Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-12 05:13:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1500: Convert AbstractRetryEntryPoint to use requestURI to correctly encode URLs.

Browse Source
This commit is contained in:
Luke Taylor 2010-06-18 01:33:38 +01:00
parent c673a78103
commit 4d10d4b67f
4 changed files with 20 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java
View File

@ -40,13 +40,8 @@ public abstract class AbstractRetryEntryPoint implements ChannelEntryPoint {
//~ Methods ======================================================================================================== //~ Methods ========================================================================================================
public void commence(HttpServletRequest request, HttpServletResponse res) throws IOException, ServletException { public void commence(HttpServletRequest request, HttpServletResponse res) throws IOException, ServletException {
String pathInfo = request.getPathInfo();
String queryString = request.getQueryString(); String queryString = request.getQueryString();
String contextPath = request.getContextPath(); String redirectUrl = request.getRequestURI() + ((queryString == null) ? "" : ("?" + queryString));
String destination = request.getServletPath() + ((pathInfo == null) ? "" : pathInfo)
+ ((queryString == null) ? "" : ("?" + queryString));
String redirectUrl = contextPath;
Integer currentPort = new Integer(portResolver.getServerPort(request)); Integer currentPort = new Integer(portResolver.getServerPort(request));
Integer redirectPort = getMappedPort(currentPort); Integer redirectPort = getMappedPort(currentPort);
@ -54,8 +49,7 @@ public abstract class AbstractRetryEntryPoint implements ChannelEntryPoint {
if (redirectPort != null) { if (redirectPort != null) {
boolean includePort = redirectPort.intValue() != standardPort; boolean includePort = redirectPort.intValue() != standardPort;
redirectUrl = scheme + request.getServerName() + ((includePort) ? (":" + redirectPort) : "") + contextPath redirectUrl = scheme + request.getServerName() + ((includePort) ? (":" + redirectPort) : "") + redirectUrl;
+ destination;
} }
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
@ -67,11 +61,11 @@ public abstract class AbstractRetryEntryPoint implements ChannelEntryPoint {
protected abstract Integer getMappedPort(Integer mapFromPort); protected abstract Integer getMappedPort(Integer mapFromPort);
protected PortMapper getPortMapper() { protected final PortMapper getPortMapper() {
return portMapper; return portMapper;
} }
protected PortResolver getPortResolver() { protected final PortResolver getPortResolver() {
return portResolver; return portResolver;
} }

5
web/src/main/java/org/springframework/security/web/util/UrlUtils.java
View File

@ -19,8 +19,9 @@ import javax.servlet.http.HttpServletRequest;
/** /**
* Provides static methods for composing URLs.<p>Placed into a separate class for visibility, so that changes to * Provides static methods for composing URLs.
* URL formatting conventions will affect all users.</p> * <p>
* Placed into a separate class for visibility, so that changes to URL formatting conventions will affect all users.
* *
* @author Ben Alex * @author Ben Alex
*/ */

28
web/src/test/java/org/springframework/security/web/access/channel/RetryWithHttpEntryPointTests.java
View File

@ -66,13 +66,10 @@ public class RetryWithHttpEntryPointTests extends TestCase {
} }
public void testNormalOperation() throws Exception { public void testNormalOperation() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletRequest request = new MockHttpServletRequest("GET", "/bigWebApp/hello/pathInfo.html");
request.setQueryString("open=true"); request.setQueryString("open=true");
request.setScheme("https"); request.setScheme("https");
request.setServerName("www.example.com"); request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
request.setServletPath("/hello");
request.setPathInfo("/pathInfo.html");
request.setServerPort(443); request.setServerPort(443);
MockHttpServletResponse response = new MockHttpServletResponse(); MockHttpServletResponse response = new MockHttpServletResponse();
@ -85,14 +82,10 @@ public class RetryWithHttpEntryPointTests extends TestCase {
assertEquals("http://www.example.com/bigWebApp/hello/pathInfo.html?open=true", response.getRedirectedUrl()); assertEquals("http://www.example.com/bigWebApp/hello/pathInfo.html?open=true", response.getRedirectedUrl());
} }
public void testNormalOperationWithNullPathInfoAndNullQueryString() public void testNormalOperationWithNullQueryString() throws Exception {
throws Exception { MockHttpServletRequest request = new MockHttpServletRequest("GET", "/bigWebApp/hello");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setScheme("https"); request.setScheme("https");
request.setServerName("www.example.com"); request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
request.setServletPath("/hello");
request.setPathInfo(null);
request.setServerPort(443); request.setServerPort(443);
MockHttpServletResponse response = new MockHttpServletResponse(); MockHttpServletResponse response = new MockHttpServletResponse();
@ -105,15 +98,11 @@ public class RetryWithHttpEntryPointTests extends TestCase {
assertEquals("http://www.example.com/bigWebApp/hello", response.getRedirectedUrl()); assertEquals("http://www.example.com/bigWebApp/hello", response.getRedirectedUrl());
} }
public void testOperationWhenTargetPortIsUnknown() public void testOperationWhenTargetPortIsUnknown() throws Exception {
throws Exception { MockHttpServletRequest request = new MockHttpServletRequest("GET", "/bigWebApp");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("open=true"); request.setQueryString("open=true");
request.setScheme("https"); request.setScheme("https");
request.setServerName("www.example.com"); request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
request.setServletPath("/hello");
request.setPathInfo("/pathInfo.html");
request.setServerPort(8768); request.setServerPort(8768);
MockHttpServletResponse response = new MockHttpServletResponse(); MockHttpServletResponse response = new MockHttpServletResponse();
@ -123,17 +112,14 @@ public class RetryWithHttpEntryPointTests extends TestCase {
ep.setPortResolver(new MockPortResolver(8768, 1234)); ep.setPortResolver(new MockPortResolver(8768, 1234));
ep.commence(request, response); ep.commence(request, response);
assertEquals("/bigWebApp", response.getRedirectedUrl()); assertEquals("/bigWebApp?open=true", response.getRedirectedUrl());
} }
public void testOperationWithNonStandardPort() throws Exception { public void testOperationWithNonStandardPort() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletRequest request = new MockHttpServletRequest("GET", "/bigWebApp/hello/pathInfo.html");
request.setQueryString("open=true"); request.setQueryString("open=true");
request.setScheme("https"); request.setScheme("https");
request.setServerName("www.example.com"); request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
request.setServletPath("/hello");
request.setPathInfo("/pathInfo.html");
request.setServerPort(9999); request.setServerPort(9999);
MockHttpServletResponse response = new MockHttpServletResponse(); MockHttpServletResponse response = new MockHttpServletResponse();

29
web/src/test/java/org/springframework/security/web/access/channel/RetryWithHttpsEntryPointTests.java
View File

@ -37,10 +37,6 @@ import java.util.Map;
public class RetryWithHttpsEntryPointTests extends TestCase { public class RetryWithHttpsEntryPointTests extends TestCase {
//~ Methods ======================================================================================================== //~ Methods ========================================================================================================
public static void main(String[] args) {
junit.textui.TestRunner.run(RetryWithHttpsEntryPointTests.class);
}
public final void setUp() throws Exception { public final void setUp() throws Exception {
super.setUp(); super.setUp();
} }
@ -74,13 +70,10 @@ public class RetryWithHttpsEntryPointTests extends TestCase {
} }
public void testNormalOperation() throws Exception { public void testNormalOperation() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletRequest request = new MockHttpServletRequest("GET", "/bigWebApp/hello/pathInfo.html");
request.setQueryString("open=true"); request.setQueryString("open=true");
request.setScheme("http"); request.setScheme("http");
request.setServerName("www.example.com"); request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
request.setServletPath("/hello");
request.setPathInfo("/pathInfo.html");
request.setServerPort(80); request.setServerPort(80);
MockHttpServletResponse response = new MockHttpServletResponse(); MockHttpServletResponse response = new MockHttpServletResponse();
@ -93,14 +86,10 @@ public class RetryWithHttpsEntryPointTests extends TestCase {
assertEquals("https://www.example.com/bigWebApp/hello/pathInfo.html?open=true", response.getRedirectedUrl()); assertEquals("https://www.example.com/bigWebApp/hello/pathInfo.html?open=true", response.getRedirectedUrl());
} }
public void testNormalOperationWithNullPathInfoAndNullQueryString() public void testNormalOperationWithNullQueryString() throws Exception {
throws Exception { MockHttpServletRequest request = new MockHttpServletRequest("GET", "/bigWebApp/hello");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setScheme("http"); request.setScheme("http");
request.setServerName("www.example.com"); request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
request.setServletPath("/hello");
request.setPathInfo(null);
request.setServerPort(80); request.setServerPort(80);
MockHttpServletResponse response = new MockHttpServletResponse(); MockHttpServletResponse response = new MockHttpServletResponse();
@ -114,13 +103,10 @@ public class RetryWithHttpsEntryPointTests extends TestCase {
} }
public void testOperationWhenTargetPortIsUnknown() throws Exception { public void testOperationWhenTargetPortIsUnknown() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletRequest request = new MockHttpServletRequest("GET", "/bigWebApp");
request.setQueryString("open=true"); request.setQueryString("open=true");
request.setScheme("http"); request.setScheme("http");
request.setServerName("www.example.com"); request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
request.setServletPath("/hello");
request.setPathInfo("/pathInfo.html");
request.setServerPort(8768); request.setServerPort(8768);
MockHttpServletResponse response = new MockHttpServletResponse(); MockHttpServletResponse response = new MockHttpServletResponse();
@ -130,17 +116,14 @@ public class RetryWithHttpsEntryPointTests extends TestCase {
ep.setPortResolver(new MockPortResolver(8768, 1234)); ep.setPortResolver(new MockPortResolver(8768, 1234));
ep.commence(request, response); ep.commence(request, response);
assertEquals("/bigWebApp", response.getRedirectedUrl()); assertEquals("/bigWebApp?open=true", response.getRedirectedUrl());
} }
public void testOperationWithNonStandardPort() throws Exception { public void testOperationWithNonStandardPort() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletRequest request = new MockHttpServletRequest("GET", "/bigWebApp/hello/pathInfo.html");
request.setQueryString("open=true"); request.setQueryString("open=true");
request.setScheme("http"); request.setScheme("http");
request.setServerName("www.example.com"); request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
request.setServletPath("/hello");
request.setPathInfo("/pathInfo.html");
request.setServerPort(8888); request.setServerPort(8888);
MockHttpServletResponse response = new MockHttpServletResponse(); MockHttpServletResponse response = new MockHttpServletResponse();