SEC-562: Changing constants and key names.
This commit is contained in:
Luke Taylor
parent
d1c866e477
commit
18c8ba4ac2
|
|
@ -106,7 +106,7 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi
|
|||
|
||||
static final String FILTER_APPLIED = "__acegi_session_integration_filter_applied";
|
||||
|
||||
public static final String ACEGI_SECURITY_CONTEXT_KEY = "ACEGI_SECURITY_CONTEXT";
|
||||
public static final String SPRING_SECURITY_CONTEXT_KEY = "SPRING_SECURITY_CONTEXT";
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
|
|
@ -224,7 +224,7 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi
|
|||
}
|
||||
} else {
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug("Obtained a valid SecurityContext from ACEGI_SECURITY_CONTEXT to "
|
||||
logger.debug("Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT to "
|
||||
+ "associate with SecurityContextHolder: '" + contextBeforeChainExecution + "'");
|
||||
}
|
||||
}
|
||||
|
|
@ -293,11 +293,11 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi
|
|||
|
||||
// Session exists, so try to obtain a context from it.
|
||||
|
||||
Object contextFromSessionObject = httpSession.getAttribute(ACEGI_SECURITY_CONTEXT_KEY);
|
||||
Object contextFromSessionObject = httpSession.getAttribute(SPRING_SECURITY_CONTEXT_KEY);
|
||||
|
||||
if (contextFromSessionObject == null) {
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug("HttpSession returned null object for ACEGI_SECURITY_CONTEXT");
|
||||
logger.debug("HttpSession returned null object for SPRING_SECURITY_CONTEXT");
|
||||
}
|
||||
|
||||
return null;
|
||||
|
|
@ -323,7 +323,7 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi
|
|||
|
||||
if (!(contextFromSessionObject instanceof SecurityContext)) {
|
||||
if (logger.isWarnEnabled()) {
|
||||
logger.warn("ACEGI_SECURITY_CONTEXT did not contain a SecurityContext but contained: '"
|
||||
logger.warn("SPRING_SECURITY_CONTEXT did not contain a SecurityContext but contained: '"
|
||||
+ contextFromSessionObject
|
||||
+ "'; are you improperly modifying the HttpSession directly "
|
||||
+ "(you should always use SecurityContextHolder) or using the HttpSession attribute "
|
||||
|
|
@ -405,7 +405,7 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi
|
|||
// If HttpSession exists, store current SecurityContextHolder contents but only if
|
||||
// the SecurityContext has actually changed (see JIRA SEC-37)
|
||||
if (httpSession != null && securityContext.hashCode() != contextHashBeforeChainExecution) {
|
||||
httpSession.setAttribute(ACEGI_SECURITY_CONTEXT_KEY, securityContext);
|
||||
httpSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY, securityContext);
|
||||
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug("SecurityContext stored to HttpSession: '" + securityContext + "'");
|
||||
|
|
|
|||
|
|
@ -321,7 +321,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
|
|||
*/
|
||||
protected void handleLogout(HttpSessionDestroyedEvent event) {
|
||||
SecurityContext context = (SecurityContext)
|
||||
event.getSession().getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
|
||||
event.getSession().getAttribute(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
|
||||
|
||||
if (context == null) {
|
||||
log.debug("The destroyed session has no SecurityContext");
|
||||
|
|
|
|||
|
|
@ -71,7 +71,7 @@ import javax.servlet.http.HttpSession;
|
|||
* <p>
|
||||
* If authentication fails, the <code>AuthenticationException</code> will be
|
||||
* placed into the <code>HttpSession</code> with the attribute defined by
|
||||
* {@link #ACEGI_SECURITY_LAST_EXCEPTION_KEY}.
|
||||
* {@link #SPRING_SECURITY_LAST_EXCEPTION_KEY}.
|
||||
* </p>
|
||||
* <p>
|
||||
* To use this filter, it is necessary to specify the following properties:
|
||||
|
|
@ -79,7 +79,7 @@ import javax.servlet.http.HttpSession;
|
|||
* <ul>
|
||||
* <li><code>defaultTargetUrl</code> indicates the URL that should be used
|
||||
* for redirection if the <code>HttpSession</code> attribute named
|
||||
* {@link #ACEGI_SAVED_REQUEST_KEY} does not indicate the target URL once
|
||||
* {@link #SPRING_SECURITY_SAVED_REQUEST_KEY} does not indicate the target URL once
|
||||
* authentication is completed successfully. eg: <code>/</code>. The
|
||||
* <code>defaultTargetUrl</code> will be treated as relative to the web-app's
|
||||
* context path, and should include the leading <code>/</code>.
