Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-28 23:02:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix for SEC-27. Now checks for a null authentication before proceeding to fire the success event.

Browse Source
This commit is contained in:
Luke Taylor 2005-07-08 21:16:12 +00:00
parent f1656ee7fd
commit 7268c81192
1 changed files with 20 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
core/src/main/java/org/acegisecurity/ui/rememberme/RememberMeProcessingFilter.java
View File

@ -17,6 +17,7 @@ package net.sf.acegisecurity.ui.rememberme;
import net.sf.acegisecurity.context.SecurityContextHolder; import net.sf.acegisecurity.context.SecurityContextHolder;
import net.sf.acegisecurity.ui.InteractiveAuthenticationSuccesEvent; import net.sf.acegisecurity.ui.InteractiveAuthenticationSuccesEvent;
import net.sf.acegisecurity.Authentication;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
@ -103,7 +104,7 @@ public class RememberMeProcessingFilter implements Filter, InitializingBean,
} }
/** /**
* Does nothing - we reply on IoC lifecycle services instead. * Does nothing - we rely on IoC lifecycle services instead.
*/ */
public void destroy() {} public void destroy() {}
@ -121,21 +122,25 @@ public class RememberMeProcessingFilter implements Filter, InitializingBean,
HttpServletResponse httpResponse = (HttpServletResponse) response; HttpServletResponse httpResponse = (HttpServletResponse) response;
if (SecurityContextHolder.getContext().getAuthentication() == null) { if (SecurityContextHolder.getContext().getAuthentication() == null) {
SecurityContextHolder.getContext().setAuthentication(rememberMeServices Authentication rememberMeAuth =
.autoLogin(httpRequest, httpResponse)); rememberMeServices.autoLogin(httpRequest, httpResponse);
if (logger.isDebugEnabled()) { if(rememberMeAuth != null) {
logger.debug( SecurityContextHolder.getContext().setAuthentication(rememberMeAuth);
"Replaced SecurityContextHolder with remember-me token: '"
+ SecurityContextHolder.getContext().getAuthentication()
+ "'");
}
// Fire event if (logger.isDebugEnabled()) {
if (this.context != null) { logger.debug(
context.publishEvent(new InteractiveAuthenticationSuccesEvent( "Replaced SecurityContextHolder with remember-me token: '"
SecurityContextHolder.getContext().getAuthentication(), + SecurityContextHolder.getContext().getAuthentication()
this.getClass())); + "'");
}
// Fire event
if (this.context != null) {
context.publishEvent(new InteractiveAuthenticationSuccesEvent(
SecurityContextHolder.getContext().getAuthentication(),
this.getClass()));
}
} }
} else { } else {
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
@ -150,7 +155,7 @@ public class RememberMeProcessingFilter implements Filter, InitializingBean,
} }
/** /**
* Does nothing - we reply on IoC lifecycle services instead. * Does nothing - we rely on IoC lifecycle services instead.
* *
* @param arg0 not used * @param arg0 not used
* *