private void getAllRoles( final DirContextOperations user, final String userDn, final List<GrantedAuthority> result, final String userName, DirContext ctx) { Set<GrantedAuthority> roles = getGroupMembershipRoles(ctx, userDn, userName); Set<GrantedAuthority> extraRoles = getAdditionalRoles(ctx, user, userName); if (extraRoles != null) { roles.addAll(extraRoles); } if (defaultRole != null) { roles.add(defaultRole); } result.addAll(roles); } }
/** * Obtains the authorities for the user who's directory entry is represented by the supplied * LdapUserDetails object. * * @param user the user who's authorities are required (or user:password to be used to bind to * ldap server prior to the search operations). * @return the set of roles granted to the user. */ public final Collection<GrantedAuthority> getGrantedAuthorities( final DirContextOperations user, final String username) { return getGrantedAuthorities(user, username, null); }
new BindingLdapAuthoritiesPopulator( ldapContext, ldapConfig.getGroupSearchBase()); if (ldapConfig.getGroupSearchFilter() != null) { ((BindingLdapAuthoritiesPopulator) authPopulator) .setGroupSearchFilter(ldapConfig.getGroupSearchFilter());
public Set<GrantedAuthority> getGroupMembershipRoles( final DirContext ctx, String userDn, String username) { if (getGroupSearchBase() == null) { return new HashSet<GrantedAuthority>(); + groupSearchFilter + " in search base '" + getGroupSearchBase() + "'"); Set<String> userRoles = authTemplate.searchForSingleAttributeValues( getGroupSearchBase(), groupSearchFilter, new String[] {userDn, username},
getAllRoles(user, userDn, result, username, null);
/** * We need to give authoritiesPopulator both username and password, so * it can bind to the LDAP server. */ @Override protected Collection<? extends GrantedAuthority> loadUserAuthorities( DirContextOperations userData, String username, String password) { return ((BindingLdapAuthoritiesPopulator) getAuthoritiesPopulator()) .getGrantedAuthorities(userData, username, password); } };