From 40ccd3be115319a0d050c813b4d208f807815229 Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Mon, 15 Dec 2008 01:25:12 +0000 Subject: [PATCH] SEC-1058: Further refactoring to remove use of getDefaultTargetUrl(). Subclasses now pass the default value as a constructor argument. --- .../security/ui/cas/CasProcessingFilter.java | 104 +++++------ .../ui/cas/CasProcessingFilterTests.java | 2 +- .../security/ui/AbstractProcessingFilter.java | 22 ++- .../AuthenticationProcessingFilter.java | 20 +- .../DefaultLoginPageGeneratingFilter.java | 176 +++++++++--------- .../ui/AbstractProcessingFilterTests.java | 7 +- .../AuthenticationProcessingFilterTests.java | 26 +-- ...DefaultLoginPageGeneratingFilterTests.java | 15 +- .../OpenIDAuthenticationProcessingFilter.java | 10 +- 9 files changed, 183 insertions(+), 199 deletions(-) diff --git a/cas/src/main/java/org/springframework/security/ui/cas/CasProcessingFilter.java b/cas/src/main/java/org/springframework/security/ui/cas/CasProcessingFilter.java index 7438e04591..27da9d1f27 100644 --- a/cas/src/main/java/org/springframework/security/ui/cas/CasProcessingFilter.java +++ b/cas/src/main/java/org/springframework/security/ui/cas/CasProcessingFilter.java @@ -33,23 +33,27 @@ import javax.servlet.http.HttpServletResponse; /** - * Processes a CAS service ticket.

A service ticket consists of an opaque ticket string. It arrives at this - * filter by the user's browser successfully authenticating using CAS, and then receiving a HTTP redirect to a - * service. The opaque ticket string is presented in the ticket request parameter. This - * filter monitors the service URL so it can receive the service ticket and process it. The CAS server - * knows which service URL to use via the {@link ServiceProperties#getService()} method.

- *

Processing the service ticket involves creating a UsernamePasswordAuthenticationToken which + * Processes a CAS service ticket. + *

+ * A service ticket consists of an opaque ticket string. It arrives at this filter by the user's browser successfully + * authenticating using CAS, and then receiving a HTTP redirect to a service. The opaque ticket string is + * presented in the ticket request parameter. This filter monitors the service URL so it can + * receive the service ticket and process it. The CAS server knows which service URL to use via the + * {@link ServiceProperties#getService()} method. + *

+ * Processing the service ticket involves creating a UsernamePasswordAuthenticationToken which * uses {@link #CAS_STATEFUL_IDENTIFIER} for the principal and the opaque ticket string as the - * credentials.

- *

The configured AuthenticationManager is expected to provide a provider that can recognise + * credentials. + *

+ * The configured AuthenticationManager is expected to provide a provider that can recognise * UsernamePasswordAuthenticationTokens containing this special principal name, and process - * them accordingly by validation with the CAS server.

- *

By configuring a shared {@link ProxyGrantingTicketStorage} between the {@link TicketValidator} and the CasProcessingFilter - * one can have the CasProcessingFilter handle the proxying requirements for CAS. In addition, the URI endpoint for the proxying - * would also need to be configured (i.e. the part after protocol, hostname, and port). - * - *

Do not use this class directly. Instead configure web.xml to use the {@link - * org.springframework.security.util.FilterToBeanProxy}.

+ * them accordingly by validation with the CAS server. + *

+ * By configuring a shared {@link ProxyGrantingTicketStorage} between the {@link TicketValidator} and the + * CasProcessingFilter one can have the CasProcessingFilter handle the proxying requirements for CAS. In addition, the + * URI endpoint for the proxying would also need to be configured (i.e. the part after protocol, hostname, and port). + *

