首页 发现 帮助
注册 登录
github
/
spring-security
镜像自地址 https://github.com/spring-projects/spring-security
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

SEC-2618: LdapAuthenticationProviderConfigurer passwordAttribute null check

If LdapAuthenticationProviderConfigurer passwordAttribute is null, do not
set on the PasswordComparisonAuthenticator
Rob Winch 11 年之前
父节点
47e02c41b6
当前提交
63d1b531a1
共有 1 个文件被更改,包括 3 次插入1 次删除
分列视图 显示文件统计
  1. 3 1
      config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java

+ 3 - 1
config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java
查看文件 

@@ -150,7 +150,9 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
 
      */
 
     private PasswordComparisonAuthenticator createPasswordCompareAuthenticator(BaseLdapPathContextSource contextSource) {
 
         PasswordComparisonAuthenticator ldapAuthenticator = new PasswordComparisonAuthenticator(contextSource);
 
-        ldapAuthenticator.setPasswordAttributeName(passwordAttribute);
 
+        if(passwordAttribute != null) {
 
+            ldapAuthenticator.setPasswordAttributeName(passwordAttribute);
 
+        }
 
         ldapAuthenticator.setPasswordEncoder(passwordEncoder);
 
         return ldapAuthenticator;
 
     }