Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-29 15:22:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Gracefully handle null ContextHolder / Authentication etc.

Browse Source
This commit is contained in:
Ben Alex 2004-12-03 06:42:26 +00:00
parent 7a4a46cc7b
commit e75fc613b1
2 changed files with 33 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
core/src/main/java/org/acegisecurity/ui/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutor.java
View File

@ -74,30 +74,39 @@ public class AuthenticationSimpleHttpInvokerRequestExecutor
throws IOException, AuthenticationCredentialsNotFoundException { throws IOException, AuthenticationCredentialsNotFoundException {
super.prepareConnection(con, contentLength); super.prepareConnection(con, contentLength);
if ((ContextHolder.getContext() == null) if ((ContextHolder.getContext() != null)
|| !(ContextHolder.getContext() instanceof SecureContext)) { && (ContextHolder.getContext() instanceof SecureContext)) {
throw new AuthenticationCredentialsNotFoundException(
"ContextHolder is null or does not contain a SecureContext");
}
Authentication auth = ((SecureContext) ContextHolder.getContext()) Authentication auth = ((SecureContext) ContextHolder.getContext())
.getAuthentication(); .getAuthentication();
if ((auth == null) || (auth.getPrincipal() == null) if ((auth != null) && (auth.getPrincipal() != null)
|| (auth.getCredentials() == null)) { && (auth.getCredentials() != null)) {
throw new AuthenticationCredentialsNotFoundException(
"The Authentication contained in the ContextHolder is null or the principal and/or credentials properties are null");
}
String base64 = auth.getPrincipal().toString() + ":" String base64 = auth.getPrincipal().toString() + ":"
+ auth.getCredentials().toString(); + auth.getCredentials().toString();
con.setRequestProperty("Authorization", con.setRequestProperty("Authorization",
"Basic " + new String(Base64.encodeBase64(base64.getBytes()))); "Basic "
+ new String(Base64.encodeBase64(base64.getBytes())));
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug( logger.debug(
"HttpInvocation now presenting via BASIC authentication ContextHolder-derived: " "HttpInvocation now presenting via BASIC authentication ContextHolder-derived: "
+ auth.toString()); + auth.toString());
} }
} else {
if (logger.isDebugEnabled()) {
logger.debug(
"Unable to set BASIC authentication header as ContextHolder: "
+ ContextHolder.getContext()
+ "; did not provide valid Authentication: " + auth);
}
}
} else {
if (logger.isDebugEnabled()) {
logger.debug(
"Unable to set BASIC authentication header as ContextHolder: "
+ ContextHolder.getContext()
+ "; does not provide a SecureContext");
}
}
} }
} }

5
core/src/main/java/org/acegisecurity/ui/rmi/ContextPropagatingRemoteInvocation.java
View File

@ -70,8 +70,7 @@ public class ContextPropagatingRemoteInvocation extends RemoteInvocation {
context = ContextHolder.getContext(); context = ContextHolder.getContext();
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("RemoteInvocation now has context of: " logger.debug("RemoteInvocation now has context of: " + context);
+ context.toString());
} }
} }
@ -95,7 +94,7 @@ public class ContextPropagatingRemoteInvocation extends RemoteInvocation {
ContextHolder.setContext(context); ContextHolder.setContext(context);
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("Set ContextHolder to contain: " + context.toString()); logger.debug("Set ContextHolder to contain: " + context);
} }
Object result = super.invoke(targetObject); Object result = super.invoke(targetObject);