SEC-1084: Retain Authentication.details when authenticating in LdapAuthenticationProvider.

17 years ago · 350f75f7f3
2 changed files with 8 additions and 2 deletions
--- a/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java
+++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java
@ -234,7 +234,7 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa
				@@ -234,7 +234,7 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa
            messages.getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports",
                "Only UsernamePasswordAuthenticationToken is supported"));

-        UsernamePasswordAuthenticationToken userToken = (UsernamePasswordAuthenticationToken)authentication;
+        final UsernamePasswordAuthenticationToken userToken = (UsernamePasswordAuthenticationToken)authentication;

        String username = userToken.getName();

@ -287,7 +287,10 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa
				@@ -287,7 +287,10 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa
            UserDetails user) {
        Object password = useAuthenticationRequestCredentials ? authentication.getCredentials() : user.getPassword();

-        return new UsernamePasswordAuthenticationToken(user, password, user.getAuthorities());
+        UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(user, password, user.getAuthorities());
+        result.setDetails(authentication.getDetails());
+
+        return result;
    }

    public boolean supports(Class<? extends Object> authentication) {
--- a/ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java
+++ b/ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java
@ -124,8 +124,11 @@ public class LdapAuthenticationProviderTests {
				@@ -124,8 +124,11 @@ public class LdapAuthenticationProviderTests {
        assertNotNull(ldapProvider.getAuthoritiesPopulator());

        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken("ben", "benspassword");
+        Object authDetails = new Object();
+        authRequest.setDetails(authDetails);
        Authentication authResult = ldapProvider.authenticate(authRequest);
        assertEquals("benspassword", authResult.getCredentials());
+        assertSame(authDetails, authResult.getDetails());
        UserDetails user = (UserDetails) authResult.getPrincipal();
        assertEquals(2, user.getAuthorities().size());
        assertEquals("{SHA}nFCebWjxfaLbHHG1Qk5UU4trbvQ=", user.getPassword());