SEC-1202: Removed SpringSecurityFilter and replaced with use of GenericFilterBean from spring-web
This commit is contained in:
Luke Taylor
parent
b807f7cbdd
commit
f536c80020
|
|
@ -48,7 +48,6 @@ public class CasProcessingFilterTests extends TestCase {
|
|||
|
||||
CasProcessingFilter filter = new CasProcessingFilter();
|
||||
filter.setAuthenticationManager(authMgr);
|
||||
filter.init(null);
|
||||
|
||||
Authentication result = filter.attemptAuthentication(request, new MockHttpServletResponse());
|
||||
assertTrue(result != null);
|
||||
|
|
@ -62,7 +61,6 @@ public class CasProcessingFilterTests extends TestCase {
|
|||
|
||||
CasProcessingFilter filter = new CasProcessingFilter();
|
||||
filter.setAuthenticationManager(authMgr);
|
||||
filter.init(null);
|
||||
|
||||
try {
|
||||
filter.attemptAuthentication(request, new MockHttpServletResponse());
|
||||
|
|
|
|||
|
|
@ -58,7 +58,6 @@
|
|||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-web</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.directory.server</groupId>
|
||||
|
|
|
|||
|
|
@ -22,28 +22,28 @@ import org.springframework.security.web.context.SecurityContextPersistenceFilter
|
|||
import org.springframework.security.web.session.SessionManagementFilter;
|
||||
import org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter;
|
||||
|
||||
public class DefaultFilterChainValidator implements FilterChainProxy.FilterChainValidator{
|
||||
public class DefaultFilterChainValidator implements FilterChainProxy.FilterChainValidator {
|
||||
private Log logger = LogFactory.getLog(getClass());
|
||||
|
||||
public void validate(FilterChainProxy fcp) {
|
||||
Map<String, List<Filter>> filterChainMap = fcp.getFilterChainMap();
|
||||
for(String pattern : fcp.getFilterChainMap().keySet()) {
|
||||
List<Filter> filters = filterChainMap.get(pattern);
|
||||
checkFilterStack(filters);
|
||||
}
|
||||
public void validate(FilterChainProxy fcp) {
|
||||
Map<String, List<Filter>> filterChainMap = fcp.getFilterChainMap();
|
||||
for(String pattern : fcp.getFilterChainMap().keySet()) {
|
||||
List<Filter> filters = filterChainMap.get(pattern);
|
||||
checkFilterStack(filters);
|
||||
}
|
||||
|
||||
checkLoginPageIsntProtected(fcp, filterChainMap.get(fcp.getMatcher().getUniversalMatchPattern()));
|
||||
}
|
||||
checkLoginPageIsntProtected(fcp, filterChainMap.get(fcp.getMatcher().getUniversalMatchPattern()));
|
||||
}
|
||||
|
||||
private Object getFilter(Class<?> type, List<Filter> filters) {
|
||||
|
||||
for (Filter f : filters) {
|
||||
if (type.isAssignableFrom(f.getClass())) {
|
||||
return f;
|
||||
}
|
||||
}
|
||||
for (Filter f : filters) {
|
||||
if (type.isAssignableFrom(f.getClass())) {
|
||||
return f;
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -78,7 +78,7 @@ public class DefaultFilterChainValidator implements FilterChainProxy.FilterChain
|
|||
|
||||
/* Checks for the common error of having a login page URL protected by the security interceptor */
|
||||
private void checkLoginPageIsntProtected(FilterChainProxy fcp, List<Filter> defaultFilters) {
|
||||
ExceptionTranslationFilter etf = (ExceptionTranslationFilter)getFilter(ExceptionTranslationFilter.class, defaultFilters);
|
||||
ExceptionTranslationFilter etf = (ExceptionTranslationFilter)getFilter(ExceptionTranslationFilter.class, defaultFilters);
|
||||
|
||||
if (etf.getAuthenticationEntryPoint() instanceof LoginUrlAuthenticationEntryPoint) {
|
||||
String loginPage =
|
||||
|
|
@ -129,7 +129,4 @@ public class DefaultFilterChainValidator implements FilterChainProxy.FilterChain
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,13 +17,13 @@ package org.springframework.security.config;
|
|||
|
||||
import static org.junit.Assert.*;
|
||||
import static org.mockito.Matchers.any;
|
||||
import static org.mockito.Mockito.*;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import javax.servlet.Filter;
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.FilterConfig;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
|
|
@ -136,8 +136,6 @@ public class FilterChainProxyConfigTests {
|
|||
}
|
||||
|
||||
private void doNormalOperation(FilterChainProxy filterChainProxy) throws Exception {
|
||||
filterChainProxy.init(mock(FilterConfig.class));
|
||||
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setServletPath("/foo/secure/super/somefile.html");
|
||||
|
||||
|
|
@ -151,7 +149,5 @@ public class FilterChainProxyConfigTests {
|
|||
chain = mock(FilterChain.class);
|
||||
filterChainProxy.doFilter(request, response, chain);
|
||||
verify(chain).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
|
||||
|
||||
filterChainProxy.destroy();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -22,6 +22,8 @@ import java.util.Properties;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
|
@ -40,7 +42,6 @@ import jcifs.util.Base64;
|
|||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.security.authentication.AnonymousAuthenticationToken;
|
||||
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
|
||||
import org.springframework.security.authentication.AuthenticationDetailsSource;
|
||||
|
|
@ -51,10 +52,10 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
|
|||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter;
|
||||
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
/**
|
||||
* A clean-room implementation for Spring Security of an NTLM HTTP filter
|
||||
|
|
@ -81,7 +82,7 @@ import org.springframework.util.Assert;
|
|||
* @author Edward Smith
|
||||
* @version $Id$
|
||||
*/
|
||||
public class NtlmProcessingFilter extends SpringSecurityFilter implements InitializingBean {
|
||||
public class NtlmProcessingFilter extends GenericFilterBean {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
private static Log logger = LogFactory.getLog(NtlmProcessingFilter.class);
|
||||
|
|
@ -120,7 +121,8 @@ public class NtlmProcessingFilter extends SpringSecurityFilter implements Initia
|
|||
* Ensures an <code>AuthenticationManager</code> and authentication failure
|
||||
* URL have been provided in the bean configuration file.
|
||||
*/
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
Assert.notNull(this.authenticationManager, "An AuthenticationManager is required");
|
||||
|
||||
// Default to 5 minutes if not already specified
|
||||
|
|
@ -304,8 +306,10 @@ public class NtlmProcessingFilter extends SpringSecurityFilter implements Initia
|
|||
this.authenticationDetailsSource = authenticationDetailsSource;
|
||||
}
|
||||
|
||||
protected void doFilterHttp(final HttpServletRequest request,
|
||||
final HttpServletResponse response, final FilterChain chain) throws IOException, ServletException {
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
final HttpSession session = request.getSession();
|
||||
Integer ntlmState = (Integer) session.getAttribute(STATE_ATTR);
|
||||
|
||||
|
|
|
|||
|
|
@ -25,6 +25,7 @@ import javax.servlet.http.HttpServletRequest;
|
|||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.openid4java.consumer.ConsumerException;
|
||||
import org.springframework.security.authentication.AuthenticationServiceException;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
|
|
@ -81,10 +82,15 @@ public class OpenIDAuthenticationProcessingFilter extends AbstractAuthentication
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
super.afterPropertiesSet();
|
||||
if (consumer == null) {
|
||||
consumer = new OpenID4JavaConsumer();
|
||||
try {
|
||||
consumer = new OpenID4JavaConsumer();
|
||||
} catch (ConsumerException e) {
|
||||
throw new IllegalArgumentException("Failed to initialize OpenID", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -33,12 +33,12 @@ import javax.servlet.ServletResponse;
|
|||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.util.AntUrlPathMatcher;
|
||||
import org.springframework.security.web.util.UrlMatcher;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.filter.DelegatingFilterProxy;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -104,7 +104,7 @@ import org.springframework.web.filter.DelegatingFilterProxy;
|
|||
*
|
||||
* @version $Id$
|
||||
*/
|
||||
public class FilterChainProxy implements Filter, InitializingBean {
|
||||
public class FilterChainProxy extends GenericFilterBean {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
private static final Log logger = LogFactory.getLog(FilterChainProxy.class);
|
||||
|
|
@ -123,35 +123,12 @@ public class FilterChainProxy implements Filter, InitializingBean {
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
Assert.notNull(uncompiledFilterChainMap, "filterChainMap must be set");
|
||||
filterChainValidator.validate(this);
|
||||
}
|
||||
|
||||
public void init(FilterConfig filterConfig) throws ServletException {
|
||||
for (Filter filter : obtainAllDefinedFilters()) {
|
||||
if (filter != null) {
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug("Initializing Filter defined in ApplicationContext: '" + filter + "'");
|
||||
}
|
||||
|
||||
filter.init(filterConfig);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public void destroy() {
|
||||
for (Filter filter : obtainAllDefinedFilters()) {
|
||||
if (filter != null) {
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug("Destroying Filter defined in ApplicationContext: '" + filter + "'");
|
||||
}
|
||||
|
||||
filter.destroy();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
|
||||
|
|
@ -324,10 +301,10 @@ public class FilterChainProxy implements Filter, InitializingBean {
|
|||
* @param filterChainValidator
|
||||
*/
|
||||
public void setFilterChainValidator(FilterChainValidator filterChainValidator) {
|
||||
this.filterChainValidator = filterChainValidator;
|
||||
}
|
||||
this.filterChainValidator = filterChainValidator;
|
||||
}
|
||||
|
||||
public String toString() {
|
||||
public String toString() {
|
||||
StringBuffer sb = new StringBuffer();
|
||||
sb.append("FilterChainProxy[");
|
||||
sb.append(" UrlMatcher = ").append(matcher);
|
||||
|
|
@ -382,12 +359,12 @@ public class FilterChainProxy implements Filter, InitializingBean {
|
|||
}
|
||||
|
||||
public interface FilterChainValidator {
|
||||
void validate(FilterChainProxy filterChainProxy);
|
||||
void validate(FilterChainProxy filterChainProxy);
|
||||
}
|
||||
|
||||
private class NullFilterChainValidator implements FilterChainValidator {
|
||||
public void validate(FilterChainProxy filterChainProxy) {
|
||||
}
|
||||
public void validate(FilterChainProxy filterChainProxy) {
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,61 +0,0 @@
|
|||
package org.springframework.security.web;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.core.Ordered;
|
||||
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.FilterConfig;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.Filter;
|
||||
import java.io.IOException;
|
||||
|
||||
/**
|
||||
* Implements Ordered interface as required by security namespace configuration and implements unused filter
|
||||
* lifecycle methods and performs casting of request and response to http versions in doFilter method.
|
||||
*
|
||||
* @author Luke Taylor
|
||||
* @version $Id$
|
||||
*/
|
||||
public abstract class SpringSecurityFilter implements Filter, Ordered {
|
||||
protected final Log logger = LogFactory.getLog(this.getClass());
|
||||
private int order;
|
||||
|
||||
/**
|
||||
* Does nothing. We use IoC container lifecycle services instead.
|
||||
*
|
||||
* @param filterConfig ignored
|
||||
* @throws ServletException ignored
|
||||
*/
|
||||
public final void init(FilterConfig filterConfig) throws ServletException {
|
||||
}
|
||||
|
||||
/**
|
||||
* Does nothing. We use IoC container lifecycle services instead.
|
||||
*/
|
||||
public final void destroy() {
|
||||
}
|
||||
|
||||
public final void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
|
||||
doFilterHttp((HttpServletRequest)request, (HttpServletResponse)response, chain);
|
||||
}
|
||||
|
||||
protected abstract void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException;
|
||||
|
||||
public final int getOrder() {
|
||||
return order;
|
||||
}
|
||||
|
||||
public void setOrder(int order) {
|
||||
this.order = order;
|
||||
}
|
||||
|
||||
public String toString() {
|
||||
return getClass().getName() + "[ order=" + getOrder() + "; ]";
|
||||
}
|
||||
}
|
||||
|
|
@ -19,10 +19,11 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.security.authentication.AuthenticationTrustResolver;
|
||||
import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
|
||||
|
|
@ -30,12 +31,12 @@ import org.springframework.security.authentication.InsufficientAuthenticationExc
|
|||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
|
||||
import org.springframework.security.web.savedrequest.RequestCache;
|
||||
import org.springframework.security.web.util.ThrowableAnalyzer;
|
||||
import org.springframework.security.web.util.ThrowableCauseExtractor;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
/**
|
||||
* Handles any <code>AccessDeniedException</code> and <code>AuthenticationException</code> thrown within the
|
||||
|
|
@ -68,7 +69,7 @@ import org.springframework.util.Assert;
|
|||
* @author colin sampaleanu
|
||||
* @version $Id$
|
||||
*/
|
||||
public class ExceptionTranslationFilter extends SpringSecurityFilter implements InitializingBean {
|
||||
public class ExceptionTranslationFilter extends GenericFilterBean {
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
|
|
@ -82,13 +83,16 @@ public class ExceptionTranslationFilter extends SpringSecurityFilter implements
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
Assert.notNull(authenticationEntryPoint, "authenticationEntryPoint must be specified");
|
||||
// Assert.notNull(portResolver, "portResolver must be specified");
|
||||
}
|
||||
|
||||
public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException,
|
||||
ServletException {
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
|
||||
try {
|
||||
chain.doFilter(request, response);
|
||||
|
|
|
|||
|
|
@ -23,15 +23,16 @@ import java.util.Set;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -45,7 +46,7 @@ import org.springframework.util.Assert;
|
|||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class ChannelProcessingFilter extends SpringSecurityFilter implements InitializingBean {
|
||||
public class ChannelProcessingFilter extends GenericFilterBean {
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
|
|
@ -54,7 +55,8 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
Assert.notNull(securityMetadataSource, "securityMetadataSource must be specified");
|
||||
Assert.notNull(channelDecisionManager, "channelDecisionManager must be specified");
|
||||
|
||||
|
|
@ -86,8 +88,10 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini
|
|||
}
|
||||
}
|
||||
|
||||
public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
|
||||
FilterInvocation fi = new FilterInvocation(request, response, chain);
|
||||
List<ConfigAttribute> attr = this.securityMetadataSource.getAttributes(fi);
|
||||
|
|
|
|||
|
|
@ -19,11 +19,12 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.context.ApplicationEventPublisher;
|
||||
import org.springframework.context.ApplicationEventPublisherAware;
|
||||
import org.springframework.context.MessageSource;
|
||||
|
|
@ -36,11 +37,11 @@ import org.springframework.security.core.Authentication;
|
|||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.SpringSecurityMessageSource;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.session.AuthenticatedSessionStrategy;
|
||||
import org.springframework.security.web.session.NullAuthenticatedSessionStrategy;
|
||||
import org.springframework.security.web.util.UrlUtils;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
/**
|
||||
* Abstract processor of browser-based HTTP-based authentication requests.
|
||||
|
|
@ -102,7 +103,7 @@ import org.springframework.util.Assert;
|
|||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public abstract class AbstractAuthenticationProcessingFilter extends SpringSecurityFilter implements InitializingBean,
|
||||
public abstract class AbstractAuthenticationProcessingFilter extends GenericFilterBean implements
|
||||
ApplicationEventPublisherAware, MessageSourceAware {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
|
|
@ -147,7 +148,8 @@ public abstract class AbstractAuthenticationProcessingFilter extends SpringSecur
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
Assert.hasLength(filterProcessesUrl, "filterProcessesUrl must be specified");
|
||||
Assert.isTrue(UrlUtils.isValidRedirectUrl(filterProcessesUrl), filterProcessesUrl + " isn't a valid redirect URL");
|
||||
Assert.notNull(authenticationManager, "authenticationManager must be specified");
|
||||
|
|
@ -176,9 +178,12 @@ public abstract class AbstractAuthenticationProcessingFilter extends SpringSecur
|
|||
* by this method where the returned <tt>Authentication</tt> object is not null.
