mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-06-29 15:22:15 +00:00
SEC-673: Applied patch from Christian.
This commit is contained in:
Luke Taylor
parent
594b69b7ef
commit
80dbc4fd75
@ -3,6 +3,7 @@ package org.springframework.security.config;
|
|||||||
import org.apache.commons.logging.Log;
|
import org.apache.commons.logging.Log;
|
||||||
import org.apache.commons.logging.LogFactory;
|
import org.apache.commons.logging.LogFactory;
|
||||||
import org.springframework.beans.factory.config.BeanDefinition;
|
import org.springframework.beans.factory.config.BeanDefinition;
|
||||||
|
import org.springframework.beans.factory.parsing.BeanComponentDefinition;
|
||||||
import org.springframework.beans.factory.support.ManagedList;
|
import org.springframework.beans.factory.support.ManagedList;
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
import org.springframework.beans.factory.support.RootBeanDefinition;
|
||||||
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
||||||
@ -61,6 +62,7 @@ public class AnonymousBeanDefinitionParser implements BeanDefinitionParser {
|
|||||||
|
|
||||||
BeanDefinition authManager = ConfigUtils.registerProviderManagerIfNecessary(parserContext);
|
BeanDefinition authManager = ConfigUtils.registerProviderManagerIfNecessary(parserContext);
|
||||||
RootBeanDefinition provider = new RootBeanDefinition(AnonymousAuthenticationProvider.class);
|
RootBeanDefinition provider = new RootBeanDefinition(AnonymousAuthenticationProvider.class);
|
||||||
|
provider.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
||||||
provider.setSource(source);
|
provider.setSource(source);
|
||||||
provider.getPropertyValues().addPropertyValue(ATT_KEY, key);
|
provider.getPropertyValues().addPropertyValue(ATT_KEY, key);
|
||||||
|
|
||||||
@ -68,6 +70,7 @@ public class AnonymousBeanDefinitionParser implements BeanDefinitionParser {
|
|||||||
authMgrProviderList.add(provider);
|
authMgrProviderList.add(provider);
|
||||||
|
|
||||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.ANONYMOUS_PROCESSING_FILTER, filter);
|
parserContext.getRegistry().registerBeanDefinition(BeanIds.ANONYMOUS_PROCESSING_FILTER, filter);
|
||||||
|
parserContext.registerComponent(new BeanComponentDefinition(filter, BeanIds.ANONYMOUS_PROCESSING_FILTER));
|
||||||
|
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -6,6 +6,7 @@ import org.springframework.beans.factory.config.BeanDefinition;
|
|||||||
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
|
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
|
||||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
||||||
|
import org.springframework.beans.factory.parsing.BeanComponentDefinition;
|
||||||
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
|
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
import org.springframework.beans.factory.support.RootBeanDefinition;
|
||||||
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
||||||
@ -28,6 +29,7 @@ class AuthenticationProviderBeanDefinitionParser implements BeanDefinitionParser
|
|||||||
|
|
||||||
public BeanDefinition parse(Element element, ParserContext parserContext) {
|
public BeanDefinition parse(Element element, ParserContext parserContext) {
|
||||||
RootBeanDefinition authProvider = new RootBeanDefinition(DaoAuthenticationProvider.class);
|
RootBeanDefinition authProvider = new RootBeanDefinition(DaoAuthenticationProvider.class);
|
||||||
|
authProvider.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
||||||
authProvider.setSource(parserContext.extractSource(element));
|
authProvider.setSource(parserContext.extractSource(element));
|
||||||
|
|
||||||
Element passwordEncoderElt = DomUtils.getChildElementByTagName(element, Elements.PASSWORD_ENCODER);
|
Element passwordEncoderElt = DomUtils.getChildElementByTagName(element, Elements.PASSWORD_ENCODER);
|
||||||
@ -48,6 +50,7 @@ class AuthenticationProviderBeanDefinitionParser implements BeanDefinitionParser
|
|||||||
// We need to register the provider to access it in the post processor to check if it has a cache
|
// We need to register the provider to access it in the post processor to check if it has a cache
|
||||||
final String id = parserContext.getReaderContext().generateBeanName(authProvider);
|
final String id = parserContext.getReaderContext().generateBeanName(authProvider);
|
||||||
parserContext.getRegistry().registerBeanDefinition(id, authProvider);
|
parserContext.getRegistry().registerBeanDefinition(id, authProvider);
|
||||||
|
parserContext.registerComponent(new BeanComponentDefinition(authProvider, id));
|
||||||
|
|
||||||
String ref = element.getAttribute(ATT_USER_DETAILS_REF);
|
String ref = element.getAttribute(ATT_USER_DETAILS_REF);
|
||||||
|
|
||||||
@ -86,8 +89,10 @@ class AuthenticationProviderBeanDefinitionParser implements BeanDefinitionParser
|
|||||||
cacheResolverBldr.addConstructorArg(ref);
|
cacheResolverBldr.addConstructorArg(ref);
|
||||||
cacheResolverBldr.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
cacheResolverBldr.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
||||||
BeanDefinition cacheResolver = cacheResolverBldr.getBeanDefinition();
|
BeanDefinition cacheResolver = cacheResolverBldr.getBeanDefinition();
|
||||||
parserContext.getRegistry().registerBeanDefinition(
|
|
||||||
parserContext.getReaderContext().generateBeanName(cacheResolver), cacheResolver);
|
String name = parserContext.getReaderContext().generateBeanName(cacheResolver);
|
||||||
|
parserContext.getRegistry().registerBeanDefinition(name , cacheResolver);
|
||||||
|
parserContext.registerComponent(new BeanComponentDefinition(cacheResolver, name));
|
||||||
|
|
||||||
ConfigUtils.getRegisteredProviders(parserContext).add(new RuntimeBeanReference(id));
|
ConfigUtils.getRegisteredProviders(parserContext).add(new RuntimeBeanReference(id));
|
||||||
|
|
||||||
|
|||||||
@ -2,6 +2,7 @@ package org.springframework.security.config;
|
|||||||
|
|
||||||
import org.springframework.beans.factory.config.BeanDefinition;
|
import org.springframework.beans.factory.config.BeanDefinition;
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
||||||
|
import org.springframework.beans.factory.parsing.BeanComponentDefinition;
|
||||||
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
|
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
import org.springframework.beans.factory.support.RootBeanDefinition;
|
||||||
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
||||||
@ -28,6 +29,8 @@ public class BasicAuthenticationBeanDefinitionParser implements BeanDefinitionPa
|
|||||||
public BeanDefinition parse(Element elt, ParserContext parserContext) {
|
public BeanDefinition parse(Element elt, ParserContext parserContext) {
|
||||||
BeanDefinitionBuilder filterBuilder = BeanDefinitionBuilder.rootBeanDefinition(BasicProcessingFilter.class);
|
BeanDefinitionBuilder filterBuilder = BeanDefinitionBuilder.rootBeanDefinition(BasicProcessingFilter.class);
|
||||||
RootBeanDefinition entryPoint = new RootBeanDefinition(BasicProcessingFilterEntryPoint.class);
|
RootBeanDefinition entryPoint = new RootBeanDefinition(BasicProcessingFilterEntryPoint.class);
|
||||||
|
entryPoint.setSource(parserContext.extractSource(elt));
|
||||||
|
entryPoint.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
||||||
|
|
||||||
entryPoint.getPropertyValues().addPropertyValue("realmName", realmName);
|
entryPoint.getPropertyValues().addPropertyValue("realmName", realmName);
|
||||||
|
|
||||||
@ -38,7 +41,8 @@ public class BasicAuthenticationBeanDefinitionParser implements BeanDefinitionPa
|
|||||||
|
|
