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java
Целия файл 

@@ -234,7 +234,7 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa
 
             messages.getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports",
 
                 "Only UsernamePasswordAuthenticationToken is supported"));
 
 
-        UsernamePasswordAuthenticationToken userToken = (UsernamePasswordAuthenticationToken)authentication;
 
+        final UsernamePasswordAuthenticationToken userToken = (UsernamePasswordAuthenticationToken)authentication;
 
 
         String username = userToken.getName();
 
 
@@ -287,7 +287,10 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa
 
             UserDetails user) {
 
         Object password = useAuthenticationRequestCredentials ? authentication.getCredentials() : user.getPassword();
 
 
-        return new UsernamePasswordAuthenticationToken(user, password, user.getAuthorities());
 
+        UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(user, password, user.getAuthorities());
 
+        result.setDetails(authentication.getDetails());
 
+
 
+        return result;
 
     }
 
 
     public boolean supports(Class<? extends Object> authentication) {

+ 3 - 0
ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java
Целия файл 

@@ -124,8 +124,11 @@ public class LdapAuthenticationProviderTests {
 
         assertNotNull(ldapProvider.getAuthoritiesPopulator());
 
 
         UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken("ben", "benspassword");
 
+        Object authDetails = new Object();
 
+        authRequest.setDetails(authDetails);
 
         Authentication authResult = ldapProvider.authenticate(authRequest);
 
         assertEquals("benspassword", authResult.getCredentials());
 
+        assertSame(authDetails, authResult.getDetails());
 
         UserDetails user = (UserDetails) authResult.getPrincipal();
 
         assertEquals(2, user.getAuthorities().size());
 
         assertEquals("{SHA}nFCebWjxfaLbHHG1Qk5UU4trbvQ=", user.getPassword());