Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-25 13:32:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1288: Changed claimedIdentityFieldName in OpenIDAuthenticationFilter to "openid_identifier", as recommended by the 2.0 spec.

Browse Source
This commit is contained in:
Luke Taylor 2009-11-17 22:05:38 +00:00
parent 693d2bce03
commit 4d8956a227
4 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationFilter.java
View File

@ -43,11 +43,11 @@ import org.springframework.util.StringUtils;
* *
* The user's OpenID identity is submitted via a login form, just as it would be for a normal form login. At this stage * The user's OpenID identity is submitted via a login form, just as it would be for a normal form login. At this stage
* the filter will extract the identity from the submitted request (by default, the parameter is called * the filter will extract the identity from the submitted request (by default, the parameter is called
* <tt>j_username</tt>, as it is for form login. It then passes the identity to the configured <tt>OpenIDConsumer</tt>, * <tt>openid_identifier</tt>, as recommended by the OpenID 2.0 Specification). It then passes the identity to the
* which returns the URL to which the request should be redirected for authentication. A "return_to" URL is also supplied, * configured <tt>OpenIDConsumer</tt>, which returns the URL to which the request should be redirected for authentication.
* which matches the URL processed by this filter, to allow the filter to handle the request once the user has * A "return_to" URL is also supplied, which matches the URL processed by this filter, to allow the filter to handle
* been successfully authenticated. The OpenID server will then authenticate the user and redirect back to the * the request once the user has been successfully authenticated. The OpenID server will then authenticate the user and
* application. * redirect back to the application.
* *
* <h2>Processing the Redirect from the OpenID Server</h2> * <h2>Processing the Redirect from the OpenID Server</h2>
* *
@ -66,7 +66,7 @@ import org.springframework.util.StringUtils;
public class OpenIDAuthenticationFilter extends AbstractAuthenticationProcessingFilter { public class OpenIDAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
//~ Static fields/initializers ===================================================================================== //~ Static fields/initializers =====================================================================================
public static final String DEFAULT_CLAIMED_IDENTITY_FIELD = "j_username"; public static final String DEFAULT_CLAIMED_IDENTITY_FIELD = "openid_identifier";
//~ Instance fields ================================================================================================ //~ Instance fields ================================================================================================
@ -224,7 +224,7 @@ public class OpenIDAuthenticationFilter extends AbstractAuthenticationProcessing
/** /**
* The name of the request parameter containing the OpenID identity, as submitted from the initial login form. * The name of the request parameter containing the OpenID identity, as submitted from the initial login form.
* *
* @param claimedIdentityFieldName defaults to "j_username" * @param claimedIdentityFieldName defaults to "openid_identifier"
*/ */
public void setClaimedIdentityFieldName(String claimedIdentityFieldName) { public void setClaimedIdentityFieldName(String claimedIdentityFieldName) {
this.claimedIdentityFieldName = claimedIdentityFieldName; this.claimedIdentityFieldName = claimedIdentityFieldName;

2
openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationFilterTests.java
View File

@ -45,7 +45,7 @@ public class OpenIDAuthenticationFilterTests {
MockHttpServletRequest req = new MockHttpServletRequest("GET", REQUEST_PATH); MockHttpServletRequest req = new MockHttpServletRequest("GET", REQUEST_PATH);
MockHttpServletResponse response = new MockHttpServletResponse(); MockHttpServletResponse response = new MockHttpServletResponse();
req.setParameter("j_username", CLAIMED_IDENTITY_URL); req.setParameter("openid_identifier", CLAIMED_IDENTITY_URL);
req.setRemoteHost("www.example.com"); req.setRemoteHost("www.example.com");
filter.setConsumer(new MockOpenIDConsumer() { filter.setConsumer(new MockOpenIDConsumer() {

2
samples/openid/src/main/webapp/openidlogin.jsp
View File

@ -21,7 +21,7 @@
<form name="f" action="<c:url value='j_spring_openid_security_check'/>" method="POST"> <form name="f" action="<c:url value='j_spring_openid_security_check'/>" method="POST">
<table> <table>
<tr><td>OpenID Identity:</td><td><input type='text' name='j_username' value='<c:if test="${not empty param.login_error}"><c:out value="${SPRING_SECURITY_LAST_USERNAME}"/></c:if>'/></td></tr> <tr><td>OpenID Identity:</td><td><input type='text' name='openid_identifier' value='<c:if test="${not empty param.login_error}"><c:out value="${SPRING_SECURITY_LAST_USERNAME}"/></c:if>'/></td></tr>
<tr><td colspan='2'><input name="submit" type="submit"></td></tr> <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
<tr><td colspan='2'><input name="reset" type="reset"></td></tr> <tr><td colspan='2'><input name="reset" type="reset"></td></tr>

2
web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java
View File

@ -66,7 +66,7 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean {
if (openIDFilter != null) { if (openIDFilter != null) {
openIdEnabled = true; openIdEnabled = true;
openIDauthenticationUrl = openIDFilter.getFilterProcessesUrl(); openIDauthenticationUrl = openIDFilter.getFilterProcessesUrl();
openIDusernameParameter = "j_username"; openIDusernameParameter = "openid_identifier";
if (openIDFilter.getRememberMeServices() instanceof AbstractRememberMeServices) { if (openIDFilter.getRememberMeServices() instanceof AbstractRememberMeServices) {
openIDrememberMeParameter = ((AbstractRememberMeServices)openIDFilter.getRememberMeServices()).getParameter(); openIDrememberMeParameter = ((AbstractRememberMeServices)openIDFilter.getRememberMeServices()).getParameter();