Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-27 06:12:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Now sets WebAuthenticationDetails on authentication request token.

Browse Source
This commit is contained in:
Luke Taylor 2005-03-12 20:46:58 +00:00
parent acee1ef696
commit c3c5487b93
1 changed files with 7 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
core/src/main/java/org/acegisecurity/ui/x509/X509ProcessingFilter.java
View File

@ -93,15 +93,15 @@ public class X509ProcessingFilter implements Filter, InitializingBean {
logger.debug("Checking secure context token: " + ctx.getAuthentication()); logger.debug("Checking secure context token: " + ctx.getAuthentication());
if(ctx.getAuthentication() == null) { if (ctx.getAuthentication() == null) {
Authentication authResult = null; Authentication authResult = null;
X509Certificate clientCertificate = extractClientCertificate(httpRequest); X509Certificate clientCertificate = extractClientCertificate(httpRequest);
try { try {
X509AuthenticationToken authRequest = new X509AuthenticationToken(clientCertificate); X509AuthenticationToken authRequest = new X509AuthenticationToken(clientCertificate);
// authRequest.setDetails(new WebAuthenticationDetails(request));
authRequest.setDetails(new WebAuthenticationDetails(httpRequest));
authResult = authenticationManager.authenticate(authRequest); authResult = authenticationManager.authenticate(authRequest);
successfulAuthentication(httpRequest, httpResponse, authResult); successfulAuthentication(httpRequest, httpResponse, authResult);
} catch (AuthenticationException failed) { } catch (AuthenticationException failed) {
@ -114,12 +114,13 @@ public class X509ProcessingFilter implements Filter, InitializingBean {
private X509Certificate extractClientCertificate(HttpServletRequest request) { private X509Certificate extractClientCertificate(HttpServletRequest request) {
X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate"); X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
if(certs != null && certs.length > 0) { if (certs != null && certs.length > 0) {
return certs[0]; return certs[0];
} }
if(logger.isDebugEnabled()) if (logger.isDebugEnabled()) {
logger.debug("No client certificate found in request, authentication will fail."); logger.debug("No client certificate found in request.");
}
return null; return null;
} }
@ -128,8 +129,7 @@ public class X509ProcessingFilter implements Filter, InitializingBean {
* Puts the <code>Authentication</code> instance returned by the authentication manager into * Puts the <code>Authentication</code> instance returned by the authentication manager into
* the secure context. * the secure context.
*/ */
protected void successfulAuthentication(HttpServletRequest request, protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, Authentication authResult)
HttpServletResponse response, Authentication authResult)
throws IOException { throws IOException {
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
@ -156,11 +156,8 @@ public class X509ProcessingFilter implements Filter, InitializingBean {
request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY, failed); request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY, failed);
} }
public void init(FilterConfig filterConfig) throws ServletException { } public void init(FilterConfig filterConfig) throws ServletException { }
public void destroy() { } public void destroy() { }
} }