+ * By default this filter processes the URL /j_spring_cas_security_check. * * @author Ben Alex * @version $Id$ @@ -71,13 +75,19 @@ public class CasProcessingFilter extends AbstractProcessingFilter { * The last portion of the receptor url, i.e. /proxy/receptor */ private String proxyReceptorUrl; - + /** * The backing storage to store ProxyGrantingTicket requests. */ private ProxyGrantingTicketStorage proxyGrantingTicketStorage; - //~ Methods ======================================================================================================== + //~ Constructors =================================================================================================== + + public CasProcessingFilter() { + super("/j_spring_cas_security_check"); + } + + //~ Methods ======================================================================================================== public Authentication attemptAuthentication(final HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { final String username = CAS_STATEFUL_IDENTIFIER; @@ -95,46 +105,34 @@ public class CasProcessingFilter extends AbstractProcessingFilter { } /** - * This filter by default responds to /j_spring_cas_security_check. - * - * @return the default + * Overridden to provide proxying capabilities. */ - public String getDefaultFilterProcessesUrl() { - return "/j_spring_cas_security_check"; + protected boolean requiresAuthentication(final HttpServletRequest request, + final HttpServletResponse response) { + final String requestUri = request.getRequestURI(); + + if (CommonUtils.isEmpty(this.proxyReceptorUrl) || !requestUri.endsWith(this.proxyReceptorUrl) || this.proxyGrantingTicketStorage == null) { + return super.requiresAuthentication(request, response); + } + + try { + CommonUtils.readAndRespondToProxyReceptorRequest(request, response, this.proxyGrantingTicketStorage); + return false; + } catch (final IOException e) { + return super.requiresAuthentication(request, response); + } + } + + public final void setProxyReceptorUrl(final String proxyReceptorUrl) { + this.proxyReceptorUrl = proxyReceptorUrl; + } + + public final void setProxyGrantingTicketStorage( + final ProxyGrantingTicketStorage proxyGrantingTicketStorage) { + this.proxyGrantingTicketStorage = proxyGrantingTicketStorage; } public int getOrder() { return FilterChainOrder.CAS_PROCESSING_FILTER; } - - - /** - * Overridden to provide proxying capabilities. - */ - protected boolean requiresAuthentication(final HttpServletRequest request, - final HttpServletResponse response) { - final String requestUri = request.getRequestURI(); - - if (CommonUtils.isEmpty(this.proxyReceptorUrl) || !requestUri.endsWith(this.proxyReceptorUrl) || this.proxyGrantingTicketStorage == null) { - return super.requiresAuthentication(request, response); - } - - try { - CommonUtils.readAndRespondToProxyReceptorRequest(request, response, this.proxyGrantingTicketStorage); - return false; - } catch (final IOException e) { - return super.requiresAuthentication(request, response); - } - } - - public final void setProxyReceptorUrl(final String proxyReceptorUrl) { - this.proxyReceptorUrl = proxyReceptorUrl; - } - - public final void setProxyGrantingTicketStorage( - final ProxyGrantingTicketStorage proxyGrantingTicketStorage) { - this.proxyGrantingTicketStorage = proxyGrantingTicketStorage; - } - - } diff --git a/cas/src/test/java/org/springframework/security/ui/cas/CasProcessingFilterTests.java b/cas/src/test/java/org/springframework/security/ui/cas/CasProcessingFilterTests.java index e377bd6b8e..e4bfcfb04c 100644 --- a/cas/src/test/java/org/springframework/security/ui/cas/CasProcessingFilterTests.java +++ b/cas/src/test/java/org/springframework/security/ui/cas/CasProcessingFilterTests.java @@ -36,7 +36,7 @@ public class CasProcessingFilterTests extends TestCase { public void testGetters() { CasProcessingFilter filter = new CasProcessingFilter(); - assertEquals("/j_spring_cas_security_check", filter.getDefaultFilterProcessesUrl()); + assertEquals("/j_spring_cas_security_check", filter.getFilterProcessesUrl()); } public void testNormalOperation() throws Exception { diff --git a/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java index 0d129c79e7..876c090ea1 100644 --- a/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java +++ b/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java @@ -80,7 +80,7 @@ import org.springframework.util.Assert; * client. It may also be configured with a failure URL as an alternative. Again you can inject whatever * behaviour you require here. * - *

