SEC-788: x509 authentication does not work properly
http://jira.springframework.org/browse/SEC-788. Added check for X509 element when choosing entry point, if nothing else is available.
This commit is contained in:
parent
e12b6afefa
commit
1258fa854e
|
@ -408,15 +408,21 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Otherwise use OpenID
|
// Otherwise use OpenID if enabled
|
||||||
if (openIDFilter != null && formLoginFilter == null) {
|
if (openIDFilter != null && formLoginFilter == null) {
|
||||||
parserContext.getRegistry().registerAlias(BeanIds.OPEN_ID_ENTRY_POINT, BeanIds.MAIN_ENTRY_POINT);
|
parserContext.getRegistry().registerAlias(BeanIds.OPEN_ID_ENTRY_POINT, BeanIds.MAIN_ENTRY_POINT);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
parserContext.getReaderContext().error("No AuthenticationEntryPoint could be established. Please" +
|
// If X.509 has been enabled, use the preauth entry point.
|
||||||
"make sure you have a login mechanism configured through the namespace (such as form-login) or" +
|
if (DomUtils.getChildElementByTagName(element, Elements.X509) != null) {
|
||||||
"specify a custom AuthenticationEntryPoint with the custom-entry-point-ref ",
|
parserContext.getRegistry().registerAlias(BeanIds.PRE_AUTH_ENTRY_POINT, BeanIds.MAIN_ENTRY_POINT);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
parserContext.getReaderContext().error("No AuthenticationEntryPoint could be established. Please " +
|
||||||
|
"make sure you have a login mechanism configured through the namespace (such as form-login) or " +
|
||||||
|
"specify a custom AuthenticationEntryPoint with the custom-entry-point-ref attribute ",
|
||||||
parserContext.extractSource(element));
|
parserContext.extractSource(element));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue