Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Extract createSecurityContextRepository() 

Extract out method in preparation for adding SecurityContextHolderFilter
configuration.

Issue gh-9635
This commit is contained in:
Rob Winch 2022-03-11 14:56:19 -06:00
parent e4f1826622
commit dbcb5004b4
1 changed files with 19 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java
View File

@ -202,6 +202,7 @@ class HttpConfigurationBuilder {
this.sessionPolicy = !StringUtils.hasText(createSession) ? SessionCreationPolicy.IF_REQUIRED this.sessionPolicy = !StringUtils.hasText(createSession) ? SessionCreationPolicy.IF_REQUIRED
: createPolicy(createSession); : createPolicy(createSession);
createCsrfFilter(); createCsrfFilter();
createSecurityContextRepository();
createSecurityContextPersistenceFilter(); createSecurityContextPersistenceFilter();
createSessionManagementFilters(); createSessionManagementFilters();
createWebAsyncManagerFilter(); createWebAsyncManagerFilter();
@ -280,17 +281,29 @@ class HttpConfigurationBuilder {
private void createSecurityContextPersistenceFilter() { private void createSecurityContextPersistenceFilter() {
BeanDefinitionBuilder scpf = BeanDefinitionBuilder.rootBeanDefinition(SecurityContextPersistenceFilter.class); BeanDefinitionBuilder scpf = BeanDefinitionBuilder.rootBeanDefinition(SecurityContextPersistenceFilter.class);
String disableUrlRewriting = this.httpElt.getAttribute(ATT_DISABLE_URL_REWRITING);
switch (this.sessionPolicy) {
case ALWAYS:
scpf.addPropertyValue("forceEagerSessionCreation", Boolean.TRUE);
break;
case NEVER:
scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
break;
default:
scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
}
scpf.addConstructorArgValue(this.contextRepoRef);
this.securityContextPersistenceFilter = scpf.getBeanDefinition();
}
private void createSecurityContextRepository() {
String repoRef = this.httpElt.getAttribute(ATT_SECURITY_CONTEXT_REPOSITORY); String repoRef = this.httpElt.getAttribute(ATT_SECURITY_CONTEXT_REPOSITORY);
String disableUrlRewriting = this.httpElt.getAttribute(ATT_DISABLE_URL_REWRITING); String disableUrlRewriting = this.httpElt.getAttribute(ATT_DISABLE_URL_REWRITING);
if (!StringUtils.hasText(disableUrlRewriting)) { if (!StringUtils.hasText(disableUrlRewriting)) {
disableUrlRewriting = "true"; disableUrlRewriting = "true";
} }
if (StringUtils.hasText(repoRef)) { if (!StringUtils.hasText(repoRef)) {
if (this.sessionPolicy == SessionCreationPolicy.ALWAYS) {
scpf.addPropertyValue("forceEagerSessionCreation", Boolean.TRUE);
}
}
else {
BeanDefinitionBuilder contextRepo; BeanDefinitionBuilder contextRepo;
if (this.sessionPolicy == SessionCreationPolicy.STATELESS) { if (this.sessionPolicy == SessionCreationPolicy.STATELESS) {
contextRepo = BeanDefinitionBuilder.rootBeanDefinition(NullSecurityContextRepository.class); contextRepo = BeanDefinitionBuilder.rootBeanDefinition(NullSecurityContextRepository.class);
@ -300,15 +313,12 @@ class HttpConfigurationBuilder {
switch (this.sessionPolicy) { switch (this.sessionPolicy) {
case ALWAYS: case ALWAYS:
contextRepo.addPropertyValue("allowSessionCreation", Boolean.TRUE); contextRepo.addPropertyValue("allowSessionCreation", Boolean.TRUE);
scpf.addPropertyValue("forceEagerSessionCreation", Boolean.TRUE);
break; break;
case NEVER: case NEVER:
contextRepo.addPropertyValue("allowSessionCreation", Boolean.FALSE); contextRepo.addPropertyValue("allowSessionCreation", Boolean.FALSE);
scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
break; break;
default: default:
contextRepo.addPropertyValue("allowSessionCreation", Boolean.TRUE); contextRepo.addPropertyValue("allowSessionCreation", Boolean.TRUE);
scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
} }
if ("true".equals(disableUrlRewriting)) { if ("true".equals(disableUrlRewriting)) {
contextRepo.addPropertyValue("disableUrlRewriting", Boolean.TRUE); contextRepo.addPropertyValue("disableUrlRewriting", Boolean.TRUE);
@ -320,9 +330,6 @@ class HttpConfigurationBuilder {
} }
this.contextRepoRef = new RuntimeBeanReference(repoRef); this.contextRepoRef = new RuntimeBeanReference(repoRef);
scpf.addConstructorArgValue(this.contextRepoRef);
this.securityContextPersistenceFilter = scpf.getBeanDefinition();
} }
private void createSessionManagementFilters() { private void createSessionManagementFilters() {