GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Fix for SEC-237. Make LDAP Provider reject empty username.

1.0.x
Luke Taylor 20 years ago
parent
743cc9fec7
commit
9c8a4c2f74
2 changed files with 10 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      core/src/main/java/org/acegisecurity/providers/ldap/LdapAuthenticationProvider.java
  2. 2
      core/src/main/resources/org/acegisecurity/messages.properties

8
core/src/main/java/org/acegisecurity/providers/ldap/LdapAuthenticationProvider.java
Unescape View File

@ -21,11 +21,13 @@ import org.acegisecurity.ldap.LdapUserInfo; @@ -21,11 +21,13 @@ import org.acegisecurity.ldap.LdapUserInfo;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.User;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.BadCredentialsException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import javax.naming.directory.Attributes;
@ -141,6 +143,12 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio @@ -141,6 +143,12 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio
}
protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
if(!StringUtils.hasLength(username)) {
throw new BadCredentialsException(messages.getMessage(
"LdapAuthenticationProvider.emptyUsername",
"Empty Username"));
}
if (logger.isDebugEnabled()) {
logger.debug("Retrieving user " + username);
}

2
core/src/main/resources/org/acegisecurity/messages.properties
Unescape View File

@ -37,9 +37,11 @@ SwitchUserProcessingFilter.disabled=User is disabled @@ -37,9 +37,11 @@ SwitchUserProcessingFilter.disabled=User is disabled
SwitchUserProcessingFilter.expired=User account has expired
SwitchUserProcessingFilter.credentialsExpired=User credentials have expired
AbstractAccessDecisionManager.accessDenied=Access is denied
LdapAuthenticationProvider.emptyUsername=Empty username not allowed
DefaultIntitalDirContextFactory.communicationFailure=Unable to connect to LDAP server
DefaultIntitalDirContextFactory.badCredentials=Bad credentials
DefaultIntitalDirContextFactory.unexpectedException=Failed to obtain InitialDirContext due to unexpected exception
PasswordComparisonAuthenticator.badCredentials=Bad credentials
BindAuthenticator.badCredentials=Bad credentials
BindAuthenticator.failedToLoadAttributes=Bad credentials

Write Preview
Loading…
Cancel
Save