Event Pulication

+ *

Event Publication

* * If authentication is successful, an * {@link org.springframework.security.event.authentication.InteractiveAuthenticationSuccessEvent @@ -123,7 +123,7 @@ public abstract class AbstractProcessingFilter extends SpringSecurityFilter impl * The URL destination that this filter intercepts and processes (usually * something like /j_spring_security_check) */ - private String filterProcessesUrl = getDefaultFilterProcessesUrl(); + private String filterProcessesUrl; private boolean continueChainBeforeSuccessfulAuthentication = false; @@ -150,6 +150,15 @@ public abstract class AbstractProcessingFilter extends SpringSecurityFilter impl private AuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler(); private AuthenticationFailureHandler failureHandler = new SimpleUrlAuthenticationFailureHandler(); + //~ Constructors =================================================================================================== + + /** + * @param defaultFilterProcessesUrl the default value for filterProcessesUrl. + */ + protected AbstractProcessingFilter(String defaultFilterProcessesUrl) { + this.filterProcessesUrl = defaultFilterProcessesUrl; + } + //~ Methods ======================================================================================================== public void afterPropertiesSet() throws Exception { @@ -273,7 +282,7 @@ public abstract class AbstractProcessingFilter extends SpringSecurityFilter impl *
    *
  1. Sets the successful Authentication object on the {@link SecurityContextHolder}
    2. *
  2. Performs any configured session migration behaviour
    3. - *
  3. Informs the configured RememberMeServices of the successul login
    4. + *
  4. Informs the configured RememberMeServices of the successful login
    5. *
  5. Fires an {@link InteractiveAuthenticationSuccessEvent} via the configured * ApplicationEventPublisher
    6. *
  6. Delegates additional behaviour to the {@link AuthenticationSuccessHandler}.
    7. @@ -346,13 +355,6 @@ public abstract class AbstractProcessingFilter extends SpringSecurityFilter impl this.authenticationManager = authenticationManager; } - /** - * Specifies the default filterProcessesUrl for the implementation. - * - * @return the default filterProcessesUrl - */ - public abstract String getDefaultFilterProcessesUrl(); - public String getFilterProcessesUrl() { return filterProcessesUrl; } diff --git a/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java index 25ba563f22..f6b8fe113d 100644 --- a/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java +++ b/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java @@ -32,11 +32,14 @@ import javax.servlet.http.HttpSession; /** * Processes an authentication form. - *

    Login forms must present two parameters to this filter: a username and + *

    + * Login forms must present two parameters to this filter: a username and * password. The default parameter names to use are contained in the * static fields {@link #SPRING_SECURITY_FORM_USERNAME_KEY} and {@link #SPRING_SECURITY_FORM_PASSWORD_KEY}. * The parameter names can also be changed by setting the usernameParameter and passwordParameter * properties. + *

    + * This filter by default responds to the URL /j_spring_security_check. * * @author Ben Alex * @author Colin Sampaleanu @@ -52,6 +55,12 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter { private String usernameParameter = SPRING_SECURITY_FORM_USERNAME_KEY; private String passwordParameter = SPRING_SECURITY_FORM_PASSWORD_KEY; + //~ Constructors =================================================================================================== + + public AuthenticationProcessingFilter() { + super("/j_spring_security_check"); + } + //~ Methods ======================================================================================================== public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { @@ -83,15 +92,6 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter { return this.getAuthenticationManager().authenticate(authRequest); } - /** - * This filter by default responds to /j_spring_security_check. - * - * @return the default - */ - public String getDefaultFilterProcessesUrl() { - return "/j_spring_security_check"; - } - /** * Enables subclasses to override the composition of the password, such as by including additional values * and a separator.

