From 215547f8c8ae1455a24b6cbc8f897bfc0c10ea4b Mon Sep 17 00:00:00 2001 From: Josh Cummings <3627351+jzheaux@users.noreply.github.com> Date: Wed, 28 May 2025 14:13:02 -0600 Subject: [PATCH] Use UsernameNotFoundException Factory Issue gh-17179 --- .../security/provisioning/InMemoryUserDetailsManager.java | 2 +- .../ldap/authentication/PasswordComparisonAuthenticator.java | 2 +- .../ad/ActiveDirectoryLdapAuthenticationProvider.java | 3 +-- .../security/ldap/search/FilterBasedLdapUserSearch.java | 2 +- .../security/ldap/userdetails/LdapUserDetailsManager.java | 2 +- .../ReactivePreAuthenticatedAuthenticationManager.java | 2 +- 6 files changed, 6 insertions(+), 7 deletions(-) diff --git a/core/src/main/java/org/springframework/security/provisioning/InMemoryUserDetailsManager.java b/core/src/main/java/org/springframework/security/provisioning/InMemoryUserDetailsManager.java index 498e165342..0a17b16547 100644 --- a/core/src/main/java/org/springframework/security/provisioning/InMemoryUserDetailsManager.java +++ b/core/src/main/java/org/springframework/security/provisioning/InMemoryUserDetailsManager.java @@ -164,7 +164,7 @@ public class InMemoryUserDetailsManager implements UserDetailsManager, UserDetai public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { UserDetails user = this.users.get(username.toLowerCase(Locale.ROOT)); if (user == null) { - throw new UsernameNotFoundException("user '" + username + "' not found"); + throw UsernameNotFoundException.fromUsername(username); } if (user instanceof CredentialsContainer) { return user; diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java index 7d79d358ef..e158e87235 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java @@ -93,7 +93,7 @@ public final class PasswordComparisonAuthenticator extends AbstractLdapAuthentic } } if (user == null) { - throw new UsernameNotFoundException("User not found: " + username); + throw UsernameNotFoundException.fromUsername(username); } if (logger.isTraceEnabled()) { logger.trace(LogMessage.format("Comparing password attribute '%s' for user '%s'", diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProvider.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProvider.java index 6d43a67202..0ee5a54f0a 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProvider.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProvider.java @@ -307,8 +307,7 @@ public final class ActiveDirectoryLdapAuthenticationProvider extends AbstractLda throw ex; } // If we found no results, then the username/password did not match - UsernameNotFoundException userNameNotFoundException = new UsernameNotFoundException( - "User " + username + " not found in directory.", ex); + UsernameNotFoundException userNameNotFoundException = UsernameNotFoundException.fromUsername(username, ex); throw badCredentials(userNameNotFoundException); } } diff --git a/ldap/src/main/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearch.java b/ldap/src/main/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearch.java index 326b5c5fa1..2277b45463 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearch.java +++ b/ldap/src/main/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearch.java @@ -104,7 +104,7 @@ public class FilterBasedLdapUserSearch implements LdapUserSearch { } catch (IncorrectResultSizeDataAccessException ex) { if (ex.getActualSize() == 0) { - throw new UsernameNotFoundException("User " + username + " not found in directory."); + throw UsernameNotFoundException.fromUsername(username); } // Search should never return multiple results if properly configured throw ex; diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java index 53d46980ac..3d945a0805 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java @@ -154,7 +154,7 @@ public class LdapUserDetailsManager implements UserDetailsManager { return new DirContextAdapter(attrs, LdapUtils.getFullDn(dn, ctx)); } catch (NameNotFoundException ex) { - throw new UsernameNotFoundException("User " + username + " not found", ex); + throw UsernameNotFoundException.fromUsername(username, ex); } }); } diff --git a/web/src/main/java/org/springframework/security/web/server/authentication/ReactivePreAuthenticatedAuthenticationManager.java b/web/src/main/java/org/springframework/security/web/server/authentication/ReactivePreAuthenticatedAuthenticationManager.java index 83cc524283..2528157f60 100644 --- a/web/src/main/java/org/springframework/security/web/server/authentication/ReactivePreAuthenticatedAuthenticationManager.java +++ b/web/src/main/java/org/springframework/security/web/server/authentication/ReactivePreAuthenticatedAuthenticationManager.java @@ -62,7 +62,7 @@ public class ReactivePreAuthenticatedAuthenticationManager implements ReactiveAu .filter(this::supports) .map(Authentication::getName) .flatMap(this.userDetailsService::findByUsername) - .switchIfEmpty(Mono.error(() -> new UsernameNotFoundException("User not found"))) + .switchIfEmpty(Mono.error(() -> UsernameNotFoundException.fromUsername(authentication.getName()))) .doOnNext(this.userDetailsChecker::check) .map((userDetails) -> { PreAuthenticatedAuthenticationToken result = new PreAuthenticatedAuthenticationToken(userDetails,