LdapAuthenticationProvider not checking if user is not active

I can auth my website with either ldap or by looking in db using different spring security authentication providers.

When i use the database auth, i use UserDetailsService, which correctly checks if my user is notActive and throws DisabledException correctly.

but using LdapAuthenticationProvid开发者_StackOverflower this does not occur. why?

spring security 2.0.1

Which LdapAuthenticator are you using? If you use BindAuthenticator it will bind as the given user, eventually the directory server should reject if the user account disabled/expired.

I haven't used LdapAuthenticationProvider myself, but if its not done automatically you can retrieve the userdetails, The UserDetails class has bunch of methods to check weather the account is enabled/locked/expired.