This is an automated email from the ASF dual-hosted git repository. heneveld pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/brooklyn-server.git
The following commit(s) were added to refs/heads/master by this push: new c78ac86 ldap enhancement c78ac86 is described below commit c78ac86470d845d68b91a79b2afb2ae400f118a2 Author: Alex Heneveld <alex.henev...@cloudsoftcorp.com> AuthorDate: Tue Nov 24 20:47:22 2020 +0000 ldap enhancement --- .../brooklyn/rest/security/provider/LdapSecurityProvider.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/provider/LdapSecurityProvider.java b/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/provider/LdapSecurityProvider.java index 1421222..52a9674 100644 --- a/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/provider/LdapSecurityProvider.java +++ b/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/provider/LdapSecurityProvider.java @@ -85,6 +85,11 @@ public class LdapSecurityProvider extends AbstractSecurityProvider implements Se if (user==null) return false; checkCanLoad(); + if (Strings.isBlank(pass)) { + // InitialDirContext doesn't do authentication if no password is supplied! + return false; + } + Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, ldapUrl); @@ -93,7 +98,7 @@ public class LdapSecurityProvider extends AbstractSecurityProvider implements Se env.put(Context.SECURITY_CREDENTIALS, pass); try { - new InitialDirContext(env); + new InitialDirContext(env); // will throw if password is invalid return allow(sessionSupplierOnSuccess.get(), user); } catch (NamingException e) { return false;