mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-06-23 20:42:14 +00:00
finish user context switch event publishing
This commit is contained in:
Mark St. Godard
parent
4ae14cc7bc
commit
9d359780d9
@ -15,7 +15,35 @@
|
||||
|
||||
package net.sf.acegisecurity.ui.switchuser;
|
||||
|
||||
import net.sf.acegisecurity.AccountExpiredException;
|
||||
import net.sf.acegisecurity.Authentication;
|
||||
import net.sf.acegisecurity.AuthenticationCredentialsNotFoundException;
|
||||
import net.sf.acegisecurity.AuthenticationException;
|
||||
import net.sf.acegisecurity.CredentialsExpiredException;
|
||||
import net.sf.acegisecurity.DisabledException;
|
||||
import net.sf.acegisecurity.GrantedAuthority;
|
||||
import net.sf.acegisecurity.UserDetails;
|
||||
import net.sf.acegisecurity.context.SecurityContextHolder;
|
||||
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
|
||||
import net.sf.acegisecurity.providers.dao.AuthenticationDao;
|
||||
import net.sf.acegisecurity.providers.dao.User;
|
||||
import net.sf.acegisecurity.providers.dao.UsernameNotFoundException;
|
||||
import net.sf.acegisecurity.providers.dao.event.AuthenticationSwitchUserEvent;
|
||||
import net.sf.acegisecurity.ui.WebAuthenticationDetails;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import org.springframework.beans.BeansException;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.context.ApplicationContextAware;
|
||||
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
@ -29,29 +57,6 @@ import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import net.sf.acegisecurity.AccountExpiredException;
|
||||
import net.sf.acegisecurity.Authentication;
|
||||
import net.sf.acegisecurity.AuthenticationCredentialsNotFoundException;
|
||||
import net.sf.acegisecurity.AuthenticationException;
|
||||
import net.sf.acegisecurity.CredentialsExpiredException;
|
||||
import net.sf.acegisecurity.DisabledException;
|
||||
import net.sf.acegisecurity.GrantedAuthority;
|
||||
import net.sf.acegisecurity.UserDetails;
|
||||
import net.sf.acegisecurity.context.SecurityContextHolder;
|
||||
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
|
||||
import net.sf.acegisecurity.providers.dao.AuthenticationDao;
|
||||
import net.sf.acegisecurity.providers.dao.UsernameNotFoundException;
|
||||
import net.sf.acegisecurity.providers.dao.event.AuthenticationSwitchUserEvent;
|
||||
import net.sf.acegisecurity.ui.WebAuthenticationDetails;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.beans.BeansException;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.context.ApplicationContextAware;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
|
||||
/**
|
||||
* Switch User processing filter responsible for user context switching.
|
||||
@ -184,9 +189,8 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
|
||||
*/
|
||||
public void doFilter(ServletRequest request, ServletResponse response,
|
||||
FilterChain chain) throws IOException, ServletException {
|
||||
|
||||
Assert.isInstanceOf(HttpServletRequest.class,request);
|
||||
Assert.isInstanceOf(HttpServletResponse.class,response);
|
||||
Assert.isInstanceOf(HttpServletRequest.class, request);
|
||||
Assert.isInstanceOf(HttpServletResponse.class, response);
|
||||
|
||||
HttpServletRequest httpRequest = (HttpServletRequest) request;
|
||||
HttpServletResponse httpResponse = (HttpServletResponse) response;
|
||||
@ -198,7 +202,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
|
||||
|
||||
// update the current context to the new target user
|
||||
SecurityContextHolder.getContext().setAuthentication(targetUser);
|
||||
|
||||
|
||||
// redirect to target url
|
||||
httpResponse.sendRedirect(httpResponse.encodeRedirectURL(targetUrl));
|
||||
|
||||
@ -252,12 +256,20 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
|
||||
throw new AuthenticationCredentialsNotFoundException(
|
||||
"Could not find original Authentication object!");
|
||||
}
|
||||
|
||||
// TODO: fix target user on exit
|
||||
|
||||
// get the source user details
|
||||
UserDetails originalUser = null;
|
||||
Object obj = original.getPrincipal();
|
||||
|
||||
if ((obj != null) && obj instanceof User) {
|
||||
originalUser = (User) obj;
|
||||
}
|
||||
|
||||
// publish event
|
||||
if (this.context != null) {
|
||||
context.publishEvent(new AuthenticationSwitchUserEvent(
|
||||
current, null) );
|
||||
}
|
||||
context.publishEvent(new AuthenticationSwitchUserEvent(current,
|
||||
originalUser));
|
||||
}
|
||||
|
||||
return original;
|
||||
}
|
||||
@ -326,10 +338,10 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
|
||||
// publish event
|
||||
if (this.context != null) {
|
||||
context.publishEvent(new AuthenticationSwitchUserEvent(
|
||||
SecurityContextHolder.getContext().getAuthentication(),
|
||||
targetUser) );
|
||||
}
|
||||
|
||||
SecurityContextHolder.getContext().getAuthentication(),
|
||||
targetUser));
|
||||
}
|
||||
|
||||
return targetUserRequest;
|
||||
}
|
||||
|
||||
|
||||
@ -22,7 +22,6 @@ import net.sf.acegisecurity.GrantedAuthority;
|
||||
import net.sf.acegisecurity.GrantedAuthorityImpl;
|
||||
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
|
||||
import net.sf.acegisecurity.providers.dao.User;
|
||||
import net.sf.acegisecurity.ui.switchuser.SwitchUserGrantedAuthority;
|
||||
|
||||
|
||||
/**
|
||||
@ -92,13 +91,13 @@ public class AuthenticationEventTests extends TestCase {
|
||||
public void testSwitchUserContextEvent() {
|
||||
Authentication auth = getAuthentication();
|
||||
User targetUser = getUser();
|
||||
|
||||
|
||||
AuthenticationSwitchUserEvent event = new AuthenticationSwitchUserEvent(auth,
|
||||
targetUser);
|
||||
assertEquals(auth, event.getAuthentication());
|
||||
assertEquals(targetUser, event.getUser());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private Authentication getAuthentication() {
|
||||
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken("Principal",
|
||||
"Credentials");
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user