DakoR (Migrated from SEC-1037) said:
In order to allow localisation and personnal messages’ definition org.springframework.security.providers.ldap.LdapAuthenticationProvider should implement org.springframework.context.MessageSourceAware.
At this time it’s not the case, so it is impossible to modify messages and use messages’ localisation for this object (see §6.1 in spring security documentation [http://static.springsource.org/spring-security/site/reference/html/supporting-infrastructure.html#localization]).
By the way this object also doesn’t implement org.springframework.beans.factory.InitializingBean.
Luke Taylor said:
OK. We can certainly add that for customization (though it does already provide for i18n through use of the SpringSecurityMessageSource).
Why do you think we need to implement InitializingBean here?
according to the InitializingBean documentation: “Interface to be implemented by beans that need to react once all their properties have been set by a BeanFactory: for example, to perform custom initialization, or merely to check that all mandatory properties have been set.”
I think that LdapAutenticationProvider matches these criterias.
It doesn’t need any custom initialization and it isn’t possible to create an instance without setting the necessary properties, so implementing InitializingBean would be superfluous – what would go in the afterPropertiesSet() method?
ok for this, as you say, it’s not possible to create an instance without setting the necessary properties, so InitializingBean is not mandatory.
In fact, I sugested this after studying other providers source wich are similar (eg org.springframework.security.providers.dao.AbstractUserDetailsAuthenticationProvider).