I'm working on using an LdapAuthenticationProvider to define a user's roles based on Ldap user groups.

Which Spring security class actually does that mapping? Is it something that we can override?


Also, correct me if I'm wrong but when i call getAuthorities on a userdetails object, I should only get back the "ROLE_*" authorities that are defined for the user, not the Ldap groups, correct?