Domovská stránka Prehľadávať Pomoc
Registrovať Prihlásiť sa
github
/
spring-security
zrkadlo https://github.com/spring-projects/spring-security
2
0
Fork 0
Súbory Issues 0 Wiki
Prechádzať zdrojové kódy

SEC-2618: LdapAuthenticationProviderConfigurer passwordAttribute null check

If LdapAuthenticationProviderConfigurer passwordAttribute is null, do not
set on the PasswordComparisonAuthenticator
Rob Winch 11 rokov pred
rodič
439a15b108
commit
f574f2a2ac
1 zmenil súbory, kde vykonal 3 pridanie a 1 odobranie
Rozdelené zobrazenie Ukázať štatistiku rozdielnych dát
  1. 3 1
      config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java

+ 3 - 1
config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java
Zobraziť súbor 

@@ -150,7 +150,9 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
 
      */
 
     private PasswordComparisonAuthenticator createPasswordCompareAuthenticator(BaseLdapPathContextSource contextSource) {
 
         PasswordComparisonAuthenticator ldapAuthenticator = new PasswordComparisonAuthenticator(contextSource);
 
-        ldapAuthenticator.setPasswordAttributeName(passwordAttribute);
 
+        if(passwordAttribute != null) {
 
+            ldapAuthenticator.setPasswordAttributeName(passwordAttribute);
 
+        }
 
         ldapAuthenticator.setPasswordEncoder(passwordEncoder);
 
         return ldapAuthenticator;
 
     }