SEC-1818: BindAuthenticator and AbstractLdapAuthenticator improvement #2048
Description
Mikhail Mazursky (Migrated from SEC-1818) said:
I'm using bind authenticator and i want to format userDn not only based on username but also on some other attribute(s) of Authentication. Right now i have two options:
- copy the entire AbstractLdapAuthenticator and BindAuthenticator sources into custom class and implement the logic;
- use a workaround-like code with synchronization to avoid data race which lowers potential throughput:
public class CustomLdapAuthenticator extends BindAuthenticator {
...
@Override
public DirContextOperations authenticate(Authentication authentication) {
// Some logic to create custom userDnPattern based on authentication
String userDnPattern = ...;
synchronized (this) {
setUserDnPatterns(new String[] { userDnPattern });
return super.authenticate(authentication);
}
}
...
}To improve this situation i propose to change the argument of AbstractLdapAuthenticator.getUserDns() from String username to Authentication authentication so one will have to override only this method.
p.s. Also i'm not sure why there is "synchronized (userDnFormat)" in this method. What's it protecting from?
p.p.s It would be nice to have a getter for userDnFormat field.
Related gh-9745