Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Renamed form and openID filters to shorten names

This commit is contained in:
Luke Taylor 2009-10-05 17:33:34 +00:00
parent 949759c31a
commit 07d7c0ddae
16 changed files with 61 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java
View File

@ -53,11 +53,11 @@ final class AuthenticationConfigBuilder {
private static final String ATT_REALM = "realm"; private static final String ATT_REALM = "realm";
private static final String DEF_REALM = "Spring Security Application"; private static final String DEF_REALM = "Spring Security Application";
static final String OPEN_ID_AUTHENTICATION_PROCESSING_FILTER_CLASS = "org.springframework.security.openid.OpenIDAuthenticationProcessingFilter"; static final String OPEN_ID_AUTHENTICATION_PROCESSING_FILTER_CLASS = "org.springframework.security.openid.OpenIDAuthenticationFilter";
static final String OPEN_ID_AUTHENTICATION_PROVIDER_CLASS = "org.springframework.security.openid.OpenIDAuthenticationProvider"; static final String OPEN_ID_AUTHENTICATION_PROVIDER_CLASS = "org.springframework.security.openid.OpenIDAuthenticationProvider";
static final String OPEN_ID_CONSUMER_CLASS = "org.springframework.security.openid.OpenID4JavaConsumer"; static final String OPEN_ID_CONSUMER_CLASS = "org.springframework.security.openid.OpenID4JavaConsumer";
static final String OPEN_ID_ATTRIBUTE_CLASS = "org.springframework.security.openid.OpenIDAttribute"; static final String OPEN_ID_ATTRIBUTE_CLASS = "org.springframework.security.openid.OpenIDAttribute";
static final String AUTHENTICATION_PROCESSING_FILTER_CLASS = "org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter"; static final String AUTHENTICATION_PROCESSING_FILTER_CLASS = "org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter";
private static final String ATT_AUTO_CONFIG = "auto-config"; private static final String ATT_AUTO_CONFIG = "auto-config";

4
config/src/main/java/org/springframework/security/config/http/DefaultFilterChainValidator.java
View File

@ -15,7 +15,7 @@ import org.springframework.security.web.access.intercept.DefaultFilterInvocation
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.security.web.authentication.AnonymousProcessingFilter; import org.springframework.security.web.authentication.AnonymousProcessingFilter;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint; import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter; import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.security.web.authentication.www.BasicProcessingFilter; import org.springframework.security.web.authentication.www.BasicProcessingFilter;
import org.springframework.security.web.context.SecurityContextPersistenceFilter; import org.springframework.security.web.context.SecurityContextPersistenceFilter;
@ -51,7 +51,7 @@ public class DefaultFilterChainValidator implements FilterChainProxy.FilterChain
*/ */
private void checkFilterStack(List<Filter> filters) { private void checkFilterStack(List<Filter> filters) {
checkForDuplicates(SecurityContextPersistenceFilter.class, filters); checkForDuplicates(SecurityContextPersistenceFilter.class, filters);
checkForDuplicates(UsernamePasswordAuthenticationProcessingFilter.class, filters); checkForDuplicates(UsernamePasswordAuthenticationFilter.class, filters);
checkForDuplicates(SessionManagementFilter.class, filters); checkForDuplicates(SessionManagementFilter.class, filters);
checkForDuplicates(BasicProcessingFilter.class, filters); checkForDuplicates(BasicProcessingFilter.class, filters);
checkForDuplicates(SecurityContextHolderAwareRequestFilter.class, filters); checkForDuplicates(SecurityContextHolderAwareRequestFilter.class, filters);

4
config/src/test/java/org/springframework/security/config/FilterChainProxyConfigTests.java
View File

@ -34,7 +34,7 @@ import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.web.FilterChainProxy; import org.springframework.security.web.FilterChainProxy;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.context.SecurityContextPersistenceFilter; import org.springframework.security.web.context.SecurityContextPersistenceFilter;
import org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter; import org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter;
@ -143,7 +143,7 @@ public class FilterChainProxyConfigTests {
filters = filterChainProxy.getFilters("/another/nonspecificmatch"); filters = filterChainProxy.getFilters("/another/nonspecificmatch");
assertEquals(3, filters.size()); assertEquals(3, filters.size());
assertTrue(filters.get(0) instanceof SecurityContextPersistenceFilter); assertTrue(filters.get(0) instanceof SecurityContextPersistenceFilter);
assertTrue(filters.get(1) instanceof UsernamePasswordAuthenticationProcessingFilter); assertTrue(filters.get(1) instanceof UsernamePasswordAuthenticationFilter);
assertTrue(filters.get(2) instanceof SecurityContextHolderAwareRequestFilter); assertTrue(filters.get(2) instanceof SecurityContextHolderAwareRequestFilter);
} }

22
config/src/test/java/org/springframework/security/config/http/HttpSecurityBeanDefinitionParserTests.java
View File

@ -34,7 +34,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.session.SessionRegistryImpl; import org.springframework.security.core.session.SessionRegistryImpl;
import org.springframework.security.openid.OpenID4JavaConsumer; import org.springframework.security.openid.OpenID4JavaConsumer;
import org.springframework.security.openid.OpenIDAttribute; import org.springframework.security.openid.OpenIDAttribute;
import org.springframework.security.openid.OpenIDAuthenticationProcessingFilter; import org.springframework.security.openid.OpenIDAuthenticationFilter;
import org.springframework.security.openid.OpenIDAuthenticationProvider; import org.springframework.security.openid.OpenIDAuthenticationProvider;
import org.springframework.security.util.FieldUtils; import org.springframework.security.util.FieldUtils;
import org.springframework.security.web.FilterChainProxy; import org.springframework.security.web.FilterChainProxy;
@ -54,7 +54,7 @@ import org.springframework.security.web.authentication.LoginUrlAuthenticationEnt
import org.springframework.security.web.authentication.RememberMeServices; import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.logout.LogoutFilter; import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.LogoutHandler; import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor; import org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor;
@ -100,8 +100,8 @@ public class HttpSecurityBeanDefinitionParserTests {
public void beanClassNamesAreCorrect() throws Exception { public void beanClassNamesAreCorrect() throws Exception {
assertEquals(DefaultWebSecurityExpressionHandler.class.getName(), HttpSecurityBeanDefinitionParser.EXPRESSION_HANDLER_CLASS); assertEquals(DefaultWebSecurityExpressionHandler.class.getName(), HttpSecurityBeanDefinitionParser.EXPRESSION_HANDLER_CLASS);
assertEquals(ExpressionBasedFilterInvocationSecurityMetadataSource.class.getName(), HttpSecurityBeanDefinitionParser.EXPRESSION_FIMDS_CLASS); assertEquals(ExpressionBasedFilterInvocationSecurityMetadataSource.class.getName(), HttpSecurityBeanDefinitionParser.EXPRESSION_FIMDS_CLASS);
assertEquals(UsernamePasswordAuthenticationProcessingFilter.class.getName(), AUTHENTICATION_PROCESSING_FILTER_CLASS); assertEquals(UsernamePasswordAuthenticationFilter.class.getName(), AUTHENTICATION_PROCESSING_FILTER_CLASS);
assertEquals(OpenIDAuthenticationProcessingFilter.class.getName(), OPEN_ID_AUTHENTICATION_PROCESSING_FILTER_CLASS); assertEquals(OpenIDAuthenticationFilter.class.getName(), OPEN_ID_AUTHENTICATION_PROCESSING_FILTER_CLASS);
assertEquals(OpenIDAuthenticationProvider.class.getName(), OPEN_ID_AUTHENTICATION_PROVIDER_CLASS); assertEquals(OpenIDAuthenticationProvider.class.getName(), OPEN_ID_AUTHENTICATION_PROVIDER_CLASS);
} }
@ -130,7 +130,7 @@ public class HttpSecurityBeanDefinitionParserTests {
assertTrue(filters.next() instanceof SecurityContextPersistenceFilter); assertTrue(filters.next() instanceof SecurityContextPersistenceFilter);
assertTrue(filters.next() instanceof LogoutFilter); assertTrue(filters.next() instanceof LogoutFilter);
Object authProcFilter = filters.next(); Object authProcFilter = filters.next();
assertTrue(authProcFilter instanceof UsernamePasswordAuthenticationProcessingFilter); assertTrue(authProcFilter instanceof UsernamePasswordAuthenticationFilter);
assertTrue(filters.next() instanceof DefaultLoginPageGeneratingFilter); assertTrue(filters.next() instanceof DefaultLoginPageGeneratingFilter);
assertTrue(filters.next() instanceof BasicProcessingFilter); assertTrue(filters.next() instanceof BasicProcessingFilter);
assertTrue(filters.next() instanceof RequestCacheAwareFilter); assertTrue(filters.next() instanceof RequestCacheAwareFilter);
@ -215,7 +215,7 @@ public class HttpSecurityBeanDefinitionParserTests {
" <form-login default-target-url='/default' always-use-default-target='true' />" + " <form-login default-target-url='/default' always-use-default-target='true' />" +
"</http>" + AUTH_PROVIDER_XML); "</http>" + AUTH_PROVIDER_XML);
// These will be matched by the default pattern "/**" // These will be matched by the default pattern "/**"
UsernamePasswordAuthenticationProcessingFilter filter = (UsernamePasswordAuthenticationProcessingFilter) getFilters("/anything").get(1); UsernamePasswordAuthenticationFilter filter = (UsernamePasswordAuthenticationFilter) getFilters("/anything").get(1);
assertEquals("/default", FieldUtils.getFieldValue(filter, "successHandler.defaultTargetUrl")); assertEquals("/default", FieldUtils.getFieldValue(filter, "successHandler.defaultTargetUrl"));
assertEquals(Boolean.TRUE, FieldUtils.getFieldValue(filter, "successHandler.alwaysUseDefaultTargetUrl")); assertEquals(Boolean.TRUE, FieldUtils.getFieldValue(filter, "successHandler.alwaysUseDefaultTargetUrl"));
} }
@ -320,8 +320,8 @@ public class HttpSecurityBeanDefinitionParserTests {
assertEquals("ROLE_A",attrs.get(0).getAttribute()); assertEquals("ROLE_A",attrs.get(0).getAttribute());
// Check the form login properties are set // Check the form login properties are set
UsernamePasswordAuthenticationProcessingFilter apf = (UsernamePasswordAuthenticationProcessingFilter) UsernamePasswordAuthenticationFilter apf = (UsernamePasswordAuthenticationFilter)
getFilter(UsernamePasswordAuthenticationProcessingFilter.class); getFilter(UsernamePasswordAuthenticationFilter.class);
assertEquals("/defaultTarget", FieldUtils.getFieldValue(apf, "successHandler.defaultTargetUrl")); assertEquals("/defaultTarget", FieldUtils.getFieldValue(apf, "successHandler.defaultTargetUrl"));
assertEquals("/authFailure", FieldUtils.getFieldValue(apf, "failureHandler.defaultFailureUrl")); assertEquals("/authFailure", FieldUtils.getFieldValue(apf, "failureHandler.defaultFailureUrl"));
@ -690,7 +690,7 @@ public class HttpSecurityBeanDefinitionParserTests {
Object sessionRegistryFromConcurrencyFilter = FieldUtils.getFieldValue( Object sessionRegistryFromConcurrencyFilter = FieldUtils.getFieldValue(
getFilter(ConcurrentSessionFilter.class), "sessionRegistry"); getFilter(ConcurrentSessionFilter.class), "sessionRegistry");
Object sessionRegistryFromFormLoginFilter = FieldUtils.getFieldValue( Object sessionRegistryFromFormLoginFilter = FieldUtils.getFieldValue(
getFilter(UsernamePasswordAuthenticationProcessingFilter.class),"sessionStrategy.sessionRegistry"); getFilter(UsernamePasswordAuthenticationFilter.class),"sessionStrategy.sessionRegistry");
// Object sessionRegistryFromController = FieldUtils.getFieldValue(getConcurrentSessionController(),"sessionRegistry"); // Object sessionRegistryFromController = FieldUtils.getFieldValue(getConcurrentSessionController(),"sessionRegistry");
Object sessionRegistryFromMgmtFilter = FieldUtils.getFieldValue( Object sessionRegistryFromMgmtFilter = FieldUtils.getFieldValue(
getFilter(SessionManagementFilter.class),"sessionStrategy.sessionRegistry"); getFilter(SessionManagementFilter.class),"sessionStrategy.sessionRegistry");
@ -968,7 +968,7 @@ public class HttpSecurityBeanDefinitionParserTests {
"<b:bean id='sh' class='" + SavedRequestAwareAuthenticationSuccessHandler.class.getName() +"'/>" + "<b:bean id='sh' class='" + SavedRequestAwareAuthenticationSuccessHandler.class.getName() +"'/>" +
"<b:bean id='fh' class='" + SimpleUrlAuthenticationFailureHandler.class.getName() + "'/>" + "<b:bean id='fh' class='" + SimpleUrlAuthenticationFailureHandler.class.getName() + "'/>" +
AUTH_PROVIDER_XML); AUTH_PROVIDER_XML);
UsernamePasswordAuthenticationProcessingFilter apf = (UsernamePasswordAuthenticationProcessingFilter) getFilter(UsernamePasswordAuthenticationProcessingFilter.class); UsernamePasswordAuthenticationFilter apf = (UsernamePasswordAuthenticationFilter) getFilter(UsernamePasswordAuthenticationFilter.class);
AuthenticationSuccessHandler sh = (AuthenticationSuccessHandler) appContext.getBean("sh"); AuthenticationSuccessHandler sh = (AuthenticationSuccessHandler) appContext.getBean("sh");
AuthenticationFailureHandler fh = (AuthenticationFailureHandler) appContext.getBean("fh"); AuthenticationFailureHandler fh = (AuthenticationFailureHandler) appContext.getBean("fh");
assertSame(sh, FieldUtils.getFieldValue(apf, "successHandler")); assertSame(sh, FieldUtils.getFieldValue(apf, "successHandler"));
@ -1005,7 +1005,7 @@ public class HttpSecurityBeanDefinitionParserTests {
" </openid-login>" + " </openid-login>" +
"</http>" + "</http>" +
AUTH_PROVIDER_XML); AUTH_PROVIDER_XML);
OpenIDAuthenticationProcessingFilter apf = (OpenIDAuthenticationProcessingFilter) getFilter(OpenIDAuthenticationProcessingFilter.class); OpenIDAuthenticationFilter apf = (OpenIDAuthenticationFilter) getFilter(OpenIDAuthenticationFilter.class);
OpenID4JavaConsumer consumer = (OpenID4JavaConsumer) FieldUtils.getFieldValue(apf, "consumer"); OpenID4JavaConsumer consumer = (OpenID4JavaConsumer) FieldUtils.getFieldValue(apf, "consumer");
List<OpenIDAttribute> attributes = (List<OpenIDAttribute>) FieldUtils.getFieldValue(consumer, "attributesToFetch"); List<OpenIDAttribute> attributes = (List<OpenIDAttribute>) FieldUtils.getFieldValue(consumer, "attributesToFetch");

2
config/src/test/resources/org/springframework/security/util/filtertest-valid.xml
View File

@ -31,7 +31,7 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
<!-- These are just here so we have filters of a specific type to check the ordering is as expected --> <!-- These are just here so we have filters of a specific type to check the ordering is as expected -->
<bean id="sif" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/> <bean id="sif" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
<bean id="apf" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter"> <bean id="apf" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<property name="authenticationManager"> <property name="authenticationManager">
<bean class="org.springframework.security.MockAuthenticationManager"/> <bean class="org.springframework.security.MockAuthenticationManager"/>
</property> </property>

0
docs/manual/src/docbook/concurrent-sessions.xml → docs/manual/src/docbook/session-mgmt.xml
View File

2
itest/context/src/test/resources/filter-chain-performance-app-context.xml
View File

@ -39,7 +39,7 @@
<bean id="scpf" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/> <bean id="scpf" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
<bean id="apf" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter"> <bean id="apf" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager"/> <property name="authenticationManager" ref="authenticationManager"/>
</bean> </bean>

8
openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProcessingFilter.java → openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationFilter.java
View File

@ -30,7 +30,7 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
@ -63,7 +63,7 @@ import org.springframework.util.StringUtils;
* @since 2.0 * @since 2.0
* @see OpenIDAuthenticationProvider * @see OpenIDAuthenticationProvider
*/ */
public class OpenIDAuthenticationProcessingFilter extends AbstractAuthenticationProcessingFilter { public class OpenIDAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
//~ Static fields/initializers ===================================================================================== //~ Static fields/initializers =====================================================================================
public static final String DEFAULT_CLAIMED_IDENTITY_FIELD = "j_username"; public static final String DEFAULT_CLAIMED_IDENTITY_FIELD = "j_username";
@ -76,7 +76,7 @@ public class OpenIDAuthenticationProcessingFilter extends AbstractAuthentication
//~ Constructors =================================================================================================== //~ Constructors ===================================================================================================
public OpenIDAuthenticationProcessingFilter() { public OpenIDAuthenticationFilter() {
super("/j_spring_openid_security_check"); super("/j_spring_openid_security_check");
} }
@ -158,7 +158,7 @@ public class OpenIDAuthenticationProcessingFilter extends AbstractAuthentication
HttpSession session = request.getSession(false); HttpSession session = request.getSession(false);
if (session != null || getAllowSessionCreation()) { if (session != null || getAllowSessionCreation()) {
request.getSession().setAttribute(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY, username); request.getSession().setAttribute(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY, username);
} }
} }

6
openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationProcessingFilterTests.java
View File

@ -13,13 +13,13 @@ import org.junit.Test;
import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.MockAuthenticationManager; import org.springframework.security.MockAuthenticationManager;
import org.springframework.security.openid.OpenIDAuthenticationProcessingFilter; import org.springframework.security.openid.OpenIDAuthenticationFilter;
import org.springframework.security.openid.OpenIDConsumerException; import org.springframework.security.openid.OpenIDConsumerException;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
public class OpenIDAuthenticationProcessingFilterTests { public class OpenIDAuthenticationProcessingFilterTests {
OpenIDAuthenticationProcessingFilter filter; OpenIDAuthenticationFilter filter;
private static final String REDIRECT_URL = "http://www.example.com/redirect"; private static final String REDIRECT_URL = "http://www.example.com/redirect";
private static final String CLAIMED_IDENTITY_URL = "http://www.example.com/identity"; private static final String CLAIMED_IDENTITY_URL = "http://www.example.com/identity";
private static final String REQUEST_PATH = "/j_spring_openid_security_check"; private static final String REQUEST_PATH = "/j_spring_openid_security_check";
@ -28,7 +28,7 @@ public class OpenIDAuthenticationProcessingFilterTests {
@Before @Before
public void setUp() throws Exception { public void setUp() throws Exception {
filter = new OpenIDAuthenticationProcessingFilter(); filter = new OpenIDAuthenticationFilter();
filter.setConsumer(new MockOpenIDConsumer(REDIRECT_URL)); filter.setConsumer(new MockOpenIDConsumer(REDIRECT_URL));
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler(); SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
filter.setAuthenticationSuccessHandler(new SavedRequestAwareAuthenticationSuccessHandler()); filter.setAuthenticationSuccessHandler(new SavedRequestAwareAuthenticationSuccessHandler());

6
web/src/main/java/org/springframework/security/web/authentication/AuthenticationProcessingFilter.java
View File

@ -3,13 +3,13 @@ package org.springframework.security.web.authentication;
/** /**
* Renamed class, retained for backwards compatibility. * Renamed class, retained for backwards compatibility.
* <p> * <p>
* See {@link UsernamePasswordAuthenticationProcessingFilter}. * See {@link UsernamePasswordAuthenticationFilter}.
* *
* @author Luke Taylor * @author Luke Taylor
* @version $Id$ * @version $Id$
* @deprecated Use UsernamePasswordAuthenticationProcessingFilter instead. * @deprecated Use UsernamePasswordAuthenticationFilter instead.
*/ */
public class AuthenticationProcessingFilter extends UsernamePasswordAuthenticationProcessingFilter { public class AuthenticationProcessingFilter extends UsernamePasswordAuthenticationFilter {
} }

4
web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java
View File

@ -43,7 +43,7 @@ import org.springframework.util.StringUtils;
/** /**
* Used by the {@link ExceptionTranslationFilter} to commence a form login * Used by the {@link ExceptionTranslationFilter} to commence a form login
* authentication via the {@link UsernamePasswordAuthenticationProcessingFilter}. This object * authentication via the {@link UsernamePasswordAuthenticationFilter}. This object
* holds the location of the login form, relative to the web app context path, * holds the location of the login form, relative to the web app context path,
* and is used to commence a redirect to that form. * and is used to commence a redirect to that form.
* <p> * <p>
@ -220,7 +220,7 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin
} }
/** /**
* The URL where the <code>UsernamePasswordAuthenticationProcessingFilter</code> login * The URL where the <code>UsernamePasswordAuthenticationFilter</code> login
* page can be found. Should be relative to the web-app context path, and * page can be found. Should be relative to the web-app context path, and
* include a leading <code>/</code> * include a leading <code>/</code>
*/ */

4
web/src/main/java/org/springframework/security/web/authentication/UsernamePasswordAuthenticationProcessingFilter.java → web/src/main/java/org/springframework/security/web/authentication/UsernamePasswordAuthenticationFilter.java
View File

@ -46,7 +46,7 @@ import org.springframework.util.Assert;
* @version $Id$ * @version $Id$
* @since 3.0 * @since 3.0
*/ */
public class UsernamePasswordAuthenticationProcessingFilter extends AbstractAuthenticationProcessingFilter { public class UsernamePasswordAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
//~ Static fields/initializers ===================================================================================== //~ Static fields/initializers =====================================================================================
public static final String SPRING_SECURITY_FORM_USERNAME_KEY = "j_username"; public static final String SPRING_SECURITY_FORM_USERNAME_KEY = "j_username";
@ -59,7 +59,7 @@ public class UsernamePasswordAuthenticationProcessingFilter extends AbstractAuth
//~ Constructors =================================================================================================== //~ Constructors ===================================================================================================
public UsernamePasswordAuthenticationProcessingFilter() { public UsernamePasswordAuthenticationFilter() {
super("/j_spring_security_check"); super("/j_spring_security_check");
} }

4
web/src/main/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlStrategy.java
View File

@ -15,7 +15,7 @@ import org.springframework.security.core.SpringSecurityMessageSource;
import org.springframework.security.core.session.SessionInformation; import org.springframework.security.core.session.SessionInformation;
import org.springframework.security.core.session.SessionRegistry; import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.session.ConcurrentSessionFilter; import org.springframework.security.web.session.ConcurrentSessionFilter;
import org.springframework.security.web.session.SessionManagementFilter; import org.springframework.security.web.session.SessionManagementFilter;
import org.springframework.util.Assert; import org.springframework.util.Assert;
@ -33,7 +33,7 @@ import org.springframework.util.Assert;
* set to <tt>true</tt>, however, the user will be prevented from starting a new authenticated session. * set to <tt>true</tt>, however, the user will be prevented from starting a new authenticated session.
* <p> * <p>
* This strategy can be injected into both the {@link SessionManagementFilter} and instances of * This strategy can be injected into both the {@link SessionManagementFilter} and instances of
* {@link AbstractAuthenticationProcessingFilter} (typically {@link UsernamePasswordAuthenticationProcessingFilter}). * {@link AbstractAuthenticationProcessingFilter} (typically {@link UsernamePasswordAuthenticationFilter}).
* *
* @author Luke Taylor * @author Luke Taylor
* @version $Id$ * @version $Id$

12
web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java
View File

@ -13,7 +13,7 @@ import javax.servlet.http.HttpSession;
import org.springframework.beans.BeanWrapperImpl; import org.springframework.beans.BeanWrapperImpl;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices; import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
import org.springframework.web.filter.GenericFilterBean; import org.springframework.web.filter.GenericFilterBean;
@ -41,18 +41,18 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean {
private String openIDrememberMeParameter; private String openIDrememberMeParameter;
public DefaultLoginPageGeneratingFilter(AbstractAuthenticationProcessingFilter filter) { public DefaultLoginPageGeneratingFilter(AbstractAuthenticationProcessingFilter filter) {
if (filter instanceof UsernamePasswordAuthenticationProcessingFilter) { if (filter instanceof UsernamePasswordAuthenticationFilter) {
init((UsernamePasswordAuthenticationProcessingFilter)filter, null); init((UsernamePasswordAuthenticationFilter)filter, null);
} else { } else {
init(null, filter); init(null, filter);
} }
} }
public DefaultLoginPageGeneratingFilter(UsernamePasswordAuthenticationProcessingFilter authFilter, AbstractAuthenticationProcessingFilter openIDFilter) { public DefaultLoginPageGeneratingFilter(UsernamePasswordAuthenticationFilter authFilter, AbstractAuthenticationProcessingFilter openIDFilter) {
init(authFilter, openIDFilter); init(authFilter, openIDFilter);
} }
private void init(UsernamePasswordAuthenticationProcessingFilter authFilter, AbstractAuthenticationProcessingFilter openIDFilter) { private void init(UsernamePasswordAuthenticationFilter authFilter, AbstractAuthenticationProcessingFilter openIDFilter) {
if (authFilter != null) { if (authFilter != null) {
formLoginEnabled = true; formLoginEnabled = true;
authenticationUrl = authFilter.getFilterProcessesUrl(); authenticationUrl = authFilter.getFilterProcessesUrl();
@ -101,7 +101,7 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean {
HttpSession session = request.getSession(false); HttpSession session = request.getSession(false);
if(session != null) { if(session != null) {
lastUser = (String) session.getAttribute(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY); lastUser = (String) session.getAttribute(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY);
AuthenticationException ex = (AuthenticationException) session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY); AuthenticationException ex = (AuthenticationException) session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY);
errorMsg = ex != null ? ex.getMessage() : "none"; errorMsg = ex != null ? ex.getMessage() : "none";
if (lastUser == null) { if (lastUser == null) {

4
web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java
View File

@ -29,7 +29,7 @@ public class DefaultLoginPageGeneratingFilterTests {
@Test @Test
public void generatingPageWithAuthenticationProcessingFilterOnlyIsSuccessFul() throws Exception { public void generatingPageWithAuthenticationProcessingFilterOnlyIsSuccessFul() throws Exception {
DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new UsernamePasswordAuthenticationProcessingFilter()); DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new UsernamePasswordAuthenticationFilter());
filter.doFilter(new MockHttpServletRequest("GET", "/spring_security_login"), new MockHttpServletResponse(), chain); filter.doFilter(new MockHttpServletRequest("GET", "/spring_security_login"), new MockHttpServletResponse(), chain);
filter.doFilter(new MockHttpServletRequest("GET", "/spring_security_login;pathparam=unused"), new MockHttpServletResponse(), chain); filter.doFilter(new MockHttpServletRequest("GET", "/spring_security_login;pathparam=unused"), new MockHttpServletResponse(), chain);
} }
@ -60,7 +60,7 @@ public class DefaultLoginPageGeneratingFilterTests {
/* SEC-1111 */ /* SEC-1111 */
@Test @Test
public void handlesNonIso8859CharsInErrorMessage() throws Exception { public void handlesNonIso8859CharsInErrorMessage() throws Exception {
DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new UsernamePasswordAuthenticationProcessingFilter()); DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new UsernamePasswordAuthenticationFilter());
MockHttpServletRequest request = new MockHttpServletRequest("GET", "/spring_security_login"); MockHttpServletRequest request = new MockHttpServletRequest("GET", "/spring_security_login");
request.addParameter("login_error", "true"); request.addParameter("login_error", "true");
MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor(); MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();

36
web/src/test/java/org/springframework/security/web/authentication/AuthenticationProcessingFilterTests.java → web/src/test/java/org/springframework/security/web/authentication/UsernamePasswordAuthenticationFilterTests.java
View File

