SEC-992: SpringSecurityLdapTemplate: clearing the returningObjFlag of SearchControls contradicts contract with LdapTemplate

[spring-projects-issues]

["Jürgen Failenschmid":https://jira.spring.io/secure/ViewProfile.jspa?name=jfai](Migrated from ["SEC-992":https://jira.spring.io/browse/SEC-992?redirect=false]) said:

In method searchForSingleAttributeValues(String, String, Object[], String) of class SpringSecurityLdapTemplate, on line 168, there is this call:

ctls.setReturningObjFlag(false);

Then the search(String, String, Object[], String) method is called with a context mapper, which implies that returnObj must be true in SearchControls. LdapTemplate checks the returningObjFlag state, and if it is false, sets it to true. It also emits an INFO log entry about the inconsistency.

The documentation of class SearchControls states for the controls argument:

"The SearchControls to use in the search. If the * returnObjFlag is not set in the SearchControls, * this method will set it automatically, as this is required for * the ContextMapper to work. "

Setting the returningObjFlag to false is at best superfluous, at worst some behavior of the search is desired, which cannot be achieved this way.

[spring-projects-issues]

["Luke Taylor":https://jira.spring.io/secure/ViewProfile.jspa?name=luke] said:

Thanks. I've made the change as suggested (removing the setReturnObjFlag(false)). Not sure why it was there to start with.