Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-28 14:52:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-636: Support for use of "ref" attribute in salt-source element.

Browse Source
This commit is contained in:
Luke Taylor 2008-01-21 15:06:43 +00:00
parent 568211b77f
commit 59a947bbe5
2 changed files with 31 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
core/src/main/java/org/springframework/security/config/PasswordEncoderParser.java
View File

@ -8,7 +8,9 @@ import org.springframework.security.providers.ldap.authenticator.LdapShaPassword
import org.springframework.beans.factory.xml.BeanDefinitionParser; import org.springframework.beans.factory.xml.BeanDefinitionParser;
import org.springframework.beans.factory.xml.ParserContext; import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.beans.factory.config.BeanDefinition; import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.support.RootBeanDefinition; import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.beans.BeanMetadataElement;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
import org.springframework.util.xml.DomUtils; import org.springframework.util.xml.DomUtils;
@ -48,7 +50,7 @@ public class PasswordEncoderParser {
private Log logger = LogFactory.getLog(getClass()); private Log logger = LogFactory.getLog(getClass());
private BeanDefinition passwordEncoder; private BeanMetadataElement passwordEncoder;
private BeanDefinition saltSource; private BeanDefinition saltSource;
@ -60,15 +62,21 @@ public class PasswordEncoderParser {
String hash = element.getAttribute(ATT_HASH); String hash = element.getAttribute(ATT_HASH);
boolean useBase64 = StringUtils.hasText(element.getAttribute(ATT_BASE_64)); boolean useBase64 = StringUtils.hasText(element.getAttribute(ATT_BASE_64));
Class beanClass = (Class) ENCODER_CLASSES.get(hash); String ref = element.getAttribute(ATT_REF);
passwordEncoder = new RootBeanDefinition(beanClass);
if (useBase64) { if (StringUtils.hasText(ref)) {
if (beanClass.isAssignableFrom(BaseDigestPasswordEncoder.class)) { passwordEncoder = new RuntimeBeanReference(ref);
passwordEncoder.getPropertyValues().addPropertyValue("encodeHashAsBase64", "true"); } else {
} else { Class beanClass = (Class) ENCODER_CLASSES.get(hash);
logger.warn(ATT_BASE_64 + " isn't compatible with " + OPT_HASH_LDAP_SHA + " and will be ignored"); BeanDefinition beanDefinition = new RootBeanDefinition(beanClass);
if (useBase64) {
if (beanClass.isAssignableFrom(BaseDigestPasswordEncoder.class)) {
beanDefinition.getPropertyValues().addPropertyValue("encodeHashAsBase64", "true");
} else {
logger.warn(ATT_BASE_64 + " isn't compatible with " + OPT_HASH_LDAP_SHA + " and will be ignored");
}
} }
passwordEncoder = beanDefinition;
} }
Element saltSourceElt = DomUtils.getChildElementByTagName(element, Elements.SALT_SOURCE); Element saltSourceElt = DomUtils.getChildElementByTagName(element, Elements.SALT_SOURCE);
@ -78,7 +86,7 @@ public class PasswordEncoderParser {
} }
} }
public BeanDefinition getPasswordEncoder() { public BeanMetadataElement getPasswordEncoder() {
return passwordEncoder; return passwordEncoder;
} }

15
core/src/test/resources/org/springframework/security/config/auth-provider.xml
View File

@ -6,7 +6,7 @@
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<!-- All combinations should authenticate as bob/password --> <!-- All combinations should authenticate as bob/bobspassword -->
<authentication-provider> <authentication-provider>
<user-service> <user-service>
@ -34,4 +34,17 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
</user-service> </user-service>
</authentication-provider> </authentication-provider>
<!-- External beans for both UserDetailsService and PasswordEncoder -->
<authentication-provider user-service-ref="customUserService">
<password-encoder ref="customPasswordEncoder">
<salt-source user-property="username"/>
</password-encoder>
</authentication-provider>
<beans:bean id="customPasswordEncoder" class="org.springframework.security.providers.encoding.Md5PasswordEncoder"/>
<beans:bean id="customUserService" class="org.springframework.security.userdetails.memory.InMemoryDaoImpl">
<beans:property name="userMap" value="bob=f117f0862384e9497ff4f470e3522606,ROLE_A"/>
</beans:bean>
</beans:beans> </beans:beans>