Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-05 18:22:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

AccessDeniedHandler->ServerAccessDeniedHandler

Browse Source 
Issue gh-4615
This commit is contained in:
Rob Winch 2017-10-10 15:12:05 -05:00
parent a5af2a07d7
commit 897e7111e3
6 changed files with 17 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpAccessDeniedHandlerTests.groovy → config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpServerAccessDeniedHandlerTests.groovy
View File

@ -36,7 +36,7 @@ import org.springframework.security.web.access.ExceptionTranslationFilter;
* @author Rob Winch * @author Rob Winch
* *
*/ */
public class NamespaceHttpAccessDeniedHandlerTests extends BaseSpringSpec { public class NamespaceHttpServerAccessDeniedHandlerTests extends BaseSpringSpec {
def "http/access-denied-handler@error-page"() { def "http/access-denied-handler@error-page"() {
when: when:
loadConfig(AccessDeniedPageConfig) loadConfig(AccessDeniedPageConfig)

13
webflux/src/main/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilter.java
View File

@ -35,25 +35,26 @@ import org.springframework.web.server.WebFilterChain;
public class ExceptionTranslationWebFilter implements WebFilter { public class ExceptionTranslationWebFilter implements WebFilter {
private ServerAuthenticationEntryPoint serverAuthenticationEntryPoint = new HttpBasicServerAuthenticationEntryPoint(); private ServerAuthenticationEntryPoint serverAuthenticationEntryPoint = new HttpBasicServerAuthenticationEntryPoint();
private AccessDeniedHandler accessDeniedHandler = new HttpStatusAccessDeniedHandler(HttpStatus.FORBIDDEN); private ServerAccessDeniedHandler serverAccessDeniedHandler = new HttpStatusServerAccessDeniedHandler(HttpStatus.FORBIDDEN);
@Override @Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) { public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
return chain.filter(exchange) return chain.filter(exchange)
.onErrorResume(AccessDeniedException.class, denied -> exchange.getPrincipal() .onErrorResume(AccessDeniedException.class, denied -> exchange.getPrincipal()
.switchIfEmpty( commenceAuthentication(exchange, denied)) .switchIfEmpty( commenceAuthentication(exchange, denied))
.flatMap( principal -> this.accessDeniedHandler.handle(exchange, denied)) .flatMap( principal -> this.serverAccessDeniedHandler
.handle(exchange, denied))
); );
} }
/** /**
* Sets the access denied handler. * Sets the access denied handler.
* @param accessDeniedHandler the access denied handler to use. Default is * @param serverAccessDeniedHandler the access denied handler to use. Default is
* HttpStatusAccessDeniedHandler with HttpStatus.FORBIDDEN * HttpStatusAccessDeniedHandler with HttpStatus.FORBIDDEN
*/ */
public void setAccessDeniedHandler(AccessDeniedHandler accessDeniedHandler) { public void setServerAccessDeniedHandler(ServerAccessDeniedHandler serverAccessDeniedHandler) {
Assert.notNull(accessDeniedHandler, "accessDeniedHandler cannot be null"); Assert.notNull(serverAccessDeniedHandler, "accessDeniedHandler cannot be null");
this.accessDeniedHandler = accessDeniedHandler; this.serverAccessDeniedHandler = serverAccessDeniedHandler;
} }
/** /**

4
webflux/src/main/java/org/springframework/security/web/server/authorization/HttpStatusAccessDeniedHandler.java → webflux/src/main/java/org/springframework/security/web/server/authorization/HttpStatusServerAccessDeniedHandler.java
View File

@ -28,10 +28,10 @@ import org.springframework.web.server.ServerWebExchange;
* @author Rob Winch * @author Rob Winch
* @since 5.0 * @since 5.0
*/ */
public class HttpStatusAccessDeniedHandler implements AccessDeniedHandler { public class HttpStatusServerAccessDeniedHandler implements ServerAccessDeniedHandler {
private final HttpStatus httpStatus; private final HttpStatus httpStatus;
public HttpStatusAccessDeniedHandler(HttpStatus httpStatus) { public HttpStatusServerAccessDeniedHandler(HttpStatus httpStatus) {
Assert.notNull(httpStatus, "httpStatus cannot be null"); Assert.notNull(httpStatus, "httpStatus cannot be null");
this.httpStatus = httpStatus; this.httpStatus = httpStatus;
} }

