Merge branch '2.1.x' into 2.2.x

Closes gh-21351

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/ldap/LdapProperties.java

 /*
- * Copyright 2012-2019 the original author or authors.
+ * Copyright 2012-2020 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -56,9 +56,10 @@ public class LdapProperties {
 	private String password;
 
 	/**
-	 * Whether read-only operations should use an anonymous environment.
+	 * Whether read-only operations should use an anonymous environment. Disabled by
+	 * default unless a username is set.
 	 */
-	private boolean anonymousReadOnly;
+	private Boolean anonymousReadOnly;
 
 	/**
 	 * LDAP specification settings.
@@ -97,11 +98,11 @@ public class LdapProperties {
 		this.password = password;
 	}
 
-	public boolean getAnonymousReadOnly() {
+	public Boolean getAnonymousReadOnly() {
 		return this.anonymousReadOnly;
 	}
 
-	public void setAnonymousReadOnly(boolean anonymousReadOnly) {
+	public void setAnonymousReadOnly(Boolean anonymousReadOnly) {
 		this.anonymousReadOnly = anonymousReadOnly;
 	}
 

spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/ldap/LdapAutoConfigurationTests.java

 /*
- * Copyright 2012-2019 the original author or authors.
+ * Copyright 2012-2020 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -47,7 +47,7 @@ class LdapAutoConfigurationTests {
 		this.contextRunner.run((context) -> {
 			LdapContextSource contextSource = context.getBean(LdapContextSource.class);
 			assertThat(contextSource.getUrls()).containsExactly("ldap://localhost:389");
-			assertThat(contextSource.isAnonymousReadOnly()).isFalse();
+			assertThat(contextSource.isAnonymousReadOnly()).isTrue();
 		});
 	}
 
@@ -70,6 +70,15 @@ class LdapAutoConfigurationTests {
 				});
 	}
 
+	@Test
+	void contextSourceWithUserDoesNotEnableAnonymousReadOnly() {
+		this.contextRunner.withPropertyValues("spring.ldap.username:root").run((context) -> {
+			LdapContextSource contextSource = context.getBean(LdapContextSource.class);
+			assertThat(contextSource.getUserDn()).isEqualTo("root");
+			assertThat(contextSource.isAnonymousReadOnly()).isFalse();
+		});
+	}
+
 	@Test
 	void contextSourceWithExtraCustomization() {
 		this.contextRunner.withPropertyValues("spring.ldap.urls:ldap://localhost:123", "spring.ldap.username:root",
@@ -93,7 +102,7 @@ class LdapAutoConfigurationTests {
 			LdapContextSource contextSource = context.getBean(LdapContextSource.class);
 			assertThat(contextSource.getUserDn()).isEqualTo("");
 			assertThat(contextSource.getPassword()).isEqualTo("");
-			assertThat(contextSource.isAnonymousReadOnly()).isFalse();
+			assertThat(contextSource.isAnonymousReadOnly()).isTrue();
 			assertThat(contextSource.getBaseLdapPathAsString()).isEqualTo("");
 		});
 	}
@@ -109,7 +118,7 @@ class LdapAutoConfigurationTests {
 		this.contextRunner.withUserConfiguration(PooledContextSourceConfig.class).run((context) -> {
 			LdapContextSource contextSource = context.getBean(LdapContextSource.class);
 			assertThat(contextSource.getUrls()).containsExactly("ldap://localhost:389");
-			assertThat(contextSource.isAnonymousReadOnly()).isFalse();
+			assertThat(contextSource.isAnonymousReadOnly()).isTrue();
 		});
 	}
 

spring-boot-project/spring-boot-dependencies/pom.xml

@@ -194,7 +194,7 @@
 		<spring-hateoas.version>1.0.5.RELEASE</spring-hateoas.version>
 		<spring-integration.version>5.2.6.RELEASE</spring-integration.version>
 		<spring-kafka.version>2.3.8.RELEASE</spring-kafka.version>
-		<spring-ldap.version>2.3.2.RELEASE</spring-ldap.version>
+		<spring-ldap.version>2.3.3.RELEASE</spring-ldap.version>
 		<spring-restdocs.version>2.0.4.RELEASE</spring-restdocs.version>
 		<spring-retry.version>1.2.5.RELEASE</spring-retry.version>
 		<spring-security.version>5.2.4.RELEASE</spring-security.version>