SEC-2274: Add ApplicationContext as HttpSecurity shared object

2013-08-21 16:50:09 -05:00 · 2013-08-21 16:50:09 -05:00 · 379cbd2a8b
parent e8788f2657
commit 379cbd2a8b
2 changed files with 14 additions and 0 deletions
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java
@ -151,6 +151,7 @@ public abstract class WebSecurityConfigurerAdapter implements SecurityConfigurer
        authenticationBuilder.parentAuthenticationManager(authenticationManager);
        http = new HttpSecurity(objectPostProcessor,authenticationBuilder, parentAuthenticationBuilder.getSharedObjects());
        http.setSharedObject(UserDetailsService.class, userDetailsService());
+        http.setSharedObject(ApplicationContext.class, context);
        http.setSharedObject(ContentNegotiationStrategy.class, contentNegotiationStrategy);
        if(!disableDefaults) {
            http
--- a/config/src/test/groovy/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.groovy
@ -243,6 +243,19 @@ class WebSecurityConfigurerAdapterTests extends BaseSpringSpec {
        }
    }

+    def "SEC-2274: WebSecurityConfigurer adds ApplicationContext as a shared object"() {
+        when:
+            loadConfig(ApplicationContextSharedObjectConfig)
+        then:
+            context.getBean(ApplicationContextSharedObjectConfig).http.getSharedObject(ApplicationContext) == context
+    }
+
+    @Configuration
+    @EnableWebSecurity
+    static class ApplicationContextSharedObjectConfig extends WebSecurityConfigurerAdapter {
+
+    }
+
    static class MyFilter extends OncePerRequestFilter {
        private UserDetailsService userDetailsService
        public MyFilter(UserDetailsService uds) {