Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-25 05:22:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

finish user context switch event publishing

Browse Source
This commit is contained in:
Mark St. Godard 2005-09-03 20:24:35 +00:00
parent 4ae14cc7bc
commit 9d359780d9
2 changed files with 51 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.java
View File

@ -15,7 +15,35 @@
package net.sf.acegisecurity.ui.switchuser; package net.sf.acegisecurity.ui.switchuser;
import net.sf.acegisecurity.AccountExpiredException;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.AuthenticationCredentialsNotFoundException;
import net.sf.acegisecurity.AuthenticationException;
import net.sf.acegisecurity.CredentialsExpiredException;
import net.sf.acegisecurity.DisabledException;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.context.SecurityContextHolder;
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import net.sf.acegisecurity.providers.dao.AuthenticationDao;
import net.sf.acegisecurity.providers.dao.User;
import net.sf.acegisecurity.providers.dao.UsernameNotFoundException;
import net.sf.acegisecurity.providers.dao.event.AuthenticationSwitchUserEvent;
import net.sf.acegisecurity.ui.WebAuthenticationDetails;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.util.Assert;
import java.io.IOException; import java.io.IOException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.List; import java.util.List;
@ -29,29 +57,6 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import net.sf.acegisecurity.AccountExpiredException;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.AuthenticationCredentialsNotFoundException;
import net.sf.acegisecurity.AuthenticationException;
import net.sf.acegisecurity.CredentialsExpiredException;
import net.sf.acegisecurity.DisabledException;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.context.SecurityContextHolder;
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import net.sf.acegisecurity.providers.dao.AuthenticationDao;
import net.sf.acegisecurity.providers.dao.UsernameNotFoundException;
import net.sf.acegisecurity.providers.dao.event.AuthenticationSwitchUserEvent;
import net.sf.acegisecurity.ui.WebAuthenticationDetails;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.util.Assert;
/** /**
* Switch User processing filter responsible for user context switching. * Switch User processing filter responsible for user context switching.
@ -184,9 +189,8 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
*/ */
public void doFilter(ServletRequest request, ServletResponse response, public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException { FilterChain chain) throws IOException, ServletException {
Assert.isInstanceOf(HttpServletRequest.class, request);
Assert.isInstanceOf(HttpServletRequest.class,request); Assert.isInstanceOf(HttpServletResponse.class, response);
Assert.isInstanceOf(HttpServletResponse.class,response);
HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response; HttpServletResponse httpResponse = (HttpServletResponse) response;
@ -198,7 +202,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
// update the current context to the new target user // update the current context to the new target user
SecurityContextHolder.getContext().setAuthentication(targetUser); SecurityContextHolder.getContext().setAuthentication(targetUser);
// redirect to target url // redirect to target url
httpResponse.sendRedirect(httpResponse.encodeRedirectURL(targetUrl)); httpResponse.sendRedirect(httpResponse.encodeRedirectURL(targetUrl));
@ -252,12 +256,20 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
throw new AuthenticationCredentialsNotFoundException( throw new AuthenticationCredentialsNotFoundException(
"Could not find original Authentication object!"); "Could not find original Authentication object!");
} }
// TODO: fix target user on exit // get the source user details
UserDetails originalUser = null;
Object obj = original.getPrincipal();
if ((obj != null) && obj instanceof User) {
originalUser = (User) obj;
}
// publish event
if (this.context != null) { if (this.context != null) {
context.publishEvent(new AuthenticationSwitchUserEvent( context.publishEvent(new AuthenticationSwitchUserEvent(current,
current, null) ); originalUser));
} }
return original; return original;
} }
@ -326,10 +338,10 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
// publish event // publish event
if (this.context != null) { if (this.context != null) {
context.publishEvent(new AuthenticationSwitchUserEvent( context.publishEvent(new AuthenticationSwitchUserEvent(
SecurityContextHolder.getContext().getAuthentication(), SecurityContextHolder.getContext().getAuthentication(),
targetUser) ); targetUser));
} }
return targetUserRequest; return targetUserRequest;
} }

7
core/src/test/java/org/acegisecurity/providers/dao/event/AuthenticationEventTests.java
View File

@ -22,7 +22,6 @@ import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.GrantedAuthorityImpl; import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken; import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import net.sf.acegisecurity.providers.dao.User; import net.sf.acegisecurity.providers.dao.User;
import net.sf.acegisecurity.ui.switchuser.SwitchUserGrantedAuthority;
/** /**
@ -92,13 +91,13 @@ public class AuthenticationEventTests extends TestCase {
public void testSwitchUserContextEvent() { public void testSwitchUserContextEvent() {
Authentication auth = getAuthentication(); Authentication auth = getAuthentication();
User targetUser = getUser(); User targetUser = getUser();
AuthenticationSwitchUserEvent event = new AuthenticationSwitchUserEvent(auth, AuthenticationSwitchUserEvent event = new AuthenticationSwitchUserEvent(auth,
targetUser); targetUser);
assertEquals(auth, event.getAuthentication()); assertEquals(auth, event.getAuthentication());
assertEquals(targetUser, event.getUser()); assertEquals(targetUser, event.getUser());
} }
private Authentication getAuthentication() { private Authentication getAuthentication() {
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken("Principal", UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken("Principal",
"Credentials"); "Credentials");