[HUDSON-6628] change LDAPSecurityRealm to extend AbstractPasswordBasedAuthentication

so it gets the createCliAuthenticator stuff, and CLI will accept --username, etc. In my tests this worked when passing credentials to run a command. Login seemed to work, but commands after that were still as anonymous, so something still missing. git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@33773 71c3de6d-444a-0410-be80-ed276b4c234a

[HUDSON-6628] change LDAPSecurityRealm to extend AbstractPasswordBasedAuthentication
so it gets the createCliAuthenticator stuff, and CLI will accept --username, etc. In my tests this worked when passing credentials to run a command. Login seemed to work, but commands after that were still as anonymous, so something still missing. git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@33773 71c3de6d-444a-0410-be80-ed276b4c234a
ff47b97f · mindless · dc0e278d · ff47b97f
隐藏空白更改
内联并排

Showing with 20 addition and 1 deletion

core/src/main/java/hudson/security/LDAPSecurityRealm.java core/src/main/java/hudson/security/LDAPSecurityRealm.java +20 -1

未找到文件。
--- a/core/src/main/java/hudson/security/LDAPSecurityRealm.java
+++ b/core/src/main/java/hudson/security/LDAPSecurityRealm.java
@@ -38,11 +38,13 @@ import hudson.util.spring.BeanBuilder;
 import org.acegisecurity.AuthenticationManager;
 import org.acegisecurity.GrantedAuthority;
 import org.acegisecurity.AcegiSecurityException;
+import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.ldap.InitialDirContextFactory;
 import org.acegisecurity.ldap.LdapDataAccessException;
 import org.acegisecurity.ldap.LdapTemplate;
 import org.acegisecurity.ldap.LdapUserSearch;
 import org.acegisecurity.ldap.search.FilterBasedLdapUserSearch;
+import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
 import org.acegisecurity.providers.ldap.LdapAuthoritiesPopulator;
 import org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator;
 import org.acegisecurity.userdetails.UserDetails;
@@ -201,7 +203,7 @@ import java.util.regex.Pattern;
 * @author Kohsuke Kawaguchi
 * @since 1.166
 */
-public class LDAPSecurityRealm extends SecurityRealm {
+public class LDAPSecurityRealm extends AbstractPasswordBasedSecurityRealm {
    /**
     * LDAP server name, optionally with TCP port number, like "ldap.acme.org"
     * or "ldap.acme.org:389".
@@ -346,6 +348,23 @@ public class LDAPSecurityRealm extends SecurityRealm {
            new LDAPUserDetailsService(appContext));
    }

+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    protected UserDetails authenticate(String username, String password) throws AuthenticationException {
+        return (UserDetails) getSecurityComponents().manager.authenticate(
+          new UsernamePasswordAuthenticationToken(username, password)).getPrincipal();
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
+        return getSecurityComponents().userDetails.loadUserByUsername(username);
+    }
+
    /**
     * Lookup a group; given input must match the configured syntax for group names
     * in WEB-INF/security/LDAPBindSecurityRealm.groovy's authoritiesPopulator entry.