||||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.BASIC_AUTHENTICATION_FILTER,
|
parserContext.getRegistry().registerBeanDefinition(BeanIds.BASIC_AUTHENTICATION_FILTER,
|
||||||
filterBuilder.getBeanDefinition());
|
filterBuilder.getBeanDefinition());
|
||||||
|
parserContext.registerComponent(new BeanComponentDefinition(filterBuilder.getBeanDefinition(),
|
||||||
|
BeanIds.BASIC_AUTHENTICATION_FILTER));
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -2,6 +2,8 @@ package org.springframework.security.config;
|
|||||||
|
|
||||||
import org.springframework.beans.factory.config.BeanDefinition;
|
import org.springframework.beans.factory.config.BeanDefinition;
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
||||||
|
import org.springframework.beans.factory.parsing.BeanComponentDefinition;
|
||||||
|
import org.springframework.beans.factory.parsing.CompositeComponentDefinition;
|
||||||
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
|
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
|
||||||
import org.springframework.beans.factory.support.BeanDefinitionRegistry;
|
import org.springframework.beans.factory.support.BeanDefinitionRegistry;
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
import org.springframework.beans.factory.support.RootBeanDefinition;
|
||||||
@ -30,6 +32,10 @@ public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionPar
|
|||||||
static final String ATT_SESSION_REGISTRY_ALIAS = "session-registry-alias";
|
static final String ATT_SESSION_REGISTRY_ALIAS = "session-registry-alias";
|
||||||
|
|
||||||
public BeanDefinition parse(Element element, ParserContext parserContext) {
|
public BeanDefinition parse(Element element, ParserContext parserContext) {
|
||||||
|
CompositeComponentDefinition compositeDef =
|
||||||
|
new CompositeComponentDefinition(element.getTagName(), parserContext.extractSource(element));
|
||||||
|
parserContext.pushContainingComponent(compositeDef);
|
||||||
|
|
||||||
BeanDefinitionRegistry beanRegistry = parserContext.getRegistry();
|
BeanDefinitionRegistry beanRegistry = parserContext.getRegistry();
|
||||||
|
|
||||||
RootBeanDefinition sessionRegistry = new RootBeanDefinition(SessionRegistryImpl.class);
|
RootBeanDefinition sessionRegistry = new RootBeanDefinition(SessionRegistryImpl.class);
|
||||||
@ -42,7 +48,9 @@ public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionPar
|
|||||||
|
|
||||||
Object source = parserContext.extractSource(element);
|
Object source = parserContext.extractSource(element);
|
||||||
filterBuilder.setSource(source);
|
filterBuilder.setSource(source);
|
||||||
|
filterBuilder.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
||||||
controllerBuilder.setSource(source);
|
controllerBuilder.setSource(source);
|
||||||
|
controllerBuilder.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
||||||
|
|
||||||
String expiryUrl = element.getAttribute(ATT_EXPIRY_URL);
|
String expiryUrl = element.getAttribute(ATT_EXPIRY_URL);
|
||||||
|
|
||||||
@ -64,6 +72,7 @@ public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionPar
|
|||||||
|
|
||||||
BeanDefinition controller = controllerBuilder.getBeanDefinition();
|
BeanDefinition controller = controllerBuilder.getBeanDefinition();
|
||||||
beanRegistry.registerBeanDefinition(BeanIds.SESSION_REGISTRY, sessionRegistry);
|
beanRegistry.registerBeanDefinition(BeanIds.SESSION_REGISTRY, sessionRegistry);
|
||||||
|
parserContext.registerComponent(new BeanComponentDefinition(sessionRegistry, BeanIds.SESSION_REGISTRY));
|
||||||
|
|
||||||
String registryAlias = element.getAttribute(ATT_SESSION_REGISTRY_ALIAS);
|
String registryAlias = element.getAttribute(ATT_SESSION_REGISTRY_ALIAS);
|
||||||
if (StringUtils.hasText(registryAlias)) {
|
if (StringUtils.hasText(registryAlias)) {
|
||||||