    This might be used for example if a postcode/zipcode was required in addition to the diff --git a/core/src/main/java/org/springframework/security/ui/webapp/DefaultLoginPageGeneratingFilter.java b/core/src/main/java/org/springframework/security/ui/webapp/DefaultLoginPageGeneratingFilter.java index 0f2049e43b..fca9fc8f58 100644 --- a/core/src/main/java/org/springframework/security/ui/webapp/DefaultLoginPageGeneratingFilter.java +++ b/core/src/main/java/org/springframework/security/ui/webapp/DefaultLoginPageGeneratingFilter.java @@ -37,40 +37,40 @@ public class DefaultLoginPageGeneratingFilter extends SpringSecurityFilter { private String openIDauthenticationUrl; private String openIDusernameParameter; private String openIDrememberMeParameter; - - public DefaultLoginPageGeneratingFilter(AbstractProcessingFilter filter) { - if (filter instanceof AuthenticationProcessingFilter) { - init((AuthenticationProcessingFilter)filter, null); - } else { - init(null, filter); - } - } - - public DefaultLoginPageGeneratingFilter(AuthenticationProcessingFilter authFilter, AbstractProcessingFilter openIDFilter) { - init(authFilter, openIDFilter); - } - - private void init(AuthenticationProcessingFilter authFilter, AbstractProcessingFilter openIDFilter) { - if (authFilter != null) { - formLoginEnabled = true; - authenticationUrl = authFilter.getDefaultFilterProcessesUrl(); - usernameParameter = authFilter.getUsernameParameter(); - passwordParameter = authFilter.getPasswordParameter(); - - if (authFilter.getRememberMeServices() instanceof AbstractRememberMeServices) { - rememberMeParameter = ((AbstractRememberMeServices)authFilter.getRememberMeServices()).getParameter(); - } - } - - if (openIDFilter != null) { - openIdEnabled = true; - openIDauthenticationUrl = openIDFilter.getDefaultFilterProcessesUrl(); - openIDusernameParameter = (String) (new BeanWrapperImpl(openIDFilter)).getPropertyValue("claimedIdentityFieldName"); - if (openIDFilter.getRememberMeServices() instanceof AbstractRememberMeServices) { - openIDrememberMeParameter = ((AbstractRememberMeServices)openIDFilter.getRememberMeServices()).getParameter(); - } - } + public DefaultLoginPageGeneratingFilter(AbstractProcessingFilter filter) { + if (filter instanceof AuthenticationProcessingFilter) { + init((AuthenticationProcessingFilter)filter, null); + } else { + init(null, filter); + } + } + + public DefaultLoginPageGeneratingFilter(AuthenticationProcessingFilter authFilter, AbstractProcessingFilter openIDFilter) { + init(authFilter, openIDFilter); + } + + private void init(AuthenticationProcessingFilter authFilter, AbstractProcessingFilter openIDFilter) { + if (authFilter != null) { + formLoginEnabled = true; + authenticationUrl = authFilter.getFilterProcessesUrl(); + usernameParameter = authFilter.getUsernameParameter(); + passwordParameter = authFilter.getPasswordParameter(); + + if (authFilter.getRememberMeServices() instanceof AbstractRememberMeServices) { + rememberMeParameter = ((AbstractRememberMeServices)authFilter.getRememberMeServices()).getParameter(); + } + } + + if (openIDFilter != null) { + openIdEnabled = true; + openIDauthenticationUrl = openIDFilter.getFilterProcessesUrl(); + openIDusernameParameter = (String) (new BeanWrapperImpl(openIDFilter)).getPropertyValue("claimedIdentityFieldName"); + + if (openIDFilter.getRememberMeServices() instanceof AbstractRememberMeServices) { + openIDrememberMeParameter = ((AbstractRememberMeServices)openIDFilter.getRememberMeServices()).getParameter(); + } + } } protected void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException { @@ -78,7 +78,7 @@ public class DefaultLoginPageGeneratingFilter extends SpringSecurityFilter { String loginPageHtml = generateLoginPageHtml(request); response.setContentType("text/html;charset=UTF-8"); response.setContentLength(loginPageHtml.length()); - response.getOutputStream().print(loginPageHtml); + response.getOutputStream().print(loginPageHtml); return; } @@ -95,66 +95,66 @@ public class DefaultLoginPageGeneratingFilter extends SpringSecurityFilter { HttpSession session = request.getSession(false); if(session != null) { - lastUser = (String) session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY); - AuthenticationException ex = (AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY); + lastUser = (String) session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY); + AuthenticationException ex = (AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY); errorMsg = ex != null ? ex.getMessage() : "none"; if (lastUser == null) { - lastUser = ""; + lastUser = ""; } } } - + StringBuffer sb = new StringBuffer(); - + sb.append("Login Page"); - + if (formLoginEnabled) { - sb.append("\n"); + sb.append("\n"); } - + if (loginError) { - sb.append("

    Your login attempt was not successful, try again.

    Reason: "); + sb.append("

    Your login attempt was not successful, try again.

