Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 17:22:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use SecurityContextHolderStrategy in CasAuthenticationFilter

Browse Source 
Closes gh-13265
This commit is contained in:
kandaguru17 2023-06-23 12:47:05 +12:00 committed by Marcus Hert Da Coregio
parent 618847418f
commit c87e8c752b
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java
View File

@ -38,6 +38,7 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextHolderStrategy;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.AuthenticationFailureHandler; import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
@ -195,6 +196,9 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
private SecurityContextRepository securityContextRepository = new HttpSessionSecurityContextRepository(); private SecurityContextRepository securityContextRepository = new HttpSessionSecurityContextRepository();
private SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder
.getContextHolderStrategy();
public CasAuthenticationFilter() { public CasAuthenticationFilter() {
super("/login/cas"); super("/login/cas");
setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler()); setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler());
@ -211,9 +215,10 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
} }
this.logger.debug( this.logger.debug(
LogMessage.format("Authentication success. Updating SecurityContextHolder to contain: %s", authResult)); LogMessage.format("Authentication success. Updating SecurityContextHolder to contain: %s", authResult));
SecurityContext context = SecurityContextHolder.createEmptyContext();
SecurityContext context = this.securityContextHolderStrategy.createEmptyContext();
context.setAuthentication(authResult); context.setAuthentication(authResult);
SecurityContextHolder.setContext(context); this.securityContextHolderStrategy.setContext(context);
this.securityContextRepository.saveContext(context, request, response); this.securityContextRepository.saveContext(context, request, response);
if (this.eventPublisher != null) { if (this.eventPublisher != null) {
this.eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authResult, this.getClass())); this.eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authResult, this.getClass()));