nicolabs/ldap-plugin
1
0
Fork 0
mirror of https://github.com/nicolabs/ldap-plugin.git synced 2025-09-07 05:14:24 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

DeferredCreationLdapAuthoritiesPopulator is no longer necessary because filters are now created after SecurityRealm is prepared.

Browse source 
git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@14872 71c3de6d-444a-0410-be80-ed276b4c234a

Originally-Committed-As: 3beed588ad53269bf8f32e49ff84eed8572093f5
This commit is contained in:
kohsuke 2009-01-29 17:29:26 +00:00
parent 4b0a39b206
commit bbcdae89b4
2 changed files with 5 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
core/src/main/java/hudson/security/LDAPSecurityRealm.java
View file

@ -176,7 +176,6 @@ public class LDAPSecurityRealm extends SecurityRealm {
BeanBuilder builder = new BeanBuilder(); BeanBuilder builder = new BeanBuilder();
builder.parse(Hudson.getInstance().servletContext.getResourceAsStream("/WEB-INF/security/LDAPBindSecurityRealm.groovy"),binding); builder.parse(Hudson.getInstance().servletContext.getResourceAsStream("/WEB-INF/security/LDAPBindSecurityRealm.groovy"),binding);
final WebApplicationContext appContext = builder.createApplicationContext(); final WebApplicationContext appContext = builder.createApplicationContext();
correctAuthoritiesPopulator(appContext);
return new SecurityComponents( return new SecurityComponents(
findBean(AuthenticationManager.class, appContext), findBean(AuthenticationManager.class, appContext),
@ -193,15 +192,6 @@ public class LDAPSecurityRealm extends SecurityRealm {
}); });
} }
/**
* Adjust the authoritiesPopulator bean to have the correct groupSearchBase
* @param appContext
*/
private void correctAuthoritiesPopulator(WebApplicationContext appContext) {
DeferredCreationLdapAuthoritiesPopulator factory = (DeferredCreationLdapAuthoritiesPopulator) appContext.getBean("authoritiesPopulator");
factory.setGroupSearchBase(groupSearchBase==null ? "" : groupSearchBase);
}
/** /**
* If the security realm is LDAP, try to pick up e-mail address from LDAP. * If the security realm is LDAP, try to pick up e-mail address from LDAP.
*/ */

8
war/resources/WEB-INF/security/LDAPBindSecurityRealm.groovy
View file

@ -6,7 +6,8 @@ import org.acegisecurity.ldap.DefaultInitialDirContextFactory
import org.acegisecurity.ldap.search.FilterBasedLdapUserSearch import org.acegisecurity.ldap.search.FilterBasedLdapUserSearch
import org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider import org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider
import hudson.model.Hudson import hudson.model.Hudson
import hudson.security.DeferredCreationLdapAuthoritiesPopulator import org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
import hudson.Util
/* /*
Configure LDAP as the authentication realm. Configure LDAP as the authentication realm.
@ -35,8 +36,9 @@ bindAuthenticator(BindAuthenticator2,initialDirContextFactory) {
userSearch = ldapUserSearch; userSearch = ldapUserSearch;
} }
authoritiesPopulator(DeferredCreationLdapAuthoritiesPopulator,initialDirContextFactory,"") { authoritiesPopulator(DefaultLdapAuthoritiesPopulator, initialDirContextFactory, Util.fixNull(instance.groupSearchBase)) {
// groupRoleAttribute = "ou"; // see DefaultLdapAuthoritiesPopulator for other possible configurations
searchSubtree = true;
} }
authenticationManager(ProviderManager) { authenticationManager(ProviderManager) {