Merge pull request #11744 from eddumelendez:gh-11722

* pr/11744:
  Polish "Add support for anonymousReadOnly in LdapProperties"
  Add support for anonymousReadOnly in LdapProperties
  Move tests to use ApplicationContextRunner

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/ldap/LdapAutoConfiguration.java

 /*
- * Copyright 2012-2017 the original author or authors.
+ * Copyright 2012-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -54,6 +54,7 @@ public class LdapAutoConfiguration {
 		LdapContextSource source = new LdapContextSource();
 		source.setUserDn(this.properties.getUsername());
 		source.setPassword(this.properties.getPassword());
+		source.setAnonymousReadOnly(this.properties.getAnonymousReadOnly());
 		source.setBase(this.properties.getBase());
 		source.setUrls(this.properties.determineUrls(this.environment));
 		source.setBaseEnvironmentProperties(

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/ldap/LdapProperties.java

 /*
- * Copyright 2012-2017 the original author or authors.
+ * Copyright 2012-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -55,10 +55,15 @@ public class LdapProperties {
 	 */
 	private String password;
 
+	/**
+	 * Whether read-only operations should use an anonymous environment.
+	 */
+	private boolean anonymousReadOnly;
+
 	/**
 	 * LDAP specification settings.
 	 */
-	private Map<String, String> baseEnvironment = new HashMap<>();
+	private final Map<String, String> baseEnvironment = new HashMap<>();
 
 	public String[] getUrls() {
 		return this.urls;
@@ -92,12 +97,16 @@ public class LdapProperties {
 		this.password = password;
 	}
 
-	public Map<String, String> getBaseEnvironment() {
-		return this.baseEnvironment;
+	public boolean getAnonymousReadOnly() {
+		return this.anonymousReadOnly;
 	}
 
-	public void setBaseEnvironment(Map<String, String> baseEnvironment) {
-		this.baseEnvironment = baseEnvironment;
+	public void setAnonymousReadOnly(boolean anonymousReadOnly) {
+		this.anonymousReadOnly = anonymousReadOnly;
+	}
+
+	public Map<String, String> getBaseEnvironment() {
+		return this.baseEnvironment;
 	}
 
 	public String[] determineUrls(Environment environment) {

spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/ldap/LdapAutoConfigurationTests.java

 /*
- * Copyright 2012-2017 the original author or authors.
+ * Copyright 2012-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,13 +16,12 @@
 
 package org.springframework.boot.autoconfigure.ldap;
 
-import org.junit.After;
 import org.junit.Test;
 
-import org.springframework.boot.autoconfigure.context.PropertyPlaceholderAutoConfiguration;
-import org.springframework.boot.test.util.TestPropertyValues;
-import org.springframework.context.annotation.AnnotationConfigApplicationContext;
+import org.springframework.boot.autoconfigure.AutoConfigurations;
+import org.springframework.boot.test.context.runner.ApplicationContextRunner;
 import org.springframework.ldap.core.ContextSource;
+import org.springframework.ldap.core.support.LdapContextSource;
 import org.springframework.test.util.ReflectionTestUtils;
 
 import static org.assertj.core.api.Assertions.assertThat;
@@ -31,61 +30,73 @@ import static org.assertj.core.api.Assertions.assertThat;
  * Tests for {@link LdapAutoConfiguration}.
  *
  * @author Eddú Meléndez
+ * @author Stephane Nicoll
  */
 public class LdapAutoConfigurationTests {
 
-	private AnnotationConfigApplicationContext context;
-
-	@After
-	public void close() {
-		if (this.context != null) {
-			this.context.close();
-		}
-	}
+	private ApplicationContextRunner contextRunner = new ApplicationContextRunner()
+			.withConfiguration(AutoConfigurations.of(LdapAutoConfiguration.class));
 
 	@Test
-	public void testDefaultUrl() {
-		load();
-		ContextSource contextSource = this.context.getBean(ContextSource.class);
-		String[] urls = (String[]) ReflectionTestUtils.getField(contextSource, "urls");
-		assertThat(urls).containsExactly("ldap://localhost:389");
+	public void contextSourceWithDefaultUrl() {
+		this.contextRunner.run(context -> {
+			LdapContextSource contextSource = context.getBean(LdapContextSource.class);
+			String[] urls = (String[]) ReflectionTestUtils
+					.getField(contextSource, "urls");
+			assertThat(urls).containsExactly("ldap://localhost:389");
+			assertThat(contextSource.isAnonymousReadOnly()).isFalse();
+		});
 	}
 
