Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-28 23:02:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-549: Trim whitespace from username submitted with login form.

Browse Source
This commit is contained in:
Luke Taylor 2007-09-14 14:25:21 +00:00
parent 8398e940cf
commit 56deb3dd83
2 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilter.java
View File

@ -68,6 +68,8 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter {
password = "";
}
username = username.trim();
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password);
// Place the last username attempted into HttpSession for views

13
core/src/test/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterTests.java
View File

@ -103,4 +103,17 @@ public class AuthenticationProcessingFilterTests extends TestCase {
assertTrue(result != null);
assertEquals("127.0.0.1", ((WebAuthenticationDetails) result.getDetails()).getRemoteAddress());
}
public void testSpacesAreTrimmedCorrectlyFromUsername() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, " marissa ");
request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala");
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
filter.setAuthenticationManager(new MockAuthenticationManager(true));
filter.init(null);
Authentication result = filter.attemptAuthentication(request);
assertEquals("marissa", result.getName());
}
}