From af0c5f9e7fe9457df68f386592599c499acb7039 Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Fri, 26 Jun 2009 12:47:36 +0000 Subject: [PATCH] SEC-1186: Removed 'order' from ntlm and cas filters --- .../security/cas/web/CasProcessingFilter.java | 13 +---- .../ui/ntlm/NtlmProcessingFilter.java | 56 +++++++++---------- 2 files changed, 29 insertions(+), 40 deletions(-) diff --git a/cas/src/main/java/org/springframework/security/cas/web/CasProcessingFilter.java b/cas/src/main/java/org/springframework/security/cas/web/CasProcessingFilter.java index 7566da0ea0..732bdd88da 100644 --- a/cas/src/main/java/org/springframework/security/cas/web/CasProcessingFilter.java +++ b/cas/src/main/java/org/springframework/security/cas/web/CasProcessingFilter.java @@ -17,21 +17,18 @@ package org.springframework.security.cas.web; import java.io.IOException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + import org.jasig.cas.client.proxy.ProxyGrantingTicketStorage; import org.jasig.cas.client.util.CommonUtils; import org.jasig.cas.client.validation.TicketValidator; - import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.cas.ServiceProperties; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; - -import org.springframework.security.web.FilterChainOrder; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - /** * Processes a CAS service ticket. @@ -132,8 +129,4 @@ public class CasProcessingFilter extends AbstractAuthenticationProcessingFilter final ProxyGrantingTicketStorage proxyGrantingTicketStorage) { this.proxyGrantingTicketStorage = proxyGrantingTicketStorage; } - - public int getOrder() { - return FilterChainOrder.CAS_PROCESSING_FILTER; - } } diff --git a/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java b/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java index 6c38b8903a..79cfc5e5e6 100755 --- a/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java +++ b/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java @@ -15,22 +15,16 @@ package org.springframework.security.ui.ntlm; -import org.springframework.security.authentication.AnonymousAuthenticationToken; -import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException; -import org.springframework.security.authentication.AuthenticationDetailsSource; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.authentication.InsufficientAuthenticationException; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.web.FilterChainOrder; -import org.springframework.security.web.SpringSecurityFilter; -import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter; -import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; -import org.springframework.beans.factory.InitializingBean; -import org.springframework.util.Assert; +import java.io.IOException; +import java.net.UnknownHostException; +import java.util.Enumeration; +import java.util.Properties; + +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; import jcifs.Config; import jcifs.UniAddress; @@ -43,18 +37,24 @@ import jcifs.smb.SmbAuthException; import jcifs.smb.SmbException; import jcifs.smb.SmbSession; import jcifs.util.Base64; + import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; - -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import java.io.IOException; -import java.net.UnknownHostException; -import java.util.Enumeration; -import java.util.Properties; +import org.springframework.beans.factory.InitializingBean; +import org.springframework.security.authentication.AnonymousAuthenticationToken; +import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException; +import org.springframework.security.authentication.AuthenticationDetailsSource; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.InsufficientAuthenticationException; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.web.SpringSecurityFilter; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter; +import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; +import org.springframework.util.Assert; /** * A clean-room implementation for Spring Security of an NTLM HTTP filter @@ -513,8 +513,4 @@ public class NtlmProcessingFilter extends SpringSecurityFilter implements Initia return SmbSession.getChallenge(dcAddress); } - - public int getOrder() { - return FilterChainOrder.NTLM_FILTER; - } }