Implement customization of rolePrefix in LdapUserDetailsManager

Haarolean · Haarolean · commit ddfb9c51f590 · 2024-02-10T12:51:52.000+07:00
diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -104,7 +104,7 @@ public class LdapUserDetailsManager implements UserDetailsManager {
 	/** The attribute which contains members of a group */
 	private String groupMemberAttributeName = "uniquemember";
 
-	private final String rolePrefix = "ROLE_";
+	private String rolePrefix = "ROLE_";
 
 	/** The pattern to be used for the user search. {0} is the user's DN */
 	private String groupSearchFilter = "(uniquemember={0})";
@@ -403,6 +403,15 @@ public void setSecurityContextHolderStrategy(SecurityContextHolderStrategy secur
 		this.securityContextHolderStrategy = securityContextHolderStrategy;
 	}
 
+	/**
+	 * Sets the role prefix used when converting authorities. The default value is "ROLE_"
+	 * @param rolePrefix role prefix
+	 * @since 6.3
+	 */
+	public void setRolePrefix(String rolePrefix) {
+		this.rolePrefix = rolePrefix;
+	}
+
 	private void changePasswordUsingAttributeModification(DistinguishedName userDn, String oldPassword,
 			String newPassword) {
 		ModificationItem[] passwordChange = new ModificationItem[] { new ModificationItem(DirContext.REPLACE_ATTRIBUTE,
