Upgrade to Spring Ldap 2.3.3.RELEASE

Closes gh-21342

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/ldap/LdapProperties.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2019 the original author or authors.
+ * Copyright 2012-2020 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -56,9 +56,10 @@ public class LdapProperties {
 	private String password;
 
 	/**
-	 * Whether read-only operations should use an anonymous environment.
+	 * Whether read-only operations should use an anonymous environment. Disabled by
+	 * default unless a username is set.
 	 */
-	private boolean anonymousReadOnly;
+	private Boolean anonymousReadOnly;
 
 	/**
 	 * LDAP specification settings.
@@ -97,11 +98,11 @@ public class LdapProperties {
 		this.password = password;
 	}
 
-	public boolean getAnonymousReadOnly() {
+	public Boolean getAnonymousReadOnly() {
 		return this.anonymousReadOnly;
 	}
 
-	public void setAnonymousReadOnly(boolean anonymousReadOnly) {
+	public void setAnonymousReadOnly(Boolean anonymousReadOnly) {
 		this.anonymousReadOnly = anonymousReadOnly;
 	}
 

spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/ldap/LdapAutoConfigurationTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2019 the original author or authors.
+ * Copyright 2012-2020 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -48,7 +48,7 @@ public class LdapAutoConfigurationTests {
 			LdapContextSource contextSource = context.getBean(LdapContextSource.class);
 			String[] urls = getUrls(contextSource);
 			assertThat(urls).containsExactly("ldap://localhost:389");
-			assertThat(contextSource.isAnonymousReadOnly()).isFalse();
+			assertThat(contextSource.isAnonymousReadOnly()).isTrue();
 		});
 	}
 
@@ -73,6 +73,15 @@ public class LdapAutoConfigurationTests {
 				});
 	}
 
+	@Test
+	public void contextSourceWithUserDoesNotEnableAnonymousReadOnly() {
+		this.contextRunner.withPropertyValues("spring.ldap.username:root").run((context) -> {
+			LdapContextSource contextSource = context.getBean(LdapContextSource.class);
+			assertThat(contextSource.getUserDn()).isEqualTo("root");
+			assertThat(contextSource.isAnonymousReadOnly()).isFalse();
+		});
+	}
+
 	@Test
 	public void contextSourceWithExtraCustomization() {
 		this.contextRunner.withPropertyValues("spring.ldap.urls:ldap://localhost:123", "spring.ldap.username:root",
@@ -96,7 +105,7 @@ public class LdapAutoConfigurationTests {
 			LdapContextSource contextSource = context.getBean(LdapContextSource.class);
 			assertThat(contextSource.getUserDn()).isEqualTo("");
 			assertThat(contextSource.getPassword()).isEqualTo("");
-			assertThat(contextSource.isAnonymousReadOnly()).isFalse();
+			assertThat(contextSource.isAnonymousReadOnly()).isTrue();
 			assertThat(contextSource.getBaseLdapPathAsString()).isEqualTo("");
 		});
 	}
@@ -113,7 +122,7 @@ public class LdapAutoConfigurationTests {
 			LdapContextSource contextSource = context.getBean(LdapContextSource.class);
 			String[] urls = getUrls(contextSource);
 			assertThat(urls).containsExactly("ldap://localhost:389");
-			assertThat(contextSource.isAnonymousReadOnly()).isFalse();
+			assertThat(contextSource.isAnonymousReadOnly()).isTrue();
 		});
 	}
 

spring-boot-project/spring-boot-dependencies/pom.xml

@@ -174,7 +174,7 @@
 		<spring-hateoas.version>0.25.2.RELEASE</spring-hateoas.version>
 		<spring-integration.version>5.1.10.RELEASE</spring-integration.version>
 		<spring-kafka.version>2.2.13.RELEASE</spring-kafka.version>
-		<spring-ldap.version>2.3.2.RELEASE</spring-ldap.version>
+		<spring-ldap.version>2.3.3.RELEASE</spring-ldap.version>
 		<spring-plugin.version>1.2.0.RELEASE</spring-plugin.version>
 		<spring-restdocs.version>2.0.4.RELEASE</spring-restdocs.version>
 		<spring-retry.version>1.2.5.RELEASE</spring-retry.version>