From e7de8a471007caf210432bc888e457925163d357 Mon Sep 17 00:00:00 2001 From: leestana01 Date: Sat, 6 Jun 2026 01:18:46 +0900 Subject: [PATCH] Embedded LDAP SSL should not be enabled when its bundle is empty EmbeddedLdapProperties.Ssl.isEnabled() derived enablement from this.bundle != null, so it returned true even when the bundle was overridden to an empty string. Use StringUtils.hasText(this.bundle) to align with the other SSL properties classes (Cassandra, Couchbase, MongoDB, Redis, RabbitMQ) and the documented "enabled automatically if 'bundle' is provided" behavior. Signed-off-by: leestana01 --- .../autoconfigure/embedded/EmbeddedLdapProperties.java | 3 ++- .../embedded/EmbeddedLdapAutoConfigurationTests.java | 7 +++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/module/spring-boot-ldap/src/main/java/org/springframework/boot/ldap/autoconfigure/embedded/EmbeddedLdapProperties.java b/module/spring-boot-ldap/src/main/java/org/springframework/boot/ldap/autoconfigure/embedded/EmbeddedLdapProperties.java index f3a7303ee08a..c361ed7592d0 100644 --- a/module/spring-boot-ldap/src/main/java/org/springframework/boot/ldap/autoconfigure/embedded/EmbeddedLdapProperties.java +++ b/module/spring-boot-ldap/src/main/java/org/springframework/boot/ldap/autoconfigure/embedded/EmbeddedLdapProperties.java @@ -24,6 +24,7 @@ import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.convert.Delimiter; import org.springframework.core.io.Resource; +import org.springframework.util.StringUtils; /** * Configuration properties for Embedded LDAP. @@ -150,7 +151,7 @@ public static class Ssl { private @Nullable String bundle; public boolean isEnabled() { - return (this.enabled != null) ? this.enabled : this.bundle != null; + return (this.enabled != null) ? this.enabled : StringUtils.hasText(this.bundle); } public void setEnabled(boolean enabled) { diff --git a/module/spring-boot-ldap/src/test/java/org/springframework/boot/ldap/autoconfigure/embedded/EmbeddedLdapAutoConfigurationTests.java b/module/spring-boot-ldap/src/test/java/org/springframework/boot/ldap/autoconfigure/embedded/EmbeddedLdapAutoConfigurationTests.java index 9830effb7abc..f25a153d33b9 100644 --- a/module/spring-boot-ldap/src/test/java/org/springframework/boot/ldap/autoconfigure/embedded/EmbeddedLdapAutoConfigurationTests.java +++ b/module/spring-boot-ldap/src/test/java/org/springframework/boot/ldap/autoconfigure/embedded/EmbeddedLdapAutoConfigurationTests.java @@ -411,6 +411,13 @@ void whenInvalidSslBundleIsConfiguredThenStartFails() { }); } + @Test + void sslIsNotEnabledWhenBundleIsEmpty() { + EmbeddedLdapProperties properties = new EmbeddedLdapProperties(); + properties.getSsl().setBundle(""); + assertThat(properties.getSsl().isEnabled()).isFalse(); + } + @Configuration(proxyBeanMethods = false) static class LdapClientConfiguration {