From 96a93189c369f747a7fa2c9d7e94411cdfddc2ff Mon Sep 17 00:00:00 2001 From: "blake.qiu" <46370663+Bo-Qiu@users.noreply.github.com> Date: Wed, 24 Jul 2024 14:50:49 +0800 Subject: [PATCH] feat(#12405): The LDAP default password is a fixed value 'nacos' and cannot be customized. (#12406) --- .../nacos/plugin/auth/impl/LdapAuthenticationProvider.java | 5 ++--- .../nacos/plugin/auth/impl/constant/AuthConstants.java | 7 ++----- .../plugin/auth/impl/LdapAuthenticationProviderTest.java | 2 +- 3 files changed, 5 insertions(+), 9 deletions(-) diff --git a/plugin-default-impl/nacos-default-auth-plugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/LdapAuthenticationProvider.java b/plugin-default-impl/nacos-default-auth-plugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/LdapAuthenticationProvider.java index 6db396bac..d2fa4b07b 100644 --- a/plugin-default-impl/nacos-default-auth-plugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/LdapAuthenticationProvider.java +++ b/plugin-default-impl/nacos-default-auth-plugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/LdapAuthenticationProvider.java @@ -94,11 +94,10 @@ public class LdapAuthenticationProvider implements AuthenticationProvider { try { userDetails = userDetailsService.loadUserByUsername(AuthConstants.LDAP_PREFIX + username); } catch (UsernameNotFoundException exception) { - String nacosPassword = PasswordEncoderUtil.encode(AuthConstants.LDAP_DEFAULT_PASSWORD); - userDetailsService.createUser(AuthConstants.LDAP_PREFIX + username, nacosPassword); + userDetailsService.createUser(AuthConstants.LDAP_PREFIX + username, AuthConstants.LDAP_DEFAULT_ENCODED_PASSWORD); User user = new User(); user.setUsername(AuthConstants.LDAP_PREFIX + username); - user.setPassword(nacosPassword); + user.setPassword(AuthConstants.LDAP_DEFAULT_ENCODED_PASSWORD); userDetails = new NacosUserDetails(user); } return new UsernamePasswordAuthenticationToken(userDetails, password, userDetails.getAuthorities()); diff --git a/plugin-default-impl/nacos-default-auth-plugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/constant/AuthConstants.java b/plugin-default-impl/nacos-default-auth-plugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/constant/AuthConstants.java index 90664d65e..56d6dd75a 100644 --- a/plugin-default-impl/nacos-default-auth-plugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/constant/AuthConstants.java +++ b/plugin-default-impl/nacos-default-auth-plugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/constant/AuthConstants.java @@ -73,11 +73,8 @@ public class AuthConstants { * LDAP Ignore partial result exception. */ public static final String NACOS_CORE_AUTH_IGNORE_PARTIAL_RESULT_EXCEPTION = "nacos.core.auth.ldap.ignore.partial.result.exception"; - - @Deprecated - public static final String LDAP_DEFAULT_PASSWORD = "nacos"; - - public static final String LDAP_DEFAULT_ENCODED_PASSWORD = PasswordEncoderUtil.encode(LDAP_DEFAULT_PASSWORD); + + public static final String LDAP_DEFAULT_ENCODED_PASSWORD = PasswordEncoderUtil.encode(System.getProperty("ldap.default.password", "nacos")); public static final String LDAP_PREFIX = "LDAP_"; } diff --git a/plugin-default-impl/nacos-default-auth-plugin/src/test/java/com/alibaba/nacos/plugin/auth/impl/LdapAuthenticationProviderTest.java b/plugin-default-impl/nacos-default-auth-plugin/src/test/java/com/alibaba/nacos/plugin/auth/impl/LdapAuthenticationProviderTest.java index e823f143e..0b2723849 100644 --- a/plugin-default-impl/nacos-default-auth-plugin/src/test/java/com/alibaba/nacos/plugin/auth/impl/LdapAuthenticationProviderTest.java +++ b/plugin-default-impl/nacos-default-auth-plugin/src/test/java/com/alibaba/nacos/plugin/auth/impl/LdapAuthenticationProviderTest.java @@ -81,7 +81,7 @@ class LdapAuthenticationProviderTest { private List roleInfos = new ArrayList<>(); - private String defaultPassWord = "nacos"; + private String defaultPassWord = System.getProperty("ldap.default.password", "nacos"); @BeforeEach void setUp() throws NoSuchMethodException {