|
||||
* </ol>
|
||||
*/
|
||||
public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
|
||||
if (!requiresAuthentication(request, response)) {
|
||||
chain.doFilter(request, response);
|
||||
|
||||
|
|
|
|||
|
|
@ -20,6 +20,8 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
|
|
@ -29,8 +31,8 @@ import org.springframework.security.authentication.AuthenticationDetailsSource;
|
|||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.core.userdetails.memory.UserAttribute;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -40,7 +42,7 @@ import org.springframework.util.Assert;
|
|||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class AnonymousProcessingFilter extends SpringSecurityFilter implements InitializingBean {
|
||||
public class AnonymousProcessingFilter extends GenericFilterBean implements InitializingBean {
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
|
|
@ -51,7 +53,8 @@ public class AnonymousProcessingFilter extends SpringSecurityFilter implements
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
Assert.notNull(userAttribute);
|
||||
Assert.hasLength(key);
|
||||
}
|
||||
|
|
@ -79,7 +82,11 @@ public class AnonymousProcessingFilter extends SpringSecurityFilter implements
|
|||
return auth;
|
||||
}
|
||||
|
||||
protected void doFilterHttp(HttpServletRequest request,HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
|
||||
boolean addedToken = false;
|
||||
|
||||
if (applyAnonymousForThisRequest(request)) {
|
||||
|
|
|
|||
|
|
@ -19,20 +19,21 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.security.authentication.concurrent.SessionInformation;
|
||||
import org.springframework.security.authentication.concurrent.SessionRegistry;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.authentication.logout.LogoutHandler;
|
||||
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
|
||||
import org.springframework.security.web.util.UrlUtils;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -52,7 +53,7 @@ import org.springframework.util.Assert;
|
|||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class ConcurrentSessionFilter extends SpringSecurityFilter implements InitializingBean {
|
||||
public class ConcurrentSessionFilter extends GenericFilterBean {
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
private SessionRegistry sessionRegistry;
|
||||
|
|
@ -61,14 +62,17 @@ public class ConcurrentSessionFilter extends SpringSecurityFilter implements Ini
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
Assert.notNull(sessionRegistry, "SessionRegistry required");
|
||||
Assert.isTrue(expiredUrl == null || UrlUtils.isValidRedirectUrl(expiredUrl),
|
||||
expiredUrl + " isn't a valid redirect URL");
|
||||
}
|
||||
|
||||
public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
|
||||
HttpSession session = request.getSession(false);
|
||||
|
||||
|
|
|
|||
|
|
@ -21,15 +21,17 @@ import java.util.List;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.util.UrlUtils;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
/**
|
||||
* Logs a principal out.
|
||||
|
|
@ -44,7 +46,7 @@ import org.springframework.util.StringUtils;
|
|||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class LogoutFilter extends SpringSecurityFilter {
|
||||
public class LogoutFilter extends GenericFilterBean {
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
|
|
@ -79,8 +81,10 @@ public class LogoutFilter extends SpringSecurityFilter {
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException,
|
||||
ServletException {
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
|
||||
if (requiresLogout(request, response)) {
|
||||
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
|
||||
|
|
|
|||
|
|
@ -4,39 +4,41 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
|
||||
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.context.ApplicationEventPublisher;
|
||||
import org.springframework.context.ApplicationEventPublisherAware;
|
||||
import org.springframework.security.authentication.AuthenticationDetailsSource;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.context.ApplicationEventPublisher;
|
||||
import org.springframework.context.ApplicationEventPublisherAware;
|
||||
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
|
||||
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
/**
|
||||
* Base class for processing filters that handle pre-authenticated authentication requests. Subclasses must implement
|
||||
* the getPreAuthenticatedPrincipal() and getPreAuthenticatedCredentials() methods.
|
||||
* <p>
|
||||
* By default, the filter chain will proceed when an authentication attempt fails in order to allow other
|
||||
* By default, the filter chain will proceed when an authentication attempt fails in order to allow other
|
||||
* authentication mechanisms to process the request. To reject the credentials immediately, set the
|
||||
* <tt>continueFilterChainOnUnsuccessfulAuthentication</tt> flag to false. The exception raised by the
|
||||
* <tt>AuthenticationManager</tt> will the be re-thrown. Note that this will not affect cases where the principal
|
||||
* returned by {@link #getPreAuthenticatedPrincipal} is null, when the chain will still proceed as normal.
|
||||
*
|
||||
*
|
||||
*
|
||||
* @author Luke Taylor
|
||||
* @author Ruud Senden
|
||||
* @since 2.0
|
||||
*/
|
||||
public abstract class AbstractPreAuthenticatedProcessingFilter extends SpringSecurityFilter implements
|
||||
public abstract class AbstractPreAuthenticatedProcessingFilter extends GenericFilterBean implements
|
||||
InitializingBean, ApplicationEventPublisherAware {
|
||||
|
||||
private ApplicationEventPublisher eventPublisher = null;
|
||||
|
|
@ -44,28 +46,31 @@ public abstract class AbstractPreAuthenticatedProcessingFilter extends SpringSec
|
|||
private AuthenticationDetailsSource authenticationDetailsSource = new WebAuthenticationDetailsSource();
|
||||
|
||||
private AuthenticationManager authenticationManager = null;
|
||||
|
||||
|
||||
private boolean continueFilterChainOnUnsuccessfulAuthentication = true;
|
||||
|
||||
/**
|
||||
* Check whether all required properties have been set.
|
||||
*/
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
Assert.notNull(authenticationManager, "An AuthenticationManager must be set");
|
||||
}
|
||||
|
||||
/**
|
||||
* Try to authenticate a pre-authenticated user with Spring Security if the user has not yet been authenticated.
|
||||
*/
|
||||
public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
|
||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug("Checking secure context token: " + SecurityContextHolder.getContext().getAuthentication());
|
||||
}
|
||||
|
||||
if (SecurityContextHolder.getContext().getAuthentication() == null) {
|
||||
doAuthenticate(request, response);
|
||||
doAuthenticate((HttpServletRequest) request, (HttpServletResponse) response);
|
||||
}
|
||||
filterChain.doFilter(request, response);
|
||||
chain.doFilter(request, response);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -82,7 +87,7 @@ public abstract class AbstractPreAuthenticatedProcessingFilter extends SpringSec
|
|||
logger.debug("No pre-authenticated principal found in request");
|
||||
}
|
||||
|
||||
return;
|
||||
return;
|
||||
}
|
||||
|
||||
if (logger.isDebugEnabled()) {
|
||||
|
|
@ -96,7 +101,7 @@ public abstract class AbstractPreAuthenticatedProcessingFilter extends SpringSec
|
|||
successfulAuthentication(request, response, authResult);
|
||||
} catch (AuthenticationException failed) {
|
||||
unsuccessfulAuthentication(request, response, failed);
|
||||
|
||||
|
||||
if (!continueFilterChainOnUnsuccessfulAuthentication) {
|
||||
throw failed;
|
||||
}
|
||||
|
|
@ -155,19 +160,19 @@ public abstract class AbstractPreAuthenticatedProcessingFilter extends SpringSec
|
|||
public void setAuthenticationManager(AuthenticationManager authenticationManager) {
|
||||
this.authenticationManager = authenticationManager;
|
||||
}
|
||||
|
||||
|
||||
public void setContinueFilterChainOnUnsuccessfulAuthentication(boolean shouldContinue) {
|
||||
continueFilterChainOnUnsuccessfulAuthentication = shouldContinue;
|
||||
}
|
||||
|
||||
/**
|
||||
* Override to extract the principal information from the current request
|
||||
* Override to extract the principal information from the current request
|
||||
*/
|
||||
protected abstract Object getPreAuthenticatedPrincipal(HttpServletRequest request);
|
||||
|
||||
/**
|
||||
* Override to extract the credentials (if applicable) from the current request. Some implementations
|
||||
* may return a dummy value.
|
||||
*/
|
||||
*/
|
||||
protected abstract Object getPreAuthenticatedCredentials(HttpServletRequest request);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,10 +19,11 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.context.ApplicationEventPublisher;
|
||||
import org.springframework.context.ApplicationEventPublisherAware;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
|
|
@ -30,9 +31,9 @@ import org.springframework.security.authentication.event.InteractiveAuthenticati
|
|||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.authentication.RememberMeServices;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -52,8 +53,7 @@ import org.springframework.util.Assert;
|
|||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class RememberMeProcessingFilter extends SpringSecurityFilter implements InitializingBean,
|
||||
ApplicationEventPublisherAware {
|
||||
public class RememberMeProcessingFilter extends GenericFilterBean implements ApplicationEventPublisherAware {
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
|
|
@ -63,13 +63,16 @@ public class RememberMeProcessingFilter extends SpringSecurityFilter implements
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
Assert.notNull(authenticationManager, "authenticationManager must be specified");
|
||||
Assert.notNull(rememberMeServices, "rememberMeServices must be specified");
|
||||
}
|
||||
|
||||
public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
|
||||
if (SecurityContextHolder.getContext().getAuthentication() == null) {
|
||||
Authentication rememberMeAuth = rememberMeServices.autoLogin(request, response);
|
||||
|
|
|
|||
|
|
@ -21,11 +21,12 @@ import java.util.List;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.beans.BeansException;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.context.ApplicationEventPublisher;
|
||||
import org.springframework.context.ApplicationEventPublisherAware;
|
||||
import org.springframework.context.MessageSource;
|
||||
|
|
@ -48,7 +49,6 @@ import org.springframework.security.core.userdetails.UserDetails;
|
|||
import org.springframework.security.core.userdetails.UserDetailsChecker;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
|
||||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
|
||||
|
|
@ -57,6 +57,7 @@ import org.springframework.security.web.authentication.WebAuthenticationDetailsS
|
|||
import org.springframework.security.web.util.UrlUtils;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -97,8 +98,8 @@ import org.springframework.util.StringUtils;
|
|||
*
|
||||
* @see org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
|
||||
*/
|
||||
public class SwitchUserProcessingFilter extends SpringSecurityFilter implements InitializingBean,
|
||||
ApplicationEventPublisherAware, MessageSourceAware {
|
||||
public class SwitchUserProcessingFilter extends GenericFilterBean implements ApplicationEventPublisherAware,
|
||||
MessageSourceAware {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
public static final String SPRING_SECURITY_SWITCH_USERNAME_KEY = "j_username";
|
||||
|
|
@ -121,7 +122,8 @@ public class SwitchUserProcessingFilter extends SpringSecurityFilter implements
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
Assert.notNull(userDetailsService, "userDetailsService must be specified");
|
||||
Assert.isTrue(successHandler != null || targetUrl != null, "You must set either a successHandler or the targetUrl");
|
||||
if (targetUrl != null) {
|
||||
|
|
@ -137,8 +139,10 @@ public class SwitchUserProcessingFilter extends SpringSecurityFilter implements
|
|||
}
|
||||
}
|
||||
|
||||
public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
|
||||
// check for switch or exit request
|
||||
if (requiresSwitchUser(request)) {
|
||||
|
|
|
|||
|
|
@ -4,16 +4,18 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.springframework.beans.BeanWrapperImpl;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter;
|
||||
import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
/**
|
||||
* For internal use with namespace configuration in the case where a user doesn't configure a login page.
|
||||
|
|
@ -25,7 +27,7 @@ import org.springframework.security.web.authentication.rememberme.AbstractRememb
|
|||
* @version $Id$
|
||||
* @since 2.0
|
||||
*/
|
||||
public class DefaultLoginPageGeneratingFilter extends SpringSecurityFilter {
|
||||
public class DefaultLoginPageGeneratingFilter extends GenericFilterBean {
|
||||
public static final String DEFAULT_LOGIN_PAGE_URL = "/spring_security_login";
|
||||
public static final String ERROR_PARAMETER_NAME = "login_error";
|
||||
boolean formLoginEnabled;
|
||||
|
|
@ -73,7 +75,11 @@ public class DefaultLoginPageGeneratingFilter extends SpringSecurityFilter {
|
|||
}
|
||||
}
|
||||
|
||||
protected void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
|
||||
if (isLoginUrlRequest(request)) {
|
||||
String loginPageHtml = generateLoginPageHtml(request);
|
||||
response.setContentType("text/html;charset=UTF-8");
|
||||
|
|
|
|||
|
|
@ -19,11 +19,12 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.security.authentication.AnonymousAuthenticationToken;
|
||||
import org.springframework.security.authentication.AuthenticationDetailsSource;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
|
|
@ -32,11 +33,11 @@ import org.springframework.security.core.Authentication;
|
|||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.authentication.NullRememberMeServices;
|
||||
import org.springframework.security.web.authentication.RememberMeServices;
|
||||
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -84,7 +85,7 @@ import org.springframework.util.Assert;
|
|||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class BasicProcessingFilter extends SpringSecurityFilter implements InitializingBean {
|
||||
public class BasicProcessingFilter extends GenericFilterBean {
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
|
|
@ -97,7 +98,8 @@ public class BasicProcessingFilter extends SpringSecurityFilter implements Initi
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
Assert.notNull(this.authenticationManager, "An AuthenticationManager is required");
|
||||
|
||||
if(!isIgnoreFailure()) {
|
||||
|
|
@ -105,8 +107,10 @@ public class BasicProcessingFilter extends SpringSecurityFilter implements Initi
|
|||
}
|
||||
}
|
||||
|
||||
public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
|
||||
String header = request.getHeader("Authorization");
|
||||
|
||||
|
|
|
|||
|
|
@ -18,9 +18,10 @@ package org.springframework.security.web.authentication.www;
|
|||
import java.io.IOException;
|
||||
import java.util.Map;
|
||||
|
||||
import javax.servlet.Filter;
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
|
|
@ -28,7 +29,6 @@ import org.apache.commons.codec.binary.Base64;
|
|||
import org.apache.commons.codec.digest.DigestUtils;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.context.MessageSource;
|
||||
import org.springframework.context.MessageSourceAware;
|
||||
import org.springframework.context.support.MessageSourceAccessor;
|
||||
|
|
@ -44,10 +44,10 @@ import org.springframework.security.core.userdetails.UserDetails;
|
|||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.core.userdetails.cache.NullUserCache;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -76,7 +76,7 @@ import org.springframework.util.StringUtils;
|
|||
* than Basic authentication. Please see RFC 2617 section 4 for a full discussion on the advantages of Digest
|
||||
* authentication over Basic authentication, including commentary on the limitations that it still imposes.
|
||||
*/
|
||||
public class DigestProcessingFilter extends SpringSecurityFilter implements Filter, InitializingBean, MessageSourceAware {
|
||||
public class DigestProcessingFilter extends GenericFilterBean implements MessageSourceAware {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
|
||||
|
|
@ -93,13 +93,17 @@ public class DigestProcessingFilter extends SpringSecurityFilter implements Filt
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
Assert.notNull(userDetailsService, "A UserDetailsService is required");
|
||||
Assert.notNull(authenticationEntryPoint, "A DigestProcessingFilterEntryPoint is required");
|
||||
}
|
||||
|
||||
public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
|
||||
String header = request.getHeader("Authorization");
|
||||
|
||||
if (logger.isDebugEnabled()) {
|
||||
|
|
|
|||
|
|
@ -186,7 +186,7 @@ public class HttpSessionContextIntegrationFilter extends SecurityContextPersiste
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
public void afterPropertiesSet() {
|
||||
if (forceEagerSessionCreation && !allowSessionCreation) {
|
||||
throw new IllegalArgumentException(
|
||||
"If using forceEagerSessionCreation, you must set allowSessionCreation to also be true");
|
||||
|
|
|
|||
|
|
@ -4,13 +4,15 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
/**
|
||||
* Populates the {@link SecurityContextHolder} with information obtained from
|
||||
|
|
@ -37,7 +39,7 @@ import org.springframework.security.web.SpringSecurityFilter;
|
|||
* @version $Id$
|
||||
* @since 3.0
|
||||
*/
|
||||
public class SecurityContextPersistenceFilter extends SpringSecurityFilter {
|
||||
public class SecurityContextPersistenceFilter extends GenericFilterBean {
|
||||
|
||||
static final String FILTER_APPLIED = "__spring_security_scpf_applied";
|
||||
|
||||
|
|
@ -45,9 +47,11 @@ public class SecurityContextPersistenceFilter extends SpringSecurityFilter {
|
|||
|
||||
private boolean forceEagerSessionCreation = false;
|
||||
|
||||
@Override
|
||||
protected void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
|
||||
if (request.getAttribute(FILTER_APPLIED) != null) {
|
||||
// ensure that filter is only applied once per request
|
||||
|
|
|
|||
|
|
@ -4,10 +4,12 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
/**
|
||||
* Responsible for reconstituting the saved request if one is cached and it matches the current request.
