Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-27 06:12:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-2574: Polish

Browse Source 
Handle null DelegatingApplicationListener
This commit is contained in:
Rob Winch 2014-11-19 17:09:24 -06:00
parent 5810681b06
commit 05882b5f24
1 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
config/src/main/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.java
View File

@ -23,13 +23,14 @@ import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
import org.springframework.context.ApplicationContext; import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationListener;
import org.springframework.context.event.GenericApplicationListenerAdapter; import org.springframework.context.event.GenericApplicationListenerAdapter;
import org.springframework.context.event.SmartApplicationListener; import org.springframework.context.event.SmartApplicationListener;
import org.springframework.security.authentication.AuthenticationTrustResolver; import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder; import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.context.DelegatingApplicationListener;
import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.context.DelegatingApplicationListener;
import org.springframework.security.core.session.SessionRegistry; import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.core.session.SessionRegistryImpl; import org.springframework.security.core.session.SessionRegistryImpl;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
@ -474,15 +475,25 @@ public final class SessionManagementConfigurer<H extends HttpSecurityBuilder<H>>
private SessionRegistry getSessionRegistry(H http) { private SessionRegistry getSessionRegistry(H http) {
if(sessionRegistry == null) { if(sessionRegistry == null) {
SessionRegistryImpl sessionRegistry = new SessionRegistryImpl(); SessionRegistryImpl sessionRegistry = new SessionRegistryImpl();
ApplicationContext context = http.getSharedObject(ApplicationContext.class); registerDelegateApplicationListener(http, sessionRegistry);
DelegatingApplicationListener delegating = context.getBean(DelegatingApplicationListener.class);
SmartApplicationListener smartListener = new GenericApplicationListenerAdapter(sessionRegistry);
delegating.addListener(smartListener);
this.sessionRegistry = sessionRegistry; this.sessionRegistry = sessionRegistry;
} }
return sessionRegistry; return sessionRegistry;
} }
private void registerDelegateApplicationListener(H http, ApplicationListener<?> delegate) {
ApplicationContext context = http.getSharedObject(ApplicationContext.class);
if(context == null) {
return;
}
if(context.getBeansOfType(DelegatingApplicationListener.class).isEmpty()) {
return;
}
DelegatingApplicationListener delegating = context.getBean(DelegatingApplicationListener.class);
SmartApplicationListener smartListener = new GenericApplicationListenerAdapter(delegate);
delegating.addListener(smartListener);
}
/** /**
* Returns true if the number of concurrent sessions per user should be restricted. * Returns true if the number of concurrent sessions per user should be restricted.
* @return * @return