Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

allow automatic switch from http to https for login form. 

unit tests will be updated tomorow to cover new functionality.
This commit is contained in:
Colin Sampaleanu 2004-04-22 03:56:55 +00:00
parent ab9e783f79
commit 2a46a975a5
2 changed files with 65 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
core/src/main/java/org/acegisecurity/intercept/web/SecurityEnforcementFilter.java
View File

@ -71,7 +71,8 @@ import javax.servlet.http.HttpServletResponse;
* <li>
* <code>authenticationEntryPoint</code> indicates the handler that should
* commence the authentication process if an
* <code>AuthenticationException</code> is detected.
* <code>AuthenticationException</code> is detected. Note that this may also
* switch the current protocol from http to https for a an SSL login.
* </li>
* </ul>
*

65
core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterEntryPoint.java
View File

@ -20,6 +20,9 @@ import net.sf.acegisecurity.intercept.web.AuthenticationEntryPoint;
import org.springframework.beans.factory.InitializingBean;
import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
@ -33,6 +36,7 @@ import javax.servlet.http.HttpServletResponse;
* authentication via the {@link AuthenticationProcessingFilter}.
*
* @author Ben Alex
* @author colin sampaleanu
* @version $Id$
*/
public class AuthenticationProcessingFilterEntryPoint
@ -44,8 +48,18 @@ public class AuthenticationProcessingFilterEntryPoint
* can be found.
*/
private String loginFormUrl;
private boolean forceSsl = false;
private HashMap sslPortMapping;
//~ Methods ================================================================
public AuthenticationProcessingFilterEntryPoint() {
sslPortMapping = new HashMap();
sslPortMapping.put(new Integer(80), new Integer(443));
sslPortMapping.put(new Integer(8080), new Integer(8443));
}
public void setLoginFormUrl(String loginFormUrl) {
this.loginFormUrl = loginFormUrl;
@ -63,7 +77,54 @@ public class AuthenticationProcessingFilterEntryPoint
public void commence(ServletRequest request, ServletResponse response)
throws IOException, ServletException {
((HttpServletResponse) response).sendRedirect(((HttpServletRequest) request)
.getContextPath() + loginFormUrl);
HttpServletRequest req = (HttpServletRequest) request;
String contextPath = req.getContextPath();
String redirectUrl = contextPath + loginFormUrl;
if (forceSsl && req.getScheme().equals("http")) {
Integer httpPort = new Integer(req.getServerPort());
Integer httpsPort = (Integer) sslPortMapping.get(httpPort);
if (httpsPort != null ) {
String serverName = req.getServerName();
redirectUrl = "https://" + serverName + ":" + httpsPort + contextPath
+ loginFormUrl;
}
}
((HttpServletResponse) response).sendRedirect(redirectUrl);
}
public void setForceSsl(boolean forceSsl) {
this.forceSsl = forceSsl;
}
public boolean isForceSsl() {
return forceSsl;
}
/**
* @throws IllegalArgumentException if input map does not consist of String keys
* and values, each representing an integer port number for one mapping.
*/
public void setSslPortMapping(HashMap sslPortMapping) {
this.sslPortMapping.clear();
Iterator it = sslPortMapping.entrySet().iterator();
while (it.hasNext()) {
Map.Entry entry = (Map.Entry) it.next();
Integer httpPort = new Integer((String)entry.getKey());
Integer httpsPort = new Integer((String)entry.getKey());
if (httpPort.intValue() < 1 || httpPort.intValue() > 65535 ||
httpsPort.intValue() < 1 || httpsPort.intValue() > 65535)
throw new IllegalArgumentException("one or both ports out of legal range: "
+ httpPort + ", " + httpsPort);
sslPortMapping.put(httpPort, httpsPort);
if (sslPortMapping.size() < 1)
throw new IllegalArgumentException("Must map at least one port");
}
}
public HashMap getSslPortMapping() {
return sslPortMapping;
}
}