Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-2238: WebAsyncManagerIntegrationFilter Java Config

This commit is contained in:
Rob Winch 2013-08-01 11:40:34 -05:00
parent e242aeff3e
commit 2fef79f3d2
3 changed files with 31 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config/src/main/java/org/springframework/security/config/annotation/web/builders/FilterComparator.java
View File

@ -36,6 +36,7 @@ import org.springframework.security.web.authentication.ui.DefaultLoginPageViewFi
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.security.web.authentication.www.DigestAuthenticationFilter; import org.springframework.security.web.authentication.www.DigestAuthenticationFilter;
import org.springframework.security.web.context.SecurityContextPersistenceFilter; import org.springframework.security.web.context.SecurityContextPersistenceFilter;
import org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter;
import org.springframework.security.web.header.HeaderWriterFilter; import org.springframework.security.web.header.HeaderWriterFilter;
import org.springframework.security.web.jaasapi.JaasApiIntegrationFilter; import org.springframework.security.web.jaasapi.JaasApiIntegrationFilter;
import org.springframework.security.web.savedrequest.RequestCacheAwareFilter; import org.springframework.security.web.savedrequest.RequestCacheAwareFilter;
@ -62,6 +63,8 @@ final class FilterComparator implements Comparator<Filter>, Serializable {
order += STEP; order += STEP;
put(ConcurrentSessionFilter.class, order); put(ConcurrentSessionFilter.class, order);
order += STEP; order += STEP;
put(WebAsyncManagerIntegrationFilter.class, order);
order += STEP;
put(SecurityContextPersistenceFilter.class, order); put(SecurityContextPersistenceFilter.class, order);
order += STEP; order += STEP;
put(HeaderWriterFilter.class, order); put(HeaderWriterFilter.class, order);

2
config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java
View File

@ -39,6 +39,7 @@ import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter;
import org.springframework.web.accept.ContentNegotiationStrategy; import org.springframework.web.accept.ContentNegotiationStrategy;
import org.springframework.web.accept.HeaderContentNegotiationStrategy; import org.springframework.web.accept.HeaderContentNegotiationStrategy;
@ -154,6 +155,7 @@ public abstract class WebSecurityConfigurerAdapter implements SecurityConfigurer
http.setSharedObject(ContentNegotiationStrategy.class, contentNegotiationStrategy); http.setSharedObject(ContentNegotiationStrategy.class, contentNegotiationStrategy);
if(!disableDefaults) { if(!disableDefaults) {
http http
.addFilter(new WebAsyncManagerIntegrationFilter())
.exceptionHandling().and() .exceptionHandling().and()
.headers().and() .headers().and()
.sessionManagement().and() .sessionManagement().and()

26
config/src/test/groovy/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.groovy
View File

@ -41,6 +41,7 @@ import org.springframework.security.core.Authentication
import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.core.userdetails.UserDetailsService
import org.springframework.security.core.userdetails.UsernameNotFoundException import org.springframework.security.core.userdetails.UsernameNotFoundException
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
import org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter;
import org.springframework.web.accept.ContentNegotiationStrategy import org.springframework.web.accept.ContentNegotiationStrategy
import org.springframework.web.accept.HeaderContentNegotiationStrategy import org.springframework.web.accept.HeaderContentNegotiationStrategy
import org.springframework.web.filter.OncePerRequestFilter import org.springframework.web.filter.OncePerRequestFilter
@ -99,6 +100,31 @@ class WebSecurityConfigurerAdapterTests extends BaseSpringSpec {
} }
} }
def "webasync populated by default"() {
when: "load config that overrides http and accepts defaults"
loadConfig(WebAsyncPopulatedByDefaultConfig)
then: "WebAsyncManagerIntegrationFilter is populated"
findFilter(WebAsyncManagerIntegrationFilter)
}
@EnableWebSecurity
@Configuration
static class WebAsyncPopulatedByDefaultConfig extends WebSecurityConfigurerAdapter {
@Override
protected void registerAuthentication(AuthenticationManagerBuilder auth)
throws Exception {
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER")
}
@Override
protected void configure(HttpSecurity http) throws Exception {
}
}
def "AuthenticationEventPublisher is registered for Web registerAuthentication"() { def "AuthenticationEventPublisher is registered for Web registerAuthentication"() {
when: when:
loadConfig(InMemoryAuthWithWebSecurityConfigurerAdapter) loadConfig(InMemoryAuthWithWebSecurityConfigurerAdapter)