SEC-327: Add includeDetailsObject property.

19 years ago · f0ae6f53a7
2 changed files with 22 additions and 3 deletions
--- a/core/src/main/java/org/acegisecurity/providers/dao/DaoAuthenticationProvider.java
+++ b/core/src/main/java/org/acegisecurity/providers/dao/DaoAuthenticationProvider.java
@ -44,6 +44,7 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
				@@ -44,6 +44,7 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
    private PasswordEncoder passwordEncoder = new PlaintextPasswordEncoder();
    private SaltSource saltSource;
    private UserDetailsService userDetailsService;
+    private boolean includeDetailsObject = true;

    //~ Methods ========================================================================================================

@ -58,7 +59,7 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
				@@ -58,7 +59,7 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication

        if (!passwordEncoder.isPasswordValid(userDetails.getPassword(), authentication.getCredentials().toString(), salt)) {
            throw new BadCredentialsException(messages.getMessage(
-                    "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"), userDetails);
+                    "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"), includeDetailsObject ? userDetails : null);
        }
    }

@ -120,4 +121,12 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
				@@ -120,4 +121,12 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }
+
+	public boolean isIncludeDetailsObject() {
+		return includeDetailsObject;
+	}
+
+	public void setIncludeDetailsObject(boolean includeDetailsObject) {
+		this.includeDetailsObject = includeDetailsObject;
+	}
 }
--- a/core/src/main/java/org/acegisecurity/providers/ldap/LdapAuthenticationProvider.java
+++ b/core/src/main/java/org/acegisecurity/providers/ldap/LdapAuthenticationProvider.java
@ -120,6 +120,7 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio
				@@ -120,6 +120,7 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio

    private LdapAuthenticator authenticator;
    private LdapAuthoritiesPopulator authoritiesPopulator;
+    private boolean includeDetailsObject = true;

    //~ Constructors ===================================================================================================

@ -159,7 +160,7 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio
				@@ -159,7 +160,7 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio
        throws AuthenticationException {
        if (!userDetails.getPassword().equals(authentication.getCredentials().toString())) {
            throw new BadCredentialsException(messages.getMessage(
-                    "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"), userDetails);
+                    "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"), includeDetailsObject ? userDetails : null);
        }
    }

@ -220,4 +221,13 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio
				@@ -220,4 +221,13 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio
            throw new AuthenticationServiceException(ldapAccessFailure.getMessage(), ldapAccessFailure);
        }
    }
+    
+    public boolean isIncludeDetailsObject() {
+		return includeDetailsObject;
+	}
+
+	public void setIncludeDetailsObject(boolean includeDetailsObject) {
+		this.includeDetailsObject = includeDetailsObject;
+	}
+
 }