diff --git a/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java b/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java index 632a55e223..5d0f6f3104 100644 --- a/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java +++ b/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java @@ -87,9 +87,7 @@ final class AuthenticationConfigBuilder { private BeanReference rememberMeProviderRef; private BeanDefinition basicFilter; private RuntimeBeanReference basicEntryPoint; - private RootBeanDefinition formFilter; private BeanDefinition formEntryPoint; - private RootBeanDefinition openIDFilter; private BeanDefinition openIDEntryPoint; private BeanReference openIDProviderRef; private String formFilterId = null; @@ -162,6 +160,7 @@ final class AuthenticationConfigBuilder { void createFormLoginFilter(BeanReference sessionStrategy, BeanReference authManager) { Element formLoginElt = DomUtils.getChildElementByTagName(httpElt, Elements.FORM_LOGIN); + RootBeanDefinition formFilter = null; if (formLoginElt != null || autoConfig) { FormLoginBeanDefinitionParser parser = new FormLoginBeanDefinitionParser("/j_spring_security_check", @@ -185,6 +184,7 @@ final class AuthenticationConfigBuilder { void createOpenIDLoginFilter(BeanReference sessionStrategy, BeanReference authManager) { Element openIDLoginElt = DomUtils.getChildElementByTagName(httpElt, Elements.OPENID_LOGIN); + RootBeanDefinition openIDFilter = null; if (openIDLoginElt != null) { FormLoginBeanDefinitionParser parser = new FormLoginBeanDefinitionParser("/j_spring_openid_security_check", @@ -432,7 +432,7 @@ final class AuthenticationConfigBuilder { } void createLoginPageFilterIfNeeded() { - boolean needLoginPage = formFilter != null || openIDFilter != null; + boolean needLoginPage = formFilterId != null || openIDFilterId != null; String formLoginPage = getLoginFormUrl(formEntryPoint); String openIDLoginPage = getLoginFormUrl(openIDEntryPoint); @@ -443,11 +443,11 @@ final class AuthenticationConfigBuilder { BeanDefinitionBuilder loginPageFilter = BeanDefinitionBuilder.rootBeanDefinition(DefaultLoginPageGeneratingFilter.class); - if (formFilter != null) { + if (formFilterId != null) { loginPageFilter.addConstructorArgReference(formFilterId); } - if (openIDFilter != null) { + if (openIDFilterId != null) { loginPageFilter.addConstructorArgReference(openIDFilterId); } @@ -589,12 +589,12 @@ final class AuthenticationConfigBuilder { "but not both.", pc.extractSource(openIDLoginElt)); } - if (formFilter != null && openIDLoginPage == null) { + if (formFilterId != null && openIDLoginPage == null) { return formEntryPoint; } // Otherwise use OpenID if enabled - if (openIDFilter != null) { + if (openIDFilterId != null) { return openIDEntryPoint; } @@ -662,12 +662,12 @@ final class AuthenticationConfigBuilder { filters.add(new OrderDecorator(jeeFilter, PRE_AUTH_FILTER)); } - if (formFilter != null) { - filters.add(new OrderDecorator(formFilter, FORM_LOGIN_FILTER)); + if (formFilterId != null) { + filters.add(new OrderDecorator(new RuntimeBeanReference(formFilterId), FORM_LOGIN_FILTER)); } - if (openIDFilter != null) { - filters.add(new OrderDecorator(openIDFilter, OPENID_FILTER)); + if (openIDFilterId != null) { + filters.add(new OrderDecorator(new RuntimeBeanReference(openIDFilterId), OPENID_FILTER)); } if (loginPageGenerationFilter != null) { diff --git a/samples/openid/openid.gradle b/samples/openid/openid.gradle index f45ac60cec..2a3d83af56 100644 --- a/samples/openid/openid.gradle +++ b/samples/openid/openid.gradle @@ -9,14 +9,13 @@ dependencies { providedCompile 'javax.servlet:servlet-api:2.5@jar' - runtime project(':spring-security-web'), - project(':spring-security-config'), + runtime project(':spring-security-config'), project(':spring-security-taglibs'), +// 'xerces:xercesImpl:2.9.1', +// 'net.sourceforge.nekohtml:nekohtml:1.9.7', "javax.servlet:jstl:$jstlVersion", "org.slf4j:jcl-over-slf4j:$slf4jVersion", "ch.qos.logback:logback-classic:$logbackVersion" } -jettyRun { - contextPath = "/openid" -} +[jettyRun, jettyRunWar]*.contextPath = "/openid"