Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FilterSecurityInterceptor now only executes once per request (improves performance with SiteMesh). Suggested by Sanjiv Jivan.

This commit is contained in:
Ben Alex 2005-02-11 05:49:41 +00:00
parent cbe53e21b9
commit 6370fadfdc
3 changed files with 25 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
core/src/main/java/org/acegisecurity/intercept/web/FilterSecurityInterceptor.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004 Acegi Technology Pty Limited
/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -44,6 +44,10 @@ import net.sf.acegisecurity.intercept.ObjectDefinitionSource;
* @version $Id$
*/
public class FilterSecurityInterceptor extends AbstractSecurityInterceptor {
//~ Static fields/initializers =============================================
private static final String FILTER_APPLIED = "__acegi_filterSecurityInterceptor_filterApplied";
//~ Instance fields ========================================================
private FilterInvocationDefinitionSource objectDefinitionSource;
@ -64,12 +68,23 @@ public class FilterSecurityInterceptor extends AbstractSecurityInterceptor {
}
public void invoke(FilterInvocation fi) throws Throwable {
InterceptorStatusToken token = super.beforeInvocation(fi);
try {
if ((fi.getRequest() != null)
&& (fi.getRequest().getAttribute(FILTER_APPLIED) != null)) {
// filter already applied to this request, so don't re-do security checking
fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
} finally {
super.afterInvocation(token, null);
} else {
// first time this request being called, so perform security checking
if (fi.getRequest() != null) {
fi.getRequest().setAttribute(FILTER_APPLIED, Boolean.TRUE);
}
InterceptorStatusToken token = super.beforeInvocation(fi);
try {
fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
} finally {
super.afterInvocation(token, null);
}
}
}

5
core/src/test/java/org/acegisecurity/MockHttpServletRequest.java
View File

@ -49,6 +49,7 @@ public class MockHttpServletRequest implements HttpServletRequest {
//~ Instance fields ========================================================
private HttpSession session = new MockHttpSession();
private Map attribMap = new HashMap();
private Map headersMap = new HashMap();
private Map paramMap = new HashMap();
private Principal principal;
@ -86,11 +87,11 @@ public class MockHttpServletRequest implements HttpServletRequest {
//~ Methods ================================================================
public void setAttribute(String arg0, Object arg1) {
throw new UnsupportedOperationException("mock method not implemented");
this.attribMap.put(arg0, arg1);
}
public Object getAttribute(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
return this.attribMap.get(arg0);
}
public Enumeration getAttributeNames() {

1
doc/xdocs/changes.xml
View File

@ -33,6 +33,7 @@
<action dev="benalex" type="update">User now accepted blank passwords (null passwords still rejected)</action>
<action dev="benalex" type="update">ContextHolderAwareRequestWrapper now provides a getUserPrincipal() method</action>
<action dev="benalex" type="update">HttpSessionIntegrationFilter no longer creates a HttpSession unnecessarily</action>
<action dev="benalex" type="update">FilterSecurityInterceptor now only executes once per request (improves performance with SiteMesh)</action>
<action dev="benalex" type="fix">Contacts sample web.xml no longer expect Log4j to be in classpath</action>
<action dev="raykrueger" type="update">JaasAuthenticatinProvider now uses System.property "java.security.auth.login.config"</action>
<action dev="raykrueger" type="update">JaasAuthenticationCallbackHandler Authentication is passed to handle method setAuthenticatoin removed</action>