Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-28 14:52:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-218: Fix authentication exception cleanup of SecurityContextHolder.

Browse Source
This commit is contained in:
Ben Alex 2006-04-26 01:28:06 +00:00
parent 8cff715599
commit 57aee4e605
1 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
core/src/main/java/org/acegisecurity/ui/rememberme/RememberMeProcessingFilter.java
View File

@ -129,18 +129,6 @@ public class RememberMeProcessingFilter implements Filter, InitializingBean,
// Attempt authenticaton via AuthenticationManager // Attempt authenticaton via AuthenticationManager
try { try {
authenticationManager.authenticate(rememberMeAuth); authenticationManager.authenticate(rememberMeAuth);
} catch (AuthenticationException authenticationException) {
if (logger.isDebugEnabled()) {
logger.debug(
"SecurityContextHolder not populated with remember-me token, as AuthenticationManager rejected Authentication returned by RememberMeServices: '"
+ rememberMeAuth
+ "'; invalidating remember-me token",
authenticationException);
}
rememberMeServices.loginFail(httpRequest, httpResponse);
chain.doFilter(request, response);
}
// Store to SecurityContextHolder // Store to SecurityContextHolder
SecurityContextHolder.getContext() SecurityContextHolder.getContext()
@ -160,6 +148,18 @@ public class RememberMeProcessingFilter implements Filter, InitializingBean,
.getAuthentication(), .getAuthentication(),
this.getClass())); this.getClass()));
} }
} catch (AuthenticationException authenticationException) {
if (logger.isDebugEnabled()) {
logger.debug(
"SecurityContextHolder not populated with remember-me token, as AuthenticationManager rejected Authentication returned by RememberMeServices: '"
+ rememberMeAuth
+ "'; invalidating remember-me token",
authenticationException);
}
rememberMeServices.loginFail(httpRequest, httpResponse);
}
} }
chain.doFilter(request, response); chain.doFilter(request, response);