SEC-271: implemented Orderd interface in all the entrypoints

This commit is contained in:
Vishal Puri 2007-05-17 12:20:16 +00:00
parent 8b1cc05518
commit 001dc0b1d9
5 changed files with 123 additions and 73 deletions

View File

@ -15,12 +15,6 @@
package org.acegisecurity.ui.basicauth;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.ui.AuthenticationEntryPoint;
import org.springframework.beans.factory.InitializingBean;
import java.io.IOException;
import javax.servlet.ServletException;
@ -28,6 +22,11 @@ import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.ui.AuthenticationEntryPoint;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.Ordered;
/**
* Used by the <code>SecurityEnforcementFilter</code> to commence authentication via the {@link
@ -39,14 +38,23 @@ import javax.servlet.http.HttpServletResponse;
* @author Ben Alex
* @version $Id$
*/
public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean {
public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered {
//~ Instance fields ================================================================================================
private String realmName;
private int order = Integer.MAX_VALUE; // ~ default
//~ Methods ========================================================================================================
public void afterPropertiesSet() throws Exception {
public int getOrder() {
return order;
}
public void setOrder(int order) {
this.order = order;
}
public void afterPropertiesSet() throws Exception {
if ((realmName == null) || "".equals(realmName)) {
throw new IllegalArgumentException("realmName must be specified");
}

View File

@ -15,16 +15,7 @@
package org.acegisecurity.ui.cas;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.ui.AuthenticationEntryPoint;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
import java.io.IOException;
import java.net.URLEncoder;
import javax.servlet.ServletException;
@ -33,6 +24,12 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.ui.AuthenticationEntryPoint;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.Ordered;
import org.springframework.util.Assert;
/**
* Used by the <code>SecurityEnforcementFilter</code> to commence authentication via the JA-SIG Central
@ -45,15 +42,24 @@ import javax.servlet.http.HttpServletResponse;
* @author Ben Alex
* @version $Id$
*/
public class CasProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean {
public class CasProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered{
//~ Instance fields ================================================================================================
private ServiceProperties serviceProperties;
private String loginUrl;
private int order = Integer.MAX_VALUE; // ~ default
//~ Methods ========================================================================================================
public void afterPropertiesSet() throws Exception {
public int getOrder() {
return order;
}
public void setOrder(int order) {
this.order = order;
}
public void afterPropertiesSet() throws Exception {
Assert.hasLength(this.loginUrl, "loginUrl must be specified");
Assert.notNull(this.serviceProperties, "serviceProperties must be specified");
}

View File

@ -15,17 +15,6 @@
package org.acegisecurity.ui.digestauth;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.ui.AuthenticationEntryPoint;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import java.io.IOException;
import javax.servlet.ServletException;
@ -33,6 +22,15 @@ import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.ui.AuthenticationEntryPoint;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.Ordered;
/**
* Used by the <code>SecurityEnforcementFilter</code> to commence authentication via the {@link
@ -45,7 +43,7 @@ import javax.servlet.http.HttpServletResponse;
* @author Ben Alex
* @version $Id$
*/
public class DigestProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean {
public class DigestProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered {
//~ Static fields/initializers =====================================================================================
private static final Log logger = LogFactory.getLog(DigestProcessingFilterEntryPoint.class);
@ -55,10 +53,19 @@ public class DigestProcessingFilterEntryPoint implements AuthenticationEntryPoin
private String key;
private String realmName;
private int nonceValiditySeconds = 300;
private int order = Integer.MAX_VALUE; // ~ default
//~ Methods ========================================================================================================
public void afterPropertiesSet() throws Exception {
public int getOrder() {
return order;
}
public void setOrder(int order) {
this.order = order;
}
public void afterPropertiesSet() throws Exception {
if ((realmName == null) || "".equals(realmName)) {
throw new IllegalArgumentException("realmName must be specified");
}

View File

@ -28,6 +28,7 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.Ordered;
import org.springframework.util.Assert;
@ -56,7 +57,7 @@ import javax.servlet.http.HttpServletResponse;
* @author Omri Spector
* @version $Id$
*/
public class AuthenticationProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean {
public class AuthenticationProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered {
//~ Static fields/initializers =====================================================================================
private static final Log logger = LogFactory.getLog(AuthenticationProcessingFilterEntryPoint.class);
@ -68,10 +69,11 @@ public class AuthenticationProcessingFilterEntryPoint implements AuthenticationE
private String loginFormUrl;
private boolean forceHttps = false;
private boolean serverSideRedirect = false;
private int order = Integer.MAX_VALUE; // ~ default
//~ Methods ========================================================================================================
public void afterPropertiesSet() throws Exception {
public void afterPropertiesSet() throws Exception {
Assert.hasLength(loginFormUrl, "loginFormUrl must be specified");
Assert.notNull(portMapper, "portMapper must be specified");
Assert.notNull(portResolver, "portResolver must be specified");
@ -222,4 +224,13 @@ public class AuthenticationProcessingFilterEntryPoint implements AuthenticationE
this.serverSideRedirect = serverSideRedirect;
}
public int getOrder() {
return order;
}
public void setOrder(int order) {
this.order = order;
}
}

View File

@ -15,13 +15,6 @@
package org.acegisecurity.ui.x509;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.ui.AuthenticationEntryPoint;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import java.io.IOException;
import javax.servlet.ServletException;
@ -29,45 +22,70 @@ import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.ui.AuthenticationEntryPoint;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.core.Ordered;
/**
* In the X.509 authentication case (unlike CAS, for example) the certificate will already have been extracted from
* the request and a secure context established by the time the security-enforcement filter is invoked.<p>Therefore
* this class isn't actually responsible for the commencement of authentication, as it is in the case of other
* providers. It will be called if the certificate was rejected by Acegi's X509AuthenticationProvider, resulting in a
* null authentication.</p>
* The <code>commence</code> method will always return an <code>HttpServletResponse.SC_FORBIDDEN</code> (403
* error).
* In the X.509 authentication case (unlike CAS, for example) the certificate
* will already have been extracted from the request and a secure context
* established by the time the security-enforcement filter is invoked.
* <p>
* Therefore this class isn't actually responsible for the commencement of
* authentication, as it is in the case of other providers. It will be called if
* the certificate was rejected by Acegi's X509AuthenticationProvider, resulting
* in a null authentication.
* </p>
* The <code>commence</code> method will always return an
* <code>HttpServletResponse.SC_FORBIDDEN</code> (403 error).
*
* @author Luke Taylor
* @version $Id$
* @version $Id: X509ProcessingFilterEntryPoint.java 1496 2006-05-23 13:38:33Z
* benalex $
*
* @see org.acegisecurity.ui.ExceptionTranslationFilter
*/
public class X509ProcessingFilterEntryPoint implements AuthenticationEntryPoint {
//~ Static fields/initializers =====================================================================================
public class X509ProcessingFilterEntryPoint implements AuthenticationEntryPoint, Ordered {
// ~ Static fields/initializers
// =====================================================================================
private static final Log logger = LogFactory.getLog(X509ProcessingFilterEntryPoint.class);
private static final Log logger = LogFactory.getLog(X509ProcessingFilterEntryPoint.class);
//~ Methods ========================================================================================================
// ~ instance fields
// =====================================================================================
/**
* Returns a 403 error code to the client.
*
* @param request DOCUMENT ME!
* @param response DOCUMENT ME!
* @param authException DOCUMENT ME!
*
* @throws IOException DOCUMENT ME!
* @throws ServletException DOCUMENT ME!
*/
public void commence(ServletRequest request, ServletResponse response, AuthenticationException authException)
throws IOException, ServletException {
if (logger.isDebugEnabled()) {
logger.debug("X509 entry point called. Rejecting access");
}
private int order = Integer.MAX_VALUE; // ~ default
HttpServletResponse httpResponse = (HttpServletResponse) response;
httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "Access Denied");
}
// ~ Methods
// ========================================================================================================
public int getOrder() {
return order;
}
public void setOrder(int order) {
this.order = order;
}
/**
* Returns a 403 error code to the client.
*
* @param request DOCUMENT ME!
* @param response DOCUMENT ME!
* @param authException DOCUMENT ME!
*
* @throws IOException DOCUMENT ME!
* @throws ServletException DOCUMENT ME!
*/
public void commence(ServletRequest request, ServletResponse response, AuthenticationException authException)
throws IOException, ServletException {
if (logger.isDebugEnabled()) {
logger.debug("X509 entry point called. Rejecting access");
}
HttpServletResponse httpResponse = (HttpServletResponse) response;
httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "Access Denied");
}
}