Spring Security
  1. Spring Security
  2. SEC-1154

LdapAuthenticationProvider.createSuccessfulAuthentication() returned object should include authentication.getDetails() if using useAuthenticationRequestCredentials

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Duplicate
    • Affects Version/s: 2.0.4
    • Fix Version/s: 3.0.0 M1
    • Component/s: LDAP
    • Labels:
      None

      Description

      the createSuccessfulAuthentication(UsernamePasswordAuthenticationToken auth, UserDetails user) method from LdapAuthenticationProvider returns a new UsernamePasswordAuthenticationToken based on auth's password, depending on useAuthenticationRequestCredentials boolean.

      In the case this happens, shouldn't the returned object also include auth.getDetails()? I.e., something like:

      protected Authentication createSuccessfulAuthentication(UsernamePasswordAuthenticationToken authentication, UserDetails user)
      {
      Object password = useAuthenticationRequestCredentials ? authentication.getCredentials() : ((Object) (user.getPassword()));
      if (useAuthenticationRequestCredentials)

      { UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user, password, user.getAuthorities()); token.setDetails(authentication.getDetails()); return token; }

      return new UsernamePasswordAuthenticationToken(user, password, user.getAuthorities());
      }

      (as part of our current project, we are building a custom authenticationProvider which extends LdapAuthenticationProvider, and we expected this behaviour. Not very sure this should be marked as bug or as an improvement, though)

        Issue Links

          Activity

          Hide
          Luke Taylor added a comment -

          Closing as a duplicate of SEC-1084.

          Show
          Luke Taylor added a comment - Closing as a duplicate of SEC-1084 .
          Hide
          Juan Pablo Santos added a comment -

          ouch, didn't find 1084 :-s thanks anyway

          Show
          Juan Pablo Santos added a comment - ouch, didn't find 1084 :-s thanks anyway

            People

            • Assignee:
              Luke Taylor
              Reporter:
              Juan Pablo Santos
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: