Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-25 13:32:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix setters not working for CasAuthenticationFilter

Browse Source 
The setSecurityContextRepository and setSecurityContextHolderStrategy only works for the parent class.
This commit overrides the method and make sure that we set the objects in the super class and the CasAuthenticationFilter.

Closes gh-14529
This commit is contained in:
Marcus Hert Da Coregio 2024-02-02 15:15:35 -03:00
parent 9fb2f73348
commit 4e5780a30c
2 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2023 the original author or authors. * Copyright 2002-2024 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -298,6 +298,12 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
this.authenticateAllArtifacts = serviceProperties.isAuthenticateAllArtifacts(); this.authenticateAllArtifacts = serviceProperties.isAuthenticateAllArtifacts();
} }
@Override
public void setSecurityContextRepository(SecurityContextRepository securityContextRepository) {
super.setSecurityContextRepository(securityContextRepository);
this.securityContextRepository = securityContextRepository;
}
/** /**
* Indicates if the request is elgible to process a service ticket. This method exists * Indicates if the request is elgible to process a service ticket. This method exists
* for readability. * for readability.

15
cas/src/test/java/org/springframework/security/cas/web/CasAuthenticationFilterTests.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2023 the original author or authors. * Copyright 2002-2024 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -16,7 +16,10 @@
package org.springframework.security.cas.web; package org.springframework.security.cas.web;
import java.io.IOException;
import jakarta.servlet.FilterChain; import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import org.apereo.cas.client.proxy.ProxyGrantingTicketStorage; import org.apereo.cas.client.proxy.ProxyGrantingTicketStorage;
import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
@ -219,4 +222,14 @@ public class CasAuthenticationFilterTests {
verify(securityContextRepository).saveContext(any(SecurityContext.class), eq(request), eq(response)); verify(securityContextRepository).saveContext(any(SecurityContext.class), eq(request), eq(response));
} }
@Test
void successfulAuthenticationWhenSecurityContextRepositorySetThenUses() throws ServletException, IOException {
SecurityContextRepository securityContextRepository = mock(SecurityContextRepository.class);
CasAuthenticationFilter filter = new CasAuthenticationFilter();
filter.setSecurityContextRepository(securityContextRepository);
filter.successfulAuthentication(new MockHttpServletRequest(), new MockHttpServletResponse(),
new MockFilterChain(), mock(Authentication.class));
verify(securityContextRepository).saveContext(any(SecurityContext.class), any(), any());
}
} }