Yale Madden (Migrated from SEC-1877) said:
The rolePrefix member of LdapUserDetailsManager defaults to "ROLE_." This forces me to use this default rolePrefix throughout my application. Otherwise, convertAuthorityToGroup does not remove my rolePrefix and calls to createUser and updateUser return the following error:
javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'cn=myprefix_user,ou=groups' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source) at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source) at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source) at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(Unknown Source) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(Unknown Source) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(Unknown Source) at javax.naming.directory.InitialDirContext.modifyAttributes(Unknown Source) at org.springframework.security.ldap.userdetails.LdapUserDetailsManager$5.executeWithContext(LdapUserDetailsManager.java:331) at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:807) at org.springframework.ldap.core.LdapTemplate.executeReadWrite(LdapTemplate.java:802) at org.springframework.security.ldap.userdetails.LdapUserDetailsManager.modifyAuthorities(LdapUserDetailsManager.java:323) at org.springframework.security.ldap.userdetails.LdapUserDetailsManager.addAuthorities(LdapUserDetailsManager.java:315) at org.springframework.security.ldap.userdetails.LdapUserDetailsManager.updateUser(LdapUserDetailsManager.java:274)
Please provide a public setter for the rolePrefix member.
Comment From: sodrac
Hi @rwinch, I would like to work on this if the issue is still available.
Comment From: sodrac
Hi @rwinch, any update regarding this ticket? Thanks!
Comment From: jzheaux
Closed in favor of https://github.com/spring-projects/spring-security/pull/14574