From 71b2af31ee5e3d38a03db08e821e4536068b4030 Mon Sep 17 00:00:00 2001
From: Luke Taylor <luke.taylor@springsource.com>
Date: Tue, 2 Nov 2010 12:19:22 +0000
Subject: [PATCH] SEC-1608: Make sure FirewalledRequest.reset() is called when
 filter="none"

---
 .../security/web/FilterChainProxy.java             |  2 ++
 .../security/web/FilterChainProxyTests.java        | 14 ++++++++++++++
 2 files changed, 16 insertions(+)

diff --git a/web/src/main/java/org/springframework/security/web/FilterChainProxy.java b/web/src/main/java/org/springframework/security/web/FilterChainProxy.java
index 1f826ad82d..8f4e564bb7 100644
--- a/web/src/main/java/org/springframework/security/web/FilterChainProxy.java
+++ b/web/src/main/java/org/springframework/security/web/FilterChainProxy.java
@@ -158,6 +158,8 @@ public class FilterChainProxy extends GenericFilterBean {
                 logger.debug(url + (filters == null ? " has no matching filters" : " has an empty filter list"));
             }
 
+            fwRequest.reset();
+
             chain.doFilter(fwRequest, fwResponse);
 
             return;
diff --git a/web/src/test/java/org/springframework/security/web/FilterChainProxyTests.java b/web/src/test/java/org/springframework/security/web/FilterChainProxyTests.java
index a381b44f09..62cb1fb68a 100644
--- a/web/src/test/java/org/springframework/security/web/FilterChainProxyTests.java
+++ b/web/src/test/java/org/springframework/security/web/FilterChainProxyTests.java
@@ -10,6 +10,7 @@ import org.mockito.stubbing.Answer;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 import org.springframework.security.web.firewall.FirewalledRequest;
+import org.springframework.security.web.firewall.HttpFirewall;
 
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
@@ -100,4 +101,17 @@ public class FilterChainProxyTests {
         verify(chain).doFilter(any(FirewalledRequest.class), any(HttpServletResponse.class));
     }
 
+    @Test
+    public void wrapperIsResetWhenNoMatchingFilters() throws Exception {
+        request.setServletPath("/nomatch");
+        HttpFirewall fw = mock(HttpFirewall.class);
+        FirewalledRequest fwr = mock (FirewalledRequest.class);
+        when(fwr.getRequestURI()).thenReturn("/");
+        when(fwr.getContextPath()).thenReturn("");
+        fcp.setFirewall(fw);
+        when(fw.getFirewalledRequest(request)).thenReturn(fwr);
+        fcp.doFilter(request, response, chain);
+        verify(fwr).reset();
+    }
+
 }