Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-1493: Added namespace support.

This commit is contained in:
Luke Taylor 2010-06-19 01:40:47 +01:00
parent db913f6857
commit cd946c4e23
6 changed files with 51 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParser.java
View File

@ -35,6 +35,7 @@ import org.w3c.dom.NodeList;
public class AuthenticationManagerBeanDefinitionParser implements BeanDefinitionParser {
private static final String ATT_ALIAS = "alias";
private static final String ATT_REF = "ref";
private static final String ATT_ERASE_CREDENTIALS = "erase-credentials";
public BeanDefinition parse(Element element, ParserContext pc) {
Assert.state(!pc.getRegistry().containsBeanDefinition(BeanIds.AUTHENTICATION_MANAGER),
@ -79,6 +80,11 @@ public class AuthenticationManagerBeanDefinitionParser implements BeanDefinition
}
providerManagerBldr.addPropertyValue("providers", providers);
if ("false".equals(element.getAttribute(ATT_ERASE_CREDENTIALS))) {
providerManagerBldr.addPropertyValue("eraseCredentialsAfterAuthentication", false);
}
// Add the default event publisher
BeanDefinition publisher = new RootBeanDefinition(DefaultAuthenticationEventPublisher.class);
String id = pc.getReaderContext().generateBeanName(publisher);

5
config/src/main/java/org/springframework/security/config/http/HttpSecurityBeanDefinitionParser.java
View File

@ -10,6 +10,7 @@ import org.apache.commons.logging.LogFactory;
import org.springframework.beans.BeanMetadataElement;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.beans.factory.config.BeanReference;
import org.springframework.beans.factory.config.MethodInvokingFactoryBean;
import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.config.ConstructorArgumentValues.ValueHolder;
import org.springframework.beans.factory.parsing.BeanComponentDefinition;
@ -169,6 +170,10 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
BeanDefinitionBuilder authManager = BeanDefinitionBuilder.rootBeanDefinition(ProviderManager.class);
authManager.addPropertyValue("parent", new RootBeanDefinition(AuthenticationManagerFactoryBean.class));
authManager.addPropertyValue("providers", authenticationProviders);
RootBeanDefinition clearCredentials = new RootBeanDefinition(MethodInvokingFactoryBean.class);
clearCredentials.getPropertyValues().addPropertyValue("targetObject", new RootBeanDefinition(AuthenticationManagerFactoryBean.class));
clearCredentials.getPropertyValues().addPropertyValue("targetMethod", "isEraseCredentialsAfterAuthentication");
authManager.addPropertyValue("eraseCredentialsAfterAuthentication", clearCredentials);
if (concurrencyController != null) {
authManager.addPropertyValue("sessionController", concurrencyController);

3
config/src/main/resources/org/springframework/security/config/spring-security-3.1.rnc
View File

@ -572,6 +572,9 @@ authentication-manager =
authman.attlist &=
## The alias you wish to use for the AuthenticationManager bean
attribute alias {xsd:ID}?
authman.attlist &=
## If set to true, the AuthenticationManger will attempt to clear any credentials data in the returned Authentication object, once the user has been authenticated.
attribute erase-credentials {boolean}?
authentication-provider =
## Indicates that the contained user-service should be used as an authentication source.

5
config/src/main/resources/org/springframework/security/config/spring-security-3.1.xsd
View File

@ -1299,6 +1299,11 @@
<xs:documentation>The alias you wish to use for the AuthenticationManager bean</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="erase-credentials" type="security:boolean">
<xs:annotation>
<xs:documentation>If set to true, the AuthenticationManger will attempt to clear any credentials data in the returned Authentication object, once the user has been authenticated.</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:attributeGroup>
<xs:attributeGroup name="ap.attlist">

18
config/src/test/groovy/org/springframework/security/config/http/MiscHttpConfigTests.groovy
View File

@ -453,6 +453,24 @@ class MiscHttpConfigTests extends AbstractHttpConfigTests {
then: "App context creation and login request succeed"
fcp.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
}
def eraseCredentialsDefaultsToTrue() {
xml.http() {
'form-login'()
}
createAppContext()
expect:
getFilter(UsernamePasswordAuthenticationFilter).authenticationManager.eraseCredentialsAfterAuthentication == true
}
def eraseCredentialsIsSetFromParentAuthenticationManager() {
xml.http() {
'form-login'()
}
createAppContext("<authentication-manager erase-credentials='false' />");
expect:
getFilter(UsernamePasswordAuthenticationFilter).authenticationManager.eraseCredentialsAfterAuthentication == false
}
}
class MockEntryPoint extends LoginUrlAuthenticationEntryPoint {

14
config/src/test/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParserTests.java
View File

@ -53,6 +53,20 @@ public class AuthenticationManagerBeanDefinitionParserTests {
assertEquals(1, listener.events.size());
}
@Test
public void credentialsAreClearedByDefault() throws Exception {
setContext(CONTEXT, "3.1");
ProviderManager pm = (ProviderManager) appContext.getBeansOfType(ProviderManager.class).values().toArray()[0];
assertTrue(pm.isEraseCredentialsAfterAuthentication());
}
@Test
public void clearCredentialsPropertyIsRespected() throws Exception {
setContext("<authentication-manager erase-credentials='false'/>", "3.1");
ProviderManager pm = (ProviderManager) appContext.getBeansOfType(ProviderManager.class).values().toArray()[0];
assertFalse(pm.isEraseCredentialsAfterAuthentication());
}
private void setContext(String context, String version) {
appContext = new InMemoryXmlApplicationContext(context, version, null);
}