Expanding Properties in Gradle Breaks LDAP Config

Question

Summary: I'm trying to access project properties (such as the version) in Java, and everywhere I've read says I need to expand properties in my build.gradle file. That's all fine and dandy, but I'm using LDAP and am configuring it in my properties file. Whenever I try to expand properties, I get the LDAP error 49 52e (Invalid Credentials), so it seems that whatever Gradle does to process the properties warps the LDAP properties so they are no longer usable.

Project Info: I've outlined what I've thought to be the applicable project info below. If there are further details needed to determine the issue, comment and I'll add them.

• Language:
  • Groovy 2.4
  • Java 8
• Framework:
  • Spring Boot version: 1.3.1.RELEASE with starter POM
    • spring-boot-starter-security included
    • spring-security-ldap included
• Build Tool: Gradle
  • Version 2.3
  • Spring Boot Gradle Plugin 1.3.1.RELEASE
  • Applied Plugins:
    • groovy
    • spring-boot

Build Info: I've tried a few different configurations in my build.gradle file to acess the version, but the moment I add the 'processResources' block, I can no longer access LDAP when running the application. The application runs and authenticates just fine without a 'processResources' block, but as soon as I add it, it will run, but I can't access anything due to LDAP complaining about invalid credentials. I tried 3 different expand configurations and all behaved this way.

Build Config Attempt 1:

processResources {
    expand(project.properties)
}

Build Config Attempt 2:

processResources {
    filesMatching('**/*.properties') { expand(project.properties) }
}

At this point it occurred to me that I'm configuring my LDAP login in a properties file, so maybe the solution was to avoid properties files altogether. I found out that you can supposedly just expand the properties you need, so I tried the following.

Build Config Attempt 3:

processResources {
    expand projectVersion: project.version
}

As stated before, all of the above attempts failed and I still got LDAP authentication errors for each of them. A build.gradle file without a 'procesResources' block seems to be the only way to keep LDAP happy.

Properties Info: As stated before, I configured LDAP information in my properties files. Below are the relevant properties.

application.properties

spring.profiles.active=localdev
ldap.securitygroup=DEV
logout.path=
host.securePort=

As you can see, I'm using a localdev profile, so I've included the applicable properties from it below. Since it included sensitive information, I've only specified the property names and not their values. I've used a star (*) to indicate that there was a non-empty value provided. (in the above application.properties file the values were indeed empty for a couple of the properties listed):

application-localdev.properties

host.securePort=*
ldap.username=*
ldap.password=*
ldap.base=DC=*,DC=*,DC=*
ldap.roleSearchBase=OU=*,DC=*,DC=*,DC=*
ldap.defaultUrl=ldap://*
ldap.urls=ldap://* ldap://*

The properties didn't change at all, it just all worked without the processResources block in the build.gradle file, and then didn't when I added any of those 3 versions of it.

Any assistance to help figure this help would be greatly appreciated, and if any further information is needed, let me know and I'll update this.

Answer 1

So a co-worker gave me a great tip and said I could check the properties in the JAR file to see if there were different from what was originally specified.

Long story short, when I don't have a processResources block in the build.gradle file, the properties don't change and everything's happy. However, when processResources is added, ESCAPE CHARACTERS ARE REMOVED, causing the username to change, since I had an escape character in it.

The workaround I'm now using is to double up on the escape characters, which seems like a hack to me, so if there's a better way to configure this, please reply!