Spring Security
  1. Spring Security
  2. SEC-1480

LdapUserDetailsImpl does not override equals/hashCode

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.2
    • Fix Version/s: 3.0.3, 3.1.0.M1
    • Component/s: LDAP
    • Labels:
      None

      Description

      result is that namespace session management config does not work with default LdapUserDetailsImpl.

        Activity

        Hide
        Luke Taylor added a comment -

        Please explain what you mean by "namespace session management config does not work" and supply a test case which reproduces the problem.

        Show
        Luke Taylor added a comment - Please explain what you mean by "namespace session management config does not work" and supply a test case which reproduces the problem.
        Hide
        Angel D. Segarra added a comment -

        sorry. I mean using the <session-management> tag in the namespace element. I was trying to use <concurrency-control max-sessions> but it did not work. I was using the ldap provider with a custom principal that extended LdapUserDetailsImpl. After following some advice about the session registry keying on the principal, I looked at the source and it did not implement equals/hashCode. So I implemented these on my custom principal and it worked.

        Show
        Angel D. Segarra added a comment - sorry. I mean using the <session-management> tag in the namespace element. I was trying to use <concurrency-control max-sessions> but it did not work. I was using the ldap provider with a custom principal that extended LdapUserDetailsImpl. After following some advice about the session registry keying on the principal, I looked at the source and it did not implement equals/hashCode. So I implemented these on my custom principal and it worked.
        Hide
        Luke Taylor added a comment - - edited

        Ok, I think I see where you're coming from now. The LdapUserDetailsImpl may be used as the principal object in the session registry, which requires a hash lookup. I've added equals and hashcode, purely based on the DN value (and ignoring other data) since that should uniquely identify the principal. That should do the trick for this use case.

        Show
        Luke Taylor added a comment - - edited Ok, I think I see where you're coming from now. The LdapUserDetailsImpl may be used as the principal object in the session registry, which requires a hash lookup. I've added equals and hashcode, purely based on the DN value (and ignoring other data) since that should uniquely identify the principal. That should do the trick for this use case.
        Hide
        Angel D. Segarra added a comment -

        Great. thanks.

        Show
        Angel D. Segarra added a comment - Great. thanks.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Angel D. Segarra
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: