Resolve a Weblogic compatibility issue (patch thanks to Patrick Burleson).

changelog.txt

@@ -12,6 +12,7 @@ Changes in version 0.6 (2004-xx-xx)
 * Improved test coverage (now 98.3%)
 * Fixed Linux compatibility issues (directory case sensitivity etc)
 * Fixed AbstractProcessingFilter to handle servlet spec container differences
+* Fixed AbstractIntegrationFilter to resolve a Weblogic compatibility issue
 * Fixed CasAuthenticationToken if proxy granting ticket callback not requested
 * Documentation improvements
 

contributors.txt

@@ -20,4 +20,11 @@ contributions to the Acegi Security System for Spring project:
   public automated Maven build at the Monkey Machine
   (http://www.monkeymachine.co.uk/acegi).
 
+* Patrick Burleson contributed a patch for Weblogic support.
+
+* Anyone else I've forgotten (please let me know so I can correct this).
+
+Plus of course all the people who use the project and provide feedback, bug
+reports, suggestions and help fellow users.
+
 $Id$

core/src/main/java/org/acegisecurity/ui/AbstractIntegrationFilter.java

@@ -68,7 +68,13 @@ import javax.servlet.ServletResponse;
  * instance defined by the {@link #setSecureContext(Class)} method.
  * </p>
  * 
+ * <P>
+ * This filter will only execute once per request, to resolve servlet container
+ * (specifically Weblogic) incompatibilities.
+ * </p>
+ *
  * @author Ben Alex
+ * @author Patrick Burleson
  * @version $Id$
  */
 public abstract class AbstractIntegrationFilter implements InitializingBean,
@@ -76,6 +82,7 @@ public abstract class AbstractIntegrationFilter implements InitializingBean,
     //~ Static fields/initializers =============================================
 
     protected static final Log logger = LogFactory.getLog(AbstractIntegrationFilter.class);
+    private static final String FILTER_APPLIED = "__acegi_integration_fitlerapplied";
 
     //~ Instance fields ========================================================
 
@@ -114,6 +121,14 @@ public abstract class AbstractIntegrationFilter implements InitializingBean,
 
     public void doFilter(ServletRequest request, ServletResponse response,
         FilterChain chain) throws IOException, ServletException {
+        if ((request != null) && (request.getAttribute(FILTER_APPLIED) != null)) {
+            // ensure that filter is only applied once per request
+            chain.doFilter(request, response);
+        } else {
+            if (request != null) {
+                request.setAttribute(FILTER_APPLIED, Boolean.TRUE);
+            }
+
             // Populate authentication information
             Object extracted = this.extractFromContainer(request);
 
@@ -167,7 +182,8 @@ public abstract class AbstractIntegrationFilter implements InitializingBean,
                     .getContext();
 
                 // Update container with new Authentication object (may have been updated during method invocation)
-            this.commitToContainer(request, secureContext.getAuthentication());
+                this.commitToContainer(request,
+                    secureContext.getAuthentication());
 
                 // Remove authentication information from ContextHolder
                 secureContext.setAuthentication(null);
@@ -179,6 +195,7 @@ public abstract class AbstractIntegrationFilter implements InitializingBean,
                 }
             }
         }
+    }
 
     /**
      * Subclasses must override this method to provide the <code>Object</code>