feat(#12405): The LDAP default password is a fixed value 'nacos' and …

…cannot be customized. (#12406)
alibaba · Jul 24, 2024 · 96a9318 · 96a9318
1 parent fbfa39d
commit 96a9318
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 9 deletions.
diff --git a/...h-plugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/LdapAuthenticationProvider.java b/...h-plugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/LdapAuthenticationProvider.java
@@ -94,11 +94,10 @@ public Authentication authenticate(Authentication authentication) throws Authent
         try {
             userDetails = userDetailsService.loadUserByUsername(AuthConstants.LDAP_PREFIX + username);
         } catch (UsernameNotFoundException exception) {
-            String nacosPassword = PasswordEncoderUtil.encode(AuthConstants.LDAP_DEFAULT_PASSWORD);
-            userDetailsService.createUser(AuthConstants.LDAP_PREFIX + username, nacosPassword);
+            userDetailsService.createUser(AuthConstants.LDAP_PREFIX + username, AuthConstants.LDAP_DEFAULT_ENCODED_PASSWORD);
             User user = new User();
             user.setUsername(AuthConstants.LDAP_PREFIX + username);
-            user.setPassword(nacosPassword);
+            user.setPassword(AuthConstants.LDAP_DEFAULT_ENCODED_PASSWORD);
             userDetails = new NacosUserDetails(user);
         }
         return new UsernamePasswordAuthenticationToken(userDetails, password, userDetails.getAuthorities());

diff --git a/...-auth-plugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/constant/AuthConstants.java b/...-auth-plugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/constant/AuthConstants.java
@@ -73,11 +73,8 @@ public class AuthConstants {
      * LDAP Ignore partial result exception.
      */
     public static final String NACOS_CORE_AUTH_IGNORE_PARTIAL_RESULT_EXCEPTION = "nacos.core.auth.ldap.ignore.partial.result.exception";
-
-    @Deprecated
-    public static final String LDAP_DEFAULT_PASSWORD = "nacos";
-
-    public static final String LDAP_DEFAULT_ENCODED_PASSWORD = PasswordEncoderUtil.encode(LDAP_DEFAULT_PASSWORD);
+
+    public static final String LDAP_DEFAULT_ENCODED_PASSWORD = PasswordEncoderUtil.encode(System.getProperty("ldap.default.password", "nacos"));
 
     public static final String LDAP_PREFIX = "LDAP_";
 }
diff --git a/...ugin/src/test/java/com/alibaba/nacos/plugin/auth/impl/LdapAuthenticationProviderTest.java b/...ugin/src/test/java/com/alibaba/nacos/plugin/auth/impl/LdapAuthenticationProviderTest.java
@@ -81,7 +81,7 @@ class LdapAuthenticationProviderTest {
 
     private List<RoleInfo> roleInfos = new ArrayList<>();
 
-    private String defaultPassWord = "nacos";
+    private String defaultPassWord = System.getProperty("ldap.default.password", "nacos");
 
     @BeforeEach
     void setUp() throws NoSuchMethodException {