    Reason: "); sb.append(errorMsg); sb.append("

    "); } - + if (formLoginEnabled) { - sb.append("

    Login with Username and Password

    "); - sb.append("
    \n"); - sb.append(" \n"); - sb.append(" \n"); - sb.append(" \n"); - - if (rememberMeParameter != null) { - sb.append(" \n"); - } - - sb.append(" \n"); - sb.append(" \n"); - sb.append("
    User:
    Password:
    Remember me on this computer.
    \n"); - sb.append("
    "); + sb.append("

    Login with Username and Password

    "); + sb.append("
    \n"); + sb.append(" \n"); + sb.append(" \n"); + sb.append(" \n"); + + if (rememberMeParameter != null) { + sb.append(" \n"); + } + + sb.append(" \n"); + sb.append(" \n"); + sb.append("
    User:
    Password:
    Remember me on this computer.
    \n"); + sb.append("
    "); } - + if(openIdEnabled) { - sb.append("

    Login with OpenID Identity

    "); - sb.append("
    \n"); - sb.append(" \n"); - sb.append(" \n"); - - if (rememberMeParameter != null) { - sb.append(" \n"); - } - - sb.append(" \n"); - sb.append(" \n"); - sb.append("
    Identity:
    Remember me on this computer.
    \n"); - sb.append("
    "); + sb.append("