@ -71,12 +80,16 @@ public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionPar
|
|||||||
}
|
}
|
||||||
|
|
||||||
beanRegistry.registerBeanDefinition(BeanIds.CONCURRENT_SESSION_CONTROLLER, controller);
|
beanRegistry.registerBeanDefinition(BeanIds.CONCURRENT_SESSION_CONTROLLER, controller);
|
||||||
|
parserContext.registerComponent(new BeanComponentDefinition(controller, BeanIds.CONCURRENT_SESSION_CONTROLLER));
|
||||||
beanRegistry.registerBeanDefinition(BeanIds.CONCURRENT_SESSION_FILTER, filterBuilder.getBeanDefinition());
|
beanRegistry.registerBeanDefinition(BeanIds.CONCURRENT_SESSION_FILTER, filterBuilder.getBeanDefinition());
|
||||||
|
parserContext.registerComponent(new BeanComponentDefinition(filterBuilder.getBeanDefinition(), BeanIds.CONCURRENT_SESSION_FILTER));
|
||||||
|
|
||||||
BeanDefinition providerManager = ConfigUtils.registerProviderManagerIfNecessary(parserContext);
|
BeanDefinition providerManager = ConfigUtils.registerProviderManagerIfNecessary(parserContext);
|
||||||
|
|
||||||
providerManager.getPropertyValues().addPropertyValue("sessionController", controller);
|
providerManager.getPropertyValues().addPropertyValue("sessionController", controller);
|
||||||
|
|
||||||
|
parserContext.popAndRegisterContainingComponent();
|
||||||
|
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -8,6 +8,7 @@ import java.util.Map;
|
|||||||
import org.springframework.aop.config.AopNamespaceUtils;
|
import org.springframework.aop.config.AopNamespaceUtils;
|
||||||
import org.springframework.beans.factory.config.BeanDefinition;
|
import org.springframework.beans.factory.config.BeanDefinition;
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
||||||
|
import org.springframework.beans.factory.parsing.BeanComponentDefinition;
|
||||||
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
|
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
|
||||||
import org.springframework.beans.factory.support.ManagedList;
|
import org.springframework.beans.factory.support.ManagedList;
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
import org.springframework.beans.factory.support.RootBeanDefinition;
|
||||||
@ -43,8 +44,10 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||||||
private static final String ATT_USE_JSR250 = "jsr250-annotations";
|
private static final String ATT_USE_JSR250 = "jsr250-annotations";
|
||||||
private static final String ATT_USE_SECURED = "secured-annotations";
|
private static final String ATT_USE_SECURED = "secured-annotations";
|
||||||
|
|
||||||
private void validatePresent(String className) {
|
private void validatePresent(String className, Element element, ParserContext parserContext) {
|
||||||
Assert.isTrue(ClassUtils.isPresent(className), "Cannot locate '" + className + "'");
|
if (!ClassUtils.isPresent(className, parserContext.getReaderContext().getBeanClassLoader())) {
|
||||||
|
parserContext.getReaderContext().error("Cannot locate '" + className + "'", element);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public BeanDefinition parse(Element element, ParserContext parserContext) {
|
public BeanDefinition parse(Element element, ParserContext parserContext) {
|
||||||
@ -53,14 +56,14 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||||||
|
|
||||||
// Check the required classes are present
|
// Check the required classes are present
|
||||||
if (useSecured) {
|
if (useSecured) {
|
||||||
validatePresent(SECURED_METHOD_DEFINITION_SOURCE_CLASS);
|
validatePresent(SECURED_METHOD_DEFINITION_SOURCE_CLASS, element, parserContext);
|
||||||
validatePresent(SECURED_DEPENDENCY_CLASS);
|
validatePresent(SECURED_DEPENDENCY_CLASS, element, parserContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (useJsr250) {
|
if (useJsr250) {
|
||||||
validatePresent(JSR_250_SECURITY_METHOD_DEFINITION_SOURCE_CLASS);
