SEC-271: implemented Orderd interface in all the entrypoints

2007-05-17 12:20:16 +00:00 · 2007-05-17 12:20:16 +00:00 · 001dc0b1d9
parent 8b1cc05518
commit 001dc0b1d9
5 changed files with 123 additions and 73 deletions
--- a/core/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilterEntryPoint.java
+++ b/core/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilterEntryPoint.java
@ -15,12 +15,6 @@
 package org.acegisecurity.ui.basicauth;
 import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.ui.AuthenticationEntryPoint;
 import org.springframework.beans.factory.InitializingBean;
 import java.io.IOException;
 import javax.servlet.ServletException;
@ -28,6 +22,11 @@ import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletResponse;
 import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.ui.AuthenticationEntryPoint;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.core.Ordered;
 /**
 * Used by the <code>SecurityEnforcementFilter</code> to commence authentication via the {@link
@ -39,14 +38,23 @@ import javax.servlet.http.HttpServletResponse;
 * @author Ben Alex
 * @version $Id$
 */
-public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean {
+public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered {
    //~ Instance fields ================================================================================================
    private String realmName;
    private int order = Integer.MAX_VALUE; // ~ default
    //~ Methods ========================================================================================================
-    public void afterPropertiesSet() throws Exception {
+    public int getOrder() {
 		return order;
 	}
 	public void setOrder(int order) {
 		this.order = order;
 	}
 	public void afterPropertiesSet() throws Exception {
        if ((realmName == null) || "".equals(realmName)) {
            throw new IllegalArgumentException("realmName must be specified");
        }
--- a/core/src/main/java/org/acegisecurity/ui/cas/CasProcessingFilterEntryPoint.java
+++ b/core/src/main/java/org/acegisecurity/ui/cas/CasProcessingFilterEntryPoint.java
@ -15,16 +15,7 @@
 package org.acegisecurity.ui.cas;
 import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.ui.AuthenticationEntryPoint;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.util.Assert;
 import java.io.IOException;
 import java.net.URLEncoder;
 import javax.servlet.ServletException;
@ -33,6 +24,12 @@ import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.ui.AuthenticationEntryPoint;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.core.Ordered;
 import org.springframework.util.Assert;
 /**
 * Used by the <code>SecurityEnforcementFilter</code> to commence authentication via the JA-SIG Central
@ -45,15 +42,24 @@ import javax.servlet.http.HttpServletResponse;
 * @author Ben Alex
 * @version $Id$
 */
-public class CasProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean {
+public class CasProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered{
    //~ Instance fields ================================================================================================
    private ServiceProperties serviceProperties;
    private String loginUrl;
    private int order = Integer.MAX_VALUE; // ~ default
    //~ Methods ========================================================================================================
-    public void afterPropertiesSet() throws Exception {
+    public int getOrder() {
 		return order;
 	}
 	public void setOrder(int order) {
 		this.order = order;
 	}
 	public void afterPropertiesSet() throws Exception {
        Assert.hasLength(this.loginUrl, "loginUrl must be specified");
        Assert.notNull(this.serviceProperties, "serviceProperties must be specified");
    }
--- a/core/src/main/java/org/acegisecurity/ui/digestauth/DigestProcessingFilterEntryPoint.java
+++ b/core/src/main/java/org/acegisecurity/ui/digestauth/DigestProcessingFilterEntryPoint.java
@ -15,17 +15,6 @@
 package org.acegisecurity.ui.digestauth;
 import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.ui.AuthenticationEntryPoint;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.beans.factory.InitializingBean;
 import java.io.IOException;
 import javax.servlet.ServletException;
@ -33,6 +22,15 @@ import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletResponse;
 import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.ui.AuthenticationEntryPoint;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.core.Ordered;
 /**
 * Used by the <code>SecurityEnforcementFilter</code> to commence authentication via the {@link
@ -45,7 +43,7 @@ import javax.servlet.http.HttpServletResponse;
 * @author Ben Alex
 * @version $Id$
 */
-public class DigestProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean {
+public class DigestProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered {
    //~ Static fields/initializers =====================================================================================
    private static final Log logger = LogFactory.getLog(DigestProcessingFilterEntryPoint.class);
@ -55,10 +53,19 @@ public class DigestProcessingFilterEntryPoint implements AuthenticationEntryPoin
    private String key;
    private String realmName;
    private int nonceValiditySeconds = 300;
    private int order = Integer.MAX_VALUE; // ~ default
    //~ Methods ========================================================================================================
-    public void afterPropertiesSet() throws Exception {
+    public int getOrder() {
 		return order;
 	}
 	public void setOrder(int order) {
 		this.order = order;
 	}
 	public void afterPropertiesSet() throws Exception {
        if ((realmName == null) || "".equals(realmName)) {
            throw new IllegalArgumentException("realmName must be specified");
        }
--- a/core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterEntryPoint.java
+++ b/core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterEntryPoint.java
@ -28,6 +28,7 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.core.Ordered;
 import org.springframework.util.Assert;
@ -56,7 +57,7 @@ import javax.servlet.http.HttpServletResponse;
