Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-1037: LdapAuthenticationProvider doesn't support messageSource updates/modifications #1288

spring-issuemaster opened this Issue Nov 25, 2008 · 4 comments


None yet
1 participant
from SEC-1037) said:

In order to allow localisation and personnal messages’ definition org.springframework.security.providers.ldap.LdapAuthenticationProvider should implement org.springframework.context.MessageSourceAware.

At this time it’s not the case, so it is impossible to modify messages and use messages’ localisation for this object (see §6.1 in spring security documentation [http://static.springsource.org/spring-security/site/reference/html/supporting-infrastructure.html#localization]).

By the way this object also doesn’t implement org.springframework.beans.factory.InitializingBean.

Luke Taylor said:

OK. We can certainly add that for customization (though it does already provide for i18n through use of the SpringSecurityMessageSource).

Why do you think we need to implement InitializingBean here?

DakoR said:

according to the InitializingBean documentation: “Interface to be implemented by beans that need to react once all their properties have been set by a BeanFactory: for example, to perform custom initialization, or merely to check that all mandatory properties have been set.”

I think that LdapAutenticationProvider matches these criterias.

Luke Taylor said:

It doesn’t need any custom initialization and it isn’t possible to create an instance without setting the necessary properties, so implementing InitializingBean would be superfluous – what would go in the afterPropertiesSet() method?

DakoR said:

ok for this, as you say, it’s not possible to create an instance without setting the necessary properties, so InitializingBean is not mandatory.

In fact, I sugested this after studying other providers source wich are similar (eg org.springframework.security.providers.dao.AbstractUserDetailsAuthenticationProvider).

@spring-issuemaster spring-issuemaster added this to the 3.0.0 M1 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment