GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Renamed form and openID filters to shorten names

3.0.x
Luke Taylor 16 years ago
parent
949759c31a
commit
07d7c0ddae
16 changed files with 61 additions and 61 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java
  2. 4
      config/src/main/java/org/springframework/security/config/http/DefaultFilterChainValidator.java
  3. 4
      config/src/test/java/org/springframework/security/config/FilterChainProxyConfigTests.java
  4. 22
      config/src/test/java/org/springframework/security/config/http/HttpSecurityBeanDefinitionParserTests.java
  5. 2
      config/src/test/resources/org/springframework/security/util/filtertest-valid.xml
  6. 0
      docs/manual/src/docbook/session-mgmt.xml
  7. 2
      itest/context/src/test/resources/filter-chain-performance-app-context.xml
  8. 8
      openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationFilter.java
  9. 6
      openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationProcessingFilterTests.java
  10. 6
      web/src/main/java/org/springframework/security/web/authentication/AuthenticationProcessingFilter.java
  11. 4
      web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java
  12. 4
      web/src/main/java/org/springframework/security/web/authentication/UsernamePasswordAuthenticationFilter.java
  13. 4
      web/src/main/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlStrategy.java
  14. 12
      web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java
  15. 4
      web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java
  16. 36
      web/src/test/java/org/springframework/security/web/authentication/UsernamePasswordAuthenticationFilterTests.java

4
config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java
Unescape View File

@ -53,11 +53,11 @@ final class AuthenticationConfigBuilder {
private static final String ATT_REALM = "realm"; private static final String ATT_REALM = "realm";
private static final String DEF_REALM = "Spring Security Application"; private static final String DEF_REALM = "Spring Security Application";
static final String OPEN_ID_AUTHENTICATION_PROCESSING_FILTER_CLASS = "org.springframework.security.openid.OpenIDAuthenticationProcessingFilter"; static final String OPEN_ID_AUTHENTICATION_PROCESSING_FILTER_CLASS = "org.springframework.security.openid.OpenIDAuthenticationFilter";
static final String OPEN_ID_AUTHENTICATION_PROVIDER_CLASS = "org.springframework.security.openid.OpenIDAuthenticationProvider"; static final String OPEN_ID_AUTHENTICATION_PROVIDER_CLASS = "org.springframework.security.openid.OpenIDAuthenticationProvider";
static final String OPEN_ID_CONSUMER_CLASS = "org.springframework.security.openid.OpenID4JavaConsumer"; static final String OPEN_ID_CONSUMER_CLASS = "org.springframework.security.openid.OpenID4JavaConsumer";
static final String OPEN_ID_ATTRIBUTE_CLASS = "org.springframework.security.openid.OpenIDAttribute"; static final String OPEN_ID_ATTRIBUTE_CLASS = "org.springframework.security.openid.OpenIDAttribute";
static final String AUTHENTICATION_PROCESSING_FILTER_CLASS = "org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter"; static final String AUTHENTICATION_PROCESSING_FILTER_CLASS = "org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter";
private static final String ATT_AUTO_CONFIG = "auto-config"; private static final String ATT_AUTO_CONFIG = "auto-config";

4
config/src/main/java/org/springframework/security/config/http/DefaultFilterChainValidator.java
Unescape View File

@ -15,7 +15,7 @@ import org.springframework.security.web.access.intercept.DefaultFilterInvocation
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.security.web.authentication.AnonymousProcessingFilter; import org.springframework.security.web.authentication.AnonymousProcessingFilter;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint; import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter; import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.security.web.authentication.www.BasicProcessingFilter; import org.springframework.security.web.authentication.www.BasicProcessingFilter;
import org.springframework.security.web.context.SecurityContextPersistenceFilter; import org.springframework.security.web.context.SecurityContextPersistenceFilter;
@ -51,7 +51,7 @@ public class DefaultFilterChainValidator implements FilterChainProxy.FilterChain
*/ */
private void checkFilterStack(List<Filter> filters) { private void checkFilterStack(List<Filter> filters) {
checkForDuplicates(SecurityContextPersistenceFilter.class, filters); checkForDuplicates(SecurityContextPersistenceFilter.class, filters);
checkForDuplicates(UsernamePasswordAuthenticationProcessingFilter.class, filters); checkForDuplicates(UsernamePasswordAuthenticationFilter.class, filters);
checkForDuplicates(SessionManagementFilter.class, filters); checkForDuplicates(SessionManagementFilter.class, filters);
checkForDuplicates(BasicProcessingFilter.class, filters); checkForDuplicates(BasicProcessingFilter.class, filters);
checkForDuplicates(SecurityContextHolderAwareRequestFilter.class, filters); checkForDuplicates(SecurityContextHolderAwareRequestFilter.class, filters);

4
config/src/test/java/org/springframework/security/config/FilterChainProxyConfigTests.java
Unescape View File

@ -34,7 +34,7 @@ import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.web.FilterChainProxy; import org.springframework.security.web.FilterChainProxy;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.context.SecurityContextPersistenceFilter; import org.springframework.security.web.context.SecurityContextPersistenceFilter;
import org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter; import org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter;
@ -143,7 +143,7 @@ public class FilterChainProxyConfigTests {
filters = filterChainProxy.getFilters("/another/nonspecificmatch"); filters = filterChainProxy.getFilters("/another/nonspecificmatch");
assertEquals(3, filters.size()); assertEquals(3, filters.size());
assertTrue(filters.get(0) instanceof SecurityContextPersistenceFilter); assertTrue(filters.get(0) instanceof SecurityContextPersistenceFilter);
assertTrue(filters.get(1) instanceof UsernamePasswordAuthenticationProcessingFilter); assertTrue(filters.get(1) instanceof UsernamePasswordAuthenticationFilter);
assertTrue(filters.get(2) instanceof SecurityContextHolderAwareRequestFilter); assertTrue(filters.get(2) instanceof SecurityContextHolderAwareRequestFilter);
} }

22
config/src/test/java/org/springframework/security/config/http/HttpSecurityBeanDefinitionParserTests.java
Unescape View File

@ -34,7 +34,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.session.SessionRegistryImpl; import org.springframework.security.core.session.SessionRegistryImpl;
import org.springframework.security.openid.OpenID4JavaConsumer; import org.springframework.security.openid.OpenID4JavaConsumer;
import org.springframework.security.openid.OpenIDAttribute; import org.springframework.security.openid.OpenIDAttribute;
import org.springframework.security.openid.OpenIDAuthenticationProcessingFilter; import org.springframework.security.openid.OpenIDAuthenticationFilter;
import org.springframework.security.openid.OpenIDAuthenticationProvider; import org.springframework.security.openid.OpenIDAuthenticationProvider;
import org.springframework.security.util.FieldUtils; import org.springframework.security.util.FieldUtils;
import org.springframework.security.web.FilterChainProxy; import org.springframework.security.web.FilterChainProxy;
@ -54,7 +54,7 @@ import org.springframework.security.web.authentication.LoginUrlAuthenticationEnt
import org.springframework.security.web.authentication.RememberMeServices; import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.logout.LogoutFilter; import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.LogoutHandler; import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor; import org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor;
@ -100,8 +100,8 @@ public class HttpSecurityBeanDefinitionParserTests {
public void beanClassNamesAreCorrect() throws Exception { public void beanClassNamesAreCorrect() throws Exception {
assertEquals(DefaultWebSecurityExpressionHandler.class.getName(), HttpSecurityBeanDefinitionParser.EXPRESSION_HANDLER_CLASS); assertEquals(DefaultWebSecurityExpressionHandler.class.getName(), HttpSecurityBeanDefinitionParser.EXPRESSION_HANDLER_CLASS);
assertEquals(ExpressionBasedFilterInvocationSecurityMetadataSource.class.getName(), HttpSecurityBeanDefinitionParser.EXPRESSION_FIMDS_CLASS); assertEquals(ExpressionBasedFilterInvocationSecurityMetadataSource.class.getName(), HttpSecurityBeanDefinitionParser.EXPRESSION_FIMDS_CLASS);
assertEquals(UsernamePasswordAuthenticationProcessingFilter.class.getName(), AUTHENTICATION_PROCESSING_FILTER_CLASS); assertEquals(UsernamePasswordAuthenticationFilter.class.getName(), AUTHENTICATION_PROCESSING_FILTER_CLASS);
assertEquals(OpenIDAuthenticationProcessingFilter.class.getName(), OPEN_ID_AUTHENTICATION_PROCESSING_FILTER_CLASS); assertEquals(OpenIDAuthenticationFilter.class.getName(), OPEN_ID_AUTHENTICATION_PROCESSING_FILTER_CLASS);
assertEquals(OpenIDAuthenticationProvider.class.getName(), OPEN_ID_AUTHENTICATION_PROVIDER_CLASS); assertEquals(OpenIDAuthenticationProvider.class.getName(), OPEN_ID_AUTHENTICATION_PROVIDER_CLASS);
} }
@ -130,7 +130,7 @@ public class HttpSecurityBeanDefinitionParserTests {
assertTrue(filters.next() instanceof SecurityContextPersistenceFilter); assertTrue(filters.next() instanceof SecurityContextPersistenceFilter);
assertTrue(filters.next() instanceof LogoutFilter); assertTrue(filters.next() instanceof LogoutFilter);
Object authProcFilter = filters.next(); Object authProcFilter = filters.next();
assertTrue(authProcFilter instanceof UsernamePasswordAuthenticationProcessingFilter); assertTrue(authProcFilter instanceof UsernamePasswordAuthenticationFilter);
assertTrue(filters.next() instanceof DefaultLoginPageGeneratingFilter); assertTrue(filters.next() instanceof DefaultLoginPageGeneratingFilter);
assertTrue(filters.next() instanceof BasicProcessingFilter); assertTrue(filters.next() instanceof BasicProcessingFilter);
assertTrue(filters.next() instanceof RequestCacheAwareFilter); assertTrue(filters.next() instanceof RequestCacheAwareFilter);
@ -215,7 +215,7 @@ public class HttpSecurityBeanDefinitionParserTests {
" <form-login default-target-url='/default' always-use-default-target='true' />" + " <form-login default-target-url='/default' always-use-default-target='true' />" +
"</http>" + AUTH_PROVIDER_XML); "</http>" + AUTH_PROVIDER_XML);
// These will be matched by the default pattern "/**" // These will be matched by the default pattern "/**"
UsernamePasswordAuthenticationProcessingFilter filter = (UsernamePasswordAuthenticationProcessingFilter) getFilters("/anything").get(1); UsernamePasswordAuthenticationFilter filter = (UsernamePasswordAuthenticationFilter) getFilters("/anything").get(1);
assertEquals("/default", FieldUtils.getFieldValue(filter, "successHandler.defaultTargetUrl")); assertEquals("/default", FieldUtils.getFieldValue(filter, "successHandler.defaultTargetUrl"));
assertEquals(Boolean.TRUE, FieldUtils.getFieldValue(filter, "successHandler.alwaysUseDefaultTargetUrl")); assertEquals(Boolean.TRUE, FieldUtils.getFieldValue(filter, "successHandler.alwaysUseDefaultTargetUrl"));
} }
@ -320,8 +320,8 @@ public class HttpSecurityBeanDefinitionParserTests {
assertEquals("ROLE_A",attrs.get(0).getAttribute()); assertEquals("ROLE_A",attrs.get(0).getAttribute());
// Check the form login properties are set // Check the form login properties are set
UsernamePasswordAuthenticationProcessingFilter apf = (UsernamePasswordAuthenticationProcessingFilter) UsernamePasswordAuthenticationFilter apf = (UsernamePasswordAuthenticationFilter)
getFilter(UsernamePasswordAuthenticationProcessingFilter.class); getFilter(UsernamePasswordAuthenticationFilter.class);
assertEquals("/defaultTarget", FieldUtils.getFieldValue(apf, "successHandler.defaultTargetUrl")); assertEquals("/defaultTarget", FieldUtils.getFieldValue(apf, "successHandler.defaultTargetUrl"));
assertEquals("/authFailure", FieldUtils.getFieldValue(apf, "failureHandler.defaultFailureUrl")); assertEquals("/authFailure", FieldUtils.getFieldValue(apf, "failureHandler.defaultFailureUrl"));
@ -690,7 +690,7 @@ public class HttpSecurityBeanDefinitionParserTests {
Object sessionRegistryFromConcurrencyFilter = FieldUtils.getFieldValue( Object sessionRegistryFromConcurrencyFilter = FieldUtils.getFieldValue(
getFilter(ConcurrentSessionFilter.class), "sessionRegistry"); getFilter(ConcurrentSessionFilter.class), "sessionRegistry");
Object sessionRegistryFromFormLoginFilter = FieldUtils.getFieldValue( Object sessionRegistryFromFormLoginFilter = FieldUtils.getFieldValue(
getFilter(UsernamePasswordAuthenticationProcessingFilter.class),"sessionStrategy.sessionRegistry"); getFilter(UsernamePasswordAuthenticationFilter.class),"sessionStrategy.sessionRegistry");
// Object sessionRegistryFromController = FieldUtils.getFieldValue(getConcurrentSessionController(),"sessionRegistry"); // Object sessionRegistryFromController = FieldUtils.getFieldValue(getConcurrentSessionController(),"sessionRegistry");
Object sessionRegistryFromMgmtFilter = FieldUtils.getFieldValue( Object sessionRegistryFromMgmtFilter = FieldUtils.getFieldValue(
getFilter(SessionManagementFilter.class),"sessionStrategy.sessionRegistry"); getFilter(SessionManagementFilter.class),"sessionStrategy.sessionRegistry");
@ -968,7 +968,7 @@ public class HttpSecurityBeanDefinitionParserTests {
"<b:bean id='sh' class='" + SavedRequestAwareAuthenticationSuccessHandler.class.getName() +"'/>" + "<b:bean id='sh' class='" + SavedRequestAwareAuthenticationSuccessHandler.class.getName() +"'/>" +
"<b:bean id='fh' class='" + SimpleUrlAuthenticationFailureHandler.class.getName() + "'/>" + "<b:bean id='fh' class='" + SimpleUrlAuthenticationFailureHandler.class.getName() + "'/>" +
AUTH_PROVIDER_XML); AUTH_PROVIDER_XML);
UsernamePasswordAuthenticationProcessingFilter apf = (UsernamePasswordAuthenticationProcessingFilter) getFilter(UsernamePasswordAuthenticationProcessingFilter.class); UsernamePasswordAuthenticationFilter apf = (UsernamePasswordAuthenticationFilter) getFilter(UsernamePasswordAuthenticationFilter.class);
AuthenticationSuccessHandler sh = (AuthenticationSuccessHandler) appContext.getBean("sh"); AuthenticationSuccessHandler sh = (AuthenticationSuccessHandler) appContext.getBean("sh");
AuthenticationFailureHandler fh = (AuthenticationFailureHandler) appContext.getBean("fh"); AuthenticationFailureHandler fh = (AuthenticationFailureHandler) appContext.getBean("fh");
assertSame(sh, FieldUtils.getFieldValue(apf, "successHandler")); assertSame(sh, FieldUtils.getFieldValue(apf, "successHandler"));
@ -1005,7 +1005,7 @@ public class HttpSecurityBeanDefinitionParserTests {
" </openid-login>" + " </openid-login>" +
"</http>" + "</http>" +
AUTH_PROVIDER_XML); AUTH_PROVIDER_XML);
OpenIDAuthenticationProcessingFilter apf = (OpenIDAuthenticationProcessingFilter) getFilter(OpenIDAuthenticationProcessingFilter.class); OpenIDAuthenticationFilter apf = (OpenIDAuthenticationFilter) getFilter(OpenIDAuthenticationFilter.class);
OpenID4JavaConsumer consumer = (OpenID4JavaConsumer) FieldUtils.getFieldValue(apf, "consumer"); OpenID4JavaConsumer consumer = (OpenID4JavaConsumer) FieldUtils.getFieldValue(apf, "consumer");
List<OpenIDAttribute> attributes = (List<OpenIDAttribute>) FieldUtils.getFieldValue(consumer, "attributesToFetch"); List<OpenIDAttribute> attributes = (List<OpenIDAttribute>) FieldUtils.getFieldValue(consumer, "attributesToFetch");

