2

I use Grails + spring-security + LDAP to authenticate users. The authentication works now but I need the plain text password to authenticate a second service.

I tried the SpringSecurityService properties but none contains the password.

Do I have to implement my own UserDetailsMapper or does the LdapUserDetailsMapper also provide the mapping of the plain text password retrieved from the web form?

OliverS
  • 1,251
  • 12
  • 17

1 Answers1

7

You can get the credentials from the org.springframework.security.core.context.SecurityContextHolder. However, I really don't think it is a good idea to use this. You will not be able to use the 'remember-me' nor the 'run-as' or 'switch-user' functionality, because thne the credentials would not contain the current user's password (they will probably be null). Also, I don't think you would get the plaintext password if using anything other than basic HTML authentication or form authentication.

Anyhow, SecurityContextHolder.getContext().getAuthentication().getCredentials() will get you the plaintext password if using form authentication.

Magne Rasmussen
  • 203
  • 2
  • 5
  • There is an `erase-credentials` setting for spring security. Setting it to false may help retrieve the password. However, I have no idea where this setting goes. I'm looking for where to put the setting and found this post. – Jason Jul 19 '17 at 15:21
  • Found it. Try adding to Config.groovy: `grails.plugin.springsecurity.providerManager.eraseCredentialsAfterAuthentication = false` – Jason Jul 19 '17 at 15:25