Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-08 19:42:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Additional changes related to SEC-192 (avoiding session creation when creating WebAuthenticationDetails). Also fixed Jalopy chaos in SwitchUserProcessingFilter.

Browse Source
This commit is contained in:
Luke Taylor 2006-02-20 00:37:39 +00:00
parent 52a212e609
commit 6abceb7ab0
6 changed files with 347 additions and 370 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
core/src/main/java/org/acegisecurity/ui/cas/CasProcessingFilter.java
View File

@ -102,9 +102,10 @@ public class CasProcessingFilter extends AbstractProcessingFilter {
password = ""; password = "";
} }
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, UsernamePasswordAuthenticationToken authRequest =
password); new UsernamePasswordAuthenticationToken(username, password);
authRequest.setDetails(new WebAuthenticationDetails(request));
authRequest.setDetails(new WebAuthenticationDetails(request, false));
return this.getAuthenticationManager().authenticate(authRequest); return this.getAuthenticationManager().authenticate(authRequest);
} }

7
core/src/main/java/org/acegisecurity/ui/digestauth/DigestProcessingFilter.java
View File

@ -369,9 +369,10 @@ public class DigestProcessingFilter implements Filter, InitializingBean,
+ "' with response: '" + responseDigest + "'"); + "' with response: '" + responseDigest + "'");
} }
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(user, UsernamePasswordAuthenticationToken authRequest =
user.getPassword()); new UsernamePasswordAuthenticationToken(user, user.getPassword());
authRequest.setDetails(new WebAuthenticationDetails(httpRequest));
authRequest.setDetails(new WebAuthenticationDetails(httpRequest, false));
SecurityContextHolder.getContext().setAuthentication(authRequest); SecurityContextHolder.getContext().setAuthentication(authRequest);
} }

97
core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.java
View File

@ -104,6 +104,10 @@ import org.springframework.util.Assert;
* </pre> * </pre>
* </p> * </p>
* *
*
* @author Mark St.Godard
* @version $Id$
*
* @see org.acegisecurity.ui.switchuser.SwitchUserGrantedAuthority * @see org.acegisecurity.ui.switchuser.SwitchUserGrantedAuthority
*/ */
public class SwitchUserProcessingFilter implements Filter, InitializingBean, public class SwitchUserProcessingFilter implements Filter, InitializingBean,
@ -272,15 +276,13 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
username, targetUser); username, targetUser);
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("Switch User Token [" logger.debug("Switch User Token [" + targetUserRequest + "]");
+ targetUserRequest + "]");
} }
// publish event // publish event
if (this.eventPublisher != null) { if (this.eventPublisher != null) {
eventPublisher.publishEvent(new AuthenticationSwitchUserEvent( eventPublisher.publishEvent(new AuthenticationSwitchUserEvent(
SecurityContextHolder.getContext() SecurityContextHolder.getContext().getAuthentication(),
.getAuthentication(),
targetUser)); targetUser));
} }
@ -328,7 +330,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
// set details // set details
targetUserRequest.setDetails(new WebAuthenticationDetails( targetUserRequest.setDetails(new WebAuthenticationDetails(
request)); request, false));
return targetUserRequest; return targetUserRequest;
} }
@ -371,10 +373,8 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
.setAuthentication(originalUser); .setAuthentication(originalUser);
// redirect to target url // redirect to target url
httpResponse.sendRedirect(httpResponse httpResponse.sendRedirect(httpResponse.encodeRedirectURL(
.encodeRedirectURL(httpRequest httpRequest.getContextPath() + targetUrl));
.getContextPath()
+ targetUrl));
return; return;
} }
@ -383,23 +383,17 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
} }
/** /**
* Find the original * Find the original <code>Authentication</code> object from
* <code>Authentication</code> object from * the current user's granted authorities. A successfully switched
* the current user's granted authorities. * user should have a <code>SwitchUserGrantedAuthority</code>
* A successfully switched user should * that contains the original source user <code>Authentication</code>
* have a * object.
* <code>SwitchUserGrantedAuthority</code>
* that contains the original source user
* <code>Authentication</code> object.
* *
* @param current The current * @param current The current <code>Authentication</code>
* <code>Authentication</code>
* object * object
* *
* @return The source user * @return The source user <code>Authentication</code>
* <code>Authentication</code> * object or <code>null</code> otherwise.
* object or <code>null</code>
* otherwise.
*/ */
private Authentication getSourceAuthentication( private Authentication getSourceAuthentication(
Authentication current) { Authentication current) {
@ -409,8 +403,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
GrantedAuthority[] authorities = current GrantedAuthority[] authorities = current
.getAuthorities(); .getAuthorities();
for (int i = 0; i < authorities.length; for (int i = 0; i < authorities.length; i++) {
i++) {
// check for switch user type of authority // check for switch user type of authority
if (authorities[i] instanceof SwitchUserGrantedAuthority) { if (authorities[i] instanceof SwitchUserGrantedAuthority) {
original = ((SwitchUserGrantedAuthority) authorities[i]) original = ((SwitchUserGrantedAuthority) authorities[i])
@ -433,8 +426,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
* *
* @param request The http servlet request * @param request The http servlet request
* *
* @return <code>true</code> if the request * @return <code>true</code> if the request requires a exit user,
* requires a exit user,
* <code>false</code> otherwise. * <code>false</code> otherwise.
* *
* @see SwitchUserProcessingFilter#exitUserUrl * @see SwitchUserProcessingFilter#exitUserUrl
@ -448,16 +440,12 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
} }
/** /**
* Checks the request URI for the * Checks the request URI for the presence of <tt>switchUserUrl</tt>.
* presence of <tt>switchUserUrl</tt>.
* *
* @param request The http servlet * @param request The http servlet request
* request
* *
* @return <code>true</code> if the * @return <code>true</code> if the request requires a switch,
* request requires a switch, * <code>false</code> otherwise.
* <code>false</code>
* otherwise.
* *
* @see SwitchUserProcessingFilter#switchUserUrl * @see SwitchUserProcessingFilter#switchUserUrl
*/ */
@ -465,9 +453,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
HttpServletRequest request) { HttpServletRequest request) {
String uri = stripUri(request); String uri = stripUri(request);
return uri.endsWith(request return uri.endsWith(request.getContextPath() + switchUserUrl);
.getContextPath()
+ switchUserUrl);
} }
public void setApplicationEventPublisher( public void setApplicationEventPublisher(
@ -477,11 +463,9 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
} }
/** /**
* Sets the authentication data * Sets the authentication data access object.
* access object.
* *
* @param authenticationDao The * @param authenticationDao The authentication dao
* authentication dao
*/ */
public void setUserDetailsService( public void setUserDetailsService(
UserDetailsService authenticationDao) { UserDetailsService authenticationDao) {
@ -489,11 +473,9 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
} }
/** /**
* Set the URL to respond to exit * Set the URL to respond to exit user processing.
* user processing.
* *
* @param exitUserUrl The exit user * @param exitUserUrl The exit user URL.
* URL.
*/ */
public void setExitUserUrl( public void setExitUserUrl(
String exitUserUrl) { String exitUserUrl) {
@ -506,20 +488,16 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
} }
/** /**
* Set the URL to respond to switch * Set the URL to respond to switch user processing.
* user processing.
* *
* @param switchUserUrl The switch * @param switchUserUrl The switch user URL.
* user URL.
*/ */
public void setSwitchUserUrl( public void setSwitchUserUrl(String switchUserUrl) {
String switchUserUrl) {
this.switchUserUrl = switchUserUrl; this.switchUserUrl = switchUserUrl;
} }
/** /**
* Sets the URL to go to after a * Sets the URL to go to after a successful switch / exit user
* successful switch / exit user
* request. * request.
* *
* @param targetUrl The target url. * @param targetUrl The target url.
@ -530,17 +508,14 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
} }
/** /**
* Strips any content after the ';' * Strips any content after the ';' in the request URI
* in the request URI
* *
* @param request The http request * @param request The http request
* *
* @return The stripped uri * @return The stripped uri
*/ */
private static String stripUri( private static String stripUri(HttpServletRequest request) {
HttpServletRequest request) { String uri = request.getRequestURI();
String uri = request
.getRequestURI();
int idx = uri.indexOf(';'); int idx = uri.indexOf(';');
if (idx > 0) { if (idx > 0) {
@ -550,4 +525,4 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
return uri; return uri;
} }
} }

2
core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilter.java
View File

@ -103,7 +103,7 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter {
*/ */
protected void setDetails(HttpServletRequest request, protected void setDetails(HttpServletRequest request,
UsernamePasswordAuthenticationToken authRequest) { UsernamePasswordAuthenticationToken authRequest) {
authRequest.setDetails(new WebAuthenticationDetails(request)); authRequest.setDetails(new WebAuthenticationDetails(request, false));
} }
/** /**

2
core/src/main/java/org/acegisecurity/ui/webapp/SiteminderAuthenticationProcessingFilter.java
View File

@ -240,7 +240,7 @@ public class SiteminderAuthenticationProcessingFilter
*/ */
protected void setDetails(HttpServletRequest request, protected void setDetails(HttpServletRequest request,
UsernamePasswordAuthenticationToken authRequest) { UsernamePasswordAuthenticationToken authRequest) {
authRequest.setDetails(new WebAuthenticationDetails(request)); authRequest.setDetails(new WebAuthenticationDetails(request, false));
} }
/** /**

2
core/src/test/java/org/acegisecurity/concurrent/ConcurrentSessionControllerImplTests.java
View File

@ -118,6 +118,6 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
request.setSession(session); request.setSession(session);
request.setUserPrincipal(auth); request.setUserPrincipal(auth);
return new WebAuthenticationDetails(request); return new WebAuthenticationDetails(request, false);
} }
} }