|
||||
|
|
@ -93,7 +93,7 @@ import javax.servlet.http.HttpSession;
|
|||
* <li><code>alwaysUseDefaultTargetUrl</code> causes successful
|
||||
* authentication to always redirect to the <code>defaultTargetUrl</code>,
|
||||
* even if the <code>HttpSession</code> attribute named {@link
|
||||
* #ACEGI_SAVED_REQUEST_KEY} defines the intended target URL.</li>
|
||||
* # SPRING_SECURITY_SAVED_REQUEST_KEY} defines the intended target URL.</li>
|
||||
* </ul>
|
||||
* <p>
|
||||
* To configure this filter to redirect to specific pages as the result of
|
||||
|
|
@ -143,9 +143,9 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
|
|||
MessageSourceAware {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
public static final String ACEGI_SAVED_REQUEST_KEY = "ACEGI_SAVED_REQUEST_KEY";
|
||||
public static final String SPRING_SECURITY_SAVED_REQUEST_KEY = "SPRING_SECURITY_SAVED_REQUEST_KEY";
|
||||
|
||||
public static final String ACEGI_SECURITY_LAST_EXCEPTION_KEY = "ACEGI_SECURITY_LAST_EXCEPTION";
|
||||
public static final String SPRING_SECURITY_LAST_EXCEPTION_KEY = "SPRING_SECURITY_LAST_EXCEPTION";
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
|
|
@ -168,7 +168,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
|
|||
|
||||
/**
|
||||
* Where to redirect the browser to if authentication is successful but
|
||||
* ACEGI_SAVED_REQUEST_KEY is <code>null</code>
|
||||
* SPRING_SECURITY_SAVED_REQUEST_KEY is <code>null</code>
|
||||
*/
|
||||
private String defaultTargetUrl;
|
||||
|
||||
|
|
@ -349,7 +349,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
|
|||
}
|
||||
|
||||
public static String obtainFullRequestUrl(HttpServletRequest request) {
|
||||
SavedRequest savedRequest = (SavedRequest) request.getSession().getAttribute(ACEGI_SAVED_REQUEST_KEY);
|
||||
SavedRequest savedRequest = (SavedRequest) request.getSession().getAttribute(SPRING_SECURITY_SAVED_REQUEST_KEY);
|
||||
|
||||
return (savedRequest == null) ? null : savedRequest.getFullRequestUrl();
|
||||
}
|
||||
|
|
@ -575,7 +575,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
|
|||
}
|
||||
|
||||
try {
|
||||
request.getSession().setAttribute(ACEGI_SECURITY_LAST_EXCEPTION_KEY, failed);
|
||||
request.getSession().setAttribute(SPRING_SECURITY_LAST_EXCEPTION_KEY, failed);
|
||||
}
|
||||
catch (Exception ignored) {
|
||||
}
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ import javax.servlet.http.HttpServletResponse;
|
|||
* "forward" to the specified error page view. Being a "forward", the <code>SecurityContextHolder</code> will remain
|
||||
* populated. This is of benefit if the view (or a tag library or macro) wishes to access the
|
||||
* <code>SecurityContextHolder</code>. The request scope will also be populated with the exception itself, available
|
||||
* from the key {@link #ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY}.</p>
|
||||
* from the key {@link #SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY}.</p>
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
|
|
@ -44,7 +44,7 @@ import javax.servlet.http.HttpServletResponse;
|
|||
public class AccessDeniedHandlerImpl implements AccessDeniedHandler {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
public static final String ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY = "ACEGI_SECURITY_403_EXCEPTION";
|
||||
public static final String SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY = "SPRING_SECURITY_403_EXCEPTION";
|
||||
protected static final Log logger = LogFactory.getLog(AccessDeniedHandlerImpl.class);
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
|
@ -57,7 +57,7 @@ public class AccessDeniedHandlerImpl implements AccessDeniedHandler {
|
|||
throws IOException, ServletException {
|
||||
if (errorPage != null) {
|
||||
// Put exception into request scope (perhaps of use to a view)
|
||||
((HttpServletRequest) request).setAttribute(ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY,
|
||||
((HttpServletRequest) request).setAttribute(SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY,
|
||||
accessDeniedException);
|
||||
|
||||
// Perform RequestDispatcher "forward"
|
||||
|
|
|
|||
|
|
@ -216,7 +216,7 @@ public class ExceptionTranslationFilter implements Filter, InitializingBean {
|
|||
if (createSessionAllowed) {
|
||||
// Store the HTTP request itself. Used by AbstractProcessingFilter
|
||||
// for redirection after successful authentication (SEC-29)
|
||||
httpRequest.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY, savedRequest);
|
||||
httpRequest.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY, savedRequest);
|
||||
}
|
||||
|
||||
// SEC-112: Clear the SecurityContextHolder's Authentication, as the
|
||||
|
|
|
|||
|
|
@ -104,7 +104,7 @@ import org.springframework.web.bind.RequestUtils;
|
|||
public class TokenBasedRememberMeServices implements RememberMeServices, InitializingBean, LogoutHandler {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
public static final String ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY = "ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE";
|
||||
public static final String SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY = "SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE";
|
||||
|
||||
public static final String DEFAULT_PARAMETER = "_acegi_security_remember_me";
|
||||
|
||||
|
|
@ -124,7 +124,7 @@ public class TokenBasedRememberMeServices implements RememberMeServices, Initial
|
|||
|
||||
private boolean alwaysRemember = false;
|
||||
|
||||
private String cookieName = ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY;
|
||||
private String cookieName = SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY;
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
|
|
|
|||
|
|
@ -104,7 +104,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
|
|||
|
||||
// ~ Static fields/initializers
|
||||
// =============================================
|
||||
public static final String ACEGI_SECURITY_SWITCH_USERNAME_KEY = "j_username";
|
||||
public static final String SPRING_SECURITY_SWITCH_USERNAME_KEY = "j_username";
|
||||
public static final String ROLE_PREVIOUS_ADMINISTRATOR = "ROLE_PREVIOUS_ADMINISTRATOR";
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
|
@ -197,7 +197,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
|
|||
throws AuthenticationException {
|
||||
UsernamePasswordAuthenticationToken targetUserRequest = null;
|
||||
|
||||
String username = request.getParameter(ACEGI_SECURITY_SWITCH_USERNAME_KEY);
|
||||
String username = request.getParameter(SPRING_SECURITY_SWITCH_USERNAME_KEY);
|
||||
|
||||
if (username == null) {
|
||||
username = "";
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ import javax.servlet.http.HttpServletRequest;
|
|||
* Processes an authentication form.
|
||||
* <p>Login forms must present two parameters to this filter: a username and
|
||||
* password. The default parameter names to use are contained in the
|
||||
* static fields {@link #ACEGI_SECURITY_FORM_USERNAME_KEY} and {@link #ACEGI_SECURITY_FORM_PASSWORD_KEY}.
|
||||
* static fields {@link #SPRING_SECURITY_FORM_USERNAME_KEY} and {@link #SPRING_SECURITY_FORM_PASSWORD_KEY}.
