Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-24 13:02:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Silently catch NotSerializableException in AbstractProcessingFilter if rootCause is not Serializable (thanks to Joseph Dane for reporting this bug).

Browse Source
This commit is contained in:
Ben Alex 2005-06-22 07:03:53 +00:00
parent 03a1c01408
commit a15691d9d7
2 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java
View File

@ -33,7 +33,12 @@ import java.io.IOException;
import java.util.Properties; import java.util.Properties;
import javax.servlet.*; import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
@ -419,8 +424,10 @@ public abstract class AbstractProcessingFilter implements Filter,
logger.debug("Authentication request failed: " + failed.toString()); logger.debug("Authentication request failed: " + failed.toString());
} }
request.getSession().setAttribute(ACEGI_SECURITY_LAST_EXCEPTION_KEY, try {
failed); request.getSession().setAttribute(ACEGI_SECURITY_LAST_EXCEPTION_KEY,
failed);
} catch (Exception ignored) {}
onUnsuccessfulAuthentication(request, response); onUnsuccessfulAuthentication(request, response);

5
doc/xdocs/changes.xml
View File

@ -36,8 +36,9 @@
<action dev="benalex" type="fix">AbstractAuthenticationToken.getName() now returns username alone if UserDetails present</action> <action dev="benalex" type="fix">AbstractAuthenticationToken.getName() now returns username alone if UserDetails present</action>
<action dev="raykrueger" type="update">AuthorityGranter.grant now returns a java.util.Set of role names, instead of a single role name</action> <action dev="raykrueger" type="update">AuthorityGranter.grant now returns a java.util.Set of role names, instead of a single role name</action>
<action dev="benalex" type="update">JavaDoc improvements</action> <action dev="benalex" type="update">JavaDoc improvements</action>
<action dev="benalex" type="fix">Correct synchronization issue with FilterToBeanProxy initialization (as per developer list discussion)</action> <action dev="benalex" type="fix">Correct synchronization issue with FilterToBeanProxy initialization</action>
<action dev="benalex" type="update">Refactor Authentication.isAuthenticated() handling to be more performance (as per developer list discussion)</action> <action dev="benalex" type="update">Refactor Authentication.isAuthenticated() handling to be more performance</action>
<action dev="benalex" type="fix">Silently catch NotSerializableException in AbstractProcessingFilter if rootCause is not Serializable</action>
</release> </release>
<release version="0.8.2" date="2005-04-20"> <release version="0.8.2" date="2005-04-20">
<action dev="benalex" type="fix">Correct location of AuthenticationSimpleHttpInvokerRequestExecutor in clientContext.xml</action> <action dev="benalex" type="fix">Correct location of AuthenticationSimpleHttpInvokerRequestExecutor in clientContext.xml</action>