From 5066fc5e3994f412f6aa96060cad43605188e23d Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Mon, 24 Sep 2007 15:39:51 +0000 Subject: [PATCH] SEC-562: Changed urls for login, logout, switch user etc. --- .../HttpSessionContextIntegrationFilter.java | 2 +- .../context/SecurityContextHolder.java | 2 +- .../web/FilterSecurityInterceptor.java | 2 +- .../security/ui/AbstractProcessingFilter.java | 2 +- .../security/ui/cas/CasProcessingFilter.java | 4 +-- .../security/ui/cas/ServiceProperties.java | 2 +- .../security/ui/logout/LogoutFilter.java | 2 +- .../SwitchUserProcessingFilter.java | 8 ++--- .../AuthenticationProcessingFilter.java | 4 +-- .../security/PopulatedDatabase.java | 2 +- .../cas/CasAuthenticationProviderTests.java | 4 +-- .../cas/CasAuthenticationTokenTests.java | 24 ++++++------- .../providers/cas/TicketResponseTests.java | 2 +- .../cache/EhCacheBasedTicketCacheTests.java | 2 +- .../cas/proxy/NamedCasProxyDeciderTests.java | 16 ++++----- .../cas/proxy/RejectProxyTicketsTests.java | 2 +- .../CasProxyTicketValidatorTests.java | 2 +- .../ui/AbstractProcessingFilterTests.java | 10 +++--- .../CasProcessingFilterEntryPointTests.java | 8 ++--- .../ui/cas/CasProcessingFilterTests.java | 2 +- .../ui/logout/LogoutHandlerTests.java | 4 +-- .../SwitchUserProcessingFilterTests.java | 36 +++++++++---------- .../AuthenticationProcessingFilterTests.java | 2 +- .../security/ui/webapp/filtertest-valid.xml | 2 +- .../applicationContext-acegi-security-cas.xml | 6 ++-- ...applicationContext-acegi-security-ldap.xml | 2 +- .../applicationContext-acegi-security.xml | 10 +++--- .../src/main/webapp/WEB-INF/jsp/index.jsp | 2 +- .../contacts/src/main/webapp/acegilogin.jsp | 2 +- samples/contacts/src/main/webapp/exitUser.jsp | 3 +- .../contacts/src/main/webapp/switchUser.jsp | 2 +- .../contacts/src/site/resources/sslhowto.txt | 6 ++-- .../applicationContext-acegi-security.xml | 2 +- .../tutorial/src/main/webapp/acegilogin.jsp | 2 +- .../src/main/webapp/secure/extreme/index.jsp | 2 +- .../tutorial/src/main/webapp/secure/index.jsp | 2 +- .../openid/OpenIDLoginInitiationServlet.java | 12 +++---- .../OpenIDResponseProcessingFilter.java | 4 +-- .../OpenIdAuthenticationProcessingFilter.java | 2 +- .../consumers/JanRainOpenIDConsumer.java | 2 +- .../OpenIDResponseProcessingFilterTests.java | 2 +- .../applicationContext-acegi-security.xml | 8 ++--- src/docbkx/springsecurity.xml | 20 +++++------ src/site/apt/petclinic-tutorial.apt | 2 +- 44 files changed, 119 insertions(+), 120 deletions(-) diff --git a/core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java b/core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java index 34c265d88e..b93f64b5ca 100644 --- a/core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java +++ b/core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java @@ -104,7 +104,7 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi protected static final Log logger = LogFactory.getLog(HttpSessionContextIntegrationFilter.class); - static final String FILTER_APPLIED = "__acegi_session_integration_filter_applied"; + static final String FILTER_APPLIED = "__spring_security_session_integration_filter_applied"; public static final String SPRING_SECURITY_CONTEXT_KEY = "SPRING_SECURITY_CONTEXT"; diff --git a/core/src/main/java/org/springframework/security/context/SecurityContextHolder.java b/core/src/main/java/org/springframework/security/context/SecurityContextHolder.java index d9cb9f4aec..52f2cc6dc8 100644 --- a/core/src/main/java/org/springframework/security/context/SecurityContextHolder.java +++ b/core/src/main/java/org/springframework/security/context/SecurityContextHolder.java @@ -47,7 +47,7 @@ public class SecurityContextHolder { public static final String MODE_THREADLOCAL = "MODE_THREADLOCAL"; public static final String MODE_INHERITABLETHREADLOCAL = "MODE_INHERITABLETHREADLOCAL"; public static final String MODE_GLOBAL = "MODE_GLOBAL"; - public static final String SYSTEM_PROPERTY = "acegi.security.strategy"; + public static final String SYSTEM_PROPERTY = "spring.security.strategy"; private static String strategyName = System.getProperty(SYSTEM_PROPERTY); private static SecurityContextHolderStrategy strategy; private static int initializeCount = 0; diff --git a/core/src/main/java/org/springframework/security/intercept/web/FilterSecurityInterceptor.java b/core/src/main/java/org/springframework/security/intercept/web/FilterSecurityInterceptor.java index d3b5ed9bc6..44be69b10c 100644 --- a/core/src/main/java/org/springframework/security/intercept/web/FilterSecurityInterceptor.java +++ b/core/src/main/java/org/springframework/security/intercept/web/FilterSecurityInterceptor.java @@ -41,7 +41,7 @@ import javax.servlet.ServletResponse; public class FilterSecurityInterceptor extends AbstractSecurityInterceptor implements Filter { //~ Static fields/initializers ===================================================================================== - private static final String FILTER_APPLIED = "__acegi_filterSecurityInterceptor_filterApplied"; + private static final String FILTER_APPLIED = "__acegi_security_filterSecurityInterceptor_filterApplied"; //~ Instance fields ================================================================================================ diff --git a/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java index 8a043bea26..51d9bf4c12 100644 --- a/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java +++ b/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java @@ -174,7 +174,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe /** * The URL destination that this filter intercepts and processes (usually - * something like /j_acegi_security_check) + * something like /j_spring_security_check) */ private String filterProcessesUrl = getDefaultFilterProcessesUrl(); diff --git a/core/src/main/java/org/springframework/security/ui/cas/CasProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/cas/CasProcessingFilter.java index fffa4e92ab..80865b4ac7 100644 --- a/core/src/main/java/org/springframework/security/ui/cas/CasProcessingFilter.java +++ b/core/src/main/java/org/springframework/security/ui/cas/CasProcessingFilter.java @@ -77,12 +77,12 @@ public class CasProcessingFilter extends AbstractProcessingFilter { } /** - * This filter by default responds to /j_acegi_cas_security_check. + * This filter by default responds to /j_spring_cas_security_check. * * @return the default */ public String getDefaultFilterProcessesUrl() { - return "/j_acegi_cas_security_check"; + return "/j_spring_cas_security_check"; } public void init(FilterConfig filterConfig) throws ServletException {} diff --git a/core/src/main/java/org/springframework/security/ui/cas/ServiceProperties.java b/core/src/main/java/org/springframework/security/ui/cas/ServiceProperties.java index cecaa348c7..34e3aa0555 100644 --- a/core/src/main/java/org/springframework/security/ui/cas/ServiceProperties.java +++ b/core/src/main/java/org/springframework/security/ui/cas/ServiceProperties.java @@ -43,7 +43,7 @@ public class ServiceProperties implements InitializingBean { /** * Represents the service the user is authenticating to.

This service is the callback URL belonging to * the local Acegi Security System for Spring secured application. For example,

- * https://www.mycompany.com/application/j_acegi_cas_security_check + * https://www.mycompany.com/application/j_spring_cas_security_check * * @return the URL of the service the user is authenticating to */ diff --git a/core/src/main/java/org/springframework/security/ui/logout/LogoutFilter.java b/core/src/main/java/org/springframework/security/ui/logout/LogoutFilter.java index 55870db23d..8586db20b9 100644 --- a/core/src/main/java/org/springframework/security/ui/logout/LogoutFilter.java +++ b/core/src/main/java/org/springframework/security/ui/logout/LogoutFilter.java @@ -58,7 +58,7 @@ public class LogoutFilter implements Filter { //~ Instance fields ================================================================================================ - private String filterProcessesUrl = "/j_acegi_logout"; + private String filterProcessesUrl = "/j_spring_security_logout"; private String logoutSuccessUrl; private LogoutHandler[] handlers; private boolean useRelativeContext; diff --git a/core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilter.java index 188d566864..0009438ade 100644 --- a/core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilter.java +++ b/core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilter.java @@ -87,8 +87,8 @@ import javax.servlet.http.HttpServletResponse; * Example:
  * <bean id="switchUserProcessingFilter" class="org.springframework.security.ui.switchuser.SwitchUserProcessingFilter">
  *    <property name="authenticationDao" ref="jdbcDaoImpl" />
- *    <property name="switchUserUrl"><value>/j_acegi_switch_user</value></property>
- *    <property name="exitUserUrl"><value>/j_acegi_exit_user</value></property>
+ *    <property name="switchUserUrl"><value>/j_spring_security_switch_user</value></property>
+ *    <property name="exitUserUrl"><value>/j_spring_security_exit_user</value></property>
  *    <property name="targetUrl"><value>/index.jsp</value></property></bean>

* * @author Mark St.Godard @@ -112,8 +112,8 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App private ApplicationEventPublisher eventPublisher; private AuthenticationDetailsSource authenticationDetailsSource = new AuthenticationDetailsSourceImpl(); protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor(); - private String exitUserUrl = "/j_acegi_exit_user"; - private String switchUserUrl = "/j_acegi_switch_user"; + private String exitUserUrl = "/j_spring_security_exit_user"; + private String switchUserUrl = "/j_spring_security_switch_user"; private String targetUrl; private SwitchUserAuthorityChanger switchUserAuthorityChanger; diff --git a/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java index 9f1ac92e35..05c6981357 100644 --- a/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java +++ b/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java @@ -82,12 +82,12 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter { } /** - * This filter by default responds to /j_acegi_security_check. + * This filter by default responds to /j_spring_security_check. * * @return the default */ public String getDefaultFilterProcessesUrl() { - return "/j_acegi_security_check"; + return "/j_spring_security_check"; } public void init(FilterConfig filterConfig) throws ServletException {} diff --git a/core/src/test/java/org/springframework/security/PopulatedDatabase.java b/core/src/test/java/org/springframework/security/PopulatedDatabase.java index 488b2fa988..0e80694994 100644 --- a/core/src/test/java/org/springframework/security/PopulatedDatabase.java +++ b/core/src/test/java/org/springframework/security/PopulatedDatabase.java @@ -49,7 +49,7 @@ public class PopulatedDatabase { private static void setupDataSource() { dataSource = new DriverManagerDataSource(); dataSource.setDriverClassName("org.hsqldb.jdbcDriver"); - dataSource.setUrl("jdbc:hsqldb:mem:acegisecuritytest"); + dataSource.setUrl("jdbc:hsqldb:mem:springsecuritytest"); dataSource.setUsername("sa"); dataSource.setPassword(""); diff --git a/core/src/test/java/org/springframework/security/providers/cas/CasAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/providers/cas/CasAuthenticationProviderTests.java index 36f8cf9297..c23d72472b 100644 --- a/core/src/test/java/org/springframework/security/providers/cas/CasAuthenticationProviderTests.java +++ b/core/src/test/java/org/springframework/security/providers/cas/CasAuthenticationProviderTests.java @@ -102,7 +102,7 @@ public class CasAuthenticationProviderTests extends TestCase { assertEquals(makeUserDetailsFromAuthoritiesPopulator(), casResult.getPrincipal()); assertEquals("PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt", casResult.getProxyGrantingTicketIou()); - assertEquals("https://localhost/portal/j_acegi_cas_security_check", casResult.getProxyList().get(0)); + assertEquals("https://localhost/portal/j_spring_cas_security_check", casResult.getProxyList().get(0)); assertEquals("ST-123", casResult.getCredentials()); assertEquals(new GrantedAuthorityImpl("ROLE_A"), casResult.getAuthorities()[0]); assertEquals(new GrantedAuthorityImpl("ROLE_B"), casResult.getAuthorities()[1]); @@ -393,7 +393,7 @@ public class CasAuthenticationProviderTests extends TestCase { throws AuthenticationException { if (returnTicket) { List list = new Vector(); - list.add("https://localhost/portal/j_acegi_cas_security_check"); + list.add("https://localhost/portal/j_spring_cas_security_check"); return new TicketResponse("marissa", list, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); } diff --git a/core/src/test/java/org/springframework/security/providers/cas/CasAuthenticationTokenTests.java b/core/src/test/java/org/springframework/security/providers/cas/CasAuthenticationTokenTests.java index 3f623a9ab0..a71a197d91 100644 --- a/core/src/test/java/org/springframework/security/providers/cas/CasAuthenticationTokenTests.java +++ b/core/src/test/java/org/springframework/security/providers/cas/CasAuthenticationTokenTests.java @@ -140,14 +140,14 @@ public class CasAuthenticationTokenTests extends TestCase { public void testEqualsWhenEqual() { List proxyList1 = new Vector(); - proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check"); + proxyList1.add("https://localhost/newPortal/j_spring_cas_security_check"); CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, makeUserDetails(), proxyList1, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); List proxyList2 = new Vector(); - proxyList2.add("https://localhost/newPortal/j_acegi_cas_security_check"); + proxyList2.add("https://localhost/newPortal/j_spring_cas_security_check"); CasAuthenticationToken token2 = new CasAuthenticationToken("key", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, @@ -159,7 +159,7 @@ public class CasAuthenticationTokenTests extends TestCase { public void testGetters() { // Build the proxy list returned in the ticket from CAS List proxyList = new Vector(); - proxyList.add("https://localhost/newPortal/j_acegi_cas_security_check"); + proxyList.add("https://localhost/newPortal/j_spring_cas_security_check"); CasAuthenticationToken token = new CasAuthenticationToken("key", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, @@ -187,14 +187,14 @@ public class CasAuthenticationTokenTests extends TestCase { public void testNotEqualsDueToAbstractParentEqualsCheck() { List proxyList1 = new Vector(); - proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check"); + proxyList1.add("https://localhost/newPortal/j_spring_cas_security_check"); CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, makeUserDetails(), proxyList1, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); List proxyList2 = new Vector(); - proxyList2.add("https://localhost/newPortal/j_acegi_cas_security_check"); + proxyList2.add("https://localhost/newPortal/j_spring_cas_security_check"); CasAuthenticationToken token2 = new CasAuthenticationToken("key", makeUserDetails("OTHER_NAME"), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, @@ -205,7 +205,7 @@ public class CasAuthenticationTokenTests extends TestCase { public void testNotEqualsDueToDifferentAuthenticationClass() { List proxyList1 = new Vector(); - proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check"); + proxyList1.add("https://localhost/newPortal/j_spring_cas_security_check"); CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, @@ -219,14 +219,14 @@ public class CasAuthenticationTokenTests extends TestCase { public void testNotEqualsDueToKey() { List proxyList1 = new Vector(); - proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check"); + proxyList1.add("https://localhost/newPortal/j_spring_cas_security_check"); CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, makeUserDetails(), proxyList1, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); List proxyList2 = new Vector(); - proxyList2.add("https://localhost/newPortal/j_acegi_cas_security_check"); + proxyList2.add("https://localhost/newPortal/j_spring_cas_security_check"); CasAuthenticationToken token2 = new CasAuthenticationToken("DIFFERENT_KEY", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, @@ -237,14 +237,14 @@ public class CasAuthenticationTokenTests extends TestCase { public void testNotEqualsDueToProxyGrantingTicket() { List proxyList1 = new Vector(); - proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check"); + proxyList1.add("https://localhost/newPortal/j_spring_cas_security_check"); CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, makeUserDetails(), proxyList1, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); List proxyList2 = new Vector(); - proxyList2.add("https://localhost/newPortal/j_acegi_cas_security_check"); + proxyList2.add("https://localhost/newPortal/j_spring_cas_security_check"); CasAuthenticationToken token2 = new CasAuthenticationToken("key", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, @@ -255,14 +255,14 @@ public class CasAuthenticationTokenTests extends TestCase { public void testNotEqualsDueToProxyList() { List proxyList1 = new Vector(); - proxyList1.add("https://localhost/newPortal/j_acegi_cas_security_check"); + proxyList1.add("https://localhost/newPortal/j_spring_cas_security_check"); CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, makeUserDetails(), proxyList1, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); List proxyList2 = new Vector(); - proxyList2.add("https://localhost/SOME_OTHER_PORTAL/j_acegi_cas_security_check"); + proxyList2.add("https://localhost/SOME_OTHER_PORTAL/j_spring_cas_security_check"); CasAuthenticationToken token2 = new CasAuthenticationToken("key", makeUserDetails(), "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, diff --git a/core/src/test/java/org/springframework/security/providers/cas/TicketResponseTests.java b/core/src/test/java/org/springframework/security/providers/cas/TicketResponseTests.java index 6f4016a096..e18df36b2b 100644 --- a/core/src/test/java/org/springframework/security/providers/cas/TicketResponseTests.java +++ b/core/src/test/java/org/springframework/security/providers/cas/TicketResponseTests.java @@ -71,7 +71,7 @@ public class TicketResponseTests extends TestCase { public void testGetters() { // Build the proxy list returned in the ticket from CAS List proxyList = new Vector(); - proxyList.add("https://localhost/newPortal/j_acegi_cas_security_check"); + proxyList.add("https://localhost/newPortal/j_spring_cas_security_check"); TicketResponse ticket = new TicketResponse("marissa", proxyList, "PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt"); diff --git a/core/src/test/java/org/springframework/security/providers/cas/cache/EhCacheBasedTicketCacheTests.java b/core/src/test/java/org/springframework/security/providers/cas/cache/EhCacheBasedTicketCacheTests.java index 173ebaec18..e3277b6179 100644 --- a/core/src/test/java/org/springframework/security/providers/cas/cache/EhCacheBasedTicketCacheTests.java +++ b/core/src/test/java/org/springframework/security/providers/cas/cache/EhCacheBasedTicketCacheTests.java @@ -59,7 +59,7 @@ public class EhCacheBasedTicketCacheTests extends TestCase { private CasAuthenticationToken getToken() { List proxyList = new Vector(); - proxyList.add("https://localhost/newPortal/j_acegi_cas_security_check"); + proxyList.add("https://localhost/newPortal/j_spring_cas_security_check"); User user = new User("marissa", "password", true, true, true, true, new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}); diff --git a/core/src/test/java/org/springframework/security/providers/cas/proxy/NamedCasProxyDeciderTests.java b/core/src/test/java/org/springframework/security/providers/cas/proxy/NamedCasProxyDeciderTests.java index 4b1abe5dd3..e4e4d558d1 100644 --- a/core/src/test/java/org/springframework/security/providers/cas/proxy/NamedCasProxyDeciderTests.java +++ b/core/src/test/java/org/springframework/security/providers/cas/proxy/NamedCasProxyDeciderTests.java @@ -53,12 +53,12 @@ public class NamedCasProxyDeciderTests extends TestCase { // Build the ticket returned from CAS List proxyList = new Vector(); - proxyList.add("https://localhost/newPortal/j_acegi_cas_security_check"); + proxyList.add("https://localhost/newPortal/j_spring_cas_security_check"); // Build the list of valid nearest proxies List validProxies = new Vector(); - validProxies.add("https://localhost/portal/j_acegi_cas_security_check"); - validProxies.add("https://localhost/newPortal/j_acegi_cas_security_check"); + validProxies.add("https://localhost/portal/j_spring_cas_security_check"); + validProxies.add("https://localhost/newPortal/j_spring_cas_security_check"); proxyDecider.setValidProxies(validProxies); proxyDecider.afterPropertiesSet(); @@ -102,8 +102,8 @@ public class NamedCasProxyDeciderTests extends TestCase { // Build the list of valid nearest proxies List validProxies = new Vector(); - validProxies.add("https://localhost/portal/j_acegi_cas_security_check"); - validProxies.add("https://localhost/newPortal/j_acegi_cas_security_check"); + validProxies.add("https://localhost/portal/j_spring_cas_security_check"); + validProxies.add("https://localhost/newPortal/j_spring_cas_security_check"); proxyDecider.setValidProxies(validProxies); assertEquals(validProxies, proxyDecider.getValidProxies()); @@ -115,12 +115,12 @@ public class NamedCasProxyDeciderTests extends TestCase { // Build the ticket returned from CAS List proxyList = new Vector(); - proxyList.add("https://localhost/untrustedWebApp/j_acegi_cas_security_check"); + proxyList.add("https://localhost/untrustedWebApp/j_spring_cas_security_check"); // Build the list of valid nearest proxies List validProxies = new Vector(); - validProxies.add("https://localhost/portal/j_acegi_cas_security_check"); - validProxies.add("https://localhost/newPortal/j_acegi_cas_security_check"); + validProxies.add("https://localhost/portal/j_spring_cas_security_check"); + validProxies.add("https://localhost/newPortal/j_spring_cas_security_check"); proxyDecider.setValidProxies(validProxies); proxyDecider.afterPropertiesSet(); diff --git a/core/src/test/java/org/springframework/security/providers/cas/proxy/RejectProxyTicketsTests.java b/core/src/test/java/org/springframework/security/providers/cas/proxy/RejectProxyTicketsTests.java index b897255d8d..ed13101d3a 100644 --- a/core/src/test/java/org/springframework/security/providers/cas/proxy/RejectProxyTicketsTests.java +++ b/core/src/test/java/org/springframework/security/providers/cas/proxy/RejectProxyTicketsTests.java @@ -72,7 +72,7 @@ public class RejectProxyTicketsTests extends TestCase { public void testRejectsIfAnyProxyInList() { RejectProxyTickets proxyDecider = new RejectProxyTickets(); List proxyList = new Vector(); - proxyList.add("https://localhost/webApp/j_acegi_cas_security_check"); + proxyList.add("https://localhost/webApp/j_spring_cas_security_check"); try { proxyDecider.confirmProxyListTrusted(proxyList); diff --git a/core/src/test/java/org/springframework/security/providers/cas/ticketvalidator/CasProxyTicketValidatorTests.java b/core/src/test/java/org/springframework/security/providers/cas/ticketvalidator/CasProxyTicketValidatorTests.java index 172fa0b8b8..60b45b4e08 100644 --- a/core/src/test/java/org/springframework/security/providers/cas/ticketvalidator/CasProxyTicketValidatorTests.java +++ b/core/src/test/java/org/springframework/security/providers/cas/ticketvalidator/CasProxyTicketValidatorTests.java @@ -65,7 +65,7 @@ public class CasProxyTicketValidatorTests extends TestCase { public void testNormalOperation() { ServiceProperties sp = new ServiceProperties(); sp.setSendRenew(true); - sp.setService("https://my.com/webapp//j_acegi_cas_security_check"); + sp.setService("https://my.com/webapp//j_spring_cas_security_check"); CasProxyTicketValidator tv = new MockCasProxyTicketValidator(true, false); tv.setCasValidate("https://company.com/cas/proxyvalidate"); diff --git a/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java index d542cd389c..f883be9754 100644 --- a/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java +++ b/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java @@ -106,9 +106,9 @@ public class AbstractProcessingFilterTests