@ -35,21 +35,21 @@ import org.springframework.security.core.AuthenticationException;
/** /**
* Tests {@link UsernamePasswordAuthenticationProcessingFilter}. * Tests {@link UsernamePasswordAuthenticationFilter}.
* *
* @author Ben Alex * @author Ben Alex
* @version $Id$ * @version $Id$
*/ */
public class AuthenticationProcessingFilterTests extends TestCase { public class UsernamePasswordAuthenticationFilterTests extends TestCase {
//~ Methods ======================================================================================================== //~ Methods ========================================================================================================
@Test @Test
public void testNormalOperation() throws Exception { public void testNormalOperation() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/"); MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod"); request.addParameter(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod");
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala"); request.addParameter(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter(); UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
assertEquals("/j_spring_security_check", filter.getFilterProcessesUrl()); assertEquals("/j_spring_security_check", filter.getFilterProcessesUrl());
filter.setAuthenticationManager(createAuthenticationManager()); filter.setAuthenticationManager(createAuthenticationManager());
// filter.init(null); // filter.init(null);
@ -57,16 +57,16 @@ public class AuthenticationProcessingFilterTests extends TestCase {
Authentication result = filter.attemptAuthentication(request, new MockHttpServletResponse()); Authentication result = filter.attemptAuthentication(request, new MockHttpServletResponse());
assertTrue(result != null); assertTrue(result != null);
assertEquals("rod", request.getSession().getAttribute( assertEquals("rod", request.getSession().getAttribute(
UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY)); UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY));
assertEquals("127.0.0.1", ((WebAuthenticationDetails) result.getDetails()).getRemoteAddress()); assertEquals("127.0.0.1", ((WebAuthenticationDetails) result.getDetails()).getRemoteAddress());
} }
@Test @Test
public void testNullPasswordHandledGracefully() throws Exception { public void testNullPasswordHandledGracefully() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/"); MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod"); request.addParameter(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod");
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter(); UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
filter.setAuthenticationManager(createAuthenticationManager()); filter.setAuthenticationManager(createAuthenticationManager());
assertNotNull(filter.attemptAuthentication(request, new MockHttpServletResponse())); assertNotNull(filter.attemptAuthentication(request, new MockHttpServletResponse()));
} }
@ -74,16 +74,16 @@ public class AuthenticationProcessingFilterTests extends TestCase {
@Test @Test
public void testNullUsernameHandledGracefully() throws Exception { public void testNullUsernameHandledGracefully() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/"); MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala"); request.addParameter(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter(); UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
filter.setAuthenticationManager(createAuthenticationManager()); filter.setAuthenticationManager(createAuthenticationManager());
assertNotNull(filter.attemptAuthentication(request, new MockHttpServletResponse())); assertNotNull(filter.attemptAuthentication(request, new MockHttpServletResponse()));
} }
@Test @Test
public void testUsingDifferentParameterNamesWorksAsExpected() throws ServletException { public void testUsingDifferentParameterNamesWorksAsExpected() throws ServletException {
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter(); UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
filter.setAuthenticationManager(createAuthenticationManager()); filter.setAuthenticationManager(createAuthenticationManager());
filter.setUsernameParameter("x"); filter.setUsernameParameter("x");
filter.setPasswordParameter("y"); filter.setPasswordParameter("y");
@ -100,10 +100,10 @@ public class AuthenticationProcessingFilterTests extends TestCase {
@Test @Test
public void testSpacesAreTrimmedCorrectlyFromUsername() throws Exception { public void testSpacesAreTrimmedCorrectlyFromUsername() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/"); MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, " rod "); request.addParameter(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_USERNAME_KEY, " rod ");
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala"); request.addParameter(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter(); UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
filter.setAuthenticationManager(createAuthenticationManager()); filter.setAuthenticationManager(createAuthenticationManager());
Authentication result = filter.attemptAuthentication(request, new MockHttpServletResponse()); Authentication result = filter.attemptAuthentication(request, new MockHttpServletResponse());
@ -113,8 +113,8 @@ public class AuthenticationProcessingFilterTests extends TestCase {
@Test @Test
public void testFailedAuthenticationThrowsException() { public void testFailedAuthenticationThrowsException() {
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/"); MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod"); request.addParameter(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod");
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter(); UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
AuthenticationManager am = mock(AuthenticationManager.class); AuthenticationManager am = mock(AuthenticationManager.class);
when(am.authenticate(any(Authentication.class))).thenThrow(new BadCredentialsException("")); when(am.authenticate(any(Authentication.class))).thenThrow(new BadCredentialsException(""));
filter.setAuthenticationManager(am); filter.setAuthenticationManager(am);
@ -127,7 +127,7 @@ public class AuthenticationProcessingFilterTests extends TestCase {
// Check username has still been set // Check username has still been set
assertEquals("rod", request.getSession().getAttribute( assertEquals("rod", request.getSession().getAttribute(
UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY)); UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY));
} }
/** /**
@ -137,7 +137,7 @@ public class AuthenticationProcessingFilterTests extends TestCase {
public void noSessionIsCreatedIfAllowSessionCreationIsFalse() throws Exception { public void noSessionIsCreatedIfAllowSessionCreationIsFalse() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletRequest request = new MockHttpServletRequest();
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter(); UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
filter.setAllowSessionCreation(false); filter.setAllowSessionCreation(false);
filter.setAuthenticationManager(createAuthenticationManager()); filter.setAuthenticationManager(createAuthenticationManager());