diff --git a/web/src/main/java/org/springframework/security/web/authentication/WebAuthenticationDetails.java b/web/src/main/java/org/springframework/security/web/authentication/WebAuthenticationDetails.java index 34586abd46..2ed5656318 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/WebAuthenticationDetails.java +++ b/web/src/main/java/org/springframework/security/web/authentication/WebAuthenticationDetails.java @@ -43,9 +43,7 @@ public class WebAuthenticationDetails implements Serializable { * @param request that the authentication request was received from */ public WebAuthenticationDetails(HttpServletRequest request) { - this.remoteAddress = request.getRemoteAddr(); - HttpSession session = request.getSession(false); - this.sessionId = (session != null) ? session.getId() : null; + this(request.getRemoteAddr(), extractSessionId(request)); } /** @@ -53,11 +51,16 @@ public class WebAuthenticationDetails implements Serializable { * @param remoteAddress remote address of current request * @param sessionId session id */ - private WebAuthenticationDetails(final String remoteAddress, final String sessionId) { + public WebAuthenticationDetails(String remoteAddress, String sessionId) { this.remoteAddress = remoteAddress; this.sessionId = sessionId; } + private static String extractSessionId(HttpServletRequest request) { + HttpSession session = request.getSession(false); + return (session != null) ? session.getId() : null; + } + @Override public boolean equals(Object obj) { if (obj instanceof WebAuthenticationDetails) { diff --git a/web/src/test/java/org/springframework/security/web/jackson2/WebAuthenticationDetailsMixinTests.java b/web/src/test/java/org/springframework/security/web/jackson2/WebAuthenticationDetailsMixinTests.java index 8a3d2f7c43..93fed9c751 100644 --- a/web/src/test/java/org/springframework/security/web/jackson2/WebAuthenticationDetailsMixinTests.java +++ b/web/src/test/java/org/springframework/security/web/jackson2/WebAuthenticationDetailsMixinTests.java @@ -64,6 +64,13 @@ public class WebAuthenticationDetailsMixinTests extends AbstractMixinTests { JSONAssert.assertEquals(AUTHENTICATION_DETAILS_JSON, actualJson, true); } + @Test + public void webAuthenticationDetailsJackson2SerializeTest() throws JsonProcessingException, JSONException { + WebAuthenticationDetails details = new WebAuthenticationDetails("/localhost", "1"); + String actualJson = this.mapper.writeValueAsString(details); + JSONAssert.assertEquals(AUTHENTICATION_DETAILS_JSON, actualJson, true); + } + @Test public void webAuthenticationDetailsDeserializeTest() throws IOException { WebAuthenticationDetails details = this.mapper.readValue(AUTHENTICATION_DETAILS_JSON,