Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-1062: Added authentication-success-handler-ref and authentication-failure-handler-ref to the namespace definition.

This commit is contained in:
Luke Taylor 2008-12-15 00:56:17 +00:00
parent a0bcf7184c
commit fcc68e636e
3 changed files with 1561 additions and 1508 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
core/src/main/resources/org/springframework/security/config/spring-security-2.5.rnc
View File

@ -310,6 +310,13 @@ form-login.attlist &=
form-login.attlist &=
## The URL for the login failure page. If no login failure URL is specified, Spring Security will automatically create a failure login URL at /spring_security_login?login_error and a corresponding filter to render that login failure URL when requested.
attribute authentication-failure-url {xsd:string}?
form-login.attlist &=
## Reference to an AuthenticationSuccessHandler bean which should be used to handle a successful authentication request. Should not be used in combination with default-target-url (or always-use-default-target-url) as the implementation should always deal with navigation to the subsequent destination
attribute authentication-success-handler-ref {xsd:string}?
form-login.attlist &=
## Reference to an AuthenticationFailureHandler bean which should be used to handle a failed authentication request. Should not be used in combination with authentication-failure-url as the implementation should always deal with navigation to the subsequent destination
attribute authentication-failure-handler-ref {xsd:string}?
openid-login =
## Sets up form login for authentication with an Open ID identity

3044
core/src/main/resources/org/springframework/security/config/spring-security-2.5.xsd
View File

File diff suppressed because it is too large Load Diff

18
core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java
View File

@ -35,6 +35,8 @@ import org.springframework.security.providers.TestingAuthenticationToken;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.anonymous.AnonymousProcessingFilter;
import org.springframework.security.securechannel.ChannelProcessingFilter;
import org.springframework.security.ui.AuthenticationFailureHandler;
import org.springframework.security.ui.AuthenticationSuccessHandler;
import org.springframework.security.ui.ExceptionTranslationFilter;
import org.springframework.security.ui.SessionFixationProtectionFilter;
import org.springframework.security.ui.WebAuthenticationDetails;
@ -717,6 +719,22 @@ public class HttpSecurityBeanDefinitionParserTests {
}
}
@Test
public void customSuccessAndFailureHandlersCanBeSetThroughTheNamespace() throws Exception {
setContext(
"<http>" +
" <form-login authentication-success-handler-ref='sh' authentication-failure-handler-ref='fh'/>" +
"</http>" +
"<b:bean id='sh' class='org.springframework.security.ui.SavedRequestAwareAuthenticationSuccessHandler'/>" +
"<b:bean id='fh' class='org.springframework.security.ui.SimpleUrlAuthenticationFailureHandler'/>" +
AUTH_PROVIDER_XML);
AuthenticationProcessingFilter apf = (AuthenticationProcessingFilter) appContext.getBean(BeanIds.FORM_LOGIN_FILTER);
AuthenticationSuccessHandler sh = (AuthenticationSuccessHandler) appContext.getBean("sh");
AuthenticationFailureHandler fh = (AuthenticationFailureHandler) appContext.getBean("fh");
assertSame(sh, FieldUtils.getFieldValue(apf, "successHandler"));
assertSame(fh, FieldUtils.getFieldValue(apf, "failureHandler"));
}
private void setContext(String context) {
appContext = new InMemoryXmlApplicationContext(context);
}