I've recently become acquainted with the Acegi Security System for Spring.
Very nice work. I appreciate the helpful documentation and sample apps.
I have found the sandbox LdapPasswordAuthenticationDao to be quite useful
as well. It would be very helpful if the getGrantedAuthority method
actually implemented the conversion logic advertised in the javadoc: "If
found in the LDAP role, the following characters are converted to
underscore: ',' (comma), '=' (equals), ' ' (space)."
If you change line 445 (from the 2005-04-13_070009 snapshot) from
String roleName = rolePrefix + ldapRole.toUpperCase() + roleSuffix;
to
String roleName = rolePrefix + ldapRole.toUpperCase().replaceAll("[,=
]", "_") + roleSuffix;
Then that should do it.
Also, should you choose to make this change, the following test case method
should prove it out.
public void testGetGrantedAuthorityString() {
LdapPasswordAuthenticationDao uut = new
LdapPasswordAuthenticationDao();
String[] test = {
"ROLE ABC DEF", "ROLE ABC,DEF", "ROLE ABC=DEF", "ROLE
ABC_DEF",
"ROLE,ABC DEF", "ROLE,ABC,DEF", "ROLE,ABC=DEF",
"ROLE,ABC_DEF",
"ROLE=ABC DEF", "ROLE=ABC,DEF", "ROLE=ABC=DEF",
"ROLE=ABC_DEF",
"ROLE_ABC DEF", "ROLE_ABC,DEF", "ROLE_ABC=DEF",
"ROLE_ABC_DEF",
};
final String expected = "ROLE_ABC_DEF";
for (int i = 0; i < test.length; i++) {
assertEquals("Unexpected granted authority name.", expected,
uut.getGrantedAuthority(test[i]).getAuthority());
}
}
Thanks,
Matt DeHoust
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
