@@ -63,24 +63,32 @@ public ReactiveAuthenticationManager authenticationManager(LdapContextSource lda
6363 ba .setUserSearch (userSearch );
6464 }
6565
66+ var authenticationProvider = getAuthenticationProvider (authoritiesExtractor , rbacEnabled , ba );
67+
68+ AuthenticationManager am = new ProviderManager (List .of (authenticationProvider ));
69+
70+ return new ReactiveAuthenticationManagerAdapter (am );
71+ }
72+
73+ private AbstractLdapAuthenticationProvider getAuthenticationProvider (LdapAuthoritiesPopulator authoritiesExtractor ,
74+ boolean rbacEnabled ,
75+ BindAuthenticator bindAuthenticator ) {
6676 AbstractLdapAuthenticationProvider authenticationProvider ;
77+
6778 if (!props .isActiveDirectory ()) {
6879 authenticationProvider = rbacEnabled
69- ? new LdapAuthenticationProvider (ba , authoritiesExtractor )
70- : new LdapAuthenticationProvider (ba );
80+ ? new LdapAuthenticationProvider (bindAuthenticator , authoritiesExtractor )
81+ : new LdapAuthenticationProvider (bindAuthenticator );
7182 } else {
7283 authenticationProvider = new ActiveDirectoryLdapAuthenticationProvider (props .getActiveDirectoryDomain (),
73- props .getUrls ()); // TODO Issue #3741
84+ props .getUrls ());
7485 authenticationProvider .setUseAuthenticationRequestCredentials (true );
7586 }
7687
7788 if (rbacEnabled ) {
7889 authenticationProvider .setUserDetailsContextMapper (new UserDetailsMapper ());
7990 }
80-
81- AuthenticationManager am = new ProviderManager (List .of (authenticationProvider ));
82-
83- return new ReactiveAuthenticationManagerAdapter (am );
91+ return authenticationProvider ;
8492 }
8593
8694 @ Bean
@@ -99,6 +107,10 @@ public DefaultLdapAuthoritiesPopulator ldapAuthoritiesExtractor(ApplicationConte
99107 AccessControlService acs ) {
100108 var rbacEnabled = acs != null && acs .isRbacEnabled ();
101109
110+ if (props .isActiveDirectory ()) {
111+ return null ;
112+ }
113+
102114 DefaultLdapAuthoritiesPopulator extractor ;
103115
104116 if (rbacEnabled ) {
0 commit comments