Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-986: BindAuthenticator makes it cumbersome to override its behavior (bindWithDn, BindWithSpecificDnContextSource, LdapTemplate) #1238

spring-issuemaster opened this Issue Sep 24, 2008 · 1 comment


None yet
1 participant

Jürgen Failenschmid(Migrated from SEC-986) said:

During the course of implementing support for password policy request/response controls, I had to extend BindAuthenticator. An extension of LdapTemplate needed to be used in method bindWithDn(String, String, String).

Method bindWithDn() is private, and the template cannot be injected, so currently I had to unnecessarily create a copy of the authenticate method, a copy of the inner class BindWithSpecificDnContextSource, and a modified copy of method bindWithDn.

If the LdapTemplate was injected as a bean dependency, then the class BindAuthenticator could be easily extended – only handleBindException needs to be special.

At least, method bindWithDn and the inner class should be made visible to subclasses.

Luke Taylor said:

Following the upgrade to Spring LDAP 1.3, BindAuthenticator no longer uses a template but calls the new method on the ContextSource interface directly to authenticate. So none of the above changes apply any more. I don’t want to expose this kind of internal implementation detail in any case as it allows us more flexibility for maintenance during minor releases if such details are kept private. If you want to customize the behaviour you can extend AbstractLdapAuthenticator or implement the LdapAuthenticator interface directly.

@spring-issuemaster spring-issuemaster added this to the 3.0.0 M1 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment