SEC-1055: Converted interfaces and methods using ServletRequest/Response to HttpServletRequest/Response where appropriate.
This commit is contained in:
parent
acfcac4594
commit
3f40604b82
|
@ -18,8 +18,7 @@ package org.springframework.security.ui.cas;
|
|||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.jasig.cas.client.util.CommonUtils;
|
||||
|
@ -66,7 +65,7 @@ public class CasProcessingFilterEntryPoint implements AuthenticationEntryPoint,
|
|||
Assert.notNull(this.serviceProperties, "serviceProperties must be specified");
|
||||
}
|
||||
|
||||
public void commence(final ServletRequest servletRequest, final ServletResponse servletResponse,
|
||||
public void commence(final HttpServletRequest servletRequest, final HttpServletResponse servletResponse,
|
||||
final AuthenticationException authenticationException) throws IOException, ServletException {
|
||||
|
||||
final HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||
|
|
|
@ -27,9 +27,10 @@ import javax.servlet.http.HttpServletResponse;
|
|||
/**
|
||||
* Holds objects associated with a HTTP filter.<P>Guarantees the request and response are instances of
|
||||
* <code>HttpServletRequest</code> and <code>HttpServletResponse</code>, and that there are no <code>null</code>
|
||||
* objects.</p>
|
||||
* <P>Required so that security system classes can obtain access to the filter environment, as well as the request
|
||||
* and response.</p>
|
||||
* objects.
|
||||
* <p>
|
||||
* Required so that security system classes can obtain access to the filter environment, as well as the request
|
||||
* and response.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @author colin sampaleanu
|
||||
|
@ -39,8 +40,8 @@ public class FilterInvocation {
|
|||
//~ Instance fields ================================================================================================
|
||||
|
||||
private FilterChain chain;
|
||||
private ServletRequest request;
|
||||
private ServletResponse response;
|
||||
private HttpServletRequest request;
|
||||
private HttpServletResponse response;
|
||||
|
||||
//~ Constructors ===================================================================================================
|
||||
|
||||
|
@ -49,16 +50,8 @@ public class FilterInvocation {
|
|||
throw new IllegalArgumentException("Cannot pass null values to constructor");
|
||||
}
|
||||
|
||||
if (!(request instanceof HttpServletRequest)) {
|
||||
throw new IllegalArgumentException("Can only process HttpServletRequest");
|
||||
}
|
||||
|
||||
if (!(response instanceof HttpServletResponse)) {
|
||||
throw new IllegalArgumentException("Can only process HttpServletResponse");
|
||||
}
|
||||
|
||||
this.request = request;
|
||||
this.response = response;
|
||||
this.request = (HttpServletRequest) request;
|
||||
this.response = (HttpServletResponse) response;
|
||||
this.chain = chain;
|
||||
}
|
||||
|
||||
|
@ -69,8 +62,10 @@ public class FilterInvocation {
|
|||
}
|
||||
|
||||
/**
|
||||
* Indicates the URL that the user agent used for this request.<P>The returned URL does <b>not</b> reflect
|
||||
* the port number determined from a {@link org.springframework.security.util.PortResolver}.</p>
|
||||
* Indicates the URL that the user agent used for this request.
|
||||
* <p>
|
||||
* The returned URL does <b>not</b> reflect the port number determined from a
|
||||
* {@link org.springframework.security.util.PortResolver}.
|
||||
*
|
||||
* @return the full URL of this request
|
||||
*/
|
||||
|
@ -79,17 +74,13 @@ public class FilterInvocation {
|
|||
}
|
||||
|
||||
public HttpServletRequest getHttpRequest() {
|
||||
return (HttpServletRequest) request;
|
||||
return request;
|
||||
}
|
||||
|
||||
public HttpServletResponse getHttpResponse() {
|
||||
return (HttpServletResponse) response;
|
||||
}
|
||||
|
||||
public ServletRequest getRequest() {
|
||||
return request;
|
||||
}
|
||||
|
||||
/**
|
||||
* Obtains the web application-specific fragment of the URL.
|
||||
*
|
||||
|
@ -99,8 +90,12 @@ public class FilterInvocation {
|
|||
return UrlUtils.getRequestUrl(this);
|
||||
}
|
||||
|
||||
public ServletResponse getResponse() {
|
||||
return response;
|
||||
public HttpServletRequest getRequest() {
|
||||
return getHttpRequest();
|
||||
}
|
||||
|
||||
public HttpServletResponse getResponse() {
|
||||
return getHttpResponse();
|
||||
}
|
||||
|
||||
public String toString() {
|
||||
|
|
|
@ -32,10 +32,12 @@ import javax.servlet.ServletResponse;
|
|||
|
||||
|
||||
/**
|
||||
* Performs security handling of HTTP resources via a filter implementation.<p>The
|
||||
* <code>ObjectDefinitionSource</code> required by this security interceptor is of type {@link
|
||||
* FilterInvocationDefinitionSource}.</p>
|
||||
* <p>Refer to {@link AbstractSecurityInterceptor} for details on the workflow.</p>
|
||||
* Performs security handling of HTTP resources via a filter implementation.
|
||||
* <p>
|
||||
* The <code>ObjectDefinitionSource</code> required by this security interceptor is of type {@link
|
||||
* FilterInvocationDefinitionSource}.
|
||||
* <p>
|
||||
* Refer to {@link AbstractSecurityInterceptor} for details on the workflow.</p>
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
|
@ -78,7 +80,7 @@ public class FilterSecurityInterceptor extends AbstractSecurityInterceptor imple
|
|||
* @throws ServletException if the filter chain fails
|
||||
*/
|
||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
throws IOException, ServletException {
|
||||
FilterInvocation fi = new FilterInvocation(request, response, chain);
|
||||
invoke(fi);
|
||||
}
|
||||
|
@ -93,7 +95,7 @@ public class FilterSecurityInterceptor extends AbstractSecurityInterceptor imple
|
|||
|
||||
public void invoke(FilterInvocation fi) throws IOException, ServletException {
|
||||
if ((fi.getRequest() != null) && (fi.getRequest().getAttribute(FILTER_APPLIED) != null)
|
||||
&& observeOncePerRequest) {
|
||||
&& observeOncePerRequest) {
|
||||
// filter already applied to this request and user wants us to observce
|
||||
// once-per-request handling, so don't re-do security checking
|
||||
fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
|
||||
|
|
|
@ -9,8 +9,6 @@ import org.springframework.util.Assert;
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
@ -42,7 +40,7 @@ public abstract class AbstractRetryEntryPoint implements ChannelEntryPoint {
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void commence(ServletRequest req, ServletResponse res) throws IOException, ServletException {
|
||||
public void commence(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
|
||||
String pathInfo = request.getPathInfo();
|
||||
|
|
|
@ -18,19 +18,17 @@ package org.springframework.security.securechannel;
|
|||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
|
||||
/**
|
||||
* May be used by a {@link ChannelProcessor} to launch a web channel.
|
||||
*
|
||||
* <P>
|
||||
* <code>ChannelProcessor</code>s can elect to launch a new web channel
|
||||
* directly, or they can delegate to another class. The
|
||||
* <code>ChannelEntryPoint</code> is a pluggable interface to assist
|
||||
* <code>ChannelProcessor</code>s in performing this delegation.
|
||||
* </p>
|
||||
* <p>
|
||||
* <code>ChannelProcessor</code>s can elect to launch a new web channel directly, or they can delegate to another class.
|
||||
* The <code>ChannelEntryPoint</code> is a pluggable interface to assist <code>ChannelProcessor</code>s in performing
|
||||
* this delegation.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
|
@ -39,16 +37,14 @@ public interface ChannelEntryPoint {
|
|||
//~ Methods ========================================================================================================
|
||||
|
||||
/**
|
||||
* Commences a secure channel.<P>Implementations should modify the headers on the
|
||||
* <code>ServletResponse</code> as necessary to commence the user agent using the implementation's supported
|
||||
* channel type.</p>
|
||||
* Commences a secure channel.
|
||||
* <p>
|
||||
* Implementations should modify the headers on the <code>ServletResponse</code> as necessary to commence the user
|
||||
* agent using the implementation's supported channel type.
|
||||
*
|
||||
* @param request that a <code>ChannelProcessor</code> has rejected
|
||||
* @param response so that the user agent can begin using a new channel
|
||||
*
|
||||
* @throws IOException DOCUMENT ME!
|
||||
* @throws ServletException DOCUMENT ME!
|
||||
*/
|
||||
void commence(ServletRequest request, ServletResponse response)
|
||||
throws IOException, ServletException;
|
||||
void commence(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException;
|
||||
}
|
||||
|
|
|
@ -20,8 +20,8 @@ import org.springframework.security.AccessDeniedException;
|
|||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
|
||||
/**
|
||||
|
@ -44,6 +44,6 @@ public interface AccessDeniedHandler {
|
|||
* @throws IOException in the event of an IOException
|
||||
* @throws ServletException in the event of a ServletException
|
||||
*/
|
||||
void handle(ServletRequest request, ServletResponse response, AccessDeniedException accessDeniedException)
|
||||
void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException)
|
||||
throws IOException, ServletException;
|
||||
}
|
||||
|
|
|
@ -15,28 +15,27 @@
|
|||
|
||||
package org.springframework.security.ui;
|
||||
|
||||
import org.springframework.security.AccessDeniedException;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.RequestDispatcher;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.security.AccessDeniedException;
|
||||
|
||||
|
||||
/**
|
||||
* Base implementation of {@link AccessDeniedHandler}.<p>This implementation sends a 403 (SC_FORBIDDEN) HTTP error
|
||||
* code. In addition, if a {@link #errorPage} is defined, the implementation will perform a request dispatcher
|
||||
* "forward" to the specified error page view. Being a "forward", the <code>SecurityContextHolder</code> will remain
|
||||
* Base implementation of {@link AccessDeniedHandler}.
|
||||
* <p>
|
||||
* This implementation sends a 403 (SC_FORBIDDEN) HTTP error code. In addition, if an {@link #errorPage} is defined,
|
||||
* the implementation will perform a request dispatcher "forward" to the specified error page view.
|
||||
* Being a "forward", the <code>SecurityContextHolder</code> will remain
|
||||
* populated. This is of benefit if the view (or a tag library or macro) wishes to access the
|
||||
* <code>SecurityContextHolder</code>. The request scope will also be populated with the exception itself, available
|
||||
* from the key {@link #SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY}.</p>
|
||||
* from the key {@link #SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
|
@ -53,7 +52,7 @@ public class AccessDeniedHandlerImpl implements AccessDeniedHandler {
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void handle(ServletRequest request, ServletResponse response, AccessDeniedException accessDeniedException)
|
||||
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException)
|
||||
throws IOException, ServletException {
|
||||
if (!response.isCommitted()) {
|
||||
if (errorPage != null) {
|
||||
|
@ -61,15 +60,13 @@ public class AccessDeniedHandlerImpl implements AccessDeniedHandler {
|
|||
request.setAttribute(SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY, accessDeniedException);
|
||||
|
||||
// Set the 403 status code.
|
||||
HttpServletResponse resp = (HttpServletResponse) response;
|
||||
resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
|
||||
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
|
||||
|
||||
// forward to error page.
|
||||
RequestDispatcher dispatcher = request.getRequestDispatcher(errorPage);
|
||||
dispatcher.forward(request, response);
|
||||
} else {
|
||||
HttpServletResponse resp = (HttpServletResponse) response;
|
||||
resp.sendError(HttpServletResponse.SC_FORBIDDEN, accessDeniedException.getMessage());
|
||||
response.sendError(HttpServletResponse.SC_FORBIDDEN, accessDeniedException.getMessage());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -20,13 +20,12 @@ import org.springframework.security.AuthenticationException;
|
|||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
|
||||
/**
|
||||
* Used by {@link ExceptionTranslationFilter} to commence an authentication
|
||||
* scheme.
|
||||
* Used by {@link ExceptionTranslationFilter} to commence an authentication scheme.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
|
@ -39,16 +38,16 @@ public interface AuthenticationEntryPoint {
|
|||
* <p>
|
||||
* <code>ExceptionTranslationFilter</code> will populate the <code>HttpSession</code> attribute named
|
||||
* <code>AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY</code> with the requested target URL before
|
||||
* calling this method.</p>
|
||||
*
|
||||
* <p>Implementations should modify the headers on the <code>ServletResponse</code> as necessary to
|
||||
* commence the authentication process.</p>
|
||||
* calling this method.
|
||||
* <p>
|
||||
* Implementations should modify the headers on the <code>ServletResponse</code> as necessary to
|
||||
* commence the authentication process.
|
||||
*
|
||||
* @param request that resulted in an <code>AuthenticationException</code>
|
||||
* @param response so that the user agent can begin authentication
|
||||
* @param authException that caused the invocation
|
||||
*
|
||||
*/
|
||||
void commence(ServletRequest request, ServletResponse response, AuthenticationException authException)
|
||||
void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)
|
||||
throws IOException, ServletException;
|
||||
}
|
||||
|
|
|
@ -35,8 +35,6 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
|
@ -139,7 +137,7 @@ public class ExceptionTranslationFilter extends SpringSecurityFilter implements
|
|||
return portResolver;
|
||||
}
|
||||
|
||||
private void handleException(ServletRequest request, ServletResponse response, FilterChain chain,
|
||||
private void handleException(HttpServletRequest request, HttpServletResponse response, FilterChain chain,
|
||||
SpringSecurityException exception) throws IOException, ServletException {
|
||||
if (exception instanceof AuthenticationException) {
|
||||
if (logger.isDebugEnabled()) {
|
||||
|
@ -188,7 +186,7 @@ public class ExceptionTranslationFilter extends SpringSecurityFilter implements
|
|||
return createSessionAllowed;
|
||||
}
|
||||
|
||||
protected void sendStartAuthentication(ServletRequest request, ServletResponse response, FilterChain chain,
|
||||
protected void sendStartAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain,
|
||||
AuthenticationException reason) throws ServletException, IOException {
|
||||
HttpServletRequest httpRequest = (HttpServletRequest) request;
|
||||
|
||||
|
|
|
@ -31,6 +31,7 @@ public abstract class FilterChainOrder {
|
|||
public static final int AUTHENTICATION_PROCESSING_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
|
||||
public static final int OPENID_PROCESSING_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
|
||||
public static final int LOGIN_PAGE_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
|
||||
public static final int DIGEST_PROCESSING_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
|
||||
public static final int BASIC_PROCESSING_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
|
||||
public static final int SERVLET_API_SUPPORT_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
|
||||
public static final int REMEMBER_ME_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
|
||||
|
|
|
@ -24,7 +24,7 @@ import java.io.IOException;
|
|||
*/
|
||||
public abstract class SpringSecurityFilter implements Filter, Ordered {
|
||||
protected final Log logger = LogFactory.getLog(this.getClass());
|
||||
|
||||
|
||||
/**
|
||||
* Does nothing. We use IoC container lifecycle services instead.
|
||||
*
|
||||
|
@ -41,15 +41,6 @@ public abstract class SpringSecurityFilter implements Filter, Ordered {
|
|||
}
|
||||
|
||||
public final void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
|
||||
// Do we really need the checks on the types in practice ?
|
||||
if (!(request instanceof HttpServletRequest)) {
|
||||
throw new ServletException("Can only process HttpServletRequest");
|
||||
}
|
||||
|
||||
if (!(response instanceof HttpServletResponse)) {
|
||||
throw new ServletException("Can only process HttpServletResponse");
|
||||
}
|
||||
|
||||
doFilterHttp((HttpServletRequest)request, (HttpServletResponse)response, chain);
|
||||
}
|
||||
|
||||
|
@ -58,4 +49,4 @@ public abstract class SpringSecurityFilter implements Filter, Ordered {
|
|||
public String toString() {
|
||||
return getClass().getName() + "[ order=" + getOrder() + "; ]";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -18,8 +18,7 @@ package org.springframework.security.ui.basicauth;
|
|||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.security.AuthenticationException;
|
||||
|
@ -32,7 +31,7 @@ import org.springframework.util.Assert;
|
|||
* Used by the <code>SecurityEnforcementFilter</code> to commence authentication via the {@link
|
||||
* BasicProcessingFilter}.<P>Once a user agent is authenticated using BASIC authentication, logout requires that
|
||||
* the browser be closed or an unauthorized (401) header be sent. The simplest way of achieving the latter is to call
|
||||
* the {@link #commence(ServletRequest, ServletResponse, AuthenticationException)} method below. This will indicate to
|
||||
* the {@link #commence(HttpServletRequest, HttpServletResponse, AuthenticationException)} method below. This will indicate to
|
||||
* the browser its credentials are no longer authorized, causing it to prompt the user to login again.</p>
|
||||
*
|
||||
* @author Ben Alex
|
||||
|
@ -49,7 +48,7 @@ public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint
|
|||
Assert.hasText(realmName, "realmName must be specified");
|
||||
}
|
||||
|
||||
public void commence(ServletRequest request, ServletResponse response, AuthenticationException authException)
|
||||
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)
|
||||
throws IOException, ServletException {
|
||||
HttpServletResponse httpResponse = (HttpServletResponse) response;
|
||||
httpResponse.addHeader("WWW-Authenticate", "Basic realm=\"" + realmName + "\"");
|
||||
|
|
|
@ -20,11 +20,9 @@ import java.util.Map;
|
|||
|
||||
import javax.servlet.Filter;
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.FilterConfig;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import org.apache.commons.codec.digest.DigestUtils;
|
||||
|
@ -43,6 +41,8 @@ import org.springframework.security.providers.UsernamePasswordAuthenticationToke
|
|||
import org.springframework.security.providers.dao.UserCache;
|
||||
import org.springframework.security.providers.dao.cache.NullUserCache;
|
||||
import org.springframework.security.ui.AuthenticationDetailsSource;
|
||||
import org.springframework.security.ui.FilterChainOrder;
|
||||
import org.springframework.security.ui.SpringSecurityFilter;
|
||||
import org.springframework.security.ui.WebAuthenticationDetailsSource;
|
||||
import org.springframework.security.userdetails.UserDetails;
|
||||
import org.springframework.security.userdetails.UserDetailsService;
|
||||
|
@ -78,7 +78,7 @@ import org.springframework.util.StringUtils;
|
|||
* than Basic authentication. Please see RFC 2617 section 4 for a full discussion on the advantages of Digest
|
||||
* authentication over Basic authentication, including commentary on the limitations that it still imposes.
|
||||
*/
|
||||
public class DigestProcessingFilter implements Filter, InitializingBean, MessageSourceAware {
|
||||
public class DigestProcessingFilter extends SpringSecurityFilter implements Filter, InitializingBean, MessageSourceAware {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
private static final Log logger = LogFactory.getLog(DigestProcessingFilter.class);
|
||||
|
@ -99,15 +99,9 @@ public class DigestProcessingFilter implements Filter, InitializingBean, Message
|
|||
Assert.notNull(authenticationEntryPoint, "A DigestProcessingFilterEntryPoint is required");
|
||||
}
|
||||
|
||||
public void destroy() {
|
||||
}
|
||||
|
||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
|
||||
public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
|
||||
HttpServletRequest httpRequest = (HttpServletRequest) request;
|
||||
|
||||
String header = httpRequest.getHeader("Authorization");
|
||||
String header = request.getHeader("Authorization");
|
||||
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug("Authorization header received from user agent: " + header);
|
||||
|
@ -322,7 +316,7 @@ public class DigestProcessingFilter implements Filter, InitializingBean, Message
|
|||
return a1Md5;
|
||||
}
|
||||
|
||||
private void fail(ServletRequest request, ServletResponse response, AuthenticationException failed)
|
||||
private void fail(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed)
|
||||
throws IOException, ServletException {
|
||||
SecurityContextHolder.getContext().setAuthentication(null);
|
||||
|
||||
|
@ -394,9 +388,6 @@ public class DigestProcessingFilter implements Filter, InitializingBean, Message
|
|||
return userDetailsService;
|
||||
}
|
||||
|
||||
public void init(FilterConfig ignored) throws ServletException {
|
||||
}
|
||||
|
||||
public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource) {
|
||||
Assert.notNull(authenticationDetailsSource, "AuthenticationDetailsSource required");
|
||||
this.authenticationDetailsSource = authenticationDetailsSource;
|
||||
|
@ -421,4 +412,8 @@ public class DigestProcessingFilter implements Filter, InitializingBean, Message
|
|||
public void setUserDetailsService(UserDetailsService userDetailsService) {
|
||||
this.userDetailsService = userDetailsService;
|
||||
}
|
||||
|
||||
public int getOrder() {
|
||||
return FilterChainOrder.DIGEST_PROCESSING_FILTER;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -18,8 +18,7 @@ package org.springframework.security.ui.digestauth;
|
|||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.security.AuthenticationException;
|
||||
|
@ -75,7 +74,7 @@ public class DigestProcessingFilterEntryPoint implements AuthenticationEntryPoin
|
|||
}
|
||||
}
|
||||
|
||||
public void commence(ServletRequest request, ServletResponse response, AuthenticationException authException)
|
||||
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)
|
||||
throws IOException, ServletException {
|
||||
HttpServletResponse httpResponse = (HttpServletResponse) response;
|
||||
|
||||
|
|
|
@ -6,8 +6,7 @@ import org.springframework.security.ui.AuthenticationEntryPoint;
|
|||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
|
@ -46,7 +45,7 @@ public class PreAuthenticatedProcessingFilterEntryPoint implements Authenticatio
|
|||
/**
|
||||
* Always returns a 403 error code to the client.
|
||||
*/
|
||||
public void commence(ServletRequest request, ServletResponse response, AuthenticationException arg2) throws IOException,
|
||||
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException arg2) throws IOException,
|
||||
ServletException {
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug("Pre-authenticated entry point called. Rejecting access");
|
||||
|
|
|
@ -36,8 +36,6 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.RequestDispatcher;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
|
@ -103,7 +101,7 @@ public class AuthenticationProcessingFilterEntryPoint implements AuthenticationE
|
|||
/**
|
||||
* Performs the redirect (or forward) to the login form URL.
|
||||
*/
|
||||
public void commence(ServletRequest request, ServletResponse response, AuthenticationException authException)
|
||||
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)
|
||||
throws IOException, ServletException {
|
||||
|
||||
HttpServletRequest httpRequest = (HttpServletRequest) request;
|
||||
|
|
|
@ -92,7 +92,7 @@ public class FilterToBeanProxy implements Filter {
|
|||
}
|
||||
|
||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
throws IOException, ServletException {
|
||||
if (!initialized) {
|
||||
doInit();
|
||||
}
|
||||
|
|
|
@ -18,8 +18,6 @@ package org.springframework.security;
|
|||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
|
@ -39,15 +37,14 @@ public class MockAuthenticationEntryPoint implements AuthenticationEntryPoint {
|
|||
|
||||
//~ Constructors ===================================================================================================
|
||||
|
||||
public MockAuthenticationEntryPoint(String url) {
|
||||
public MockAuthenticationEntryPoint(String url) {
|
||||
this.url = url;
|
||||
}
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void commence(ServletRequest request, ServletResponse response,
|
||||
AuthenticationException authenticationException)
|
||||
throws IOException, ServletException {
|
||||
((HttpServletResponse) response).sendRedirect(((HttpServletRequest) request).getContextPath() + url);
|
||||
public void commence(HttpServletRequest request, HttpServletResponse response,
|
||||
AuthenticationException authenticationException) throws IOException, ServletException {
|
||||
response.sendRedirect(request.getContextPath() + url);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -157,26 +157,6 @@ public class ChannelProcessingFilterTests extends TestCase {
|
|||
assertTrue(true);
|
||||
}
|
||||
|
||||
public void testDoFilterWithNonHttpServletRequestDetected() throws Exception {
|
||||
ChannelProcessingFilter filter = new ChannelProcessingFilter();
|
||||
|
||||
try {
|
||||
filter.doFilter(null, new MockHttpServletResponse(), new MockFilterChain());
|
||||
fail("Should have thrown ServletException");
|
||||
} catch (ServletException expected) {
|
||||
}
|
||||
}
|
||||
|
||||
public void testDoFilterWithNonHttpServletResponseDetected() throws Exception {
|
||||
ChannelProcessingFilter filter = new ChannelProcessingFilter();
|
||||
|
||||
try {
|
||||
filter.doFilter(new MockHttpServletRequest(null, null), null, new MockFilterChain());
|
||||
fail("Should have thrown ServletException");
|
||||
} catch (ServletException expected) {
|
||||
}
|
||||
}
|
||||
|
||||
public void testGetterSetters() throws Exception {
|
||||
ChannelProcessingFilter filter = new ChannelProcessingFilter();
|
||||
filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "MOCK"));
|
||||
|
|
|
@ -27,6 +27,7 @@ import org.springframework.security.MockPortResolver;
|
|||
import org.springframework.security.context.SecurityContextHolder;
|
||||
|
||||
import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
|
||||
import org.springframework.security.util.AuthorityUtils;
|
||||
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
@ -46,296 +47,270 @@ import javax.servlet.ServletResponse;
|
|||
* benalex $
|
||||
*/
|
||||
public class ExceptionTranslationFilterTests extends TestCase {
|
||||
//~ Methods ========================================================================================================
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
protected void tearDown() throws Exception {
|
||||
super.tearDown();
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
protected void tearDown() throws Exception {
|
||||
super.tearDown();
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
|
||||
public void testAccessDeniedWhenAnonymous() throws Exception {
|
||||
// Setup our HTTP request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setServletPath("/secure/page.html");
|
||||
request.setServerPort(80);
|
||||
request.setScheme("http");
|
||||
request.setServerName("www.example.com");
|
||||
request.setContextPath("/mycontext");
|
||||
request.setRequestURI("/mycontext/secure/page.html");
|
||||
public void testAccessDeniedWhenAnonymous() throws Exception {
|
||||
// Setup our HTTP request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setServletPath("/secure/page.html");
|
||||
request.setServerPort(80);
|
||||
request.setScheme("http");
|
||||
request.setServerName("www.example.com");
|
||||
request.setContextPath("/mycontext");
|
||||
request.setRequestURI("/mycontext/secure/page.html");
|
||||
|
||||
// Setup the FilterChain to thrown an access denied exception
|
||||
MockFilterChain chain = new MockFilterChain(true, false, false, false);
|
||||
// Setup the FilterChain to thrown an access denied exception
|
||||
MockFilterChain chain = new MockFilterChain(true, false, false, false);
|
||||
|
||||
// Setup SecurityContextHolder, as filter needs to check if user is
|
||||
// anonymous
|
||||
SecurityContextHolder.getContext().setAuthentication(
|
||||
new AnonymousAuthenticationToken("ignored", "ignored",
|
||||
new GrantedAuthority[] { new GrantedAuthorityImpl("IGNORED") }));
|
||||
// Setup SecurityContextHolder, as filter needs to check if user is
|
||||
// anonymous
|
||||
SecurityContextHolder.getContext().setAuthentication(
|
||||
new AnonymousAuthenticationToken("ignored", "ignored", AuthorityUtils.createAuthorityList("IGNORED")));
|
||||
|
||||
// Test
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
|
||||
// Test
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
|
||||
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
filter.doFilter(request, response, chain);
|
||||
assertEquals("/mycontext/login.jsp", response.getRedirectedUrl());
|
||||
assertEquals("http://www.example.com/mycontext/secure/page.html", AbstractProcessingFilter
|
||||
.obtainFullSavedRequestUrl(request));
|
||||
}
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
filter.doFilter(request, response, chain);
|
||||
assertEquals("/mycontext/login.jsp", response.getRedirectedUrl());
|
||||
assertEquals("http://www.example.com/mycontext/secure/page.html", AbstractProcessingFilter
|
||||
.obtainFullSavedRequestUrl(request));
|
||||
}
|
||||
|
||||
public void testAccessDeniedWhenNonAnonymous() throws Exception {
|
||||
// Setup our HTTP request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setServletPath("/secure/page.html");
|
||||
public void testAccessDeniedWhenNonAnonymous() throws Exception {
|
||||
// Setup our HTTP request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setServletPath("/secure/page.html");
|
||||
|
||||
// Setup the FilterChain to thrown an access denied exception
|
||||
MockFilterChain chain = new MockFilterChain(true, false, false, false);
|
||||
// Setup the FilterChain to thrown an access denied exception
|
||||
MockFilterChain chain = new MockFilterChain(true, false, false, false);
|
||||
|
||||
// Setup SecurityContextHolder, as filter needs to check if user is
|
||||
// anonymous
|
||||
SecurityContextHolder.getContext().setAuthentication(null);
|
||||
// Setup SecurityContextHolder, as filter needs to check if user is
|
||||
// anonymous
|
||||
SecurityContextHolder.getContext().setAuthentication(null);
|
||||
|
||||
// Setup a new AccessDeniedHandlerImpl that will do a "forward"
|
||||
AccessDeniedHandlerImpl adh = new AccessDeniedHandlerImpl();
|
||||
adh.setErrorPage("/error.jsp");
|
||||
// Setup a new AccessDeniedHandlerImpl that will do a "forward"
|
||||
AccessDeniedHandlerImpl adh = new AccessDeniedHandlerImpl();
|
||||
adh.setErrorPage("/error.jsp");
|
||||
|
||||
// Test
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
|
||||
filter.setAccessDeniedHandler(adh);
|
||||
// Test
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
|
||||
filter.setAccessDeniedHandler(adh);
|
||||
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
filter.doFilter(request, response, chain);
|
||||
assertEquals(403, response.getStatus());
|
||||
assertEquals(AccessDeniedException.class, request.getAttribute(
|
||||
AccessDeniedHandlerImpl.SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY).getClass());
|
||||
}
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
filter.doFilter(request, response, chain);
|
||||
assertEquals(403, response.getStatus());
|
||||
assertEquals(AccessDeniedException.class, request.getAttribute(
|
||||
AccessDeniedHandlerImpl.SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY).getClass());
|
||||
}
|
||||
|
||||
public void testDoFilterWithNonHttpServletRequestDetected() throws Exception {
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
public void testGettersSetters() {
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
|
||||
try {
|
||||
filter.doFilter(null, new MockHttpServletResponse(), new MockFilterChain(false, false, false, false));
|
||||
fail("Should have thrown ServletException");
|
||||
}
|
||||
catch (ServletException expected) {
|
||||
assertEquals("Can only process HttpServletRequest", expected.getMessage());
|
||||
}
|
||||
}
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
|
||||
assertTrue(filter.getAuthenticationEntryPoint() != null);
|
||||
|
||||
public void testDoFilterWithNonHttpServletResponseDetected() throws Exception {
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
filter.setPortResolver(new MockPortResolver(80, 443));
|
||||
assertTrue(filter.getPortResolver() != null);
|
||||
}
|
||||
|
||||
try {
|
||||
filter.doFilter(new MockHttpServletRequest(null, null), null, new MockFilterChain(false, false, false,
|
||||
false));
|
||||
fail("Should have thrown ServletException");
|
||||
}
|
||||
catch (ServletException expected) {
|
||||
assertEquals("Can only process HttpServletResponse", expected.getMessage());
|
||||
}
|
||||
}
|
||||
public void testRedirectedToLoginFormAndSessionShowsOriginalTargetWhenAuthenticationException() throws Exception {
|
||||
// Setup our HTTP request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setServletPath("/secure/page.html");
|
||||
request.setServerPort(80);
|
||||
request.setScheme("http");
|
||||
request.setServerName("www.example.com");
|
||||
request.setContextPath("/mycontext");
|
||||
request.setRequestURI("/mycontext/secure/page.html");
|
||||
|
||||
public void testGettersSetters() {
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
// Setup the FilterChain to thrown an authentication failure exception
|
||||
MockFilterChain chain = new MockFilterChain(false, true, false, false);
|
||||
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
|
||||
assertTrue(filter.getAuthenticationEntryPoint() != null);
|
||||
// Test
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
|
||||
filter.setPortResolver(new MockPortResolver(80, 443));
|
||||
/*
|
||||
* Disabled the call to afterPropertiesSet as it requires
|
||||
* applicationContext to be injected before it is invoked. We do not
|
||||
* have this filter configured in IOC for this test hence no
|
||||
* ApplicationContext
|
||||
*/
|
||||
// filter.afterPropertiesSet();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
filter.doFilter(request, response, chain);
|
||||
assertEquals("/mycontext/login.jsp", response.getRedirectedUrl());
|
||||
assertEquals("http://www.example.com/mycontext/secure/page.html", AbstractProcessingFilter
|
||||
.obtainFullSavedRequestUrl(request));
|
||||
}
|
||||
|
||||
filter.setPortResolver(new MockPortResolver(80, 443));
|
||||
assertTrue(filter.getPortResolver() != null);
|
||||
}
|
||||
public void testRedirectedToLoginFormAndSessionShowsOriginalTargetWithExoticPortWhenAuthenticationException()
|
||||
throws Exception {
|
||||
// Setup our HTTP request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setServletPath("/secure/page.html");
|
||||
request.setServerPort(8080);
|
||||
request.setScheme("http");
|
||||
request.setServerName("www.example.com");
|
||||
request.setContextPath("/mycontext");
|
||||
request.setRequestURI("/mycontext/secure/page.html");
|
||||
|
||||
public void testRedirectedToLoginFormAndSessionShowsOriginalTargetWhenAuthenticationException() throws Exception {
|
||||
// Setup our HTTP request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setServletPath("/secure/page.html");
|
||||
request.setServerPort(80);
|
||||
request.setScheme("http");
|
||||
request.setServerName("www.example.com");
|
||||
request.setContextPath("/mycontext");
|
||||
request.setRequestURI("/mycontext/secure/page.html");
|
||||
// Setup the FilterChain to thrown an authentication failure exception
|
||||
MockFilterChain chain = new MockFilterChain(false, true, false, false);
|
||||
|
||||
// Setup the FilterChain to thrown an authentication failure exception
|
||||
MockFilterChain chain = new MockFilterChain(false, true, false, false);
|
||||
// Test
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
|
||||
filter.setPortResolver(new MockPortResolver(8080, 8443));
|
||||
/*
|
||||
* Disabled the call to afterPropertiesSet as it requires
|
||||
* applicationContext to be injected before it is invoked. We do not
|
||||
* have this filter configured in IOC for this test hence no
|
||||
* ApplicationContext
|
||||
*/
|
||||
// filter.afterPropertiesSet();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
filter.doFilter(request, response, chain);
|
||||
assertEquals("/mycontext/login.jsp", response.getRedirectedUrl());
|
||||
assertEquals("http://www.example.com:8080/mycontext/secure/page.html", AbstractProcessingFilter
|
||||
.obtainFullSavedRequestUrl(request));
|
||||
}
|
||||
|
||||
// Test
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
|
||||
filter.setPortResolver(new MockPortResolver(80, 443));
|
||||
/*
|
||||
* Disabled the call to afterPropertiesSet as it requires
|
||||
* applicationContext to be injected before it is invoked. We do not
|
||||
* have this filter configured in IOC for this test hence no
|
||||
* ApplicationContext
|
||||
*/
|
||||
// filter.afterPropertiesSet();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
filter.doFilter(request, response, chain);
|
||||
assertEquals("/mycontext/login.jsp", response.getRedirectedUrl());
|
||||
assertEquals("http://www.example.com/mycontext/secure/page.html", AbstractProcessingFilter
|
||||
.obtainFullSavedRequestUrl(request));
|
||||
}
|
||||
public void testStartupDetectsMissingAuthenticationEntryPoint() throws Exception {
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
|
||||
public void testRedirectedToLoginFormAndSessionShowsOriginalTargetWithExoticPortWhenAuthenticationException()
|
||||
throws Exception {
|
||||
// Setup our HTTP request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setServletPath("/secure/page.html");
|
||||
request.setServerPort(8080);
|
||||
request.setScheme("http");
|
||||
request.setServerName("www.example.com");
|
||||
request.setContextPath("/mycontext");
|
||||
request.setRequestURI("/mycontext/secure/page.html");
|
||||
try {
|
||||
filter.afterPropertiesSet();
|
||||
fail("Should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
assertEquals("authenticationEntryPoint must be specified", expected.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
// Setup the FilterChain to thrown an authentication failure exception
|
||||
MockFilterChain chain = new MockFilterChain(false, true, false, false);
|
||||
public void testStartupDetectsMissingPortResolver() throws Exception {
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
|
||||
filter.setPortResolver(null);
|
||||
|
||||
// Test
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
|
||||
filter.setPortResolver(new MockPortResolver(8080, 8443));
|
||||
/*
|
||||
* Disabled the call to afterPropertiesSet as it requires
|
||||
* applicationContext to be injected before it is invoked. We do not
|
||||
* have this filter configured in IOC for this test hence no
|
||||
* ApplicationContext
|
||||
*/
|
||||
// filter.afterPropertiesSet();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
filter.doFilter(request, response, chain);
|
||||
assertEquals("/mycontext/login.jsp", response.getRedirectedUrl());
|
||||
assertEquals("http://www.example.com:8080/mycontext/secure/page.html", AbstractProcessingFilter
|
||||
.obtainFullSavedRequestUrl(request));
|
||||
}
|
||||
try {
|
||||
filter.afterPropertiesSet();
|
||||
fail("Should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
assertEquals("portResolver must be specified", expected.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
public void testStartupDetectsMissingAuthenticationEntryPoint() throws Exception {
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
public void testSuccessfulAccessGrant() throws Exception {
|
||||
// Setup our HTTP request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setServletPath("/secure/page.html");
|
||||
|
||||
try {
|
||||
filter.afterPropertiesSet();
|
||||
fail("Should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
assertEquals("authenticationEntryPoint must be specified", expected.getMessage());
|
||||
}
|
||||
}
|
||||
// Setup the FilterChain to thrown no exceptions
|
||||
MockFilterChain chain = new MockFilterChain(false, false, false, false);
|
||||
|
||||
public void testStartupDetectsMissingPortResolver() throws Exception {
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
|
||||
filter.setPortResolver(null);
|
||||
// Test
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
|
||||
|
||||
try {
|
||||
filter.afterPropertiesSet();
|
||||
fail("Should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
assertEquals("portResolver must be specified", expected.getMessage());
|
||||
}
|
||||
}
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
filter.doFilter(request, response, chain);
|
||||
}
|
||||
|
||||
public void testSuccessfulAccessGrant() throws Exception {
|
||||
// Setup our HTTP request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setServletPath("/secure/page.html");
|
||||
public void testSuccessfulStartupAndShutdownDown() throws Exception {
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
|
||||
// Setup the FilterChain to thrown no exceptions
|
||||
MockFilterChain chain = new MockFilterChain(false, false, false, false);
|
||||
filter.init(null);
|
||||
filter.destroy();
|
||||
assertTrue(true);
|
||||
}
|
||||
|
||||
// Test
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
|
||||
public void testThrowIOException() throws Exception {
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
filter.doFilter(request, response, chain);
|
||||
}
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint(""));
|
||||
/*
|
||||
* Disabled the call to afterPropertiesSet as it requires
|
||||
* applicationContext to be injected before it is invoked. We do not
|
||||
* have this filter configured in IOC for this test hence no
|
||||
* ApplicationContext
|
||||
*/
|
||||
// filter.afterPropertiesSet();
|
||||
try {
|
||||
filter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), new MockFilterChain(false,