 	@Test
-	public void testContextSourceSetOneUrl() {
-		load("spring.ldap.urls:ldap://localhost:123");
-		ContextSource contextSource = this.context.getBean(ContextSource.class);
-		String[] urls = (String[]) ReflectionTestUtils.getField(contextSource, "urls");
-		assertThat(urls).containsExactly("ldap://localhost:123");
+	public void contextSourceWithSingleUrl() {
+		this.contextRunner.withPropertyValues("spring.ldap.urls:ldap://localhost:123")
+				.run(context -> {
+					ContextSource contextSource = context.getBean(ContextSource.class);
+					String[] urls = (String[]) ReflectionTestUtils.getField(
+							contextSource, "urls");
+					assertThat(urls).containsExactly("ldap://localhost:123");
+				});
 	}
 
 	@Test
-	public void testContextSourceSetTwoUrls() {
-		load("spring.ldap.urls:ldap://localhost:123,ldap://mycompany:123");
-		ContextSource contextSource = this.context.getBean(ContextSource.class);
-		LdapProperties ldapProperties = this.context.getBean(LdapProperties.class);
-		String[] urls = (String[]) ReflectionTestUtils.getField(contextSource, "urls");
-		assertThat(urls).containsExactly("ldap://localhost:123", "ldap://mycompany:123");
-		assertThat(ldapProperties.getUrls()).hasSize(2);
+	public void contextSourceWithSeveralUrls() {
+		this.contextRunner
+				.withPropertyValues(
+						"spring.ldap.urls:ldap://localhost:123,ldap://mycompany:123")
+				.run(context -> {
+					ContextSource contextSource = context.getBean(ContextSource.class);
+					LdapProperties ldapProperties = context.getBean(LdapProperties.class);
+					String[] urls = (String[]) ReflectionTestUtils.getField(
+							contextSource, "urls");
+					assertThat(urls).containsExactly("ldap://localhost:123",
+							"ldap://mycompany:123");
+					assertThat(ldapProperties.getUrls()).hasSize(2);
+				});
 	}
 
 	@Test
-	public void testContextSourceWithMoreProperties() {
-		load("spring.ldap.urls:ldap://localhost:123", "spring.ldap.username:root",
-				"spring.ldap.password:root", "spring.ldap.base:cn=SpringDevelopers",
-				"spring.ldap.baseEnvironment.java.naming.security"
-						+ ".authentication:DIGEST-MD5");
-		LdapProperties ldapProperties = this.context.getBean(LdapProperties.class);
-		assertThat(ldapProperties.getBaseEnvironment())
-				.containsEntry("java.naming.security.authentication", "DIGEST-MD5");
-	}
-
-	private void load(String... properties) {
-		this.context = new AnnotationConfigApplicationContext();
-		TestPropertyValues.of(properties).applyTo(this.context);
-		this.context.register(LdapAutoConfiguration.class,
-				PropertyPlaceholderAutoConfiguration.class);
-		this.context.refresh();
+	public void contextSourceWithExtraCustomization() {
+		this.contextRunner
+				.withPropertyValues(
+						"spring.ldap.urls:ldap://localhost:123",
+						"spring.ldap.username:root",
+						"spring.ldap.password:secret",
+						"spring.ldap.anonymous-read-only:true",
+						"spring.ldap.base:cn=SpringDevelopers",
+						"spring.ldap.baseEnvironment.java.naming.security.authentication:DIGEST-MD5")
+				.run(context -> {
+					LdapContextSource contextSource = context.getBean(
+							LdapContextSource.class);
+					assertThat(contextSource.getUserDn()).isEqualTo("root");
+					assertThat(contextSource.getPassword()).isEqualTo("secret");
+					assertThat(contextSource.isAnonymousReadOnly()).isTrue();
+					assertThat(contextSource.getBaseLdapPathAsString()).isEqualTo(
+							"cn=SpringDevelopers");
+					LdapProperties ldapProperties = context.getBean(LdapProperties.class);
+					assertThat(ldapProperties.getBaseEnvironment()).containsEntry(
+							"java.naming.security.authentication", "DIGEST-MD5");
+				});
 	}
 
 }

spring-boot-project/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc

@@ -362,11 +362,12 @@ content into your application. Rather, pick only the properties that you need.
 	spring.jersey.type=servlet # Jersey integration type.
 
 	# SPRING LDAP ({sc-spring-boot-autoconfigure}/ldap/LdapProperties.{sc-ext}[LdapProperties])
-	spring.ldap.urls= # LDAP URLs of the server.
+	spring.ldap.anonymous-read-only=false # Whether read-only operations should use an anonymous environment.
 	spring.ldap.base= # Base suffix from which all operations should originate.
-	spring.ldap.username= # Login username of the server.
-	spring.ldap.password= # Login password of the server.
 	spring.ldap.base-environment.*= # LDAP specification settings.
+	spring.ldap.password= # Login password of the server.
+	spring.ldap.urls= # LDAP URLs of the server.
+	spring.ldap.username= # Login username of the server.
 
 	# EMBEDDED LDAP ({sc-spring-boot-autoconfigure}/ldap/embedded/EmbeddedLdapProperties.{sc-ext}[EmbeddedLdapProperties])
 	spring.ldap.embedded.base-dn= # The base DN