SEC-1052: Add support for the namespace option 'disable-url-rewriting'.
This commit is contained in:
parent
171456a26c
commit
8f598e9b11
|
@ -104,6 +104,8 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
||||||
|
|
||||||
private static final String ATT_SECURITY_CONTEXT_REPOSITORY = "security-context-repository-ref";
|
private static final String ATT_SECURITY_CONTEXT_REPOSITORY = "security-context-repository-ref";
|
||||||
|
|
||||||
|
private static final String ATT_DISABLE_URL_REWRITING = "disable-url-rewriting";
|
||||||
|
|
||||||
private static final String EXPRESSION_FIDS_CLASS = "org.springframework.security.expression.web.ExpressionBasedFilterInvocationDefinitionSource";
|
private static final String EXPRESSION_FIDS_CLASS = "org.springframework.security.expression.web.ExpressionBasedFilterInvocationDefinitionSource";
|
||||||
private static final String EXPRESSION_HANDLER_CLASS = "org.springframework.security.expression.support.DefaultSecurityExpressionHandler";
|
private static final String EXPRESSION_HANDLER_CLASS = "org.springframework.security.expression.support.DefaultSecurityExpressionHandler";
|
||||||
private static final String EXPRESSION_HANDLER_ID = "_webExpressionHandler";
|
private static final String EXPRESSION_HANDLER_ID = "_webExpressionHandler";
|
||||||
|
@ -262,6 +264,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
||||||
|
|
||||||
String repoRef = element.getAttribute(ATT_SECURITY_CONTEXT_REPOSITORY);
|
String repoRef = element.getAttribute(ATT_SECURITY_CONTEXT_REPOSITORY);
|
||||||
String createSession = element.getAttribute(ATT_CREATE_SESSION);
|
String createSession = element.getAttribute(ATT_CREATE_SESSION);
|
||||||
|
String disableUrlRewriting = element.getAttribute(ATT_DISABLE_URL_REWRITING);
|
||||||
|
|
||||||
if (StringUtils.hasText(repoRef)) {
|
if (StringUtils.hasText(repoRef)) {
|
||||||
scpf.addPropertyReference("securityContextRepository", repoRef);
|
scpf.addPropertyReference("securityContextRepository", repoRef);
|
||||||
|
@ -287,6 +290,11 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
||||||
contextRepo.addPropertyValue("allowSessionCreation", Boolean.TRUE);
|
contextRepo.addPropertyValue("allowSessionCreation", Boolean.TRUE);
|
||||||
scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
|
scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ("true".equals(disableUrlRewriting)) {
|
||||||
|
contextRepo.addPropertyValue("disableUrlRewriting", Boolean.TRUE);
|
||||||
|
}
|
||||||
|
|
||||||
scpf.addPropertyValue("securityContextRepository", contextRepo.getBeanDefinition());
|
scpf.addPropertyValue("securityContextRepository", contextRepo.getBeanDefinition());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -662,6 +662,8 @@ public class HttpSecurityBeanDefinitionParserTests {
|
||||||
|
|
||||||
assertEquals(Boolean.TRUE, FieldUtils.getFieldValue(filter, "forceEagerSessionCreation"));
|
assertEquals(Boolean.TRUE, FieldUtils.getFieldValue(filter, "forceEagerSessionCreation"));
|
||||||
assertEquals(Boolean.TRUE, FieldUtils.getFieldValue(filter, "repo.allowSessionCreation"));
|
assertEquals(Boolean.TRUE, FieldUtils.getFieldValue(filter, "repo.allowSessionCreation"));
|
||||||
|
// Just check that the repo has url rewriting enabled by default
|
||||||
|
assertEquals(Boolean.FALSE, FieldUtils.getFieldValue(filter, "repo.disableUrlRewriting"));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -754,6 +756,13 @@ public class HttpSecurityBeanDefinitionParserTests {
|
||||||
assertSame(fh, FieldUtils.getFieldValue(apf, "failureHandler"));
|
assertSame(fh, FieldUtils.getFieldValue(apf, "failureHandler"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void disablingUrlRewritingThroughTheNamespaceSetsCorrectPropertyOnContextRepo() throws Exception {
|
||||||
|
setContext("<http auto-config='true' disable-url-rewriting='true'/>" + AUTH_PROVIDER_XML);
|
||||||
|
Object filter = appContext.getBean(BeanIds.SECURITY_CONTEXT_PERSISTENCE_FILTER);
|
||||||
|
assertEquals(Boolean.TRUE, FieldUtils.getFieldValue(filter, "repo.disableUrlRewriting"));
|
||||||
|
}
|
||||||
|
|
||||||
private void setContext(String context) {
|
private void setContext(String context) {
|
||||||
appContext = new InMemoryXmlApplicationContext(context);
|
appContext = new InMemoryXmlApplicationContext(context);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue