Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

WebFilterChainProxy not matched continues WebFilterChain 

Fixes gh-4668
This commit is contained in:
Rob Winch 2017-10-24 16:22:07 -05:00
parent 38a8189a62
commit fcc1152f78
2 changed files with 61 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
web/src/main/java/org/springframework/security/web/server/WebFilterChainProxy.java
View File

@ -44,6 +44,7 @@ public class WebFilterChainProxy implements WebFilter {
return filters
.filterWhen( securityWebFilterChain -> securityWebFilterChain.matches(exchange))
.next()
.switchIfEmpty(chain.filter(exchange).then(Mono.empty()))
.flatMap( securityWebFilterChain -> securityWebFilterChain.getWebFilters()
.collectList()
)

60
web/src/test/java/org/springframework/security/web/server/WebFilterChainProxyTests.java Normal file
View File

@ -0,0 +1,60 @@
/*
* Copyright 2002-2017 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.web.server;
import org.junit.Test;
import org.springframework.http.HttpStatus;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult;
import org.springframework.test.web.reactive.server.WebTestClient;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import reactor.core.publisher.Mono;
import java.util.Arrays;
import java.util.List;
/**
* @author Rob Winch
* @since 5.0
*/
public class WebFilterChainProxyTests {
// gh-4668
@Test
public void filterWhenNoMatchThenContinuesChainAnd404() {
List<WebFilter> filters = Arrays.asList(new Http200WebFilter());
ServerWebExchangeMatcher notMatch = exchange -> MatchResult.notMatch();
MatcherSecurityWebFilterChain chain = new MatcherSecurityWebFilterChain(notMatch, filters);
WebFilterChainProxy filter = WebFilterChainProxy.fromSecurityWebFilterChains(chain);
WebTestClient.bindToController(new Object()).webFilter(filter).build()
.get()
.exchange()
.expectStatus().isNotFound();
}
static class Http200WebFilter implements WebFilter {
@Override
public Mono<Void> filter(ServerWebExchange exchange,
WebFilterChain chain) {
return Mono.fromRunnable(() -> exchange.getResponse().setStatusCode(HttpStatus.FORBIDDEN));
}
}
}