 * @author Omri Spector
 * @version $Id$
 */
-public class AuthenticationProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean {
+public class AuthenticationProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered {
    //~ Static fields/initializers =====================================================================================
    private static final Log logger = LogFactory.getLog(AuthenticationProcessingFilterEntryPoint.class);
@ -68,10 +69,11 @@ public class AuthenticationProcessingFilterEntryPoint implements AuthenticationE
    private String loginFormUrl;
    private boolean forceHttps = false;
    private boolean serverSideRedirect = false;
    private int order = Integer.MAX_VALUE; // ~ default
    //~ Methods ========================================================================================================
-    public void afterPropertiesSet() throws Exception {
+	public void afterPropertiesSet() throws Exception {
        Assert.hasLength(loginFormUrl, "loginFormUrl must be specified");
        Assert.notNull(portMapper, "portMapper must be specified");
        Assert.notNull(portResolver, "portResolver must be specified");
@ -221,5 +223,14 @@ public class AuthenticationProcessingFilterEntryPoint implements AuthenticationE
    public void setServerSideRedirect(boolean serverSideRedirect) {
        this.serverSideRedirect = serverSideRedirect;
    }
    public int getOrder() {
 		return order;
 	}
 	public void setOrder(int order) {
 		this.order = order;
 	}
 }
--- a/core/src/main/java/org/acegisecurity/ui/x509/X509ProcessingFilterEntryPoint.java
+++ b/core/src/main/java/org/acegisecurity/ui/x509/X509ProcessingFilterEntryPoint.java
@ -15,13 +15,6 @@
 package org.acegisecurity.ui.x509;
 import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.ui.AuthenticationEntryPoint;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import java.io.IOException;
 import javax.servlet.ServletException;
@ -29,45 +22,70 @@ import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletResponse;
 import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.ui.AuthenticationEntryPoint;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.core.Ordered;
 /**
- * In the X.509 authentication case (unlike CAS, for example) the certificate will already have been extracted from
+ * In the X.509 authentication case (unlike CAS, for example) the certificate
- * the request and a secure context established by the time the security-enforcement filter is invoked.<p>Therefore
+ * will already have been extracted from the request and a secure context
- * this class isn't actually responsible for the commencement of authentication, as it is in the case of other
+ * established by the time the security-enforcement filter is invoked.
- * providers. It will be called if the certificate was rejected by Acegi's X509AuthenticationProvider, resulting in a
+ * <p>
- * null authentication.</p>
+ * Therefore this class isn't actually responsible for the commencement of
- *  The <code>commence</code> method will always return an <code>HttpServletResponse.SC_FORBIDDEN</code> (403
+ * authentication, as it is in the case of other providers. It will be called if
- * error).
+ * the certificate was rejected by Acegi's X509AuthenticationProvider, resulting
- *
+ * in a null authentication.
 * </p>
 * The <code>commence</code> method will always return an
 * <code>HttpServletResponse.SC_FORBIDDEN</code> (403 error).
 * 
 * @author Luke Taylor
- * @version $Id$
+ * @version $Id: X509ProcessingFilterEntryPoint.java 1496 2006-05-23 13:38:33Z
- *
+ * benalex $
 * 
 * @see org.acegisecurity.ui.ExceptionTranslationFilter
 */
-public class X509ProcessingFilterEntryPoint implements AuthenticationEntryPoint {
+public class X509ProcessingFilterEntryPoint implements AuthenticationEntryPoint, Ordered {
-    //~ Static fields/initializers =====================================================================================
+	// ~ Static fields/initializers
 	// =====================================================================================
-    private static final Log logger = LogFactory.getLog(X509ProcessingFilterEntryPoint.class);
+	private static final Log logger = LogFactory.getLog(X509ProcessingFilterEntryPoint.class);
-    //~ Methods ========================================================================================================
+	// ~ instance fields
 	// =====================================================================================
 	private int order = Integer.MAX_VALUE; // ~ default
-    /**
+	// ~ Methods
-     * Returns a 403 error code to the client.
+	// ========================================================================================================
     *
     * @param request DOCUMENT ME!
     * @param response DOCUMENT ME!
     * @param authException DOCUMENT ME!
     *
     * @throws IOException DOCUMENT ME!
     * @throws ServletException DOCUMENT ME!
     */
    public void commence(ServletRequest request, ServletResponse response, AuthenticationException authException)
        throws IOException, ServletException {
        if (logger.isDebugEnabled()) {
            logger.debug("X509 entry point called. Rejecting access");
        }
-        HttpServletResponse httpResponse = (HttpServletResponse) response;
+	public int getOrder() {
-        httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "Access Denied");
+		return order;
-    }
+	}
 	public void setOrder(int order) {
 		this.order = order;
 	}
 	/**
 	 * Returns a 403 error code to the client.
 	 * 
 	 * @param request DOCUMENT ME!
 	 * @param response DOCUMENT ME!
 	 * @param authException DOCUMENT ME!
 	 * 
 	 * @throws IOException DOCUMENT ME!
 	 * @throws ServletException DOCUMENT ME!
 	 */
 	public void commence(ServletRequest request, ServletResponse response, AuthenticationException authException)
 			throws IOException, ServletException {
 		if (logger.isDebugEnabled()) {
 			logger.debug("X509 entry point called. Rejecting access");
 		}
 		HttpServletResponse httpResponse = (HttpServletResponse) response;
 		httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "Access Denied");
 	}
 }