|
validatePresent(JSR_250_SECURITY_METHOD_DEFINITION_SOURCE_CLASS, element, parserContext);
|
||||||
validatePresent(JSR_250_VOTER_CLASS);
|
validatePresent(JSR_250_VOTER_CLASS, element, parserContext);
|
||||||
validatePresent(JSR_250_DEPENDENCY_CLASS);
|
validatePresent(JSR_250_DEPENDENCY_CLASS, element, parserContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Now create a Map<String, ConfigAttribute> for each <protect-pointcut> sub-element
|
// Now create a Map<String, ConfigAttribute> for each <protect-pointcut> sub-element
|
||||||
@ -84,6 +87,7 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||||||
if (pointcutMap.size() > 0) {
|
if (pointcutMap.size() > 0) {
|
||||||
RootBeanDefinition ppbp = new RootBeanDefinition(ProtectPointcutPostProcessor.class);
|
RootBeanDefinition ppbp = new RootBeanDefinition(ProtectPointcutPostProcessor.class);
|
||||||
ppbp.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
ppbp.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
||||||
|
ppbp.setSource(parserContext.extractSource(element));
|
||||||
ppbp.getConstructorArgumentValues().addGenericArgumentValue(mapBasedMethodDefinitionSource);
|
ppbp.getConstructorArgumentValues().addGenericArgumentValue(mapBasedMethodDefinitionSource);
|
||||||
ppbp.getPropertyValues().addPropertyValue("pointcutMap", pointcutMap);
|
ppbp.getPropertyValues().addPropertyValue("pointcutMap", pointcutMap);
|
||||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.PROTECT_POINTCUT_POST_PROCESSOR, ppbp);
|
parserContext.getRegistry().registerBeanDefinition(BeanIds.PROTECT_POINTCUT_POST_PROCESSOR, ppbp);
|
||||||
@ -104,8 +108,8 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||||||
// Register our DelegatingMethodDefinitionSource
|
// Register our DelegatingMethodDefinitionSource
|
||||||
RootBeanDefinition delegatingMethodDefinitionSource = new RootBeanDefinition(DelegatingMethodDefinitionSource.class);
|
RootBeanDefinition delegatingMethodDefinitionSource = new RootBeanDefinition(DelegatingMethodDefinitionSource.class);
|
||||||
delegatingMethodDefinitionSource.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
delegatingMethodDefinitionSource.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
||||||
|
delegatingMethodDefinitionSource.setSource(parserContext.extractSource(element));
|
||||||
delegatingMethodDefinitionSource.getPropertyValues().addPropertyValue("methodDefinitionSources", delegates);
|
delegatingMethodDefinitionSource.getPropertyValues().addPropertyValue("methodDefinitionSources", delegates);
|
||||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.DELEGATING_METHOD_DEFINITION_SOURCE, delegatingMethodDefinitionSource);
|
|
||||||
|
|
||||||
// Register the applicable AccessDecisionManager, handling the special JSR 250 voter if being used
|
// Register the applicable AccessDecisionManager, handling the special JSR 250 voter if being used
|
||||||
String accessManagerId = element.getAttribute(ATT_ACCESS_MGR);
|
String accessManagerId = element.getAttribute(ATT_ACCESS_MGR);
|
||||||
@ -123,15 +127,18 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||||||
// MethodSecurityInterceptor
|
// MethodSecurityInterceptor
|
||||||
RootBeanDefinition interceptor = new RootBeanDefinition(MethodSecurityInterceptor.class);
|
RootBeanDefinition interceptor = new RootBeanDefinition(MethodSecurityInterceptor.class);
|
||||||
interceptor.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
interceptor.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
||||||
|
interceptor.setSource(parserContext.extractSource(element));
|
||||||
|
|
||||||
interceptor.getPropertyValues().addPropertyValue("accessDecisionManager", new RuntimeBeanReference(accessManagerId));
|
interceptor.getPropertyValues().addPropertyValue("accessDecisionManager", new RuntimeBeanReference(accessManagerId));
