SEC-788: x509 authentication does not work properly

http://jira.springframework.org/browse/SEC-788. Added check for X509 element when choosing entry point, if nothing else is available.
This commit is contained in:
Luke Taylor 2008-04-22 14:53:11 +00:00
parent e12b6afefa
commit 1258fa854e
1 changed files with 10 additions and 4 deletions

View File

@ -408,15 +408,21 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
return; return;
} }
// Otherwise use OpenID // Otherwise use OpenID if enabled
if (openIDFilter != null && formLoginFilter == null) { if (openIDFilter != null && formLoginFilter == null) {
parserContext.getRegistry().registerAlias(BeanIds.OPEN_ID_ENTRY_POINT, BeanIds.MAIN_ENTRY_POINT); parserContext.getRegistry().registerAlias(BeanIds.OPEN_ID_ENTRY_POINT, BeanIds.MAIN_ENTRY_POINT);
return; return;
} }
parserContext.getReaderContext().error("No AuthenticationEntryPoint could be established. Please" + // If X.509 has been enabled, use the preauth entry point.
"make sure you have a login mechanism configured through the namespace (such as form-login) or" + if (DomUtils.getChildElementByTagName(element, Elements.X509) != null) {
"specify a custom AuthenticationEntryPoint with the custom-entry-point-ref ", parserContext.getRegistry().registerAlias(BeanIds.PRE_AUTH_ENTRY_POINT, BeanIds.MAIN_ENTRY_POINT);
return;
}
parserContext.getReaderContext().error("No AuthenticationEntryPoint could be established. Please " +
"make sure you have a login mechanism configured through the namespace (such as form-login) or " +
"specify a custom AuthenticationEntryPoint with the custom-entry-point-ref attribute ",
parserContext.extractSource(element)); parserContext.extractSource(element));
} }