|
||||
false, false, true));
|
||||
fail("Should have thrown IOException");
|
||||
}
|
||||
catch (IOException e) {
|
||||
assertNull("The IOException thrown should not have been wrapped", e.getCause());
|
||||
}
|
||||
}
|
||||
|
||||
public void testSuccessfulStartupAndShutdownDown() throws Exception {
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
public void testThrowServletException() throws Exception {
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
|
||||
filter.init(null);
|
||||
filter.destroy();
|
||||
assertTrue(true);
|
||||
}
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint(""));
|
||||
/*
|
||||
* Disabled the call to afterPropertiesSet as it requires
|
||||
* applicationContext to be injected before it is invoked. We do not
|
||||
* have this filter configured in IOC for this test hence no
|
||||
* ApplicationContext
|
||||
*/
|
||||
// filter.afterPropertiesSet();
|
||||
try {
|
||||
filter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), new MockFilterChain(false,
|
||||
false, true, false));
|
||||
fail("Should have thrown ServletException");
|
||||
}
|
||||
catch (ServletException e) {
|
||||
assertNull("The ServletException thrown should not have been wrapped", e.getCause());
|
||||
}
|
||||
}
|
||||
|
||||
public void testThrowIOException() throws Exception {
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
// ~ Inner Classes =================================================================================================
|
||||
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint(""));
|
||||
/*
|
||||
* Disabled the call to afterPropertiesSet as it requires
|
||||
* applicationContext to be injected before it is invoked. We do not
|
||||
* have this filter configured in IOC for this test hence no
|
||||
* ApplicationContext
|
||||
*/
|
||||
// filter.afterPropertiesSet();
|
||||
try {
|
||||
filter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), new MockFilterChain(false,
|
||||
false, false, true));
|
||||
fail("Should have thrown IOException");
|
||||
}
|
||||
catch (IOException e) {
|
||||
assertNull("The IOException thrown should not have been wrapped", e.getCause());
|
||||
}
|
||||
}
|
||||
private class MockFilterChain implements FilterChain {
|
||||
private boolean throwAccessDenied;
|
||||
|
||||
public void testThrowServletException() throws Exception {
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
|
||||
private boolean throwAuthenticationFailure;
|
||||
|
||||
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint(""));
|
||||
/*
|
||||
* Disabled the call to afterPropertiesSet as it requires
|
||||
* applicationContext to be injected before it is invoked. We do not
|
||||
* have this filter configured in IOC for this test hence no
|
||||
* ApplicationContext
|
||||
*/
|
||||
// filter.afterPropertiesSet();
|
||||
try {
|
||||
filter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), new MockFilterChain(false,
|
||||
false, true, false));
|
||||
fail("Should have thrown ServletException");
|
||||
}
|
||||
catch (ServletException e) {
|
||||
assertNull("The ServletException thrown should not have been wrapped", e.getCause());
|
||||
}
|
||||
}
|
||||
private boolean throwIOException;
|
||||
|
||||
// ~ Inner Classes =================================================================================================
|
||||
private boolean throwServletException;
|
||||
|
||||
private class MockFilterChain implements FilterChain {
|
||||
private boolean throwAccessDenied;
|
||||
public MockFilterChain(boolean throwAccessDenied, boolean throwAuthenticationFailure,
|
||||
boolean throwServletException, boolean throwIOException) {
|
||||
this.throwAccessDenied = throwAccessDenied;
|
||||
this.throwAuthenticationFailure = throwAuthenticationFailure;
|
||||
this.throwServletException = throwServletException;
|
||||
this.throwIOException = throwIOException;
|
||||
}
|
||||
|
||||
private boolean throwAuthenticationFailure;
|
||||
public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
|
||||
if (throwAccessDenied) {
|
||||
throw new AccessDeniedException("As requested");
|
||||
}
|
||||
|
||||
private boolean throwIOException;
|
||||
if (throwAuthenticationFailure) {
|
||||
throw new BadCredentialsException("As requested");
|
||||
}
|
||||
|
||||
private boolean throwServletException;
|
||||
if (throwServletException) {
|
||||
throw new ServletException("As requested");
|
||||
}
|
||||
|
||||
public MockFilterChain(boolean throwAccessDenied, boolean throwAuthenticationFailure,
|
||||
boolean throwServletException, boolean throwIOException) {
|
||||
this.throwAccessDenied = throwAccessDenied;
|
||||
this.throwAuthenticationFailure = throwAuthenticationFailure;
|
||||
this.throwServletException = throwServletException;
|
||||
this.throwIOException = throwIOException;
|
||||
}
|
||||
|
||||
public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
|
||||
if (throwAccessDenied) {
|
||||
throw new AccessDeniedException("As requested");
|
||||
}
|
||||
|
||||
if (throwAuthenticationFailure) {
|
||||
throw new BadCredentialsException("As requested");
|
||||
}
|
||||
|
||||
if (throwServletException) {
|
||||
throw new ServletException("As requested");
|
||||
}
|
||||
|
||||
if (throwIOException) {
|
||||
throw new IOException("As requested");
|
||||
}
|
||||
}
|
||||
}
|
||||
if (throwIOException) {
|
||||
throw new IOException("As requested");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -25,8 +25,6 @@ import org.springframework.util.Assert;
|
|||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
|
@ -83,7 +81,7 @@ public class NtlmProcessingFilterEntryPoint implements AuthenticationEntryPoint
|
|||
* {@link NtlmType2MessageException}, or
|
||||
* {@link AuthenticationException}
|
||||
*/
|
||||
public void commence(final ServletRequest request, final ServletResponse response, final AuthenticationException authException) throws IOException, ServletException {
|
||||
public void commence(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException authException) throws IOException, ServletException {
|
||||
final HttpServletResponse resp = (HttpServletResponse) response;
|
||||
|
||||
if (authException instanceof NtlmBaseException) {
|
||||
|
|
Loading…
Reference in New Issue