Added test for empty or null username

core/src/test/java/org/acegisecurity/providers/ldap/LdapAuthenticationProviderTests.java

@@ -32,6 +32,8 @@ public class LdapAuthenticationProviderTests extends AbstractLdapServerTestCase
         LdapAuthenticationProvider ldapProvider
                 = new LdapAuthenticationProvider(new MockAuthenticator(), new MockAuthoritiesPopulator());
 
+        assertNotNull(ldapProvider.getAuthoritiesPoulator());
+
         UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("bob","bobspassword");
         UserDetails user = ldapProvider.retrieveUser("bob", token);
         assertEquals(2, user.getAuthorities().length);
@@ -46,6 +48,24 @@ public class LdapAuthenticationProviderTests extends AbstractLdapServerTestCase
         ldapProvider.additionalAuthenticationChecks(user, token);
     }
 
+    public void testEmptyOrNullUserNameThrowsException() {
+        LdapAuthenticationProvider ldapProvider
+                = new LdapAuthenticationProvider(new MockAuthenticator(), new MockAuthoritiesPopulator());
+
+        try {
+            ldapProvider.retrieveUser("", new UsernamePasswordAuthenticationToken("bob","bobspassword"));
+            fail("Expected BadCredentialsException for empty username");
+        } catch(BadCredentialsException expected) {
+        }
+
+        try {
+            ldapProvider.retrieveUser(null, new UsernamePasswordAuthenticationToken("bob","bobspassword"));
+            fail("Expected BadCredentialsException for null username");
+        } catch(BadCredentialsException expected) {
+        }
+
+    }
+
 // This test kills apacheDS in embedded mode because the search returns an invalid DN
 //    public void testIntegration() throws Exception {
 //        BindAuthenticator authenticator = new BindAuthenticator(getInitialCtxFactory());