|
||||
|
|
@ -21,15 +23,15 @@ import org.springframework.security.web.SpringSecurityFilter;
|
|||
* @version $Id$
|
||||
* @since 3.0
|
||||
*/
|
||||
public class RequestCacheAwareFilter extends SpringSecurityFilter {
|
||||
public class RequestCacheAwareFilter extends GenericFilterBean {
|
||||
|
||||
private RequestCache requestCache = new HttpSessionRequestCache();
|
||||
|
||||
@Override
|
||||
protected void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
|
||||
HttpServletRequest wrappedSavedRequest = requestCache.getMatchingRequest(request, response);
|
||||
HttpServletRequest wrappedSavedRequest =
|
||||
requestCache.getMatchingRequest((HttpServletRequest)request, (HttpServletResponse)response);
|
||||
|
||||
chain.doFilter(wrappedSavedRequest == null ? request : wrappedSavedRequest, response);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,8 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
|
|
@ -11,9 +13,9 @@ import org.springframework.security.authentication.AuthenticationTrustResolver;
|
|||
import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.context.SecurityContextRepository;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
/**
|
||||
* Detects that a user has been authenticated since the start of the request and, if they have, calls the
|
||||
|
|
@ -27,7 +29,7 @@ import org.springframework.util.Assert;
|
|||
* @version $Id$
|
||||
* @since 2.0
|
||||
*/
|
||||
public class SessionManagementFilter extends SpringSecurityFilter {
|
||||
public class SessionManagementFilter extends GenericFilterBean {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
static final String FILTER_APPLIED = "__spring_security_session_fixation_filter_applied";
|
||||
|
|
@ -46,8 +48,10 @@ public class SessionManagementFilter extends SpringSecurityFilter {
|
|||
this.securityContextRepository = securityContextRepository;
|
||||
}
|
||||
|
||||
protected void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
|
||||
if (request.getAttribute(FILTER_APPLIED) != null) {
|
||||
chain.doFilter(request, response);
|
||||
|
|
|
|||
|
|
@ -19,11 +19,12 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.filter.GenericFilterBean;
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -37,7 +38,7 @@ import org.springframework.util.Assert;
|
|||
* @author Luke Taylor
|
||||
* @version $Id$
|
||||
*/
|
||||
public class SecurityContextHolderAwareRequestFilter extends SpringSecurityFilter {
|
||||
public class SecurityContextHolderAwareRequestFilter extends GenericFilterBean {
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
private String rolePrefix;
|
||||
|
|
@ -49,8 +50,8 @@ public class SecurityContextHolderAwareRequestFilter extends SpringSecurityFilte
|
|||
this.rolePrefix = rolePrefix.trim();
|
||||
}
|
||||
|
||||
protected void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
chain.doFilter(new SecurityContextHolderAwareRequestWrapper(request, rolePrefix), response);
|
||||
chain.doFilter(new SecurityContextHolderAwareRequestWrapper((HttpServletRequest) req, rolePrefix), res);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -149,9 +149,7 @@ public class ChannelProcessingFilterTests {
|
|||
filter.setSecurityMetadataSource(fids);
|
||||
assertSame(fids, filter.getSecurityMetadataSource());
|
||||
|
||||
filter.init(null);
|
||||
filter.afterPropertiesSet();
|
||||
filter.destroy();
|
||||
}
|
||||
|
||||
//~ Inner Classes ==================================================================================================
|
||||
|
|
|
|||
|
|
@ -58,11 +58,10 @@ public class AnonymousProcessingFilterTests extends TestCase {
|
|||
//~ Methods ========================================================================================================
|
||||
|
||||
private void executeFilterInContainerSimulator(FilterConfig filterConfig, Filter filter, ServletRequest request,
|
||||
ServletResponse response, FilterChain filterChain)
|
||||
throws ServletException, IOException {
|
||||
filter.init(filterConfig);
|
||||
ServletResponse response, FilterChain filterChain) throws ServletException, IOException {
|
||||
// filter.init(filterConfig);
|
||||
filter.doFilter(request, response, filterChain);
|
||||
filter.destroy();
|
||||
// filter.destroy();
|
||||
}
|
||||
|
||||
protected void setUp() throws Exception {
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ public class AuthenticationProcessingFilterTests extends TestCase {
|
|||
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter();
|
||||
assertEquals("/j_spring_security_check", filter.getFilterProcessesUrl());
|
||||
filter.setAuthenticationManager(createAuthenticationManager());
|
||||
filter.init(null);
|
||||
// filter.init(null);
|
||||
|
||||
Authentication result = filter.attemptAuthentication(request, new MockHttpServletResponse());
|
||||
assertTrue(result != null);
|
||||
|
|
|
|||
|
|
@ -37,7 +37,6 @@ public class RequestHeaderPreAuthenticatedProcessingFilterTests {
|
|||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
MockFilterChain chain = new MockFilterChain();
|
||||
RequestHeaderPreAuthenticatedProcessingFilter filter = new RequestHeaderPreAuthenticatedProcessingFilter();
|
||||
filter.getOrder();
|
||||
|
||||
filter.doFilter(request, response, chain);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -56,11 +56,10 @@ public class RememberMeProcessingFilterTests extends TestCase {
|
|||
//~ Methods ========================================================================================================
|
||||
|
||||
private void executeFilterInContainerSimulator(FilterConfig filterConfig, Filter filter, ServletRequest request,
|
||||
ServletResponse response, FilterChain filterChain)
