Jürgen Failenschmid (Migrated from SEC-986) said:
During the course of implementing support for password policy request/response controls, I had to extend BindAuthenticator. An extension of LdapTemplate needed to be used in method bindWithDn(String, String, String).
Method bindWithDn() is private, and the template cannot be injected, so currently I had to unnecessarily create a copy of the authenticate method, a copy of the inner class BindWithSpecificDnContextSource, and a modified copy of method bindWithDn.
If the LdapTemplate was injected as a bean dependency, then the class BindAuthenticator could be easily extended – only handleBindException needs to be special.
At least, method bindWithDn and the inner class should be made visible to subclasses.
Luke Taylor said:
Following the upgrade to Spring LDAP 1.3, BindAuthenticator no longer uses a template but calls the new method on the ContextSource interface directly to authenticate. So none of the above changes apply any more. I don’t want to expose this kind of internal implementation detail in any case as it allows us more flexibility for maintenance during minor releases if such details are kept private. If you want to customize the behaviour you can extend AbstractLdapAuthenticator or implement the LdapAuthenticator interface directly.