    Login with OpenID Identity

    "); + sb.append("
    \n"); + sb.append(" \n"); + sb.append(" \n"); + + if (rememberMeParameter != null) { + sb.append(" \n"); + } + + sb.append(" \n"); + sb.append(" \n"); + sb.append("
    Identity:
    Remember me on this computer.
    \n"); + sb.append("
    "); } - + sb.append(""); - + return sb.toString(); } @@ -162,19 +162,19 @@ public class DefaultLoginPageGeneratingFilter extends SpringSecurityFilter { return FilterChainOrder.LOGIN_PAGE_FILTER; } - private boolean isLoginUrlRequest(HttpServletRequest request) { - String uri = request.getRequestURI(); - int pathParamIndex = uri.indexOf(';'); + private boolean isLoginUrlRequest(HttpServletRequest request) { + String uri = request.getRequestURI(); + int pathParamIndex = uri.indexOf(';'); - if (pathParamIndex > 0) { - // strip everything after the first semi-colon - uri = uri.substring(0, pathParamIndex); - } + if (pathParamIndex > 0) { + // strip everything after the first semi-colon + uri = uri.substring(0, pathParamIndex); + } - if ("".equals(request.getContextPath())) { - return uri.endsWith(DEFAULT_LOGIN_PAGE_URL); - } + if ("".equals(request.getContextPath())) { + return uri.endsWith(DEFAULT_LOGIN_PAGE_URL); + } - return uri.endsWith(request.getContextPath() + DEFAULT_LOGIN_PAGE_URL); - } + return uri.endsWith(request.getContextPath() + DEFAULT_LOGIN_PAGE_URL); + } } diff --git a/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java index ca5dccd808..0742a5dc6f 100644 --- a/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java +++ b/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java @@ -549,18 +549,21 @@ public class AbstractProcessingFilterTests extends TestCase { private boolean grantAccess; public MockAbstractProcessingFilter(boolean grantAccess) { + this(); setRememberMeServices(new NullRememberMeServices()); this.grantAccess = grantAccess; this.exceptionToThrow = new BadCredentialsException("Mock requested to do so"); } public MockAbstractProcessingFilter(AuthenticationException exceptionToThrow) { + this(); setRememberMeServices(new NullRememberMeServices()); this.grantAccess = false; this.exceptionToThrow = exceptionToThrow; } private MockAbstractProcessingFilter() { + super("/j_mock_post"); } public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { @@ -571,10 +574,6 @@ public class AbstractProcessingFilterTests extends TestCase { } } - public String getDefaultFilterProcessesUrl() { - return "/j_mock_post"; - } - public boolean requiresAuthentication(HttpServletRequest request, HttpServletResponse response) { return super.requiresAuthentication(request, response); } diff --git a/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java index be026856d3..2daef04992 100644 --- a/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java +++ b/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java @@ -15,19 +15,16 @@ package org.springframework.security.ui.webapp; +import javax.servlet.ServletException; + import junit.framework.TestCase; -import org.springframework.security.Authentication; -import org.springframework.security.MockAuthenticationManager; -import org.springframework.security.AuthenticationException; - -import org.springframework.security.ui.WebAuthenticationDetails; - import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletResponse; +import org.springframework.security.Authentication; +import org.springframework.security.AuthenticationException; +import org.springframework.security.MockAuthenticationManager; +import org.springframework.security.ui.WebAuthenticationDetails; /** @@ -37,20 +34,11 @@ import javax.servlet.http.HttpServletResponse; * @version $Id$ */ public class AuthenticationProcessingFilterTests extends TestCase { - //~ Constructors =================================================================================================== - - public AuthenticationProcessingFilterTests() { - } - - public AuthenticationProcessingFilterTests(String arg0) { - super(arg0); - } - //~ Methods ======================================================================================================== public void testGetters() { AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter(); - assertEquals("/j_spring_security_check", filter.getDefaultFilterProcessesUrl()); + assertEquals("/j_spring_security_check", filter.getFilterProcessesUrl()); } public void testNormalOperation() throws Exception { diff --git a/core/src/test/java/org/springframework/security/ui/webapp/DefaultLoginPageGeneratingFilterTests.java b/core/src/test/java/org/springframework/security/ui/webapp/DefaultLoginPageGeneratingFilterTests.java index e5ba381de3..bf7c06653e 100644 --- a/core/src/test/java/org/springframework/security/ui/webapp/DefaultLoginPageGeneratingFilterTests.java +++ b/core/src/test/java/org/springframework/security/ui/webapp/DefaultLoginPageGeneratingFilterTests.java @@ -1,7 +1,5 @@ package org.springframework.security.ui.webapp; -import static org.junit.Assert.*; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -10,9 +8,9 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.Authentication; import org.springframework.security.AuthenticationException; -import org.springframework.security.util.MockFilterChain; import org.springframework.security.ui.AbstractProcessingFilter; import org.springframework.security.ui.FilterChainOrder; +import org.springframework.security.util.MockFilterChain; /** * @@ -36,15 +34,14 @@ public class DefaultLoginPageGeneratingFilterTests { filter.doFilter(new MockHttpServletRequest("GET", "/spring_security_login"), new MockHttpServletResponse(), new MockFilterChain(false)); } + // Fake OpenID filter (since it's not in this module private static class MockProcessingFilter extends AbstractProcessingFilter { - - @Override - public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { - return null; + protected MockProcessingFilter() { + super("/someurl"); } @Override - public String getDefaultFilterProcessesUrl() { + public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { return null; } @@ -55,7 +52,5 @@ public class DefaultLoginPageGeneratingFilterTests { public String getClaimedIdentityFieldName() { return "unused"; } - } - } diff --git a/openid/src/main/java/org/springframework/security/ui/openid/OpenIDAuthenticationProcessingFilter.java b/openid/src/main/java/org/springframework/security/ui/openid/OpenIDAuthenticationProcessingFilter.java index 1ba10e9b22..6dd688ae72 100644 --- a/openid/src/main/java/org/springframework/security/ui/openid/OpenIDAuthenticationProcessingFilter.java +++ b/openid/src/main/java/org/springframework/security/ui/openid/OpenIDAuthenticationProcessingFilter.java @@ -77,6 +77,12 @@ public class OpenIDAuthenticationProcessingFilter extends AbstractProcessingFilt private String claimedIdentityFieldName = DEFAULT_CLAIMED_IDENTITY_FIELD; private Map realmMapping = Collections.emptyMap(); + //~ Constructors =================================================================================================== + + public OpenIDAuthenticationProcessingFilter() { + super("/j_spring_openid_security_check"); + } + //~ Methods ======================================================================================================== public void afterPropertiesSet() throws Exception { @@ -86,10 +92,6 @@ public class OpenIDAuthenticationProcessingFilter extends AbstractProcessingFilt } } - public String getDefaultFilterProcessesUrl() { - return "/j_spring_openid_security_check"; - } - /** * Authentication has two phases. *