|
||||||
interceptor.getPropertyValues().addPropertyValue("authenticationManager", new RuntimeBeanReference(BeanIds.AUTHENTICATION_MANAGER));
|
interceptor.getPropertyValues().addPropertyValue("authenticationManager", new RuntimeBeanReference(BeanIds.AUTHENTICATION_MANAGER));
|
||||||
interceptor.getPropertyValues().addPropertyValue("objectDefinitionSource", new RuntimeBeanReference(BeanIds.DELEGATING_METHOD_DEFINITION_SOURCE));
|
interceptor.getPropertyValues().addPropertyValue("objectDefinitionSource", new RuntimeBeanReference(BeanIds.DELEGATING_METHOD_DEFINITION_SOURCE));
|
||||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.METHOD_SECURITY_INTERCEPTOR, interceptor);
|
parserContext.getRegistry().registerBeanDefinition(BeanIds.METHOD_SECURITY_INTERCEPTOR, interceptor);
|
||||||
|
parserContext.registerComponent(new BeanComponentDefinition(interceptor, BeanIds.METHOD_SECURITY_INTERCEPTOR));
|
||||||
|
|
||||||
// MethodDefinitionSourceAdvisor
|
// MethodDefinitionSourceAdvisor
|
||||||
RootBeanDefinition advisor = new RootBeanDefinition(MethodDefinitionSourceAdvisor.class);
|
RootBeanDefinition advisor = new RootBeanDefinition(MethodDefinitionSourceAdvisor.class);
|
||||||
advisor.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
advisor.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
||||||
|
advisor.setSource(parserContext.extractSource(element));
|
||||||
advisor.getConstructorArgumentValues().addGenericArgumentValue(interceptor);
|
advisor.getConstructorArgumentValues().addGenericArgumentValue(interceptor);
|
||||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.METHOD_DEFINITION_SOURCE_ADVISOR, advisor);
|
parserContext.getRegistry().registerBeanDefinition(BeanIds.METHOD_DEFINITION_SOURCE_ADVISOR, advisor);
|
||||||
|
|
||||||
|
|||||||
@ -29,6 +29,7 @@ import org.springframework.security.securechannel.InsecureChannelProcessor;
|
|||||||
import org.springframework.security.securechannel.SecureChannelProcessor;
|
import org.springframework.security.securechannel.SecureChannelProcessor;
|
||||||
import org.springframework.security.securechannel.RetryWithHttpEntryPoint;
|
import org.springframework.security.securechannel.RetryWithHttpEntryPoint;
|
||||||
import org.springframework.security.securechannel.RetryWithHttpsEntryPoint;
|
import org.springframework.security.securechannel.RetryWithHttpsEntryPoint;
|
||||||
|
import org.springframework.security.ui.AccessDeniedHandlerImpl;
|
||||||
import org.springframework.security.ui.ExceptionTranslationFilter;
|
import org.springframework.security.ui.ExceptionTranslationFilter;
|
||||||
import org.springframework.security.ui.SessionFixationProtectionFilter;
|
import org.springframework.security.ui.SessionFixationProtectionFilter;
|
||||||
import org.springframework.security.ui.webapp.DefaultLoginPageGeneratingFilter;
|
import org.springframework.security.ui.webapp.DefaultLoginPageGeneratingFilter;
|
||||||
@ -94,8 +95,9 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||||||
static final String ATT_USER_SERVICE_REF = "user-service-ref";
|
static final String ATT_USER_SERVICE_REF = "user-service-ref";
|
||||||
|
|
||||||
static final String ATT_ENTRY_POINT_REF = "entry-point-ref";
|
static final String ATT_ENTRY_POINT_REF = "entry-point-ref";
|
||||||
|
|
||||||
static final String ATT_ONCE_PER_REQUEST = "once-per-request";
|
static final String ATT_ONCE_PER_REQUEST = "once-per-request";
|
||||||
|
static final String ATT_ACCESS_DENIED_PAGE = "access-denied-page";
|
||||||
|
|
||||||
|
|
||||||
public BeanDefinition parse(Element element, ParserContext parserContext) {
|
public BeanDefinition parse(Element element, ParserContext parserContext) {
|
||||||
BeanDefinitionRegistry registry = parserContext.getRegistry();
|
