Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-28 23:02:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1283: AuthenticationConfigBuilder.createAnonymousFilter uses httpElt instead of anonymousElt. Corrected element name.

Browse Source
This commit is contained in:
Luke Taylor 2009-11-04 17:39:26 +00:00
parent 617e517e5e
commit a2468c523a
2 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java
View File

@ -125,7 +125,7 @@ final class AuthenticationConfigBuilder {
Element rememberMeElt = DomUtils.getChildElementByTagName(httpElt, Elements.REMEMBER_ME); Element rememberMeElt = DomUtils.getChildElementByTagName(httpElt, Elements.REMEMBER_ME);
if (rememberMeElt != null) { if (rememberMeElt != null) {
String key = rememberMeElt.getAttribute(ATT_KEY); String key = rememberMeElt.getAttribute(ATT_KEY);
if (!StringUtils.hasText(key)) { if (!StringUtils.hasText(key)) {
key = DEF_KEY; key = DEF_KEY;
@ -370,9 +370,9 @@ final class AuthenticationConfigBuilder {
Object source = pc.extractSource(httpElt); Object source = pc.extractSource(httpElt);
if (anonymousElt != null) { if (anonymousElt != null) {
grantedAuthority = httpElt.getAttribute("granted-authority"); grantedAuthority = anonymousElt.getAttribute("granted-authority");
username = httpElt.getAttribute("username"); username = anonymousElt.getAttribute("username");
key = httpElt.getAttribute("key"); key = anonymousElt.getAttribute("key");
source = pc.extractSource(anonymousElt); source = pc.extractSource(anonymousElt);
} }

13
config/src/test/java/org/springframework/security/config/http/HttpSecurityBeanDefinitionParserTests.java
View File

@ -253,6 +253,18 @@ public class HttpSecurityBeanDefinitionParserTests {
assertThat(getFilters("/anything").get(5), not(instanceOf(AnonymousAuthenticationFilter.class))); assertThat(getFilters("/anything").get(5), not(instanceOf(AnonymousAuthenticationFilter.class)));
} }
@Test
public void anonymousCustomAttributesAreSetCorrectly() throws Exception {
setContext(
"<http>" +
" <form-login />" +
" <anonymous enabled='true' username='joe' granted-authority='anonymity' key='customKey' />" +
"</http>" + AUTH_PROVIDER_XML);
AnonymousAuthenticationFilter filter = (AnonymousAuthenticationFilter) getFilters("/anything").get(5);
assertEquals("customKey", filter.getKey());
assertEquals("joe", filter.getUserAttribute().getPassword());
assertEquals("anonymity", filter.getUserAttribute().getAuthorities().get(0).getAuthority());
}
@Test(expected=BeanCreationException.class) @Test(expected=BeanCreationException.class)
public void invalidLoginPageIsDetected() throws Exception { public void invalidLoginPageIsDetected() throws Exception {
@ -859,6 +871,7 @@ public class HttpSecurityBeanDefinitionParserTests {
setContext( setContext(
" <http>" + " <http>" +
" <intercept-url pattern='/**' access='ROLE_A'/>" + " <intercept-url pattern='/**' access='ROLE_A'/>" +
" <anonymous enabled='false' />" +
" <form-login login-page='/login.jsp' default-target-url='/messageList.html'/>" + " <form-login login-page='/login.jsp' default-target-url='/messageList.html'/>" +
" </http>" + AUTH_PROVIDER_XML); " </http>" + AUTH_PROVIDER_XML);
closeAppContext(); closeAppContext();