ActiveDirectoryLdapAuthenticationProvider 不使用 LdapAuthoritiesPopulator(检查构造函数的 API).

ActiveDirectoryLdapAuthenticationProvider doesn't use an LdapAuthoritiesPopulator (check the API for the constructor).

您可以使用委托模型，在返回包含它们的新令牌之前，您可以在其中包装提供者并单独加载权限:

You can use a delegation model, where you wrap the provider and load the authorities separately, before returning a new token containing them:

public class MyAuthoritySupplementingProvider implements AuthenticationProvider {
    private AuthenticationProvider delegate;

    public MyAuthoritySupplementingProvider(AuthenticationProvider delegate) {
        this.delegate = delegate;
    }

    public Authentication authenticate(Authentication authentication) {
        final Authentication a = delegate.authenticate(authentication);

        // Load additional authorities and create an Authentication object
        final List<GrantedAuthority> authorities = loadRolesFromDatabaseHere(a.getName());

        return new AbstractAuthenticationToken(authorities) {
            public Object getCredentials() {
                throw new UnsupportedOperationException();
            }

            public Object getPrincipal() {
                return a.getPrincipal();
            }
        };
    }

    @Override
    public boolean supports(Class<?> authentication) {
        return delegate.supports(authentication);
    }
}

这门课是最终的，主要是因为我对 Active Directory 有相当基本的了解，以及人们想要使用它的不同方式.

The class is final mainly due to my rather basic knowledge of Active Directory and the different ways people would want to use it.