Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-02 11:14:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Patch by Matt Raible which returns null if Authentication is anonymous.

Browse Source
This commit is contained in:
Ben Alex 2005-03-10 12:00:30 +00:00
parent b898b87ffb
commit c5fe428400
2 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
core/src/main/java/org/acegisecurity/wrapper/ContextHolderAwareRequestWrapper.java
View File

@ -16,10 +16,13 @@
package net.sf.acegisecurity.wrapper; package net.sf.acegisecurity.wrapper;
import net.sf.acegisecurity.Authentication; import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.AuthenticationTrustResolver;
import net.sf.acegisecurity.AuthenticationTrustResolverImpl;
import net.sf.acegisecurity.GrantedAuthority; import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.UserDetails; import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.context.ContextHolder; import net.sf.acegisecurity.context.ContextHolder;
import net.sf.acegisecurity.context.security.SecureContext; import net.sf.acegisecurity.context.security.SecureContext;
import net.sf.acegisecurity.context.security.SecureContextUtils;
import java.security.Principal; import java.security.Principal;
@ -39,6 +42,10 @@ import javax.servlet.http.HttpServletRequestWrapper;
* @version $Id$ * @version $Id$
*/ */
public class ContextHolderAwareRequestWrapper extends HttpServletRequestWrapper { public class ContextHolderAwareRequestWrapper extends HttpServletRequestWrapper {
//~ Instance fields ========================================================
private AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl();
//~ Constructors =========================================================== //~ Constructors ===========================================================
public ContextHolderAwareRequestWrapper(HttpServletRequest request) { public ContextHolderAwareRequestWrapper(HttpServletRequest request) {
@ -109,8 +116,12 @@ public class ContextHolderAwareRequestWrapper extends HttpServletRequestWrapper
private Authentication getAuthentication() { private Authentication getAuthentication() {
if ((ContextHolder.getContext() != null) if ((ContextHolder.getContext() != null)
&& ContextHolder.getContext() instanceof SecureContext) { && ContextHolder.getContext() instanceof SecureContext) {
return ((SecureContext) ContextHolder.getContext()) Authentication auth = SecureContextUtils.getSecureContext()
.getAuthentication(); .getAuthentication();
if (!authenticationTrustResolver.isAnonymous(auth)) {
return auth;
}
} }
return null; return null;

1
doc/xdocs/changes.xml
View File

@ -27,6 +27,7 @@
<body> <body>
<release version="0.8.1" date="In CVS"> <release version="0.8.1" date="In CVS">
<action dev="benalex" type="fix">SecurityEnforcementFilter caused NullPointerException when anonymous authentication used with BasicProcessingFilterEntryPoint</action> <action dev="benalex" type="fix">SecurityEnforcementFilter caused NullPointerException when anonymous authentication used with BasicProcessingFilterEntryPoint</action>
<action dev="benalex" type="update">ContextHolderAwareRequestWrapper methods returns null if user is anonymous</action>
</release> </release>
<release version="0.8.0" date="2005-03-03"> <release version="0.8.0" date="2005-03-03">
<action dev="benalex" type="add">Added Digest Authentication support (RFC 2617 and RFC 2069)</action> <action dev="benalex" type="add">Added Digest Authentication support (RFC 2617 and RFC 2069)</action>