|
||||
* The parameter names can also be changed by setting the <tt>usernameParameter</tt> and <tt>passwordParameter</tt>
|
||||
* properties.
|
||||
* </p>
|
||||
|
|
@ -47,12 +47,12 @@ import javax.servlet.http.HttpServletRequest;
|
|||
public class AuthenticationProcessingFilter extends AbstractProcessingFilter {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
public static final String ACEGI_SECURITY_FORM_USERNAME_KEY = "j_username";
|
||||
public static final String ACEGI_SECURITY_FORM_PASSWORD_KEY = "j_password";
|
||||
public static final String ACEGI_SECURITY_LAST_USERNAME_KEY = "ACEGI_SECURITY_LAST_USERNAME";
|
||||
public static final String SPRING_SECURITY_FORM_USERNAME_KEY = "j_username";
|
||||
public static final String SPRING_SECURITY_FORM_PASSWORD_KEY = "j_password";
|
||||
public static final String SPRING_SECURITY_LAST_USERNAME_KEY = "SECURITY_SECURITY_LAST_USERNAME";
|
||||
|
||||
private String usernameParameter = ACEGI_SECURITY_FORM_USERNAME_KEY;
|
||||
private String passwordParameter = ACEGI_SECURITY_FORM_PASSWORD_KEY;
|
||||
private String usernameParameter = SPRING_SECURITY_FORM_USERNAME_KEY;
|
||||
private String passwordParameter = SPRING_SECURITY_FORM_PASSWORD_KEY;
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
|
|
@ -73,7 +73,7 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter {
|
|||
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password);
|
||||
|
||||
// Place the last username attempted into HttpSession for views
|
||||
request.getSession().setAttribute(ACEGI_SECURITY_LAST_USERNAME_KEY, username);
|
||||
request.getSession().setAttribute(SPRING_SECURITY_LAST_USERNAME_KEY, username);
|
||||
|
||||
// Allow subclasses to set the "details" property
|
||||
setDetails(request, authRequest);
|
||||
|
|
|
|||
|
|
@ -39,8 +39,8 @@ import javax.servlet.http.HttpServletResponse;
|
|||
* next paragraph). This allows applications to optionally function even when their Siteminder infrastructure is
|
||||
* unavailable, as is often the case during development.</p>
|
||||
* <P><B>Login forms</B> must present two <B>parameters</B> to this filter: a username and password. If not
|
||||
* specified, the parameter names to use are contained in the static fields {@link #ACEGI_SECURITY_FORM_USERNAME_KEY}
|
||||
* and {@link #ACEGI_SECURITY_FORM_PASSWORD_KEY}.</p>
|
||||
* specified, the parameter names to use are contained in the static fields {@link #SPRING_SECURITY_FORM_USERNAME_KEY}
|
||||
* and {@link #SPRING_SECURITY_FORM_PASSWORD_KEY}.</p>
|
||||
* <P><B>Do not use this class directly.</B> Instead, configure <code>web.xml</code> to use the {@link
|
||||
* org.springframework.security.util.FilterToBeanProxy}.</p>
|
||||
*/
|
||||
|
|
@ -101,7 +101,7 @@ public class SiteminderAuthenticationProcessingFilter extends AuthenticationProc
|
|||
if ((formUsernameParameterKey != null) && (formUsernameParameterKey.length() > 0)) {
|
||||
username = request.getParameter(formUsernameParameterKey);
|
||||
} else {
|
||||
username = request.getParameter(ACEGI_SECURITY_FORM_USERNAME_KEY);
|
||||
username = request.getParameter(SPRING_SECURITY_FORM_USERNAME_KEY);
|
||||
}
|
||||
|
||||
password = obtainPassword(request);
|
||||
|
|
@ -130,7 +130,7 @@ public class SiteminderAuthenticationProcessingFilter extends AuthenticationProc
|
|||
setDetails(request, authRequest);
|
||||
|
||||
// Place the last username attempted into HttpSession for views
|
||||
request.getSession().setAttribute(ACEGI_SECURITY_LAST_USERNAME_KEY, username);
|
||||
request.getSession().setAttribute(SPRING_SECURITY_LAST_USERNAME_KEY, username);
|
||||
|
||||
return this.getAuthenticationManager().authenticate(authRequest);
|
||||
}
|
||||
|
|
@ -184,7 +184,7 @@ public class SiteminderAuthenticationProcessingFilter extends AuthenticationProc
|
|||
if ((formPasswordParameterKey != null) && (formPasswordParameterKey.length() > 0)) {
|
||||
return request.getParameter(formPasswordParameterKey);
|
||||
} else {
|
||||
return request.getParameter(ACEGI_SECURITY_FORM_PASSWORD_KEY);
|
||||
return request.getParameter(SPRING_SECURITY_FORM_PASSWORD_KEY);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -209,7 +209,7 @@ public class SiteminderAuthenticationProcessingFilter extends AuthenticationProc
|
|||
//is present and user is not already authenticated.
