Spring Security Allow authorities loading customization in ActiveDirectoryLdapAuthenticationProvider

Expected Behavior You can change ActiveDirectoryLdapAuthenticationProvider's loadUserAuthorities behavior somehow (by extending the class or, probably more cleanly, with some delegate component).

Current Behavior ActiveDirectoryLdapAuthenticationProvider is final so you cannot extend it, and loadUserAuthorities method does not use delegate components, so you cannot change method's behavior.

Context It would be handy to have plain LDAP group DN's as authority values, rather than CN only.

Comment From: noavarice

Also you can't really modify doAuthenticate (e.g., if you need to use some information from your local database, such ability to lock user without using Active Directory)

Comment From: jzheaux

Thanks for the report, @noavarice. This was recently added in the 6.3 release as part of #4490, so please feel free to check it out and let me know if any improvements are needed. For now, I'll close this as a duplicate of that.