From 9b2083972ffa2acd9bf0cda40da0ac5cf1fcd5b0 Mon Sep 17 00:00:00 2001 From: kohsuke Date: Fri, 25 Jan 2008 02:05:08 +0000 Subject: [PATCH] fixed initialization issue with LDAP in 1.175 (#1208) git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@6855 71c3de6d-444a-0410-be80-ed276b4c234a --- .../java/hudson/security/LDAPSecurityRealm.java | 14 ++++++++++++-- .../WEB-INF/security/LDAPBindSecurityRealm.groovy | 10 +++++++--- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/core/src/main/java/hudson/security/LDAPSecurityRealm.java b/core/src/main/java/hudson/security/LDAPSecurityRealm.java index c801c9e67b..330253a7c9 100644 --- a/core/src/main/java/hudson/security/LDAPSecurityRealm.java +++ b/core/src/main/java/hudson/security/LDAPSecurityRealm.java @@ -10,12 +10,16 @@ import hudson.util.spring.BeanBuilder; import net.sf.json.JSONObject; import org.acegisecurity.AuthenticationManager; import org.acegisecurity.userdetails.UserDetailsService; +import org.acegisecurity.userdetails.UserDetails; +import org.acegisecurity.userdetails.UsernameNotFoundException; import org.acegisecurity.ldap.search.FilterBasedLdapUserSearch; +import org.acegisecurity.ldap.LdapUserSearch; import org.kohsuke.stapler.DataBoundConstructor; import org.kohsuke.stapler.QueryParameter; import org.kohsuke.stapler.StaplerRequest; import org.kohsuke.stapler.StaplerResponse; import org.springframework.web.context.WebApplicationContext; +import org.springframework.dao.DataAccessException; import javax.naming.NamingException; import javax.naming.directory.Attribute; @@ -127,10 +131,16 @@ public class LDAPSecurityRealm extends SecurityRealm { BeanBuilder builder = new BeanBuilder(); builder.parse(Hudson.getInstance().servletContext.getResourceAsStream("/WEB-INF/security/LDAPBindSecurityRealm.groovy"),binding); - WebApplicationContext appContext = builder.createApplicationContext(); + final WebApplicationContext appContext = builder.createApplicationContext(); + return new SecurityComponents( findBean(AuthenticationManager.class, appContext), - findBean(UserDetailsService.class, appContext)); + new UserDetailsService() { + final LdapUserSearch ldapSerach = findBean(LdapUserSearch.class, appContext); + public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { + return ldapSerach.searchForUser(username); + } + }); } public DescriptorImpl getDescriptor() { diff --git a/war/resources/WEB-INF/security/LDAPBindSecurityRealm.groovy b/war/resources/WEB-INF/security/LDAPBindSecurityRealm.groovy index 568e7f5128..244b115bdf 100644 --- a/war/resources/WEB-INF/security/LDAPBindSecurityRealm.groovy +++ b/war/resources/WEB-INF/security/LDAPBindSecurityRealm.groovy @@ -28,10 +28,14 @@ bindAuthenticator(BindAuthenticator,initialDirContextFactory) { // "uid={0},ou=people" // ] // this is when we need to find it. - userSearch = bean(FilterBasedLdapUserSearch, instance.userSearchBase, instance.userSearch, initialDirContextFactory) { - searchSubtree=true - } + userSearch = ldapUserSearch; } + +ldapUserSearch(FilterBasedLdapUserSearch, instance.userSearchBase, instance.userSearch, initialDirContextFactory) { + searchSubtree=true +} + + authoritiesPopulator(DefaultLdapAuthoritiesPopulator,initialDirContextFactory,"ou=groups") { // groupRoleAttribute = "ou"; } -- GitLab