BeanDefinitionRegistry registry = parserContext.getRegistry();
|
||||||
@ -127,6 +129,14 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||||||
BeanDefinitionBuilder exceptionTranslationFilterBuilder
|
BeanDefinitionBuilder exceptionTranslationFilterBuilder
|
||||||
= BeanDefinitionBuilder.rootBeanDefinition(ExceptionTranslationFilter.class);
|
= BeanDefinitionBuilder.rootBeanDefinition(ExceptionTranslationFilter.class);
|
||||||
|
|
||||||
|
String accessDeniedPage = element.getAttribute(ATT_ACCESS_DENIED_PAGE);
|
||||||
|
if (StringUtils.hasText(accessDeniedPage)) {
|
||||||
|
AccessDeniedHandlerImpl accessDeniedHandler = new AccessDeniedHandlerImpl();
|
||||||
|
accessDeniedHandler.setErrorPage(accessDeniedPage);
|
||||||
|
exceptionTranslationFilterBuilder.addPropertyValue("accessDeniedHandler", accessDeniedHandler);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
Map filterChainMap = new LinkedHashMap();
|
Map filterChainMap = new LinkedHashMap();
|
||||||
|
|
||||||
UrlMatcher matcher = createUrlMatcher(element);
|
UrlMatcher matcher = createUrlMatcher(element);
|
||||||
|
|||||||
@ -1,13 +1,12 @@
|
|||||||
package org.springframework.security.config;
|
package org.springframework.security.config;
|
||||||
|
|
||||||
import org.springframework.security.providers.dao.salt.ReflectionSaltSource;
|
|
||||||
import org.springframework.security.providers.dao.salt.SystemWideSaltSource;
|
|
||||||
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
|
||||||
import org.springframework.beans.factory.xml.ParserContext;
|
|
||||||
import org.springframework.beans.factory.config.BeanDefinition;
|
import org.springframework.beans.factory.config.BeanDefinition;
|
||||||
import org.springframework.beans.factory.support.RootBeanDefinition;
|
import org.springframework.beans.factory.support.RootBeanDefinition;
|
||||||
|
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
||||||
|
import org.springframework.beans.factory.xml.ParserContext;
|
||||||
|
import org.springframework.security.providers.dao.salt.ReflectionSaltSource;
|
||||||
|
import org.springframework.security.providers.dao.salt.SystemWideSaltSource;
|
||||||
import org.springframework.util.StringUtils;
|
import org.springframework.util.StringUtils;
|
||||||
|
|
||||||
import org.w3c.dom.Element;
|
import org.w3c.dom.Element;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -27,6 +26,7 @@ public class SaltSourceBeanDefinitionParser implements BeanDefinitionParser {
|
|||||||
saltSource = new RootBeanDefinition(ReflectionSaltSource.class);
|
saltSource = new RootBeanDefinition(ReflectionSaltSource.class);
|
||||||
saltSource.getPropertyValues().addPropertyValue("userPropertyToUse", userProperty);
|
saltSource.getPropertyValues().addPropertyValue("userPropertyToUse", userProperty);
|
||||||
saltSource.setSource(parserContext.extractSource(element));
|
saltSource.setSource(parserContext.extractSource(element));
|
||||||
|
saltSource.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
||||||
|
|
||||||
return saltSource;
|
return saltSource;
|
||||||
}
|
}
|
||||||
@ -37,6 +37,7 @@ public class SaltSourceBeanDefinitionParser implements BeanDefinitionParser {
|
|||||||
saltSource = new RootBeanDefinition(SystemWideSaltSource.class);
|
saltSource = new RootBeanDefinition(SystemWideSaltSource.class);
|
||||||
saltSource.getPropertyValues().addPropertyValue("systemWideSalt", systemWideSalt);
|
saltSource.getPropertyValues().addPropertyValue("systemWideSalt", systemWideSalt);
|
||||||
saltSource.setSource(parserContext.extractSource(element));
|
saltSource.setSource(parserContext.extractSource(element));
|
||||||
|
saltSource.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
|
||||||
|
|
||||||
return saltSource;
|
return saltSource;
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user