SEC-1036: Removed references to SpringSecurityContextSource

core/src/main/java/org/springframework/security/config/LdapConfigUtils.java

@@ -7,7 +7,7 @@ import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
 import org.springframework.beans.factory.support.BeanDefinitionRegistry;
 import org.springframework.beans.factory.support.RootBeanDefinition;
 import org.springframework.core.Ordered;
-import org.springframework.security.ldap.SpringSecurityContextSource;
+import org.springframework.ldap.core.support.BaseLdapPathContextSource;
 
 /**
  * @author Luke Taylor
@@ -27,16 +27,16 @@ class LdapConfigUtils {
         private boolean defaultNameRequired;
 
         public void postProcessBeanFactory(ConfigurableListableBeanFactory bf) throws BeansException {
-            String[] sources = bf.getBeanNamesForType(SpringSecurityContextSource.class);
+            String[] sources = bf.getBeanNamesForType(BaseLdapPathContextSource.class);
 
             if (sources.length == 0) {
-                throw new SecurityConfigurationException("No SpringSecurityContextSource instances found. Have you " +
+                throw new SecurityConfigurationException("No BaseLdapPathContextSource instances found. Have you " +
                         "added an <" + Elements.LDAP_SERVER + " /> element to your application context?");
             }
 
             if (!bf.containsBean(BeanIds.CONTEXT_SOURCE) && defaultNameRequired) {
                 if (sources.length > 1) {
-                    throw new SecurityConfigurationException("More than one SpringSecurityContextSource instance found. " +
+                    throw new SecurityConfigurationException("More than one BaseLdapPathContextSource instance found. " +
                             "Please specify a specific server id using the 'server-ref' attribute when configuring your <" +
                             Elements.LDAP_PROVIDER + "> " + "or <" + Elements.LDAP_USER_SERVICE + ">.");
                 }

core/src/main/java/org/springframework/security/ldap/DefaultSpringSecurityContextSource.java

@@ -1,39 +1,30 @@
 package org.springframework.security.ldap;
 
-import org.springframework.security.BadCredentialsException;
+import java.util.ArrayList;
-import org.springframework.security.SpringSecurityMessageSource;
+import java.util.StringTokenizer;
-import org.springframework.context.MessageSource;
-import org.springframework.context.MessageSourceAware;
-import org.springframework.context.support.MessageSourceAccessor;
-import org.springframework.ldap.core.support.LdapContextSource;
-import org.springframework.util.Assert;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-
+import org.springframework.ldap.core.support.LdapContextSource;
-import javax.naming.Context;
+import org.springframework.util.Assert;
-import javax.naming.directory.DirContext;
-import java.util.ArrayList;
-import java.util.Hashtable;
-import java.util.StringTokenizer;
 
 /**
- * SpringSecurityContextSource implementation which uses Spring LDAP's <tt>LdapContextSource</tt> as a base
+ * ContextSource implementation which uses Spring LDAP's <tt>LdapContextSource</tt> as a base
- * class. Intended as a replacement for <tt>DefaultInitialDirContextFactory</tt> from versions of the framework prior
+ * class. Used internally by the Spring Security LDAP namespace configuration.
- * to 2.0.
+ * <p>
+ * From Spring Security 2.5, Spring LDAP 1.3 is used and the <tt>ContextSource</tt> interface
+ * provides support for binding with a username and password. As a result, Spring LDAP <tt>ContextSource</tt>
+ * implementations such as <tt>LdapContextSource</tt> may be used directly with Spring Security.
  *
  * @author Luke Taylor
  * @version $Id$
  * @since 2.0
  */
-public class DefaultSpringSecurityContextSource extends LdapContextSource implements SpringSecurityContextSource,
+public class DefaultSpringSecurityContextSource extends LdapContextSource {
-        MessageSourceAware {
 
     private static final Log logger = LogFactory.getLog(DefaultSpringSecurityContextSource.class);
     private String rootDn;
 
-    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
-
     /**
      * Create and initialize an instance which will connect to the supplied LDAP URL.
      *
@@ -65,31 +56,4 @@ public class DefaultSpringSecurityContextSource extends LdapContextSource implem
         super.setUrls(urls.toArray(new String[urls.size()]));
         super.setBase(rootDn);
     }
-
-    @SuppressWarnings("unchecked")
-    public DirContext getReadWriteContext(String userDn, Object credentials) {
-        Hashtable env = new Hashtable(getAnonymousEnv());
-
-        env.put(Context.SECURITY_PRINCIPAL, userDn);
-        env.put(Context.SECURITY_CREDENTIALS, credentials);
-
-        if (logger.isDebugEnabled()) {
-            logger.debug("Creating context with principal: '" + userDn + "'");
-        }
-
-        try {
-            return createContext(env);
-        } catch (org.springframework.ldap.NamingException e) {
-            if ((e instanceof org.springframework.ldap.AuthenticationException)
-                    || (e instanceof org.springframework.ldap.OperationNotSupportedException)) {
-                throw new BadCredentialsException(
-                        messages.getMessage("DefaultSpringSecurityContextSource.badCredentials", "Bad credentials"), e);
-            }
-            throw e;
-        }
-    }
-
-    public void setMessageSource(MessageSource messageSource) {
-        this.messages = new MessageSourceAccessor(messageSource);
-    }
 }

core/src/main/java/org/springframework/security/providers/ldap/authenticator/BindAuthenticator.java

@@ -48,9 +48,9 @@ public class BindAuthenticator extends AbstractLdapAuthenticator {
     //~ Constructors ===================================================================================================
 
     /**
-     * Create an initialized instance using the {@link SpringSecurityContextSource} provided.
+     * Create an initialized instance using the {@link BaseLdapPathContextSource} provided.
      *
-     * @param contextSource the SpringSecurityContextSource instance against which bind operations will be
+     * @param contextSource the BaseLdapPathContextSource instance against which bind operations will be
      * performed.
      *
      */

core/src/test/java/org/springframework/security/config/LdapServerBeanDefinitionParserTests.java

@@ -1,12 +1,10 @@
 package org.springframework.security.config;
 
-import org.springframework.security.util.InMemoryXmlApplicationContext;
-import org.springframework.security.ldap.SpringSecurityContextSource;
-
-import org.springframework.ldap.core.LdapTemplate;
-
-import org.junit.Test;
 import org.junit.After;
+import org.junit.Test;
+import org.springframework.ldap.core.LdapTemplate;
+import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
+import org.springframework.security.util.InMemoryXmlApplicationContext;
 
 /**
  * @author Luke Taylor
@@ -27,7 +25,7 @@ public class LdapServerBeanDefinitionParserTests {
     public void embeddedServerCreationContainsExpectedContextSourceAndData() {
         appCtx = new InMemoryXmlApplicationContext("<ldap-server />");
 
-        SpringSecurityContextSource contextSource = (SpringSecurityContextSource) appCtx.getBean(BeanIds.CONTEXT_SOURCE);
+        DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) appCtx.getBean(BeanIds.CONTEXT_SOURCE);
 
         // Check data is loaded
         LdapTemplate template = new LdapTemplate(contextSource);
@@ -43,7 +41,7 @@ public class LdapServerBeanDefinitionParserTests {
         // Check the default context source is still there.
         appCtx.getBean(BeanIds.CONTEXT_SOURCE);
 
-        SpringSecurityContextSource contextSource = (SpringSecurityContextSource) appCtx.getBean("blah");
+        DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) appCtx.getBean("blah");
 
         // Check data is loaded as before
         LdapTemplate template = new LdapTemplate(contextSource);
@@ -54,7 +52,7 @@ public class LdapServerBeanDefinitionParserTests {
     public void loadingSpecificLdifFileIsSuccessful() {
         appCtx = new InMemoryXmlApplicationContext(
                 "<ldap-server ldif='classpath*:test-server2.xldif' root='dc=monkeymachine,dc=co,dc=uk' />");
-        SpringSecurityContextSource contextSource = (SpringSecurityContextSource) appCtx.getBean(BeanIds.CONTEXT_SOURCE);
+        DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) appCtx.getBean(BeanIds.CONTEXT_SOURCE);
 
         LdapTemplate template = new LdapTemplate(contextSource);
         template.lookup("uid=pg,ou=gorillas");