SEC-281: Modified to use Spring 1.2 compatible exception class for incorrect search results size.

20 years ago · ee50d6e334
2 changed files with 11 additions and 8 deletions
--- a/core/src/main/java/org/acegisecurity/ldap/LdapTemplate.java
+++ b/core/src/main/java/org/acegisecurity/ldap/LdapTemplate.java
@ -16,7 +16,6 @@
				@@ -16,7 +16,6 @@
 package org.acegisecurity.ldap;

 import org.springframework.dao.DataAccessException;
-import org.springframework.dao.EmptyResultDataAccessException;
 import org.springframework.dao.IncorrectResultSizeDataAccessException;

 import org.springframework.util.Assert;
@ -234,8 +233,7 @@ public class LdapTemplate {
				@@ -234,8 +233,7 @@ public class LdapTemplate {
     *
     * @return the object created by the mapper from the matching entry
     *
-     * @throws EmptyResultDataAccessException if no results are found.
-     * @throws IncorrectResultSizeDataAccessException if the search returns more than one result.
+     * @throws IncorrectResultSizeDataAccessException if no results are found or the search returns more than one result.
     */
    public Object searchForSingleEntry(final String base, final String filter, final Object[] params,
        final LdapEntryMapper mapper) {
@ -245,13 +243,14 @@ public class LdapTemplate {
				@@ -245,13 +243,14 @@ public class LdapTemplate {
                    NamingEnumeration results = ctx.search(base, filter, params, searchControls);

                    if (!results.hasMore()) {
-                        throw new EmptyResultDataAccessException(1);
+                        throw new IncorrectResultSizeDataAccessException(1, 0);
                    }

                    SearchResult searchResult = (SearchResult) results.next();

                    if (results.hasMore()) {
-                        throw new IncorrectResultSizeDataAccessException(1);
+                        // We don't know how many results but set to 2 which is good enough
+                        throw new IncorrectResultSizeDataAccessException(1, 2);
                    }

                    // Work out the DN of the matched entry
--- a/core/src/main/java/org/acegisecurity/ldap/search/FilterBasedLdapUserSearch.java
+++ b/core/src/main/java/org/acegisecurity/ldap/search/FilterBasedLdapUserSearch.java
@ -27,7 +27,7 @@ import org.acegisecurity.userdetails.ldap.LdapUserDetailsMapper;
				@@ -27,7 +27,7 @@ import org.acegisecurity.userdetails.ldap.LdapUserDetailsMapper;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;

-import org.springframework.dao.EmptyResultDataAccessException;
+import org.springframework.dao.IncorrectResultSizeDataAccessException;

 import org.springframework.util.Assert;

@ -123,8 +123,12 @@ public class FilterBasedLdapUserSearch implements LdapUserSearch {
				@@ -123,8 +123,12 @@ public class FilterBasedLdapUserSearch implements LdapUserSearch {
            user.setUsername(username);

            return user.createUserDetails();
-        } catch (EmptyResultDataAccessException notFound) {
-            throw new UsernameNotFoundException("User " + username + " not found in directory.");
+        } catch (IncorrectResultSizeDataAccessException notFound) {
+            if(notFound.getActualSize() == 0) {
+                throw new UsernameNotFoundException("User " + username + " not found in directory.");
+            }
+            // Search should never return multiple results if properly configured, so just rethrow
+            throw notFound;
        }
    }