Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-08 19:42:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Additional changes related to SEC-192 (avoiding session creation when creating WebAuthenticationDetails). Also fixed Jalopy chaos in SwitchUserProcessingFilter.

Browse Source
This commit is contained in:
Luke Taylor 2006-02-20 00:37:39 +00:00
parent 52a212e609
commit 6abceb7ab0
6 changed files with 347 additions and 370 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
core/src/main/java/org/acegisecurity/ui/cas/CasProcessingFilter.java
View File

@ -102,9 +102,10 @@ public class CasProcessingFilter extends AbstractProcessingFilter {
password = "";
}
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
password);
authRequest.setDetails(new WebAuthenticationDetails(request));
UsernamePasswordAuthenticationToken authRequest =
new UsernamePasswordAuthenticationToken(username, password);
authRequest.setDetails(new WebAuthenticationDetails(request, false));
return this.getAuthenticationManager().authenticate(authRequest);
}

7
core/src/main/java/org/acegisecurity/ui/digestauth/DigestProcessingFilter.java
View File

@ -369,9 +369,10 @@ public class DigestProcessingFilter implements Filter, InitializingBean,
+ "' with response: '" + responseDigest + "'");
}
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(user,
user.getPassword());
authRequest.setDetails(new WebAuthenticationDetails(httpRequest));
UsernamePasswordAuthenticationToken authRequest =
new UsernamePasswordAuthenticationToken(user, user.getPassword());
authRequest.setDetails(new WebAuthenticationDetails(httpRequest, false));
SecurityContextHolder.getContext().setAuthentication(authRequest);
}

95
core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.java
View File

@ -104,6 +104,10 @@ import org.springframework.util.Assert;
* </pre>
* </p>
*
*
* @author Mark St.Godard
* @version $Id$
*
* @see org.acegisecurity.ui.switchuser.SwitchUserGrantedAuthority
*/
public class SwitchUserProcessingFilter implements Filter, InitializingBean,
@ -272,15 +276,13 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
username, targetUser);
if (logger.isDebugEnabled()) {
logger.debug("Switch User Token ["
+ targetUserRequest + "]");
logger.debug("Switch User Token [" + targetUserRequest + "]");
}
// publish event
if (this.eventPublisher != null) {
eventPublisher.publishEvent(new AuthenticationSwitchUserEvent(
SecurityContextHolder.getContext()
.getAuthentication(),
SecurityContextHolder.getContext().getAuthentication(),
targetUser));
}
@ -328,7 +330,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
// set details
targetUserRequest.setDetails(new WebAuthenticationDetails(
request));
request, false));
return targetUserRequest;
}
@ -371,10 +373,8 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
.setAuthentication(originalUser);
// redirect to target url
httpResponse.sendRedirect(httpResponse
.encodeRedirectURL(httpRequest
.getContextPath()
+ targetUrl));
httpResponse.sendRedirect(httpResponse.encodeRedirectURL(
httpRequest.getContextPath() + targetUrl));
return;
}
@ -383,23 +383,17 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
}
/**
* Find the original
* <code>Authentication</code> object from
* the current user's granted authorities.
* A successfully switched user should
* have a
* <code>SwitchUserGrantedAuthority</code>
* that contains the original source user
* <code>Authentication</code> object.
* Find the original <code>Authentication</code> object from
* the current user's granted authorities. A successfully switched
* user should have a <code>SwitchUserGrantedAuthority</code>
* that contains the original source user <code>Authentication</code>
* object.
*
* @param current The current
* <code>Authentication</code>
* @param current The current <code>Authentication</code>
* object
*
* @return The source user
* <code>Authentication</code>
* object or <code>null</code>
* otherwise.
* @return The source user <code>Authentication</code>
* object or <code>null</code> otherwise.
*/
private Authentication getSourceAuthentication(
Authentication current) {
@ -409,8 +403,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
GrantedAuthority[] authorities = current
.getAuthorities();
for (int i = 0; i < authorities.length;
i++) {
for (int i = 0; i < authorities.length; i++) {
// check for switch user type of authority
if (authorities[i] instanceof SwitchUserGrantedAuthority) {
original = ((SwitchUserGrantedAuthority) authorities[i])
@ -433,8 +426,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
*
* @param request The http servlet request
*
* @return <code>true</code> if the request
* requires a exit user,
* @return <code>true</code> if the request requires a exit user,
* <code>false</code> otherwise.
*
* @see SwitchUserProcessingFilter#exitUserUrl
@ -448,16 +440,12 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
}
/**
* Checks the request URI for the
* presence of <tt>switchUserUrl</tt>.
* Checks the request URI for the presence of <tt>switchUserUrl</tt>.
*
* @param request The http servlet
* request
* @param request The http servlet request
*
* @return <code>true</code> if the
* request requires a switch,
* <code>false</code>
* otherwise.
* @return <code>true</code> if the request requires a switch,
* <code>false</code> otherwise.
*
* @see SwitchUserProcessingFilter#switchUserUrl
*/
@ -465,9 +453,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
HttpServletRequest request) {
String uri = stripUri(request);
return uri.endsWith(request
.getContextPath()
+ switchUserUrl);
return uri.endsWith(request.getContextPath() + switchUserUrl);
}
public void setApplicationEventPublisher(
@ -477,11 +463,9 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
}
/**
* Sets the authentication data
* access object.
* Sets the authentication data access object.
*
* @param authenticationDao The
* authentication dao
* @param authenticationDao The authentication dao
*/
public void setUserDetailsService(
UserDetailsService authenticationDao) {
@ -489,11 +473,9 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
}
/**
* Set the URL to respond to exit
* user processing.
* Set the URL to respond to exit user processing.
*
* @param exitUserUrl The exit user
* URL.
* @param exitUserUrl The exit user URL.
*/
public void setExitUserUrl(
String exitUserUrl) {
@ -506,20 +488,16 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
}
/**
* Set the URL to respond to switch
* user processing.
* Set the URL to respond to switch user processing.
*
* @param switchUserUrl The switch
* user URL.
* @param switchUserUrl The switch user URL.
*/
public void setSwitchUserUrl(
String switchUserUrl) {
public void setSwitchUserUrl(String switchUserUrl) {
this.switchUserUrl = switchUserUrl;
}
/**
* Sets the URL to go to after a
* successful switch / exit user
* Sets the URL to go to after a successful switch / exit user
* request.
*
* @param targetUrl The target url.
@ -530,17 +508,14 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
}
/**
* Strips any content after the ';'
* in the request URI
* Strips any content after the ';' in the request URI
*
* @param request The http request
*
* @return The stripped uri
*/
private static String stripUri(
HttpServletRequest request) {
String uri = request
.getRequestURI();
private static String stripUri(HttpServletRequest request) {
String uri = request.getRequestURI();
int idx = uri.indexOf(';');
if (idx > 0) {

2
core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilter.java
View File

@ -103,7 +103,7 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter {
*/
protected void setDetails(HttpServletRequest request,
UsernamePasswordAuthenticationToken authRequest) {
authRequest.setDetails(new WebAuthenticationDetails(request));
authRequest.setDetails(new WebAuthenticationDetails(request, false));
}
/**

2
core/src/main/java/org/acegisecurity/ui/webapp/SiteminderAuthenticationProcessingFilter.java
View File

@ -240,7 +240,7 @@ public class SiteminderAuthenticationProcessingFilter
*/
protected void setDetails(HttpServletRequest request,
UsernamePasswordAuthenticationToken authRequest) {
authRequest.setDetails(new WebAuthenticationDetails(request));
authRequest.setDetails(new WebAuthenticationDetails(request, false));
}
/**

2
core/src/test/java/org/acegisecurity/concurrent/ConcurrentSessionControllerImplTests.java
View File

@ -118,6 +118,6 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
request.setSession(session);
request.setUserPrincipal(auth);
return new WebAuthenticationDetails(request);
return new WebAuthenticationDetails(request, false);
}
}