noavarice
commented
1 month ago Also you can't really modify doAuthenticate (e.g., if you need to use some information from your local database, such ability to lock user without using Active Directory)
Closed noavarice closed 2 weeks ago
noavarice
commented
1 month ago Also you can't really modify doAuthenticate (e.g., if you need to use some information from your local database, such ability to lock user without using Active Directory)
jzheaux
commented
2 weeks ago Thanks for the report, @noavarice. This was recently added in the 6.3 release as part of #4490, so please feel free to check it out and let me know if any improvements are needed. For now, I'll close this as a duplicate of that.
Expected Behavior You can change
ActiveDirectoryLdapAuthenticationProvider'sloadUserAuthoritiesbehavior somehow (by extending the class or, probably more cleanly, with some delegate component).Current Behavior
ActiveDirectoryLdapAuthenticationProvideris final so you cannot extend it, andloadUserAuthoritiesmethod does not use delegate components, so you cannot change method's behavior.Context It would be handy to have plain LDAP group DN's as authority values, rather than CN only.