SEC-1404: Use a factory method to convert the path to lower case for use in the filter-chain map.
Delays the conversion till after palceholders have been substituted, preventing the placeholder from being converted (or the value not being converted).
This commit is contained in:
parent
d2413cf237
commit
2173029216
|
@ -83,8 +83,7 @@ class HttpConfigurationBuilder {
|
|||
private final List<Element> interceptUrls;
|
||||
|
||||
// Use ManagedMap to allow placeholder resolution
|
||||
private List<String> emptyFilterChainPaths;
|
||||
private ManagedMap<String, List<BeanMetadataElement>> filterChainMap;
|
||||
private ManagedMap<BeanDefinition, List<BeanMetadataElement>> filterChainMap;
|
||||
|
||||
private BeanDefinition cpf;
|
||||
private BeanDefinition securityContextPersistenceFilter;
|
||||
|
@ -97,7 +96,6 @@ class HttpConfigurationBuilder {
|
|||
private String portMapperName;
|
||||
private BeanReference fsi;
|
||||
|
||||
|
||||
public HttpConfigurationBuilder(Element element, ParserContext pc, UrlMatcher matcher, String portMapperName) {
|
||||
this.httpElt = element;
|
||||
this.pc = pc;
|
||||
|
@ -111,8 +109,7 @@ class HttpConfigurationBuilder {
|
|||
}
|
||||
|
||||
void parseInterceptUrlsForEmptyFilterChains() {
|
||||
emptyFilterChainPaths = new ArrayList<String>();
|
||||
filterChainMap = new ManagedMap<String, List<BeanMetadataElement>>();
|
||||
filterChainMap = new ManagedMap<BeanDefinition, List<BeanMetadataElement>>();
|
||||
|
||||
for (Element urlElt : interceptUrls) {
|
||||
String path = urlElt.getAttribute(ATT_PATH_PATTERN);
|
||||
|
@ -121,9 +118,10 @@ class HttpConfigurationBuilder {
|
|||
pc.getReaderContext().error("path attribute cannot be empty or null", urlElt);
|
||||
}
|
||||
|
||||
if (convertPathsToLowerCase) {
|
||||
path = path.toLowerCase();
|
||||
}
|
||||
BeanDefinitionBuilder pathBean = BeanDefinitionBuilder.rootBeanDefinition(HttpConfigurationBuilder.class);
|
||||
pathBean.setFactoryMethod("createPath");
|
||||
pathBean.addConstructorArgValue(path);
|
||||
pathBean.addConstructorArgValue(convertPathsToLowerCase);
|
||||
|
||||
String filters = urlElt.getAttribute(ATT_FILTERS);
|
||||
|
||||
|
@ -133,14 +131,17 @@ class HttpConfigurationBuilder {
|
|||
"filters attribute", urlElt);
|
||||
}
|
||||
|
||||
emptyFilterChainPaths.add(path);
|
||||
|
||||
List<BeanMetadataElement> noFilters = Collections.emptyList();
|
||||
filterChainMap.put(path, noFilters);
|
||||
filterChainMap.put(pathBean.getBeanDefinition(), noFilters);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Needed to account for placeholders
|
||||
static String createPath(String path, boolean lowerCase) {
|
||||
return lowerCase ? path.toLowerCase() : path;
|
||||
}
|
||||
|
||||
void createSecurityContextPersistenceFilter() {
|
||||
BeanDefinitionBuilder scpf = BeanDefinitionBuilder.rootBeanDefinition(SecurityContextPersistenceFilter.class);
|
||||
|
||||
|
@ -463,8 +464,8 @@ class HttpConfigurationBuilder {
|
|||
return allowSessionCreation;
|
||||
}
|
||||
|
||||
List<String> getEmptyFilterChainPaths() {
|
||||
return emptyFilterChainPaths;
|
||||
public ManagedMap<BeanDefinition, List<BeanMetadataElement>> getFilterChainMap() {
|
||||
return filterChainMap;
|
||||
}
|
||||
|
||||
List<OrderDecorator> getFilters() {
|
||||
|
|
|
@ -135,18 +135,13 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||
filterChain.add(od.bean);
|
||||
}
|
||||
|
||||
ManagedMap<String, List<BeanMetadataElement>> filterChainMap = new ManagedMap<String, List<BeanMetadataElement>>();
|
||||
|
||||
for (String path : httpBldr.getEmptyFilterChainPaths()) {
|
||||
filterChainMap.put(path, NO_FILTERS);
|
||||
}
|
||||
|
||||
filterChainMap.put(matcher.getUniversalMatchPattern(), filterChain);
|
||||
ManagedMap<BeanDefinition, List<BeanMetadataElement>> filterChainMap = httpBldr.getFilterChainMap();
|
||||
BeanDefinition universalMatch = new RootBeanDefinition(String.class);
|
||||
universalMatch.getConstructorArgumentValues().addGenericArgumentValue(matcher.getUniversalMatchPattern());
|
||||
filterChainMap.put(universalMatch, filterChain);
|
||||
|
||||
registerFilterChainProxy(pc, filterChainMap, matcher, source);
|
||||
|
||||
|
||||
|
||||
pc.popAndRegisterContainingComponent();
|
||||
return null;
|
||||
}
|
||||
|
@ -252,7 +247,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||
return customFilters;
|
||||
}
|
||||
|
||||
private void registerFilterChainProxy(ParserContext pc, Map<String, List<BeanMetadataElement>> filterChainMap, UrlMatcher matcher, Object source) {
|
||||
private void registerFilterChainProxy(ParserContext pc, Map<BeanDefinition, List<BeanMetadataElement>> filterChainMap, UrlMatcher matcher, Object source) {
|
||||
if (pc.getRegistry().containsBeanDefinition(BeanIds.FILTER_CHAIN_PROXY)) {
|
||||
pc.getReaderContext().error("Duplicate <http> element detected", source);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue