We have a home grown authentication provider that uses LDAP and we discourage people from using LDAP directly. It is not possible that we retrieve the password from LDAP and populate the UserDetailsImpl with it so that the Authentication provider can compare the password to what the user supplied and see if its a match. We wanted this to work the same way as how acegi uses the BindAuthentication with LDAP. Is there a way that we can tell acegi not to compare the passwords since the custom authentication provider does this work for us ? Thanks for all the responses
The Acegi LDAP provider stores the submitted password in the UserDetails object (it doens't attempt to retrieve it from the directory). This is to make sure it works with a cache configured - the base class makes this necessary. In 2.0 th LdapAuthenticatioProvider no longer extends AbstractUserDetailsAuthenticationProvider.
If you are just implementing AuthenticationProvider directly then I'm not quite sure what your question is. There shouldn't be any need for a password comparison.
Post at 2011-4-15 14:29
| This Author's Posts Only
