Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-725: PasswordEncoderParser: <security:password-encoder> element does not pick up 'base64' attribute value 

http://jira.springframework.org/browse/SEC-725. Added fix as recommended in issue.
This commit is contained in:
Luke Taylor 2008-03-23 22:38:13 +00:00
parent b54e3978dc
commit fe0e05a6c8
2 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
core/src/main/java/org/springframework/security/config/PasswordEncoderParser.java
View File

@ -55,14 +55,17 @@ public class PasswordEncoderParser {
private BeanMetadataElement passwordEncoder;
private BeanDefinition saltSource;
public PasswordEncoderParser(Element element, ParserContext parserContext) {
parse(element, parserContext);
}
private void parse(Element element, ParserContext parserContext) {
String hash = element.getAttribute(ATT_HASH);
boolean useBase64 = StringUtils.hasText(element.getAttribute(ATT_BASE_64));
boolean useBase64 = false;
if (StringUtils.hasText(element.getAttribute(ATT_BASE_64))) {
useBase64 = Boolean.parseBoolean(element.getAttribute(ATT_BASE_64));
}
String ref = element.getAttribute(ATT_REF);
@ -73,10 +76,10 @@ public class PasswordEncoderParser {
RootBeanDefinition beanDefinition = new RootBeanDefinition(beanClass);
beanDefinition.setSource(parserContext.extractSource(element));
if (useBase64) {
if (beanClass.isAssignableFrom(BaseDigestPasswordEncoder.class)) {
if (BaseDigestPasswordEncoder.class.isAssignableFrom(beanClass)) {
beanDefinition.getPropertyValues().addPropertyValue("encodeHashAsBase64", "true");
} else {
logger.warn(ATT_BASE_64 + " isn't compatible with " + OPT_HASH_LDAP_SHA + " and will be ignored");
logger.warn(ATT_BASE_64 + " isn't compatible with " + hash + " and will be ignored");
}
}
passwordEncoder = beanDefinition;

12
core/src/test/java/org/springframework/security/config/AuthenticationProviderBeanDefinitionParserTests.java
View File

@ -72,19 +72,17 @@ public class AuthenticationProviderBeanDefinitionParserTests {
}
@Test
public void worksWithJdbcUserService() throws Exception {
public void passwordIsBase64EncodedWhenBase64IsEnabled() throws Exception {
setContext(" <authentication-provider>" +
" <password-encoder hash='{sha}'/>" +
" <password-encoder hash='md5' base64='true'/>" +
" <user-service>" +
" <user name='bob' password='{SSHA}PpuEwfdj7M1rs0C2W4ssSM2XEN/Y6S5U' authorities='ROLE_A' />" +
" <user name='bob' password='ErFB811YuLOkbupl5qwXng==' authorities='ROLE_A' />" +
" </user-service>" +
" </authentication-provider>");
getProvider().authenticate(bob);
}
}
@Test
public void externalUserServiceAndPasswordEncoderWork() throws Exception {
setContext(" <authentication-provider user-service-ref='customUserService'>" +