SEC-1052: Add support for the namespace option 'disable-url-rewriting'.

This commit is contained in:
Luke Taylor 2008-12-17 01:28:29 +00:00
parent 171456a26c
commit 8f598e9b11
2 changed files with 17 additions and 0 deletions

View File

@ -104,6 +104,8 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
private static final String ATT_SECURITY_CONTEXT_REPOSITORY = "security-context-repository-ref"; private static final String ATT_SECURITY_CONTEXT_REPOSITORY = "security-context-repository-ref";
private static final String ATT_DISABLE_URL_REWRITING = "disable-url-rewriting";
private static final String EXPRESSION_FIDS_CLASS = "org.springframework.security.expression.web.ExpressionBasedFilterInvocationDefinitionSource"; private static final String EXPRESSION_FIDS_CLASS = "org.springframework.security.expression.web.ExpressionBasedFilterInvocationDefinitionSource";
private static final String EXPRESSION_HANDLER_CLASS = "org.springframework.security.expression.support.DefaultSecurityExpressionHandler"; private static final String EXPRESSION_HANDLER_CLASS = "org.springframework.security.expression.support.DefaultSecurityExpressionHandler";
private static final String EXPRESSION_HANDLER_ID = "_webExpressionHandler"; private static final String EXPRESSION_HANDLER_ID = "_webExpressionHandler";
@ -262,6 +264,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
String repoRef = element.getAttribute(ATT_SECURITY_CONTEXT_REPOSITORY); String repoRef = element.getAttribute(ATT_SECURITY_CONTEXT_REPOSITORY);
String createSession = element.getAttribute(ATT_CREATE_SESSION); String createSession = element.getAttribute(ATT_CREATE_SESSION);
String disableUrlRewriting = element.getAttribute(ATT_DISABLE_URL_REWRITING);
if (StringUtils.hasText(repoRef)) { if (StringUtils.hasText(repoRef)) {
scpf.addPropertyReference("securityContextRepository", repoRef); scpf.addPropertyReference("securityContextRepository", repoRef);
@ -287,6 +290,11 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
contextRepo.addPropertyValue("allowSessionCreation", Boolean.TRUE); contextRepo.addPropertyValue("allowSessionCreation", Boolean.TRUE);
scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE); scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
} }
if ("true".equals(disableUrlRewriting)) {
contextRepo.addPropertyValue("disableUrlRewriting", Boolean.TRUE);
}
scpf.addPropertyValue("securityContextRepository", contextRepo.getBeanDefinition()); scpf.addPropertyValue("securityContextRepository", contextRepo.getBeanDefinition());
} }

View File

@ -662,6 +662,8 @@ public class HttpSecurityBeanDefinitionParserTests {
assertEquals(Boolean.TRUE, FieldUtils.getFieldValue(filter, "forceEagerSessionCreation")); assertEquals(Boolean.TRUE, FieldUtils.getFieldValue(filter, "forceEagerSessionCreation"));
assertEquals(Boolean.TRUE, FieldUtils.getFieldValue(filter, "repo.allowSessionCreation")); assertEquals(Boolean.TRUE, FieldUtils.getFieldValue(filter, "repo.allowSessionCreation"));
// Just check that the repo has url rewriting enabled by default
assertEquals(Boolean.FALSE, FieldUtils.getFieldValue(filter, "repo.disableUrlRewriting"));
} }
@Test @Test
@ -754,6 +756,13 @@ public class HttpSecurityBeanDefinitionParserTests {
assertSame(fh, FieldUtils.getFieldValue(apf, "failureHandler")); assertSame(fh, FieldUtils.getFieldValue(apf, "failureHandler"));
} }
@Test
public void disablingUrlRewritingThroughTheNamespaceSetsCorrectPropertyOnContextRepo() throws Exception {
setContext("<http auto-config='true' disable-url-rewriting='true'/>" + AUTH_PROVIDER_XML);
Object filter = appContext.getBean(BeanIds.SECURITY_CONTEXT_PERSISTENCE_FILTER);
assertEquals(Boolean.TRUE, FieldUtils.getFieldValue(filter, "repo.disableUrlRewriting"));
}
private void setContext(String context) { private void setContext(String context) {
appContext = new InMemoryXmlApplicationContext(context); appContext = new InMemoryXmlApplicationContext(context);
} }