SEC-1540: Fix to add HTTP-method specific support for namespace requires-channel attribute.
This commit is contained in:
parent
3c02989d67
commit
5f6bcc0e1e
|
@ -35,7 +35,7 @@ public enum MatcherType {
|
||||||
}
|
}
|
||||||
|
|
||||||
BeanDefinition createMatcher(String path, String method) {
|
BeanDefinition createMatcher(String path, String method) {
|
||||||
if ("/**".equals(path)) {
|
if ("/**".equals(path) && method == null) {
|
||||||
return new RootBeanDefinition(AnyRequestMatcher.class);
|
return new RootBeanDefinition(AnyRequestMatcher.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -170,6 +170,40 @@ class MiscHttpConfigTests extends AbstractHttpConfigTests {
|
||||||
attrs.contains(new SecurityConfig("ROLE_B"))
|
attrs.contains(new SecurityConfig("ROLE_B"))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
def httpMethodMatchIsSupportedForRequiresChannel() {
|
||||||
|
httpAutoConfig {
|
||||||
|
'intercept-url'(pattern: '/anyurl')
|
||||||
|
'intercept-url'(pattern: '/anyurl', 'method':'GET',access: 'ROLE_ADMIN', 'requires-channel': 'https')
|
||||||
|
}
|
||||||
|
createAppContext()
|
||||||
|
|
||||||
|
def fids = getFilter(ChannelProcessingFilter).getSecurityMetadataSource();
|
||||||
|
def attrs = fids.getAttributes(createFilterinvocation("/anyurl", "GET"));
|
||||||
|
def attrsPost = fids.getAttributes(createFilterinvocation("/anyurl", "POST"));
|
||||||
|
|
||||||
|
expect:
|
||||||
|
attrs.size() == 1
|
||||||
|
attrs.contains(new SecurityConfig("REQUIRES_SECURE_CHANNEL"))
|
||||||
|
attrsPost == null
|
||||||
|
}
|
||||||
|
|
||||||
|
def httpMethodMatchIsSupportedForRequiresChannelAny() {
|
||||||
|
httpAutoConfig {
|
||||||
|
'intercept-url'(pattern: '/**')
|
||||||
|
'intercept-url'(pattern: '/**', 'method':'GET',access: 'ROLE_ADMIN', 'requires-channel': 'https')
|
||||||
|
}
|
||||||
|
createAppContext()
|
||||||
|
|
||||||
|
def fids = getFilter(ChannelProcessingFilter).getSecurityMetadataSource();
|
||||||
|
def attrs = fids.getAttributes(createFilterinvocation("/anyurl", "GET"));
|
||||||
|
def attrsPost = fids.getAttributes(createFilterinvocation("/anyurl", "POST"));
|
||||||
|
|
||||||
|
expect:
|
||||||
|
attrs.size() == 1
|
||||||
|
attrs.contains(new SecurityConfig("REQUIRES_SECURE_CHANNEL"))
|
||||||
|
attrsPost == null
|
||||||
|
}
|
||||||
|
|
||||||
def oncePerRequestAttributeIsSupported() {
|
def oncePerRequestAttributeIsSupported() {
|
||||||
xml.http('once-per-request': 'false') {
|
xml.http('once-per-request': 'false') {
|
||||||
'http-basic'()
|
'http-basic'()
|
||||||
|
|
Loading…
Reference in New Issue