Remove compiler warnings in spring-security-ldap

ldap/spring-security-ldap.gradle

@@ -1,5 +1,6 @@
 apply plugin: 'io.spring.convention.spring-module'
 apply plugin: 'javadoc-warnings-error'
+apply plugin: 'compile-warnings-error'
 
 dependencies {
 	management platform(project(":spring-security-dependencies"))

ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java

@@ -68,6 +68,7 @@ public void constructorWhenUrlEncodedSpacesWithPlusCharacterThenBaseDnIsProperly
 	}
 
 	@Test
+	@SuppressWarnings({ "unchecked", "rawtypes" })
 	public void poolingFlagIsSetWhenAuthenticationDnMatchesManagerUserDn() {
 		EnvExposingDefaultSpringSecurityContextSource ctxSrc = new EnvExposingDefaultSpringSecurityContextSource(
 				"ldap://blah:789/dc=springframework,dc=org");
@@ -79,6 +80,7 @@ public void poolingFlagIsSetWhenAuthenticationDnMatchesManagerUserDn() {
 	}
 
 	@Test
+	@SuppressWarnings({ "unchecked", "rawtypes" })
 	public void poolingFlagIsNotSetWhenAuthenticationDnIsNotManagerUserDn() {
 		EnvExposingDefaultSpringSecurityContextSource ctxSrc = new EnvExposingDefaultSpringSecurityContextSource(
 				"ldap://blah:789/dc=springframework,dc=org");
@@ -170,13 +172,13 @@ public void instantiationFailsWithIncorrectServerUrl() {
 			.isThrownBy(() -> new DefaultSpringSecurityContextSource(serverUrls, "dc=springframework,dc=org"));
 	}
 
+	@SuppressWarnings({ "unchecked", "rawtypes" })
 	static class EnvExposingDefaultSpringSecurityContextSource extends DefaultSpringSecurityContextSource {
 
 		EnvExposingDefaultSpringSecurityContextSource(String providerUrl) {
 			super(providerUrl);
 		}
 
-		@SuppressWarnings("unchecked")
 		Hashtable getAuthenticatedEnvForTest(String userDn, String password) {
 			return getAuthenticatedEnv(userDn, password);
 		}

ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateITests.java

@@ -89,6 +89,7 @@ public void compareOfWrongValueFails() {
 	// }
 
 	@Test
+	@SuppressWarnings("unchecked")
 	public void namingExceptionIsTranslatedCorrectly() {
 		assertThatExceptionOfType(UncategorizedLdapException.class)
 			.isThrownBy(() -> this.template.executeReadOnly((ContextExecutor) (dirContext) -> {

ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java

@@ -47,6 +47,7 @@
  */
 @ExtendWith(SpringExtension.class)
 @ContextConfiguration(classes = UnboundIdContainerConfig.class)
+@SuppressWarnings("deprecation")
 public class PasswordComparisonAuthenticatorTests {
 
 	@Autowired

ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorGetGrantedAuthoritiesTests.java

@@ -57,6 +57,7 @@ public void setUp() {
 	}
 
 	@Test
+	@SuppressWarnings("deprecation")
 	public void groupSearchDoesNotAllowNullRoles() {
 		this.populator.setRolePrefix("ROLE_");
 		this.populator.setGroupRoleAttribute("ou");

ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/NestedLdapAuthoritiesPopulatorTests.java

@@ -116,6 +116,7 @@ public void testGroovyDudeJDevelopersAuthorities() {
 	}
 
 	@Test
+	@SuppressWarnings("unchecked")
 	public void testClosureDudeJDevelopersWithMembershipAsAttributeValues() {
 		this.populator.setAttributeNames(new HashSet(Arrays.asList("member")));
 

ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticationProvider.java

@@ -21,11 +21,11 @@
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.jspecify.annotations.NonNull;
 
 import org.springframework.context.MessageSource;
 import org.springframework.context.MessageSourceAware;
 import org.springframework.context.support.MessageSourceAccessor;
-import org.springframework.lang.NonNull;
 import org.springframework.ldap.core.DirContextOperations;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.BadCredentialsException;

ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java

@@ -21,11 +21,12 @@
 import java.util.Collections;
 import java.util.List;
 
+import org.jspecify.annotations.NonNull;
+
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.context.MessageSource;
 import org.springframework.context.MessageSourceAware;
 import org.springframework.context.support.MessageSourceAccessor;
-import org.springframework.lang.NonNull;
 import org.springframework.ldap.core.ContextSource;
 import org.springframework.security.core.SpringSecurityMessageSource;
 import org.springframework.security.ldap.search.LdapUserSearch;

ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java

@@ -52,14 +52,27 @@ public final class PasswordComparisonAuthenticator extends AbstractLdapAuthentic
 
 	private static final Log logger = LogFactory.getLog(PasswordComparisonAuthenticator.class);
 
-	private PasswordEncoder passwordEncoder = new LdapShaPasswordEncoder(KeyGenerators.shared(0));
+	private PasswordEncoder passwordEncoder;
 
 	private String passwordAttributeName = "userPassword";
 
 	private boolean usePasswordAttrCompare = false;
 
+	/**
+	 * @deprecated Use
+	 * {@link #PasswordComparisonAuthenticator(BaseLdapPathContextSource, PasswordEncoder)}
+	 * instead
+	 */
+	@Deprecated(since = "7.1")
+	@SuppressWarnings("deprecation")
 	public PasswordComparisonAuthenticator(BaseLdapPathContextSource contextSource) {
+		this(contextSource, new LdapShaPasswordEncoder(KeyGenerators.shared(0)));
+	}
+
+	public PasswordComparisonAuthenticator(BaseLdapPathContextSource contextSource, PasswordEncoder passwordEncoder) {
 		super(contextSource);
+		Assert.notNull(passwordEncoder, "passwordEncoder must not be null");
+		this.passwordEncoder = passwordEncoder;
 	}
 
 	@Override

ldap/src/main/java/org/springframework/security/ldap/server/UnboundIdContainer.java

@@ -25,6 +25,7 @@
 import com.unboundid.ldap.sdk.Entry;
 import com.unboundid.ldap.sdk.LDAPException;
 import com.unboundid.ldif.LDIFReader;
+import org.jspecify.annotations.NonNull;
 
 import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.DisposableBean;
@@ -34,7 +35,6 @@
 import org.springframework.context.ConfigurableApplicationContext;
 import org.springframework.context.Lifecycle;
 import org.springframework.core.io.Resource;
-import org.springframework.lang.NonNull;
 import org.springframework.util.StringUtils;
 
 /**

ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java

@@ -369,6 +369,7 @@ public void setGroupMemberAttributeName(String groupMemberAttributeName) {
 		this.groupSearchFilter = "(" + groupMemberAttributeName + "={0})";
 	}
 
+	@SuppressWarnings("unchecked")
 	public void setRoleMapper(AttributesMapper roleMapper) {
 		this.roleMapper = roleMapper;
 	}

ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java

@@ -35,9 +35,11 @@
 /**
  * @author Luke Taylor
  */
+@SuppressWarnings("deprecation")
 public class PasswordComparisonAuthenticatorMockTests {
 
 	@Test
+	@SuppressWarnings("unchecked")
 	public void ldapCompareOperationIsUsedWhenPasswordIsNotRetrieved() throws Exception {
 		final DirContext dirCtx = mock(DirContext.class);
 		final BaseLdapPathContextSource source = mock(BaseLdapPathContextSource.class);

ldap/src/test/java/org/springframework/security/ldap/userdetails/UserDetailsServiceLdapAuthoritiesPopulatorTests.java

@@ -38,6 +38,7 @@
 public class UserDetailsServiceLdapAuthoritiesPopulatorTests {
 
 	@Test
+	@SuppressWarnings("unchecked")
 	public void delegationToUserDetailsServiceReturnsCorrectRoles() {
 		UserDetailsService uds = mock(UserDetailsService.class);
 		UserDetails user = mock(UserDetails.class);