|
||||
throws ServletException, IOException {
|
||||
filter.init(filterConfig);
|
||||
ServletResponse response, FilterChain filterChain) throws ServletException, IOException {
|
||||
// filter.init(filterConfig);
|
||||
filter.doFilter(request, response, filterChain);
|
||||
filter.destroy();
|
||||
// filter.destroy();
|
||||
}
|
||||
|
||||
protected void setUp() throws Exception {
|
||||
|
|
|
|||
|
|
@ -161,7 +161,7 @@ public class SwitchUserProcessingFilterTests {
|
|||
|
||||
// Check it with no url set (should get a text response)
|
||||
FilterChain chain = mock(FilterChain.class);
|
||||
filter.doFilterHttp(request, response, chain);
|
||||
filter.doFilter(request, response, chain);
|
||||
verify(chain, never()).doFilter(request, response);
|
||||
|
||||
assertEquals("Authentication Failed: User is disabled", response.getErrorMessage());
|
||||
|
|
@ -177,7 +177,7 @@ public class SwitchUserProcessingFilterTests {
|
|||
response = new MockHttpServletResponse();
|
||||
|
||||
chain = mock(FilterChain.class);
|
||||
filter.doFilterHttp(request, response, chain);
|
||||
filter.doFilter(request, response, chain);
|
||||
verify(chain, never()).doFilter(request, response);
|
||||
|
||||
assertEquals("/mywebapp/switchfailed", response.getRedirectedUrl());
|
||||
|
|
|
|||
|
|
@ -24,7 +24,6 @@ import java.io.IOException;
|
|||
|
||||
import javax.servlet.Filter;
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.FilterConfig;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
|
|
@ -63,13 +62,13 @@ public class BasicProcessingFilterTests {
|
|||
|
||||
private MockHttpServletResponse executeFilterInContainerSimulator(Filter filter, final ServletRequest request,
|
||||
final boolean expectChainToProceed) throws ServletException, IOException {
|
||||
filter.init(mock(FilterConfig.class));
|
||||
// filter.init(mock(FilterConfig.class));
|
||||
|
||||
final MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
FilterChain chain = mock(FilterChain.class);
|
||||
filter.doFilter(request, response, chain);
|
||||
filter.destroy();
|
||||
// filter.destroy();
|
||||
|
||||
verify(chain, expectChainToProceed ? times(1) : never()).doFilter(any(ServletRequest.class), any(ServletResponse.class));
|
||||
return response;
|
||||
|
|
|
|||
|
|
@ -87,8 +87,6 @@ public class DigestProcessingFilterTests {
|
|||
|
||||
private MockHttpServletResponse executeFilterInContainerSimulator(Filter filter, final ServletRequest request,
|
||||
final boolean expectChainToProceed) throws ServletException, IOException {
|
||||
filter.init(mock(FilterConfig.class));
|
||||
|
||||
final MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
Mockery jmockContext = new JUnit4Mockery();
|
||||
|
|
@ -99,7 +97,7 @@ public class DigestProcessingFilterTests {
|
|||
}});
|
||||
|
||||
filter.doFilter(request, response, chain);
|
||||
filter.destroy();
|
||||
|
||||
jmockContext.assertIsSatisfied();
|
||||
return response;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -59,9 +59,9 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
|
|||
FilterConfig filterConfig, Filter filter, ServletRequest request,
|
||||
ServletResponse response, FilterChain filterChain)
|
||||
throws ServletException, IOException {
|
||||
filter.init(filterConfig);
|
||||
// filter.init(filterConfig);
|
||||
filter.doFilter(request, response, filterChain);
|
||||
filter.destroy();
|
||||
// filter.destroy();
|
||||
}
|
||||
|
||||
public void testDetectsIncompatibleSessionProperties() throws Exception {
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ public class SecurityContextHolderAwareRequestFilterTests {
|
|||
public void expectedRequestWrapperClassIsUsed() throws Exception {
|
||||
SecurityContextHolderAwareRequestFilter filter = new SecurityContextHolderAwareRequestFilter();
|
||||
filter.setRolePrefix("ROLE_");
|
||||
filter.init(jmock.mock(FilterConfig.class));
|
||||
// filter.init(jmock.mock(FilterConfig.class));
|
||||
final FilterChain filterChain = jmock.mock(FilterChain.class);
|
||||
|
||||
jmock.checking(new Expectations() {{
|
||||
|
|
|
|||
|
|
@ -3,18 +3,18 @@ Bundle-Name: Spring Security Web
|
|||
Bundle-Vendor: SpringSource
|
||||
Bundle-Version: ${version}
|
||||
Bundle-ManifestVersion: 2
|
||||
Excluded-Exports:
|
||||
Excluded-Exports:
|
||||
org.springframework.security.web.authentication.preauth.websphere
|
||||
Excluded-Imports:
|
||||
Excluded-Imports:
|
||||
javax.naming.*,
|
||||
javax.rmi.*,
|
||||
javax.sql.*,
|
||||
javax.security.auth.*,
|
||||
org.aopalliance.*
|
||||
Ignored-Existing-Headers:
|
||||
Ignored-Existing-Headers:
|
||||
Import-Package,
|
||||
Export-Package
|
||||
Import-Template:
|
||||
Import-Template:
|
||||
org.apache.commons.logging.*;version="[1.0.4, 2.0.0)",
|
||||
org.apache.commons.codec.*;version="[1.3, 2.0)";resolution:=optional,
|
||||
org.springframework.security.core.*;version="[${version}, 3.1.0)",
|
||||
|
|
@ -31,8 +31,9 @@ Import-Template:
|
|||
org.springframework.jdbc.*;version="[3.0.0, 3.1.0)";resolution:=optional,
|
||||
org.springframework.mock.web;version="[3.0.0, 3.1.0)";resolution:=optional,
|
||||
org.springframework.web.context.*;version="[3.0.0, 3.1.0)";resolution:=optional,
|
||||
org.springframework.web.filter.*;version="[3.0.0, 3.1.0)",
|
||||
org.springframework.util;version="[3.0.0, 3.1.0)";resolution:=optional,
|
||||
org.w3c.dom;version="0";resolution:=optional,
|
||||
org.xml.sax;version="0";resolution:=optional,
|
||||
javax.servlet.*;version="0",
|
||||
javax.xml.parsers.*;version="0";resolution:=optional
|
||||
javax.xml.parsers.*;version="0";resolution:=optional
|
||||
|
|
|
|||
Loading…
Reference in New Issue