Announcement Announcement Module
Collapse
No announcement yet.
Acegi & DefaultValues AuthenticationSources Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Acegi & DefaultValues AuthenticationSources

    I'm using an AcegiAuthenticationSource decorated in a DefaultValuesAuthenticationSourceDecorator since when I'm creating a new user there won't be a valid user in the SecurityContext. The problem is that the AcegiAuthenticationSource blows up and the DefaultValuesAuthenticationSourceDecorator doesn't supply it's default values.

    Here are my bean definitions:

    Code:
      <bean id="acegiAuthenticationSource" class="org.springframework.ldap.support.authentication.AcegiAuthenticationSource"/>
    
      <bean id="authenticationSource" class="org.springframework.ldap.support.authentication.DefaultValuesAuthenticationSourceDecorator">
        <property name="target" ref="acegiAuthenticationSource"/>
        <property name="defaultUser" value="${ldap:bind.dn}"/>
        <property name="defaultPassword" value="${ldap:bind.pw}"/>
      </bean>
    
      <bean id="contextSource" class="org.springframework.ldap.support.LdapContextSource">
        <property name="url" value="${ldap:server.url}"/>
        <property name="base" value="${ldap:base.dn}"/>
        <property name="authenticationSource" ref="authenticationSource"/>
      </bean>
    
      <bean id="ldapTemplate" class="org.springframework.ldap.LdapTemplate">
        <constructor-arg ref="contextSource"/>
      </bean>
    And here is what it's producing:

    Code:
    java.lang.IllegalArgumentException: The principal property of the authentication
    object -needs to be a LdapUserDetails.
    	at org.springframework.ldap.support.authentication.AcegiAuthenticationSource.getPrincipal(AcegiAuthenticationSource.java:51)
    	at org.springframework.ldap.support.authentication.DefaultValuesAuthenticationSourceDecorator.getPrincipal(DefaultValuesAuthenticationSourceDecorator.java:96)
    I'm not sure what good the DefaultValuesAuthenticationSourceDecorator is if it doesn't supply it's values when there aren't already valid ones? Am I missing something?
    (*Chris*)

  • #2
    Some light

    It appears that the AcegiAuthenticationSource/DefaultValuesAuthenticationSourceDecorator combination is not compatible with the Acegi AnonymousProcessingFilter. It would seem that the correct thing to do is return an empty string if the Principal is anonymous, but instead the pair above just throw an exception.
    (*Chris*)

    Comment


    • #3
      Thanks for investigating this. Could you please post a JIRA issue about it? That would be most helpful.

      Comment

      Working...
      X