2
webflux/src/main/java/org/springframework/security/web/server/authorization/AccessDeniedHandler.java → webflux/src/main/java/org/springframework/security/web/server/authorization/ServerAccessDeniedHandler.java
View File

@ -25,7 +25,7 @@ import reactor.core.publisher.Mono;
* @author Rob Winch * @author Rob Winch
* @since 5.0 * @since 5.0
*/ */
public interface AccessDeniedHandler { public interface ServerAccessDeniedHandler {
Mono<Void> handle(ServerWebExchange exchange, AccessDeniedException denied); Mono<Void> handle(ServerWebExchange exchange, AccessDeniedException denied);
} }

6
webflux/src/test/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilterTests.java
View File

@ -51,7 +51,7 @@ public class ExceptionTranslationWebFilterTests {
@Mock @Mock
private WebFilterChain chain; private WebFilterChain chain;
@Mock @Mock
private AccessDeniedHandler deniedHandler; private ServerAccessDeniedHandler deniedHandler;
@Mock @Mock
private ServerAuthenticationEntryPoint entryPoint; private ServerAuthenticationEntryPoint entryPoint;
@ -67,7 +67,7 @@ public class ExceptionTranslationWebFilterTests {
when(this.entryPoint.commence(any(), any())).thenReturn(this.entryPointPublisher.mono()); when(this.entryPoint.commence(any(), any())).thenReturn(this.entryPointPublisher.mono());
this.filter.setServerAuthenticationEntryPoint(this.entryPoint); this.filter.setServerAuthenticationEntryPoint(this.entryPoint);
this.filter.setAccessDeniedHandler(this.deniedHandler); this.filter.setServerAccessDeniedHandler(this.deniedHandler);
} }
@Test @Test
@ -150,7 +150,7 @@ public class ExceptionTranslationWebFilterTests {
@Test(expected = IllegalArgumentException.class) @Test(expected = IllegalArgumentException.class)
public void setAccessDeniedHandlerWhenNullThenException() { public void setAccessDeniedHandlerWhenNullThenException() {
this.filter.setAccessDeniedHandler(null); this.filter.setServerAccessDeniedHandler(null);
} }
@Test(expected = IllegalArgumentException.class) @Test(expected = IllegalArgumentException.class)

6
webflux/src/test/java/org/springframework/security/web/server/authorization/HttpStatusAccessDeniedHandlerTests.java → webflux/src/test/java/org/springframework/security/web/server/authorization/HttpStatusServerAccessDeniedHandlerTests.java
View File

@ -34,17 +34,17 @@ import static org.mockito.Mockito.verifyZeroInteractions;
* @since 5.0 * @since 5.0
*/ */
@RunWith(MockitoJUnitRunner.class) @RunWith(MockitoJUnitRunner.class)
public class HttpStatusAccessDeniedHandlerTests { public class HttpStatusServerAccessDeniedHandlerTests {
@Mock @Mock
private ServerWebExchange exchange; private ServerWebExchange exchange;
private final HttpStatus httpStatus = HttpStatus.FORBIDDEN; private final HttpStatus httpStatus = HttpStatus.FORBIDDEN;
private HttpStatusAccessDeniedHandler handler = new HttpStatusAccessDeniedHandler(this.httpStatus); private HttpStatusServerAccessDeniedHandler handler = new HttpStatusServerAccessDeniedHandler(this.httpStatus);
private AccessDeniedException exception = new AccessDeniedException("Forbidden"); private AccessDeniedException exception = new AccessDeniedException("Forbidden");
@Test(expected = IllegalArgumentException.class) @Test(expected = IllegalArgumentException.class)
public void constructorHttpStatusWhenNullThenException() { public void constructorHttpStatusWhenNullThenException() {
new HttpStatusAccessDeniedHandler((HttpStatus) null); new HttpStatusServerAccessDeniedHandler((HttpStatus) null);
} }
@Test @Test