extends TestCase { MockHttpServletRequest request = createMockRequest(); MockHttpServletResponse response = new MockHttpServletResponse(); MockAbstractProcessingFilter filter = new MockAbstractProcessingFilter(); - filter.setFilterProcessesUrl("/j_acegi_security_check"); + filter.setFilterProcessesUrl("/j_spring_security_check"); - request.setRequestURI("/mycontext/j_acegi_security_check;jsessionid=I8MIONOSTHOR"); + request.setRequestURI("/mycontext/j_spring_security_check;jsessionid=I8MIONOSTHOR"); assertTrue(filter.requiresAuthentication(request, response)); } @@ -281,7 +281,7 @@ public class AbstractProcessingFilterTests extends TestCase { AbstractProcessingFilter filter = new MockAbstractProcessingFilter(); filter.setAuthenticationManager(new MockAuthenticationManager()); filter.setDefaultTargetUrl("/"); - filter.setFilterProcessesUrl("/j_acegi_security_check"); + filter.setFilterProcessesUrl("/j_spring_security_check"); try { filter.afterPropertiesSet(); @@ -295,7 +295,7 @@ public class AbstractProcessingFilterTests extends TestCase { AbstractProcessingFilter filter = new MockAbstractProcessingFilter(); filter.setAuthenticationFailureUrl("/failed.jsp"); filter.setDefaultTargetUrl("/"); - filter.setFilterProcessesUrl("/j_acegi_security_check"); + filter.setFilterProcessesUrl("/j_spring_security_check"); try { filter.afterPropertiesSet(); @@ -309,7 +309,7 @@ public class AbstractProcessingFilterTests extends TestCase { AbstractProcessingFilter filter = new MockAbstractProcessingFilter(); filter.setAuthenticationFailureUrl("/failed.jsp"); filter.setAuthenticationManager(new MockAuthenticationManager()); - filter.setFilterProcessesUrl("/j_acegi_security_check"); + filter.setFilterProcessesUrl("/j_spring_security_check"); try { filter.afterPropertiesSet(); diff --git a/core/src/test/java/org/springframework/security/ui/cas/CasProcessingFilterEntryPointTests.java b/core/src/test/java/org/springframework/security/ui/cas/CasProcessingFilterEntryPointTests.java index ae17cf2c7d..12c29089d1 100644 --- a/core/src/test/java/org/springframework/security/ui/cas/CasProcessingFilterEntryPointTests.java +++ b/core/src/test/java/org/springframework/security/ui/cas/CasProcessingFilterEntryPointTests.java @@ -86,7 +86,7 @@ public class CasProcessingFilterEntryPointTests extends TestCase { public void testNormalOperationWithRenewFalse() throws Exception { ServiceProperties sp = new ServiceProperties(); sp.setSendRenew(false); - sp.setService("https://mycompany.com/bigWebApp/j_acegi_cas_security_check"); + sp.setService("https://mycompany.com/bigWebApp/j_spring_cas_security_check"); CasProcessingFilterEntryPoint ep = new CasProcessingFilterEntryPoint(); ep.setLoginUrl("https://cas/login"); @@ -101,14 +101,14 @@ public class CasProcessingFilterEntryPointTests extends TestCase { ep.commence(request, response, null); assertEquals("https://cas/login?service=" - + URLEncoder.encode("https://mycompany.com/bigWebApp/j_acegi_cas_security_check", "UTF-8"), + + URLEncoder.encode("https://mycompany.com/bigWebApp/j_spring_cas_security_check", "UTF-8"), response.getRedirectedUrl()); } public void testNormalOperationWithRenewTrue() throws Exception { ServiceProperties sp = new ServiceProperties(); sp.setSendRenew(true); - sp.setService("https://mycompany.com/bigWebApp/j_acegi_cas_security_check"); + sp.setService("https://mycompany.com/bigWebApp/j_spring_cas_security_check"); CasProcessingFilterEntryPoint ep = new CasProcessingFilterEntryPoint(); ep.setLoginUrl("https://cas/login"); @@ -122,7 +122,7 @@ public class CasProcessingFilterEntryPointTests extends TestCase { ep.afterPropertiesSet(); ep.commence(request, response, null); assertEquals("https://cas/login?service=" - + URLEncoder.encode("https://mycompany.com/bigWebApp/j_acegi_cas_security_check", "UTF-8") + "&renew=true", + + URLEncoder.encode("https://mycompany.com/bigWebApp/j_spring_cas_security_check", "UTF-8") + "&renew=true", response.getRedirectedUrl()); } } diff --git a/core/src/test/java/org/springframework/security/ui/cas/CasProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/cas/CasProcessingFilterTests.java index b0a42d2efe..49729f07e0 100644 --- a/core/src/test/java/org/springframework/security/ui/cas/CasProcessingFilterTests.java +++ b/core/src/test/java/org/springframework/security/ui/cas/CasProcessingFilterTests.java @@ -53,7 +53,7 @@ public class CasProcessingFilterTests extends TestCase { public void testGetters() { CasProcessingFilter filter = new CasProcessingFilter(); - assertEquals("/j_acegi_cas_security_check", filter.getDefaultFilterProcessesUrl()); + assertEquals("/j_spring_cas_security_check", filter.getDefaultFilterProcessesUrl()); } public void testNormalOperation() throws Exception { diff --git a/core/src/test/java/org/springframework/security/ui/logout/LogoutHandlerTests.java b/core/src/test/java/org/springframework/security/ui/logout/LogoutHandlerTests.java index 8ce896a78e..7c4a4f296b 100644 --- a/core/src/test/java/org/springframework/security/ui/logout/LogoutHandlerTests.java +++ b/core/src/test/java/org/springframework/security/ui/logout/LogoutHandlerTests.java @@ -20,7 +20,7 @@ public class LogoutHandlerTests extends TestCase { MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletResponse response = new MockHttpServletResponse(); - request.setRequestURI("/j_acegi_logout;someparam=blah?otherparam=blah"); + request.setRequestURI("/j_spring_security_logout;someparam=blah?otherparam=blah"); assertTrue(filter.requiresLogout(request, response)); } @@ -30,7 +30,7 @@ public class LogoutHandlerTests extends TestCase { request.setContextPath("/context"); MockHttpServletResponse response = new MockHttpServletResponse(); - request.setRequestURI("/context/j_acegi_logout?param=blah"); + request.setRequestURI("/context/j_spring_security_logout?param=blah"); assertTrue(filter.requiresLogout(request, response)); } diff --git a/core/src/test/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests.java index 3a2873ad1a..3ce4f70a6a 100644 --- a/core/src/test/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests.java +++ b/core/src/test/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests.java @@ -69,7 +69,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { MockHttpServletRequest request = new MockHttpServletRequest(); request.setScheme("http"); request.setServerName("localhost"); - request.setRequestURI("/j_acegi_switch_user"); + request.setRequestURI("/j_spring_security_switch_user"); return request; } @@ -199,8 +199,8 @@ public class SwitchUserProcessingFilterTests extends TestCase { public void testBadConfigMissingAuthenticationDao() { SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); - filter.setSwitchUserUrl("/j_acegi_switch_user"); - filter.setExitUserUrl("/j_acegi_exit_user"); + filter.setSwitchUserUrl("/j_spring_security_switch_user"); + filter.setExitUserUrl("/j_spring_security_exit_user"); filter.setTargetUrl("/main.jsp"); try { @@ -214,8 +214,8 @@ public class SwitchUserProcessingFilterTests extends TestCase { public void testBadConfigMissingTargetUrl() { SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord()); - filter.setSwitchUserUrl("/j_acegi_switch_user"); - filter.setExitUserUrl("/j_acegi_exit_user"); + filter.setSwitchUserUrl("/j_spring_security_switch_user"); + filter.setExitUserUrl("/j_spring_security_exit_user"); try { filter.afterPropertiesSet(); @@ -228,9 +228,9 @@ public class SwitchUserProcessingFilterTests extends TestCase { public void testDefaultProcessesFilterUrlWithPathParameter() { MockHttpServletRequest request = createMockSwitchRequest(); SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); - filter.setSwitchUserUrl("/j_acegi_switch_user"); + filter.setSwitchUserUrl("/j_spring_security_switch_user"); - request.setRequestURI("/webapp/j_acegi_switch_user;jsessionid=8JHDUD723J8"); + request.setRequestURI("/webapp/j_spring_security_switch_user;jsessionid=8JHDUD723J8"); assertTrue(filter.requiresSwitchUser(request)); } @@ -251,7 +251,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { // http request MockHttpServletRequest request = createMockSwitchRequest(); - request.setRequestURI("/j_acegi_exit_user"); + request.setRequestURI("/j_spring_security_exit_user"); // http response MockHttpServletResponse response = new MockHttpServletResponse(); @@ -259,7 +259,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { // setup filter SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord()); - filter.setExitUserUrl("/j_acegi_exit_user"); + filter.setExitUserUrl("/j_spring_security_exit_user"); MockFilterChain chain = new MockFilterChain(true); @@ -278,7 +278,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { // http request MockHttpServletRequest request = createMockSwitchRequest(); - request.setRequestURI("/j_acegi_exit_user"); + request.setRequestURI("/j_spring_security_exit_user"); // http response MockHttpServletResponse response = new MockHttpServletResponse(); @@ -286,7 +286,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { // setup filter SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord()); - filter.setExitUserUrl("/j_acegi_exit_user"); + filter.setExitUserUrl("/j_spring_security_exit_user"); MockFilterChain chain = new MockFilterChain(true); @@ -305,13 +305,13 @@ public class SwitchUserProcessingFilterTests extends TestCase { MockHttpServletRequest request = createMockSwitchRequest(); request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord"); - request.setRequestURI("/webapp/j_acegi_switch_user"); + request.setRequestURI("/webapp/j_spring_security_switch_user"); MockHttpServletResponse response = new MockHttpServletResponse(); MockFilterChain chain = new MockFilterChain(true); SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); - filter.setSwitchUserUrl("/j_acegi_switch_user"); + filter.setSwitchUserUrl("/j_spring_security_switch_user"); filter.setTargetUrl("/webapp/someOtherUrl"); filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord()); @@ -323,11 +323,11 @@ public class SwitchUserProcessingFilterTests extends TestCase { public void testRequiresExitUser() { // filter SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); - filter.setExitUserUrl("/j_acegi_exit_user"); + filter.setExitUserUrl("/j_spring_security_exit_user"); // request MockHttpServletRequest request = new MockHttpServletRequest(); - request.setRequestURI("/j_acegi_exit_user"); + request.setRequestURI("/j_spring_security_exit_user"); assertTrue(filter.requiresExitUser(request)); } @@ -335,7 +335,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { public void testRequiresSwitch() { // filter SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); - filter.setSwitchUserUrl("/j_acegi_switch_user"); + filter.setSwitchUserUrl("/j_spring_security_switch_user"); // request MockHttpServletRequest request = createMockSwitchRequest(); @@ -350,7 +350,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { // http request MockHttpServletRequest request = new MockHttpServletRequest(); - request.setRequestURI("/webapp/j_acegi_switch_user"); + request.setRequestURI("/webapp/j_spring_security_switch_user"); request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord"); // http response @@ -359,7 +359,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { // setup filter SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord()); - filter.setSwitchUserUrl("/j_acegi_switch_user"); + filter.setSwitchUserUrl("/j_spring_security_switch_user"); MockFilterChain chain = new MockFilterChain(true); diff --git a/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java index 1e0cfce229..7be94abb24 100644 --- a/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java +++ b/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java @@ -47,7 +47,7 @@ public class AuthenticationProcessingFilterTests extends TestCase { public void testGetters() { AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter(); - assertEquals("/j_acegi_security_check", filter.getDefaultFilterProcessesUrl()); + assertEquals("/j_spring_security_check", filter.getDefaultFilterProcessesUrl()); } public void testNormalOperation() throws Exception { diff --git a/core/src/test/resources/org/springframework/security/ui/webapp/filtertest-valid.xml b/core/src/test/resources/org/springframework/security/ui/webapp/filtertest-valid.xml index bcfbd5f877..fa8e34f774 100644 --- a/core/src/test/resources/org/springframework/security/ui/webapp/filtertest-valid.xml +++ b/core/src/test/resources/org/springframework/security/ui/webapp/filtertest-valid.xml @@ -51,7 +51,7 @@ /failed.jsp / - /j_acegi_security_check + /j_spring_security_check diff --git a/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-cas.xml b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-cas.xml index 34613ef958..f21e153e7b 100644 --- a/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-cas.xml +++ b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-cas.xml @@ -82,7 +82,7 @@ - + @@ -106,7 +106,7 @@ CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON \A/secure/.*\Z=REQUIRES_SECURE_CHANNEL - \A/j_acegi_cas_security_check.*\Z=REQUIRES_SECURE_CHANNEL + \A/j_spring_cas_security_check.*\Z=REQUIRES_SECURE_CHANNEL \A.*\Z=REQUIRES_INSECURE_CHANNEL @@ -134,7 +134,7 @@ /casfailed.jsp / - /j_acegi_cas_security_check + /j_spring_cas_security_check diff --git a/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-ldap.xml b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-ldap.xml index 70790d403a..bee1699068 100644 --- a/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-ldap.xml +++ b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-ldap.xml @@ -84,7 +84,7 @@ /acegilogin.jsp?login_error=1 / - /j_acegi_security_check + /j_spring_security_check diff --git a/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml index d25000dc41..4c3b505d3c 100644 --- a/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml +++ b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml @@ -127,7 +127,7 @@ CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON \A/secure/.*\Z=REQUIRES_SECURE_CHANNEL \A/acegilogin.jsp.*\Z=REQUIRES_SECURE_CHANNEL - \A/j_acegi_security_check.*\Z=REQUIRES_SECURE_CHANNEL + \A/j_spring_security_check.*\Z=REQUIRES_SECURE_CHANNEL \A.*\Z=REQUIRES_INSECURE_CHANNEL ]]> @@ -160,7 +160,7 @@ /acegilogin.jsp?login_error=1 / - /j_acegi_security_check + /j_spring_security_check @@ -192,7 +192,7 @@ /hello.htm=ROLE_ANONYMOUS,ROLE_USER /logoff.jsp=ROLE_ANONYMOUS,ROLE_USER /switchuser.jsp=ROLE_SUPERVISOR - /j_acegi_switch_user=ROLE_SUPERVISOR + /j_spring_security_switch_user=ROLE_SUPERVISOR /acegilogin.jsp*=ROLE_ANONYMOUS,ROLE_USER /**=ROLE_USER ]]> @@ -204,8 +204,8 @@ - /j_acegi_switch_user - /j_acegi_exit_user + /j_spring_security_switch_user + /j_spring_security_exit_user /spring-security-sample-contacts-filter/secure/index.htm diff --git a/samples/contacts/src/main/webapp/WEB-INF/jsp/index.jsp b/samples/contacts/src/main/webapp/WEB-INF/jsp/index.jsp index 98756513e5..f792550aab 100644 --- a/samples/contacts/src/main/webapp/WEB-INF/jsp/index.jsp +++ b/samples/contacts/src/main/webapp/WEB-INF/jsp/index.jsp @@ -27,6 +27,6 @@ -

">Add

">Logoff (also clears any remember-me cookie) +

">Add

">Logoff (also clears any remember-me cookie) diff --git a/samples/contacts/src/main/webapp/acegilogin.jsp b/samples/contacts/src/main/webapp/acegilogin.jsp index b91253d996..be868dba3e 100644 --- a/samples/contacts/src/main/webapp/acegilogin.jsp +++ b/samples/contacts/src/main/webapp/acegilogin.jsp @@ -32,7 +32,7 @@ -

+ diff --git a/samples/contacts/src/main/webapp/exitUser.jsp b/samples/contacts/src/main/webapp/exitUser.jsp index 64bd876bdc..2c8c0492cb 100644 --- a/samples/contacts/src/main/webapp/exitUser.jsp +++ b/samples/contacts/src/main/webapp/exitUser.jsp @@ -3,7 +3,6 @@ <%@ page import="org.springframework.security.context.SecurityContextHolder" %> <%@ page import="org.springframework.security.Authentication" %> <%@ page import="org.springframework.security.ui.AbstractProcessingFilter" %> -<%@ page import="org.springframework.security.ui.webapp.AuthenticationProcessingFilter" %> <%@ page import="org.springframework.security.AuthenticationException" %> @@ -21,7 +20,7 @@ - +
User:value='<%= session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY) %>'>
Password:
Current User: diff --git a/samples/contacts/src/main/webapp/switchUser.jsp b/samples/contacts/src/main/webapp/switchUser.jsp index 36a6cd8c35..b8581200f6 100644 --- a/samples/contacts/src/main/webapp/switchUser.jsp +++ b/samples/contacts/src/main/webapp/switchUser.jsp @@ -30,7 +30,7 @@ - + diff --git a/samples/contacts/src/site/resources/sslhowto.txt b/samples/contacts/src/site/resources/sslhowto.txt index 3da4bdd02d..5745cf03ea 100644 --- a/samples/contacts/src/site/resources/sslhowto.txt +++ b/samples/contacts/src/site/resources/sslhowto.txt @@ -35,7 +35,7 @@ O NOT USE IN PRODUCTION., L=Unknown, ST=Unknown, C=Unknown correct? 2. keytool -export -v -rfc -alias acegisecurity -file acegisecurity.txt -keystore keystore -storepass password 3. copy acegisecurity.txt %JAVA_HOME%\lib\security - + 4. copy keystore %YOUR_WEB_CONTAINER_LOCATION% NOTE: You will need to configure your web container as appropriate. @@ -73,7 +73,7 @@ TROUBLESHOOTING load the Acegi Security webapp, get redirected to the CAS server, then after login they get redirected back to the Acegi Security webapp and receive a failure. This is because the CAS server redirects to something - like https://server3.company.com/webapp/j_acegi_cas_security_check?ticket=ST-0-ER94xMJmn6pha35CQRoZ + like https://server3.company.com/webapp/j_spring_cas_security_check?ticket=ST-0-ER94xMJmn6pha35CQRoZ which causes the "service ticket" (the "ticket" parameter) to be validated. net.sf.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator performs service ticket validation by delegation to CAS' @@ -85,7 +85,7 @@ TROUBLESHOOTING has NOTHING to do with client-side (browser) certificates. You need to correct the trust between the two webserver keystores alone. -* A "sun.security.validator.ValidatorException: No trusted certificate +* A "sun.security.validator.ValidatorException: No trusted certificate found" indicates the cacerts is not being used or it did not correctly import the certificate. To rule out your web container replacing or in some way modifying the trust manager, set the diff --git a/samples/tutorial/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml b/samples/tutorial/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml index fe522ebb57..5bcdc05d04 100644 --- a/samples/tutorial/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml +++ b/samples/tutorial/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml @@ -44,7 +44,7 @@ - + diff --git a/samples/tutorial/src/main/webapp/acegilogin.jsp b/samples/tutorial/src/main/webapp/acegilogin.jsp index cc4d9995e6..d4c12eb1ff 100644 --- a/samples/tutorial/src/main/webapp/acegilogin.jsp +++ b/samples/tutorial/src/main/webapp/acegilogin.jsp @@ -29,7 +29,7 @@ - +
User:
diff --git a/samples/tutorial/src/main/webapp/secure/extreme/index.jsp b/samples/tutorial/src/main/webapp/secure/extreme/index.jsp index 801e2992ba..f7df8f9a80 100644 --- a/samples/tutorial/src/main/webapp/secure/extreme/index.jsp +++ b/samples/tutorial/src/main/webapp/secure/extreme/index.jsp @@ -4,6 +4,6 @@ This is a protected page. You can only see me if you are a supervisor.

Home -

Logout +

Logout \ No newline at end of file diff --git a/samples/tutorial/src/main/webapp/secure/index.jsp b/samples/tutorial/src/main/webapp/secure/index.jsp index f9a24e4a08..2c2608a720 100644 --- a/samples/tutorial/src/main/webapp/secure/index.jsp +++ b/samples/tutorial/src/main/webapp/secure/index.jsp @@ -5,6 +5,6 @@ This is a protected page. You can get to me if you've been remembered, or if you've authenticated this session.

Home -

Logout +

Logout \ No newline at end of file diff --git a/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDLoginInitiationServlet.java b/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDLoginInitiationServlet.java index 0c90d59ca2..5a45fdbfc9 100644 --- a/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDLoginInitiationServlet.java +++ b/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDLoginInitiationServlet.java @@ -44,11 +44,11 @@ import java.io.IOException; *
</servlet> *
<servlet-mapping> *
   <servlet-name>openid</servlet-name> - *
   <url-pattern>/j_acegi_openid_start</url-pattern> + *
   <url-pattern>/j_spring_security_openid_start</url-pattern> *
</servlet-mapping> *
*
Sample login form: - *
<form method="POST" action="j_acegi_openid_start"> + *
<form method="POST" action="j_spring_security_openid_start"> *
   <input type="text" name="j_username" /> *
   <input type="password" name="j_password" /> *
   <input type="submit" value="Verify" /> @@ -91,7 +91,7 @@ public class OpenIDLoginInitiationServlet extends HttpServlet { /** * Servlet config key for looking up the form login URL from the Servlet config. - *
Only set the formLogin servlet init-param if you are not using /j_acegi_security_check + *
Only set the formLogin servlet init-param if you are not using /j_spring_security_check *
*
   <init-param> *
     <description>The form login URL - for standard authentication</description> @@ -107,7 +107,7 @@ public class OpenIDLoginInitiationServlet extends HttpServlet { public static final String CONSUMER_KEY = "openIDConsumer"; private String errorPage = "index.jsp"; private String identityField = "j_username"; - private String formLoginUrl = "/j_acegi_security_check"; + private String formLoginUrl = "/j_spring_security_check"; /** * Check for init-params @@ -152,7 +152,7 @@ public class OpenIDLoginInitiationServlet extends HttpServlet { // get the submitted id field String id = req.getParameter(identityField); - // assume page will validate? + // assume page will validate? //TODO: null checking! //TODO: pattern matching @@ -161,7 +161,7 @@ public class OpenIDLoginInitiationServlet extends HttpServlet { if ((password != null) && (password.length() > 0)) { logger.debug("Attempting to authenticate using username/password"); - // forward to authenticationProcessingFilter (/j_acegi_security_check - depends on param names) + // forward to authenticationProcessingFilter (/j_spring_security_check - depends on param names) req.getRequestDispatcher(formLoginUrl).forward(req, res); } else { diff --git a/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilter.java b/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilter.java index 6e3c5f81f9..ee4073f20f 100644 --- a/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilter.java +++ b/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilter.java @@ -69,10 +69,10 @@ public class OpenIDResponseProcessingFilter extends AbstractProcessingFilter { * @Override */ public String getDefaultFilterProcessesUrl() { - return "/j_acegi_openid_security_check"; + return "/j_spring_openid_security_check"; } - // dependency injection + // dependency injection /** * DOCUMENT ME! * diff --git a/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIdAuthenticationProcessingFilter.java b/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIdAuthenticationProcessingFilter.java index c786840703..31cc1c80b2 100644 --- a/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIdAuthenticationProcessingFilter.java +++ b/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIdAuthenticationProcessingFilter.java @@ -109,7 +109,7 @@ public class OpenIdAuthenticationProcessingFilter extends AbstractProcessingFilt } public String getDefaultFilterProcessesUrl() { - return "/j_acegi_openid_security_check"; + return "/j_spring_openid_security_check"; } public String getErrorPage() { diff --git a/sandbox/openid/src/main/java/org/springframework/security/ui/openid/consumers/JanRainOpenIDConsumer.java b/sandbox/openid/src/main/java/org/springframework/security/ui/openid/consumers/JanRainOpenIDConsumer.java index 9d0a846da9..4e35aa69a6 100644 --- a/sandbox/openid/src/main/java/org/springframework/security/ui/openid/consumers/JanRainOpenIDConsumer.java +++ b/sandbox/openid/src/main/java/org/springframework/security/ui/openid/consumers/JanRainOpenIDConsumer.java @@ -55,7 +55,7 @@ public class JanRainOpenIDConsumer implements OpenIDConsumer, InitializingBean { //~ Instance fields ================================================================================================ private OpenIDStore store; - private String returnToUrl = "j_acegi_openid_security_check"; + private String returnToUrl = "j_spring_openid_security_check"; //~ Methods ======================================================================================================== diff --git a/sandbox/openid/src/test/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilterTests.java b/sandbox/openid/src/test/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilterTests.java index 17913fb4f4..5526f7acd1 100644 --- a/sandbox/openid/src/test/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilterTests.java +++ b/sandbox/openid/src/test/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilterTests.java @@ -106,7 +106,7 @@ public class OpenIDResponseProcessingFilterTests extends TestCase { */ public void testGetDefaultFilterProcessesUrl() { OpenIDResponseProcessingFilter filter = new OpenIDResponseProcessingFilter(); - assertEquals("/j_acegi_openid_security_check", filter.getDefaultFilterProcessesUrl()); + assertEquals("/j_spring_openid_security_check", filter.getDefaultFilterProcessesUrl()); } //~ Inner Classes ================================================================================================== diff --git a/sandbox/spring-security-config/src/test/resources/org/springframework/security/config/applicationContext-acegi-security.xml b/sandbox/spring-security-config/src/test/resources/org/springframework/security/config/applicationContext-acegi-security.xml index 5650b2c916..a40b907646 100644 --- a/sandbox/spring-security-config/src/test/resources/org/springframework/security/config/applicationContext-acegi-security.xml +++ b/sandbox/spring-security-config/src/test/resources/org/springframework/security/config/applicationContext-acegi-security.xml @@ -3,7 +3,7 @@ + redirectAfterLogoutUrl="/index.jsp" logoutUrl="/j_spring_security_logout" /> @@ -52,7 +52,7 @@ @@ -85,7 +85,7 @@ value="anonymousUser,ROLE_ANONYMOUS" /> - diff --git a/src/docbkx/springsecurity.xml b/src/docbkx/springsecurity.xml index a15a8c3736..fef9cff7a3 100644 --- a/src/docbkx/springsecurity.xml +++ b/src/docbkx/springsecurity.xml @@ -1250,7 +1250,7 @@ if (obj instanceof UserDetails) { CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON \A/secure/.*\Z=REQUIRES_SECURE_CHANNEL \A/acegilogin.jsp.*\Z=REQUIRES_SECURE_CHANNEL - \A/j_acegi_security_check.*\Z=REQUIRES_SECURE_CHANNEL + \A/j_spring_security_check.*\Z=REQUIRES_SECURE_CHANNEL \A.*\Z=REQUIRES_INSECURE_CHANNEL </value> </property> @@ -2183,7 +2183,7 @@ if (obj instanceof UserDetails) { <property name="authenticationManager"><ref bean="authenticationManager"/></property> <property name="authenticationFailureUrl"><value>/login.jsp?login_error=1</value></property> <property name="defaultTargetUrl"><value>/security.do?method=getMainMenu</value></property> - <property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property> + <property name="filterProcessesUrl"><value>/j_spring_security_check</value></property> <property name="siteminderUsernameHeaderKey"><value>SM_USER</value></property> <property name="formUsernameParameterKey"><value>j_username</value></property> </bean> @@ -2346,7 +2346,7 @@ public boolean supports(Class clazz); The login form simply contains j_username and j_password input fields, and posts to a URL that is monitored by the filter (by default - j_acegi_security_check). The filter is defined in + j_spring_security_check). The filter is defined in web.xml behind a FilterToBeanProxy as follows: @@ -2373,7 +2373,7 @@ public boolean supports(Class clazz); <property name="authenticationManager"><ref bean="authenticationManager"/></property> <property name="authenticationFailureUrl"><value>/acegilogin.jsp?login_error=1</value></property> <property name="defaultTargetUrl"><value>/</value></property> - <property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property> + <property name="filterProcessesUrl"><value>/j_spring_security_check</value></property> </bean> The configured AuthenticationManager @@ -3361,7 +3361,7 @@ key: A private key to prevent modification of the remember-me token indicate a service parameter, which is the callback URL for Acegi Security service. For example, the URL to which the browser is redirected might be - https://my.company.com/cas/login?service=https%3A%2F%2Fserver3.company.com%2Fwebapp%2Fj_acegi_cas_security_check. + https://my.company.com/cas/login?service=https%3A%2F%2Fserver3.company.com%2Fwebapp%2Fj_spring_cas_security_check. @@ -3382,13 +3382,13 @@ key: A private key to prevent modification of the remember-me token ticket parameter, which is an opaque string representing the "service ticket". Continuing our earlier example, the URL the browser is redirected to might be - https://server3.company.com/webapp/j_acegi_cas_security_check?ticket=ST-0-ER94xMJmn6pha35CQRoZ. + https://server3.company.com/webapp/j_spring_cas_security_check?ticket=ST-0-ER94xMJmn6pha35CQRoZ. Back in the service web application, the CasProcessingFilter is always listening for - requests to /j_acegi_cas_security_check (this + requests to /j_spring_cas_security_check (this is configurable, but we'll use the defaults in this introduction). The processing filter will construct a UsernamePasswordAuthenticationToken @@ -3421,7 +3421,7 @@ key: A private key to prevent modification of the remember-me token to the CAS server in order to validate the service ticket. The CasProxyTicketValidator may also include a proxy callback URL, which is included in this example: - https://my.company.com/cas/proxyValidate?service=https%3A%2F%2Fserver3.company.com%2Fwebapp%2Fj_acegi_cas_security_check&ticket=ST-0-ER94xMJmn6pha35CQRoZ&pgtUrl=https://server3.company.com/webapp/casProxy/receptor. + https://my.company.com/cas/proxyValidate?service=https%3A%2F%2Fserver3.company.com%2Fwebapp%2Fj_spring_cas_security_check&ticket=ST-0-ER94xMJmn6pha35CQRoZ&pgtUrl=https://server3.company.com/webapp/casProxy/receptor. @@ -3736,7 +3736,7 @@ key: A private key to prevent modification of the remember-me token <bean id="serviceProperties" class="org.springframework.security.ui.cas.ServiceProperties"> - <property name="service"><value>https://localhost:8443/contacts-cas/j_acegi_cas_security_check</value></property> + <property name="service"><value>https://localhost:8443/contacts-cas/j_spring_cas_security_check</value></property> <property name="sendRenew"><value>false</value></property> </bean> @@ -3758,7 +3758,7 @@ key: A private key to prevent modification of the remember-me token <property name="authenticationManager"><ref bean="authenticationManager"/></property> <property name="authenticationFailureUrl"><value>/casfailed.jsp</value></property> <property name="defaultTargetUrl"><value>/</value></property> - <property name="filterProcessesUrl"><value>/j_acegi_cas_security_check</value></property> + <property name="filterProcessesUrl"><value>/j_spring_cas_security_check</value></property> </bean> <bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter"> diff --git a/src/site/apt/petclinic-tutorial.apt b/src/site/apt/petclinic-tutorial.apt index f4e9446fdb..011231e310 100644 --- a/src/site/apt/petclinic-tutorial.apt +++ b/src/site/apt/petclinic-tutorial.apt @@ -93,7 +93,7 @@ copy %acegi%\WEB-INF\lib\commons-codec-1.3.jar %spring%\samples\petclinic\war\WE

User:value=''>
Password:
- +
">Home">Logout">Logout PetClinic :: a Spring Framework demonstration