@@ -613,35 +613,35 @@ public String getPostLogOutUrl(StaplerRequest req, Authentication auth) {
613613 public SecurityComponents createSecurityComponents () throws DataAccessException {
614614 if (getLDAPURL () == null ) {
615615 proxyTemplate = new ReverseProxySearchTemplate ();
616- DefaultReverseProxyAuthenticator authenticator = new DefaultReverseProxyAuthenticator (retrievedUser , authorities );
617- ReverseProxyAuthoritiesPopulatorImpl authoritiesPopulator = new ReverseProxyAuthoritiesPopulatorImpl (authContext );
618- ProviderManager pm = new ProviderManager ();
619- List <AuthenticationProvider > providers = new ArrayList <>();
620- // talk to Reverse Proxy Authentication
621- providers .add (new ReverseProxyAuthenticationProvider (authenticator , authoritiesPopulator ));
622- // these providers apply everywhere
623- RememberMeAuthenticationProvider rmap = new RememberMeAuthenticationProvider ();
624- rmap .setKey (Jenkins .getInstance ().getSecretKey ());
625- providers .add (rmap );
626- // this doesn't mean we allow anonymous access.
627- // we just authenticate anonymous users as such,
628- // so that later authorization can reject them if so configured
629- AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider ();
630- aap .setKey ("anonymous" );
631- providers .add (aap );
632- pm .setProviders (providers );
616+ DefaultReverseProxyAuthenticator authenticator = new DefaultReverseProxyAuthenticator (retrievedUser , authorities );
617+ ReverseProxyAuthoritiesPopulatorImpl authoritiesPopulator = new ReverseProxyAuthoritiesPopulatorImpl (authContext );
618+ ProviderManager pm = new ProviderManager ();
619+ List <AuthenticationProvider > providers = new ArrayList <>();
620+ // talk to Reverse Proxy Authentication
621+ providers .add (new ReverseProxyAuthenticationProvider (authenticator , authoritiesPopulator ));
622+ // these providers apply everywhere
623+ RememberMeAuthenticationProvider rmap = new RememberMeAuthenticationProvider ();
624+ rmap .setKey (Jenkins .getInstance ().getSecretKey ());
625+ providers .add (rmap );
626+ // this doesn't mean we allow anonymous access.
627+ // we just authenticate anonymous users as such,
628+ // so that later authorization can reject them if so configured
629+ AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider ();
630+ aap .setKey ("anonymous" );
631+ providers .add (aap );
632+ pm .setProviders (providers );
633633 return new SecurityComponents (pm , new ReverseProxyUserDetailsService (authoritiesPopulator ));
634634 } else {
635- DefaultInitialDirContextFactory dirContextFactory = new DefaultInitialDirContextFactory (getLDAPURL ());
636- if (managerDN != null ) {
637- dirContextFactory .setManagerDn (managerDN );
638- dirContextFactory .setManagerPassword (getManagerPassword ());
639- }
640- Map <String , Object > envVars = new HashMap <>();
641- envVars .put (Context .REFERRAL , "follow" );
642- envVars .put ("com.sun.jndi.ldap.connect.timeout" , Integer .toString (CONNECT_TIMEOUT ));
643- envVars .put ("com.sun.jndi.ldap.read.timeout" , Integer .toString (READ_TIMEOUT ));
644- dirContextFactory .setExtraEnvVars (envVars );
635+ DefaultInitialDirContextFactory dirContextFactory = new DefaultInitialDirContextFactory (getLDAPURL ());
636+ if (managerDN != null ) {
637+ dirContextFactory .setManagerDn (managerDN );
638+ dirContextFactory .setManagerPassword (getManagerPassword ());
639+ }
640+ Map <String , Object > envVars = new HashMap <>();
641+ envVars .put (Context .REFERRAL , "follow" );
642+ envVars .put ("com.sun.jndi.ldap.connect.timeout" , Integer .toString (CONNECT_TIMEOUT ));
643+ envVars .put ("com.sun.jndi.ldap.read.timeout" , Integer .toString (READ_TIMEOUT ));
644+ dirContextFactory .setExtraEnvVars (envVars );
645645 ldapTemplate = new LdapTemplate (dirContextFactory );
646646 FilterBasedLdapUserSearch ldapUserSearch = new FilterBasedLdapUserSearch (userSearchBase , userSearch , dirContextFactory );
647647 ldapUserSearch .setSearchSubtree (true );
0 commit comments