|
||||
boolean bAuthenticated = false;
|
||||
SecurityContext context = (SecurityContext)
|
||||
request.getSession().getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
|
||||
request.getSession().getAttribute(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
|
||||
|
||||
if (context != null) {
|
||||
Authentication auth = context.getAuthentication();
|
||||
|
|
|
|||
|
|
@ -206,6 +206,6 @@ public class X509ProcessingFilter implements Filter, InitializingBean, Applicati
|
|||
logger.debug("Updated SecurityContextHolder to contain null Authentication");
|
||||
}
|
||||
|
||||
request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY, failed);
|
||||
request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, failed);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -90,7 +90,7 @@ public class SavedRequestAwareWrapper extends SecurityContextHolderAwareRequestW
|
|||
return;
|
||||
}
|
||||
|
||||
SavedRequest saved = (SavedRequest) session.getAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY);
|
||||
SavedRequest saved = (SavedRequest) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY);
|
||||
|
||||
if ((saved != null) && saved.doesRequestMatch(request, portResolver)) {
|
||||
if (logger.isDebugEnabled()) {
|
||||
|
|
@ -98,7 +98,7 @@ public class SavedRequestAwareWrapper extends SecurityContextHolderAwareRequestW
|
|||
}
|
||||
|
||||
savedRequest = saved;
|
||||
session.removeAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY);
|
||||
session.removeAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY);
|
||||
|
||||
formats[0] = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss zzz", Locale.US);
|
||||
formats[1] = new SimpleDateFormat("EEEEEE, dd-MMM-yy HH:mm:ss zzz", Locale.US);
|
||||
|
|
|
|||
|
|
@ -118,7 +118,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
|
|||
// Build a mock request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.getSession().setAttribute(
|
||||
HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
|
||||
HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY,
|
||||
sc);
|
||||
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
|
@ -170,7 +170,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
|
|||
// Build a mock request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.getSession().setAttribute(
|
||||
HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
|
||||
HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY,
|
||||
sc);
|
||||
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
|
@ -188,7 +188,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
|
|||
|
||||
// Obtain new/update Authentication from HttpSession
|
||||
SecurityContext context = (SecurityContext) request.getSession().getAttribute(
|
||||
HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
|
||||
HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
|
||||
assertEquals(updatedPrincipal, ((SecurityContext) context).getAuthentication());
|
||||
}
|
||||
|
||||
|
|
@ -214,7 +214,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
|
|||
|
||||
// Obtain new/updated Authentication from HttpSession
|
||||
SecurityContext context = (SecurityContext) request.getSession(false).getAttribute(
|
||||
HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
|
||||
HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
|
||||
assertEquals(updatedPrincipal, ((SecurityContext) context).getAuthentication());
|
||||
}
|
||||
|
||||
|
|
@ -268,7 +268,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
|
|||
// Build a mock request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.getSession().setAttribute(
|
||||
HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
|
||||
HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY,
|
||||
"NOT_A_CONTEXT_OBJECT");
|
||||
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
|
@ -284,7 +284,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
|
|||
|
||||
// Obtain new/update Authentication from HttpSession
|
||||
SecurityContext context = (SecurityContext) request.getSession().getAttribute(
|
||||
HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
|
||||
HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
|
||||
assertEquals(updatedPrincipal, ((SecurityContext) context).getAuthentication());
|
||||
}
|
||||
|
||||
|
|
@ -302,7 +302,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
|
|||
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.getSession().setAttribute(
|
||||
HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
|
||||
HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY,
|
||||
sc);
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
|
|
|
|||
|
|
@ -214,7 +214,7 @@ public class JaasAuthenticationProviderTests extends TestCase {
|
|||
context.setAuthentication(token);
|
||||
|
||||
MockHttpSession mockSession = new MockHttpSession();
|
||||
mockSession.setAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY, context);
|
||||
mockSession.setAttribute(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY, context);
|
||||
|
||||
jaasProvider.onApplicationEvent(new HttpSessionDestroyedEvent(mockSession));
|
||||
|
||||
|
|
|
|||
|
|
@ -376,7 +376,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|||
throws Exception {
|
||||
// Setup our HTTP request
|
||||
MockHttpServletRequest request = createMockRequest();
|
||||
request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY, makeSavedRequestForUrl());
|
||||
request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY, makeSavedRequestForUrl());
|
||||
|
||||
// Setup our filter configuration
|
||||
MockFilterConfig config = new MockFilterConfig(null, null);
|
||||
|
|
@ -402,7 +402,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|||
public void testSuccessfulAuthenticationCausesRedirectToSessionSpecifiedUrl() throws Exception {
|
||||
// Setup our HTTP request
|
||||
MockHttpServletRequest request = createMockRequest();
|
||||
request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY, makeSavedRequestForUrl());
|
||||
request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY, makeSavedRequestForUrl());
|
||||
|
||||
// Setup our filter configuration
|
||||
MockFilterConfig config = new MockFilterConfig(null, null);
|
||||
|
|
|
|||
|
|
@ -128,7 +128,7 @@ public class ExceptionTranslationFilterTests extends TestCase {
|
|||
filter.doFilter(request, response, chain);
|
||||
assertEquals(403, response.getStatus());
|
||||
assertEquals(AccessDeniedException.class, request.getAttribute(
|
||||
AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY).getClass());
|
||||
AccessDeniedHandlerImpl.SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY).getClass());
|
||||
}
|
||||
|
||||
public void testDoFilterWithNonHttpServletRequestDetected() throws Exception {
|
||||
|
|
|
|||
|
|
@ -105,7 +105,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
|
||||
assertNull(result);
|
||||
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
assertNull(returnedCookie); // shouldn't try to invalidate our cookie
|
||||
}
|
||||
|
||||
|
|
@ -126,7 +126,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
|
||||
assertNull(result);
|
||||
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
assertNull(returnedCookie); // shouldn't try to invalidate our cookie
|
||||
}
|
||||
|
||||
|
|
@ -139,7 +139,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
services.setUserDetailsService(new MockAuthenticationDao(user, false));
|
||||
// services.afterPropertiesSet();
|
||||
|
||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
|
||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
|
||||
generateCorrectCookieContentForToken(System.currentTimeMillis() - 1000000, "someone", "password", "key"));
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setCookies(new Cookie[] {cookie});
|
||||
|
|
@ -150,7 +150,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
|
||||
assertNull(result);
|
||||
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
assertNotNull(returnedCookie);
|
||||
assertEquals(0, returnedCookie.getMaxAge());
|
||||
}
|
||||
|
|
@ -165,7 +165,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
services.setUserDetailsService(new MockAuthenticationDao(user, false));
|
||||
//services.afterPropertiesSet();
|
||||
|
||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
|
||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
|
||||
new String(Base64.encodeBase64("x".getBytes())));
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setCookies(new Cookie[] {cookie});
|
||||
|
|
@ -176,7 +176,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
|
||||
assertNull(result);
|
||||
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
assertNotNull(returnedCookie);
|
||||
assertEquals(0, returnedCookie.getMaxAge());
|
||||
}
|
||||
|
|
@ -190,7 +190,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
services.setUserDetailsService(new MockAuthenticationDao(user, false));
|
||||
//services.afterPropertiesSet();
|
||||
|
||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
|
||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
|
||||
"NOT_BASE_64_ENCODED");
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setCookies(new Cookie[] {cookie});
|
||||
|
|
@ -201,7 +201,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
|
||||
assertNull(result);
|
||||
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
assertNotNull(returnedCookie);
|
||||
assertEquals(0, returnedCookie.getMaxAge());
|
||||
}
|
||||
|
|
@ -216,7 +216,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
services.setUserDetailsService(new MockAuthenticationDao(user, false));
|
||||
//services.afterPropertiesSet();
|
||||
|
||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
|
||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
|
||||
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password",
|
||||
"WRONG_KEY"));
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
|
|
@ -228,7 +228,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
|
||||
assertNull(result);
|
||||
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
assertNotNull(returnedCookie);
|
||||
assertEquals(0, returnedCookie.getMaxAge());
|
||||
}
|
||||
|
|
@ -243,7 +243,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
services.setUserDetailsService(new MockAuthenticationDao(user, false));
|
||||
//services.afterPropertiesSet();
|
||||
|
||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
|
||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
|
||||
new String(Base64.encodeBase64("username:NOT_A_NUMBER:signature".getBytes())));
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setCookies(new Cookie[] {cookie});
|
||||
|
|
@ -254,7 +254,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
|
||||
assertNull(result);
|
||||
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
assertNotNull(returnedCookie);
|
||||
assertEquals(0, returnedCookie.getMaxAge());
|
||||
}
|
||||
|
|
@ -265,7 +265,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
services.setUserDetailsService(new MockAuthenticationDao(null, true));
|
||||
//services.afterPropertiesSet();
|
||||
|
||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
|
||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
|
||||
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password", "key"));
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setCookies(new Cookie[] {cookie});
|
||||
|
|
@ -276,7 +276,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
|
||||
assertNull(result);
|
||||
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
assertNotNull(returnedCookie);
|
||||
assertEquals(0, returnedCookie.getMaxAge());
|
||||
}
|
||||
|
|
@ -290,7 +290,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
services.setUserDetailsService(new MockAuthenticationDao(user, false));
|
||||
// services.afterPropertiesSet();
|
||||
|
||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
|
||||
Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
|
||||
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password", "key"));
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setCookies(new Cookie[] {cookie});
|
||||
|
|
@ -330,7 +330,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
services.loginFail(request, response);
|
||||
|
||||
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
assertNotNull(cookie);
|
||||
assertEquals(0, cookie.getMaxAge());
|
||||
}
|
||||
|
|
@ -346,7 +346,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
new TestingAuthenticationToken("someone", "password",
|
||||
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")}));
|
||||
|
||||
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
assertNull(cookie);
|
||||
}
|
||||
|
||||
|
|
@ -361,7 +361,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
new TestingAuthenticationToken("someone", "password",
|
||||
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")}));
|
||||
|
||||
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
assertNotNull(cookie);
|
||||
assertEquals(services.getTokenValiditySeconds(), cookie.getMaxAge());
|
||||
assertTrue(Base64.isArrayByteBase64(cookie.getValue().getBytes()));
|
||||
|
|
@ -381,7 +381,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
|
|||
new TestingAuthenticationToken(user, "ignored",
|
||||
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")}));
|
||||
|
||||
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
|
||||
assertNotNull(cookie);
|
||||
assertEquals(services.getTokenValiditySeconds(), cookie.getMaxAge());
|
||||
assertTrue(Base64.isArrayByteBase64(cookie.getValue().getBytes()));
|
||||
|
|
|
|||
|
|
@ -80,7 +80,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
|
|||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "user-that-doesnt-exist");
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "user-that-doesnt-exist");
|
||||
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord());
|
||||
|
|
@ -101,7 +101,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
|
|||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
|
||||
// this user is disabled
|
||||
request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "mcgarrett");
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "mcgarrett");
|
||||
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord());
|
||||
|
|
@ -124,7 +124,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
