Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-1490: Minor changes to GAE sample. Simplification of redirect to registration page (only needs to be done after authentication).

This commit is contained in:
Luke Taylor 2010-07-25 20:46:00 +01:00
parent 5de68cb18f
commit a74077f9b1
4 changed files with 13 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
samples/gae/src/main/java/samples/gae/security/GaeAuthenticationFilter.java
View File

@ -52,6 +52,14 @@ public class GaeAuthenticationFilter extends GenericFilterBean {
try {
authentication = authenticationManager.authenticate(token);
SecurityContextHolder.getContext().setAuthentication(authentication);
if (authentication.getAuthorities().contains(AppRole.NEW_USER)) {
logger.debug("New user authenticated. Redirecting to registration page");
((HttpServletResponse) response).sendRedirect(REGISTRATION_URL);
return;
}
} catch (AuthenticationException e) {
failureHandler.onAuthenticationFailure((HttpServletRequest)request, (HttpServletResponse)response, e);
@ -60,16 +68,6 @@ public class GaeAuthenticationFilter extends GenericFilterBean {
}
}
// A new user has to register with the app before doing anything else
if (authentication != null && authentication.getAuthorities().contains(AppRole.NEW_USER)
&& !((HttpServletRequest)request).getRequestURI().endsWith(REGISTRATION_URL)) {
logger.debug("New user authenticated. Redirecting to registration page");
((HttpServletResponse) response).sendRedirect(REGISTRATION_URL);
return;
}
chain.doFilter(request, response);
}

2
samples/gae/src/main/java/samples/gae/users/GaeDataStoreUserRegistry.java
View File

@ -15,7 +15,7 @@ import samples.gae.security.AppRole;
*
* @author Luke Taylor
*/
public class GaeDataStoreUserRegistry implements UserRegistry {
public class GaeDatastoreUserRegistry implements UserRegistry {
private final Logger logger = LoggerFactory.getLogger(getClass());
private static final String USER_TYPE = "GaeUser";

7
samples/gae/src/main/webapp/WEB-INF/applicationContext-security.xml
View File

@ -8,12 +8,11 @@
<http pattern="/static/**" security="none" />
<http pattern="/favicon.ico" security="none" />
<http pattern="/_ah/resources**" security="none" />
<http pattern="/loggedout.htm" security="none" />
<http pattern="/disabled.htm" security="none" />
<http use-expressions="true" entry-point-ref="gaeEntryPoint">
<intercept-url pattern="/" access="permitAll" />
<intercept-url pattern="/_ah/login**" access="permitAll" />
<intercept-url pattern="/_ah/admin**" access="permitAll" />
<intercept-url pattern="/logout.htm" access="permitAll" />
<intercept-url pattern="/register.htm*" access="hasRole('NEW_USER')" />
<intercept-url pattern="/**" access="hasRole('USER')" />
@ -43,6 +42,6 @@
<b:property name="userRegistry" ref="userRegistry" />
</b:bean>
<b:bean id="userRegistry" class="samples.gae.users.GaeDataStoreUserRegistry" />
<b:bean id="userRegistry" class="samples.gae.users.GaeDatastoreUserRegistry" />
</b:beans>

2
samples/gae/src/test/java/samples/gae/users/GaeDataStoreUserRegistryTests.java
View File

@ -31,7 +31,7 @@ public class GaeDataStoreUserRegistryTests {
@Test
public void correctDataIsRetrievedAfterInsert() {
GaeDataStoreUserRegistry registry = new GaeDataStoreUserRegistry();
GaeDatastoreUserRegistry registry = new GaeDatastoreUserRegistry();
Set<AppRole> roles = EnumSet.of(AppRole.ADMIN, AppRole.USER);
String userId = "someUserId";