diff --git a/ldap/spring-security-ldap.gradle b/ldap/spring-security-ldap.gradle index 287e5c1ae4d..eb682ed69a0 100644 --- a/ldap/spring-security-ldap.gradle +++ b/ldap/spring-security-ldap.gradle @@ -1,5 +1,6 @@ apply plugin: 'io.spring.convention.spring-module' apply plugin: 'javadoc-warnings-error' +apply plugin: 'compile-warnings-error' dependencies { management platform(project(":spring-security-dependencies")) diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java index 59e0a0ea29b..44448189a12 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java @@ -68,6 +68,7 @@ public void constructorWhenUrlEncodedSpacesWithPlusCharacterThenBaseDnIsProperly } @Test + @SuppressWarnings({ "unchecked", "rawtypes" }) public void poolingFlagIsSetWhenAuthenticationDnMatchesManagerUserDn() { EnvExposingDefaultSpringSecurityContextSource ctxSrc = new EnvExposingDefaultSpringSecurityContextSource( "ldap://blah:789/dc=springframework,dc=org"); @@ -79,6 +80,7 @@ public void poolingFlagIsSetWhenAuthenticationDnMatchesManagerUserDn() { } @Test + @SuppressWarnings({ "unchecked", "rawtypes" }) public void poolingFlagIsNotSetWhenAuthenticationDnIsNotManagerUserDn() { EnvExposingDefaultSpringSecurityContextSource ctxSrc = new EnvExposingDefaultSpringSecurityContextSource( "ldap://blah:789/dc=springframework,dc=org"); @@ -170,13 +172,13 @@ public void instantiationFailsWithIncorrectServerUrl() { .isThrownBy(() -> new DefaultSpringSecurityContextSource(serverUrls, "dc=springframework,dc=org")); } + @SuppressWarnings({ "unchecked", "rawtypes" }) static class EnvExposingDefaultSpringSecurityContextSource extends DefaultSpringSecurityContextSource { EnvExposingDefaultSpringSecurityContextSource(String providerUrl) { super(providerUrl); } - @SuppressWarnings("unchecked") Hashtable getAuthenticatedEnvForTest(String userDn, String password) { return getAuthenticatedEnv(userDn, password); } diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateITests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateITests.java index 25d65e1215b..6b7aed63d2f 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateITests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateITests.java @@ -89,6 +89,7 @@ public void compareOfWrongValueFails() { // } @Test + @SuppressWarnings("unchecked") public void namingExceptionIsTranslatedCorrectly() { assertThatExceptionOfType(UncategorizedLdapException.class) .isThrownBy(() -> this.template.executeReadOnly((ContextExecutor) (dirContext) -> { diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java index a7598b3c4ed..6336e1fd163 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java @@ -47,6 +47,7 @@ */ @ExtendWith(SpringExtension.class) @ContextConfiguration(classes = UnboundIdContainerConfig.class) +@SuppressWarnings("deprecation") public class PasswordComparisonAuthenticatorTests { @Autowired diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorGetGrantedAuthoritiesTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorGetGrantedAuthoritiesTests.java index 928b111ab4f..33a5539594d 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorGetGrantedAuthoritiesTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorGetGrantedAuthoritiesTests.java @@ -57,6 +57,7 @@ public void setUp() { } @Test + @SuppressWarnings("deprecation") public void groupSearchDoesNotAllowNullRoles() { this.populator.setRolePrefix("ROLE_"); this.populator.setGroupRoleAttribute("ou"); diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/NestedLdapAuthoritiesPopulatorTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/NestedLdapAuthoritiesPopulatorTests.java index 3139673b43e..9d3023e5959 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/NestedLdapAuthoritiesPopulatorTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/NestedLdapAuthoritiesPopulatorTests.java @@ -116,6 +116,7 @@ public void testGroovyDudeJDevelopersAuthorities() { } @Test + @SuppressWarnings("unchecked") public void testClosureDudeJDevelopersWithMembershipAsAttributeValues() { this.populator.setAttributeNames(new HashSet(Arrays.asList("member"))); diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticationProvider.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticationProvider.java index ac78d44b5a3..9ee853b1103 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticationProvider.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticationProvider.java @@ -21,11 +21,11 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.jspecify.annotations.NonNull; import org.springframework.context.MessageSource; import org.springframework.context.MessageSourceAware; import org.springframework.context.support.MessageSourceAccessor; -import org.springframework.lang.NonNull; import org.springframework.ldap.core.DirContextOperations; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.BadCredentialsException; diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java index 4b33cb3b9f6..0017c39bc98 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java @@ -21,11 +21,12 @@ import java.util.Collections; import java.util.List; +import org.jspecify.annotations.NonNull; + import org.springframework.beans.factory.InitializingBean; import org.springframework.context.MessageSource; import org.springframework.context.MessageSourceAware; import org.springframework.context.support.MessageSourceAccessor; -import org.springframework.lang.NonNull; import org.springframework.ldap.core.ContextSource; import org.springframework.security.core.SpringSecurityMessageSource; import org.springframework.security.ldap.search.LdapUserSearch; diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java index e158e87235c..dd07d2349c7 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java @@ -52,14 +52,27 @@ public final class PasswordComparisonAuthenticator extends AbstractLdapAuthentic private static final Log logger = LogFactory.getLog(PasswordComparisonAuthenticator.class); - private PasswordEncoder passwordEncoder = new LdapShaPasswordEncoder(KeyGenerators.shared(0)); + private PasswordEncoder passwordEncoder; private String passwordAttributeName = "userPassword"; private boolean usePasswordAttrCompare = false; + /** + * @deprecated Use + * {@link #PasswordComparisonAuthenticator(BaseLdapPathContextSource, PasswordEncoder)} + * instead + */ + @Deprecated(since = "7.1") + @SuppressWarnings("deprecation") public PasswordComparisonAuthenticator(BaseLdapPathContextSource contextSource) { + this(contextSource, new LdapShaPasswordEncoder(KeyGenerators.shared(0))); + } + + public PasswordComparisonAuthenticator(BaseLdapPathContextSource contextSource, PasswordEncoder passwordEncoder) { super(contextSource); + Assert.notNull(passwordEncoder, "passwordEncoder must not be null"); + this.passwordEncoder = passwordEncoder; } @Override diff --git a/ldap/src/main/java/org/springframework/security/ldap/server/UnboundIdContainer.java b/ldap/src/main/java/org/springframework/security/ldap/server/UnboundIdContainer.java index ec0efba60b5..75fcdaaaa8e 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/server/UnboundIdContainer.java +++ b/ldap/src/main/java/org/springframework/security/ldap/server/UnboundIdContainer.java @@ -25,6 +25,7 @@ import com.unboundid.ldap.sdk.Entry; import com.unboundid.ldap.sdk.LDAPException; import com.unboundid.ldif.LDIFReader; +import org.jspecify.annotations.NonNull; import org.springframework.beans.BeansException; import org.springframework.beans.factory.DisposableBean; @@ -34,7 +35,6 @@ import org.springframework.context.ConfigurableApplicationContext; import org.springframework.context.Lifecycle; import org.springframework.core.io.Resource; -import org.springframework.lang.NonNull; import org.springframework.util.StringUtils; /** diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java index 422b239a0f6..08f57fd4842 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java @@ -369,6 +369,7 @@ public void setGroupMemberAttributeName(String groupMemberAttributeName) { this.groupSearchFilter = "(" + groupMemberAttributeName + "={0})"; } + @SuppressWarnings("unchecked") public void setRoleMapper(AttributesMapper roleMapper) { this.roleMapper = roleMapper; } diff --git a/ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java b/ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java index f5c2d8b4aed..5162fda2361 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java @@ -35,9 +35,11 @@ /** * @author Luke Taylor */ +@SuppressWarnings("deprecation") public class PasswordComparisonAuthenticatorMockTests { @Test + @SuppressWarnings("unchecked") public void ldapCompareOperationIsUsedWhenPasswordIsNotRetrieved() throws Exception { final DirContext dirCtx = mock(DirContext.class); final BaseLdapPathContextSource source = mock(BaseLdapPathContextSource.class); diff --git a/ldap/src/test/java/org/springframework/security/ldap/userdetails/UserDetailsServiceLdapAuthoritiesPopulatorTests.java b/ldap/src/test/java/org/springframework/security/ldap/userdetails/UserDetailsServiceLdapAuthoritiesPopulatorTests.java index 192e51829fe..8910e53f603 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/userdetails/UserDetailsServiceLdapAuthoritiesPopulatorTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/userdetails/UserDetailsServiceLdapAuthoritiesPopulatorTests.java @@ -38,6 +38,7 @@ public class UserDetailsServiceLdapAuthoritiesPopulatorTests { @Test + @SuppressWarnings("unchecked") public void delegationToUserDetailsServiceReturnsCorrectRoles() { UserDetailsService uds = mock(UserDetailsService.class); UserDetails user = mock(UserDetails.class);