|
|||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
|
||||
// this user is disabled
|
||||
request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "wofat");
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "wofat");
|
||||
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord());
|
||||
|
|
@ -147,7 +147,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
|
|||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
|
||||
// this user is disabled
|
||||
request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "steve");
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "steve");
|
||||
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord());
|
||||
|
|
@ -167,7 +167,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
|
|||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord());
|
||||
|
|
@ -183,7 +183,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
|
|||
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
String username = null;
|
||||
request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, username);
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, username);
|
||||
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord());
|
||||
|
|
@ -304,7 +304,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
|
|||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
|
||||
MockHttpServletRequest request = createMockSwitchRequest();
|
||||
request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
request.setRequestURI("/webapp/j_acegi_switch_user");
|
||||
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
|
@ -351,7 +351,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
|
|||
// http request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setRequestURI("/webapp/j_acegi_switch_user");
|
||||
request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
|
||||
// http response
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
|
|
|||
|
|
@ -52,8 +52,8 @@ public class AuthenticationProcessingFilterTests extends TestCase {
|
|||
|
||||
public void testNormalOperation() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, "marissa");
|
||||
request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "marissa");
|
||||
request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
|
||||
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
|
||||
filter.setAuthenticationManager(new MockAuthenticationManager(true));
|
||||
|
|
@ -66,7 +66,7 @@ public class AuthenticationProcessingFilterTests extends TestCase {
|
|||
|
||||
public void testNullPasswordHandledGracefully() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, "marissa");
|
||||
request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "marissa");
|
||||
|
||||
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
|
||||
filter.setAuthenticationManager(new MockAuthenticationManager(true));
|
||||
|
|
@ -78,7 +78,7 @@ public class AuthenticationProcessingFilterTests extends TestCase {
|
|||
|
||||
public void testNullUsernameHandledGracefully() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
|
||||
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
|
||||
filter.setAuthenticationManager(new MockAuthenticationManager(true));
|
||||
|
|
@ -106,8 +106,8 @@ public class AuthenticationProcessingFilterTests extends TestCase {
|
|||
|
||||
public void testSpacesAreTrimmedCorrectlyFromUsername() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, " marissa ");
|
||||
request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, " marissa ");
|
||||
request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
|
||||
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
|
||||
filter.setAuthenticationManager(new MockAuthenticationManager(true));
|
||||
|
|
|
|||
|
|
@ -103,8 +103,8 @@ public class SiteminderAuthenticationProcessingFilterTests extends TestCase {
|
|||
*/
|
||||
public void testFormNormalOperation() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter(SiteminderAuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, "marissa");
|
||||
request.addParameter(SiteminderAuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "marissa");
|
||||
request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
|
||||
MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
|
||||
|
||||
|
|
@ -124,7 +124,7 @@ public class SiteminderAuthenticationProcessingFilterTests extends TestCase {
|
|||
*/
|
||||
public void testFormNullPasswordHandledGracefully() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter(SiteminderAuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, "marissa");
|
||||
request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "marissa");
|
||||
|
||||
MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
|
||||
|
||||
|
|
@ -143,7 +143,7 @@ public class SiteminderAuthenticationProcessingFilterTests extends TestCase {
|
|||
*/
|
||||
public void testFormNullUsernameHandledGracefully() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter(SiteminderAuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
|
||||
MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
|
||||
|
||||
|
|
|
|||
|
|
@ -82,7 +82,7 @@ public class X509ProcessingFilterTests extends TestCase {
|
|||
filter.doFilter(request, response, chain);
|
||||
|
||||
Object lastException = request.getSession()
|
||||
.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY);
|
||||
.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY);
|
||||
|
||||
assertNull("Authentication should be null", SecurityContextHolder.getContext().getAuthentication());
|
||||
assertTrue("BadCredentialsException should have been thrown", lastException instanceof BadCredentialsException);
|
||||
|
|
|
|||
|
|
@ -426,7 +426,7 @@ public class NtlmProcessingFilter extends HttpFilter implements InitializingBean
|
|||
authRequest.setDetails(new WebAuthenticationDetails(request));
|
||||
|
||||
// Place the last username attempted into HttpSession for views
|
||||
session.setAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY, authRequest.getName());
|
||||
session.setAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY, authRequest.getName());
|
||||
|
||||
// Backup the current authentication in case of an AuthenticationException
|
||||
backupAuth = SecurityContextHolder.getContext().getAuthentication();
|
||||
|
|
|
|||
|
|
@ -101,7 +101,7 @@ public class PortletSessionContextIntegrationInterceptor
|
|||
|
||||
protected static final Log logger = LogFactory.getLog(PortletSessionContextIntegrationInterceptor.class);
|
||||
|
||||
public static final String ACEGI_SECURITY_CONTEXT_KEY = HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY;
|
||||
public static final String SPRING_SECURITY_CONTEXT_KEY = HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY;
|
||||
|
||||
private static final String SESSION_EXISTED = PortletSessionContextIntegrationInterceptor.class.getName() + ".SESSION_EXISTED";
|
||||
private static final String CONTEXT_HASHCODE = PortletSessionContextIntegrationInterceptor.class.getName() + ".CONTEXT_HASHCODE";
|
||||
|
|
@ -238,7 +238,7 @@ public class PortletSessionContextIntegrationInterceptor
|
|||
portletSessionExistedAtStartOfRequest = true;
|
||||
|
||||
// attempt to retrieve the context from the session
|
||||
Object contextFromSessionObject = portletSession.getAttribute(ACEGI_SECURITY_CONTEXT_KEY, portletSessionScope());
|
||||
Object contextFromSessionObject = portletSession.getAttribute(SPRING_SECURITY_CONTEXT_KEY, portletSessionScope());
|
||||
|
||||
// if we got a context then place it into the holder
|
||||
if (contextFromSessionObject != null) {
|
||||
|
|
@ -262,12 +262,12 @@ public class PortletSessionContextIntegrationInterceptor
|
|||
// if what we got is a valid context then place it into the holder, otherwise create a new one
|
||||
if (contextFromSessionObject instanceof SecurityContext) {
|
||||
if (logger.isDebugEnabled())
|
||||
logger.debug("Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and "
|
||||
logger.debug("Obtained from SPRING_SECURITY_CONTEXT a valid SecurityContext and "
|
||||
+ "set to SecurityContextHolder: '" + contextFromSessionObject + "'");
|
||||
SecurityContextHolder.setContext((SecurityContext) contextFromSessionObject);
|
||||
} else {
|
||||
if (logger.isWarnEnabled())
|
||||
logger.warn("ACEGI_SECURITY_CONTEXT did not contain a SecurityContext but contained: '"
|
||||
logger.warn("SPRING_SECURITY_CONTEXT did not contain a SecurityContext but contained: '"
|
||||
+ contextFromSessionObject
|
||||
+ "'; are you improperly modifying the PortletSession directly "
|
||||
+ "(you should always use SecurityContextHolder) or using the PortletSession attribute "
|
||||
|
|
@ -280,7 +280,7 @@ public class PortletSessionContextIntegrationInterceptor
|
|||
|
||||
// there was no context in the session, so create a new context and put it in the holder
|
||||
if (logger.isDebugEnabled())
|
||||
logger.debug("PortletSession returned null object for ACEGI_SECURITY_CONTEXT - new "
|
||||
logger.debug("PortletSession returned null object for SPRING_SECURITY_CONTEXT - new "
|
||||
+ "SecurityContext instance associated with SecurityContextHolder");
|
||||
SecurityContextHolder.setContext(generateNewContext());
|
||||
}
|
||||
|
|
@ -354,7 +354,7 @@ public class PortletSessionContextIntegrationInterceptor
|
|||
// if the session exists and the context has changes, then store the context back into the session
|
||||
if ((portletSession != null)
|
||||
&& (SecurityContextHolder.getContext().hashCode() != oldContextHashCode)) {
|
||||
portletSession.setAttribute(ACEGI_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext(), portletSessionScope());
|
||||
portletSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext(), portletSessionScope());
|
||||
if (logger.isDebugEnabled())
|
||||
logger.debug("SecurityContext stored to PortletSession: '"
|
||||
+ SecurityContextHolder.getContext() + "'");
|
||||
|
|
|
|||
|
|
@ -55,7 +55,7 @@ import org.springframework.web.portlet.ModelAndView;
|
|||
* is guaranteed to have already been created by an earlier interceptor. If authentication
|
||||
* fails, the <code>AuthenticationException</code> will be placed into the
|
||||
* <code>APPLICATION_SCOPE</code> of the <code>PortletSession</code> with the attribute defined
|
||||
* by {@link AbstractProcessingFilter#ACEGI_SECURITY_LAST_EXCEPTION_KEY}.</p>
|
||||
* by {@link AbstractProcessingFilter#SPRING_SECURITY_LAST_EXCEPTION_KEY}.</p>
|
||||
*
|
||||
* <p>Some portals do not properly provide the identity of the current user via the
|
||||
* <code>getRemoteUser()</code> or <code>getUserPrincipal()</code> methods of the
|
||||
|
|
@ -170,7 +170,7 @@ public class PortletProcessingInterceptor implements
|
|||
logger.debug("Authentication failed - updating ContextHolder to contain null Authentication");
|
||||
ctx.setAuthentication(null);
|
||||
request.getPortletSession().setAttribute(
|
||||
AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY,
|
||||
AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY,
|
||||
failed, PortletSession.APPLICATION_SCOPE);
|
||||
onUnsuccessfulAuthentication(request, response, failed);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -108,7 +108,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
|
|||
MockRenderRequest request = PortletTestUtils.createRenderRequest();
|
||||
MockRenderResponse response = PortletTestUtils.createRenderResponse();
|
||||
request.getPortletSession().setAttribute(
|
||||
PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY,
|
||||
PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY,
|
||||
sc, PortletSession.APPLICATION_SCOPE);
|
||||
|
||||
// Prepare interceptor
|
||||
|
|
@ -145,7 +145,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
|
|||
MockActionRequest request = PortletTestUtils.createActionRequest();
|
||||
MockActionResponse response = PortletTestUtils.createActionResponse();
|
||||
request.getPortletSession().setAttribute(
|
||||
PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY,
|
||||
PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY,
|
||||
sc, PortletSession.APPLICATION_SCOPE);
|
||||
|
||||
// Prepare interceptor
|
||||
|
|
@ -178,7 +178,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
|
|||
MockActionRequest request = PortletTestUtils.createActionRequest();
|
||||
MockActionResponse response = PortletTestUtils.createActionResponse();
|
||||
request.getPortletSession().setAttribute(
|
||||
PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY,
|
||||
PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY,
|
||||
sc, PortletSession.APPLICATION_SCOPE);
|
||||
|
||||
// Prepare interceptor
|
||||
|
|
@ -209,7 +209,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
|
|||
|
||||
// Verify the new principal is stored in the session
|
||||
sc = (SecurityContext)request.getPortletSession().getAttribute(
|
||||
PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY,
|
||||
PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY,
|
||||
PortletSession.APPLICATION_SCOPE);
|
||||
assertEquals(baselinePrincipal, sc.getAuthentication());
|
||||
}
|
||||
|
|
@ -232,7 +232,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
|
|||
|
||||
// Verify Authentication is in the PortletSession
|
||||
SecurityContext sc = (SecurityContext)request.getPortletSession(false).
|
||||
getAttribute(PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY, PortletSession.APPLICATION_SCOPE);
|
||||
getAttribute(PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY, PortletSession.APPLICATION_SCOPE);
|
||||
assertEquals(principal, ((SecurityContext)sc).getAuthentication());
|
||||
}
|
||||
|
||||
|
|
@ -280,7 +280,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
|
|||
MockActionRequest request = PortletTestUtils.createActionRequest();
|
||||
MockActionResponse response = PortletTestUtils.createActionResponse();
|
||||
request.getPortletSession().setAttribute(
|
||||
PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY,
|
||||
PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY,
|
||||
"NOT_A_CONTEXT_OBJECT", PortletSession.APPLICATION_SCOPE);
|
||||
|
||||
// Prepare the interceptor
|
||||
|
|
@ -295,7 +295,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
|
|||
|
||||
// Verify Authentication is in the PortletSession
|
||||
SecurityContext sc = (SecurityContext)request.getPortletSession(false).
|
||||
getAttribute(PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY, PortletSession.APPLICATION_SCOPE);
|
||||
getAttribute(PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY, PortletSession.APPLICATION_SCOPE);
|
||||
assertEquals(principal, ((SecurityContext)sc).getAuthentication());
|
||||
}
|
||||
|
||||
|
|
@ -334,7 +334,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
|
|||
MockActionRequest request = PortletTestUtils.createActionRequest();
|
||||
MockActionResponse response = PortletTestUtils.createActionResponse();
|
||||
request.getPortletSession().setAttribute(
|
||||
PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY,
|
||||
PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY,
|
||||
sc, PortletSession.PORTLET_SCOPE);
|
||||
|
||||
// Prepare interceptor
|
||||
|
|
@ -363,7 +363,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
|
|||
|
||||
// Verify the new principal is stored in the session
|
||||
sc = (SecurityContext)request.getPortletSession().getAttribute(
|
||||
PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY,
|
||||
PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY,
|
||||
PortletSession.PORTLET_SCOPE);
|
||||
assertEquals(baselinePrincipal, sc.getAuthentication());
|
||||
}
|
||||
|
|
|
|||
|
|
@ -149,7 +149,7 @@ public class PortletProcessingInterceptorTests extends TestCase {
|
|||
|
||||
// Verify that proper exception was thrown
|
||||
assertTrue(request.getPortletSession().getAttribute(
|
||||
AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY,
|
||||
AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY,
|
||||
PortletSession.APPLICATION_SCOPE)
|
||||
instanceof BadCredentialsException);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
|
||||
|
||||
<p>
|
||||
<%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>
|
||||
<%= request.getAttribute(AccessDeniedHandlerImpl.SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>
|
||||
|
||||
<p>
|
||||
|
||||
|
|
|
|||
|
|
@ -28,13 +28,13 @@
|
|||
<c:if test="${not empty param.login_error}">
|
||||
<font color="red">
|
||||
Your login attempt was not successful, try again.<BR><BR>
|
||||
Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
|
||||
Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
|
||||
</font>
|
||||
</c:if>
|
||||
|
||||
<form action="<c:url value='j_acegi_security_check'/>" method="POST">
|
||||
<table>
|
||||
<tr><td>User:</td><td><input type='text' name='j_username' <c:if test="${not empty param.login_error}">value='<%= session.getAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY) %>'</c:if>></td></tr>
|
||||
<tr><td>User:</td><td><input type='text' name='j_username' <c:if test="${not empty param.login_error}">value='<%= session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY) %>'</c:if>></td></tr>
|
||||
<tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
|
||||
<tr><td><input type="checkbox" name="_acegi_security_remember_me"></td><td>Don't ask for my password for two weeks</td></tr>
|
||||
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@
|
|||
|
||||
<font color="red">
|
||||
Your CAS credentials were rejected.<BR><BR>
|
||||
Reason: <%= ((AuthenticationException) session.getAttribute(org.springframework.security.ui.AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
|
||||
Reason: <%= ((AuthenticationException) session.getAttribute(org.springframework.security.ui.AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
|
||||
</font>
|
||||
|
||||
</body>
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@
|
|||
<c:if test="${not empty param.login_error}">
|
||||
<font color="red">
|
||||
Your 'Exit User' attempt was not successful, try again.<BR><BR>
|
||||
Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
|
||||
Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
|
||||
</font>
|
||||
</c:if>
|
||||
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@
|
|||
<c:if test="${not empty param.login_error}">
|
||||
<font color="red">
|
||||
Your 'su' attempt was not successful, try again.<BR><BR>
|
||||
Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
|
||||
Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
|
||||
</font>
|
||||
</c:if>
|
||||
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
|
||||
|
||||
<p>
|
||||
<%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>
|
||||
<%= request.getAttribute(AccessDeniedHandlerImpl.SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>
|
||||
|
||||
<p>
|
||||
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@
|
|||
<c:if test="${not empty param.login_error}">
|
||||
<font color="red">
|
||||
Your login attempt was not successful, try again.<BR><BR>
|
||||
Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
|
||||
Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
|
||||
</font>
|
||||
</c:if>
|
||||
|
||||
|
|
|
|||
|
|
@ -58,7 +58,7 @@ public class OpenIDResponseProcessingFilter extends AbstractProcessingFilter {
|
|||
|
||||
if (authentication.isAuthenticated()) {
|
||||
req.getSession()
|
||||
.setAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY, token.getIdentityUrl());
|
||||
.setAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY, token.getIdentityUrl());
|
||||
}
|
||||
|
||||
return authentication;
|
||||
|
|
|
|||
|
|
@ -41,12 +41,12 @@ public class OpenIdAuthenticationProcessingFilter extends AbstractProcessingFilt
|
|||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
private static final Log log = LogFactory.getLog(OpenIdAuthenticationProcessingFilter.class);
|
||||
public static final String DEFAULT_CLAMED_IDENTITY_FIELD = "j_username";
|
||||
public static final String DEFAULT_CLAIMED_IDENTITY_FIELD = "j_username";
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
private OpenIDConsumer consumer;
|
||||
private String claimedIdentityFieldName = DEFAULT_CLAMED_IDENTITY_FIELD;
|
||||
private String claimedIdentityFieldName = DEFAULT_CLAIMED_IDENTITY_FIELD;
|
||||
private String errorPage = "index.jsp";
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
|
@ -72,7 +72,7 @@ public class OpenIdAuthenticationProcessingFilter extends AbstractProcessingFilt
|
|||
|
||||
if (authentication.isAuthenticated()) {
|
||||
req.getSession()
|
||||
.setAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY, token.getIdentityUrl());
|
||||
.setAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY, token.getIdentityUrl());
|
||||
}
|
||||
|
||||
return authentication;
|
||||
|
|
@ -175,7 +175,7 @@ public class OpenIdAuthenticationProcessingFilter extends AbstractProcessingFilt
|
|||
}
|
||||
|
||||
try {
|
||||
request.getSession().setAttribute(ACEGI_SECURITY_LAST_EXCEPTION_KEY, failed);
|
||||
request.getSession().setAttribute(SPRING_SECURITY_LAST_EXCEPTION_KEY, failed);
|
||||
} catch (Exception ignored) {
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue