Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-03-09 06:50:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Minor portlet-related changes suggested by John Lewis: Javadoc and default values of booleans.

Browse Source
This commit is contained in:
Luke Taylor 2008-03-31 10:10:13 +00:00
parent c9b6fe9555
commit 07f820f1a6
3 changed files with 5 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/src/main/java/org/springframework/security/providers/preauth/PreAuthenticatedAuthenticationProvider.java
View File

@ -117,7 +117,7 @@ public class PreAuthenticatedAuthenticationProvider implements AuthenticationPro
/**
* If true, causes the provider to throw a BadCredentialsException if the presented authentication
* request is invalid (contains a null principal or credentials). Otherwise it will just return
* null.
* null. Defaults to false.
*/
public void setThrowExceptionWhenTokenRejected(boolean throwExceptionWhenTokenRejected) {
this.throwExceptionWhenTokenRejected = throwExceptionWhenTokenRejected;

36
portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingFilterEntryPoint.java
View File

@ -1,36 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.ui.portlet;
import org.springframework.security.ui.preauth.PreAuthenticatedProcessingFilterEntryPoint;
/**
* <p>In the case of relying on Portlet authentication to access Servlet resources
* (such as embedded images or AJAX calls), the authentication should already
* be in place by the time the security enforcement takes place.
* So, if this class is ever called, then portlet-based authentication has
* already failed. Therefore the <code>commence</code> method in this case will
* always return <code>HttpServletResponse.SC_FORBIDDEN</code> (HTTP 403 error).
*
* @see org.springframework.security.ui.ExceptionTranslationFilter
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public class PortletProcessingFilterEntryPoint extends PreAuthenticatedProcessingFilterEntryPoint {
}

6
portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingInterceptor.java
View File

@ -95,7 +95,7 @@ public class PortletProcessingInterceptor implements HandlerInterceptor, Initial
private AuthenticationDetailsSource authenticationDetailsSource;
private boolean useAuthTypeAsCredentials = true;
private boolean useAuthTypeAsCredentials = false;
public PortletProcessingInterceptor() {
authenticationDetailsSource = new AuthenticationDetailsSourceImpl();
@ -311,7 +311,9 @@ public class PortletProcessingInterceptor implements HandlerInterceptor, Initial
}
/**
*
* It true, the "authType" proerty of the <tt>PortletRequest</tt> will be used as the credentials.
* Defaults to false.
*
* @param useAuthTypeAsCredentials
*/
public void setUseAuthTypeAsCredentials(boolean useAuthTypeAsCredentials) {