Allow custom SecureContext implementations to be selected by user.
This commit is contained in:
Ben Alex
parent
515b2161c9
commit
fe91639b15
|
|
@ -2,6 +2,7 @@ Changes in version 0.6 (2004-xx-xx)
|
|||
-----------------------------------
|
||||
|
||||
* Added feature so DaoAuthenticationProvider returns User in Authentication
|
||||
* Added AbstractIntegrationFilter.secureContext property for custom contexts
|
||||
* Refactored User to UserDetails interface
|
||||
* Fixed Linux compatibility issues (directory case sensitivity etc)
|
||||
* Fixed AbstractProcessingFilter to handle servlet spec container differences
|
||||
|
|
|
|||
|
|
@ -24,6 +24,8 @@ import net.sf.acegisecurity.context.SecureContextImpl;
|
|||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.Filter;
|
||||
|
|
@ -59,17 +61,44 @@ import javax.servlet.ServletResponse;
|
|||
* be obtained from the well-known location. It will simply continue the
|
||||
* filter chain as normal.
|
||||
* </p>
|
||||
*
|
||||
* <p>
|
||||
* If the <code>ContextHolder</code> does not contain a valid {@link
|
||||
* SecureContext}, one will be created. The created object will be of the
|
||||
* instance defined by the {@link #setSecureContext(Class)} method.
|
||||
* </p>
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public abstract class AbstractIntegrationFilter implements Filter {
|
||||
public abstract class AbstractIntegrationFilter implements InitializingBean,
|
||||
Filter {
|
||||
//~ Static fields/initializers =============================================
|
||||
|
||||
protected static final Log logger = LogFactory.getLog(AbstractIntegrationFilter.class);
|
||||
|
||||
//~ Instance fields ========================================================
|
||||
|
||||
private Class secureContext = SecureContextImpl.class;
|
||||
|
||||
//~ Methods ================================================================
|
||||
|
||||
public void setSecureContext(Class secureContext) {
|
||||
this.secureContext = secureContext;
|
||||
}
|
||||
|
||||
public Class getSecureContext() {
|
||||
return secureContext;
|
||||
}
|
||||
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
if ((this.secureContext == null)
|
||||
|| (!this.secureContext.isAssignableFrom(SecureContext.class))) {
|
||||
throw new IllegalArgumentException(
|
||||
"secureContext must be defined and implement SecureContext");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Writes a new <code>Authentication</code> object to the container's
|
||||
* well-known location, if supported the subclass.
|
||||
|
|
@ -97,18 +126,24 @@ public abstract class AbstractIntegrationFilter implements Filter {
|
|||
Authentication auth = (Authentication) extracted;
|
||||
|
||||
// Get or create existing SecureContext
|
||||
SecureContext secureContext = null;
|
||||
SecureContext sc = null;
|
||||
|
||||
if ((ContextHolder.getContext() == null)
|
||||
|| !(ContextHolder.getContext() instanceof SecureContext)) {
|
||||
secureContext = new SecureContextImpl();
|
||||
try {
|
||||
sc = (SecureContext) this.secureContext.newInstance();
|
||||
} catch (InstantiationException ie) {
|
||||
throw new ServletException(ie);
|
||||
} catch (IllegalAccessException iae) {
|
||||
throw new ServletException(iae);
|
||||
}
|
||||
} else {
|
||||
secureContext = (SecureContext) ContextHolder.getContext();
|
||||
sc = (SecureContext) ContextHolder.getContext();
|
||||
}
|
||||
|
||||
// Add Authentication to SecureContext, and save
|
||||
secureContext.setAuthentication(auth);
|
||||
ContextHolder.setContext((Context) secureContext);
|
||||
sc.setAuthentication(auth);
|
||||
ContextHolder.setContext((Context) sc);
|
||||
} else {
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug(
|
||||
|
|
|
|||
Loading…
Reference in New Issue