2
config/src/test/resources/org/springframework/security/util/filtertest-valid.xml
Unescape View File

@ -31,7 +31,7 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
<!-- These are just here so we have filters of a specific type to check the ordering is as expected --> <!-- These are just here so we have filters of a specific type to check the ordering is as expected -->
<bean id="sif" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/> <bean id="sif" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
<bean id="apf" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter"> <bean id="apf" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<property name="authenticationManager"> <property name="authenticationManager">
<bean class="org.springframework.security.MockAuthenticationManager"/> <bean class="org.springframework.security.MockAuthenticationManager"/>
</property> </property>

0
docs/manual/src/docbook/concurrent-sessions.xml → docs/manual/src/docbook/session-mgmt.xml
Unescape View File

2
itest/context/src/test/resources/filter-chain-performance-app-context.xml
Unescape View File

@ -39,7 +39,7 @@
<bean id="scpf" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/> <bean id="scpf" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
<bean id="apf" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter"> <bean id="apf" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager"/> <property name="authenticationManager" ref="authenticationManager"/>
</bean> </bean>

8
openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProcessingFilter.java → openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationFilter.java
Unescape View File

@ -30,7 +30,7 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
@ -63,7 +63,7 @@ import org.springframework.util.StringUtils;
* @since 2.0 * @since 2.0
* @see OpenIDAuthenticationProvider * @see OpenIDAuthenticationProvider
*/ */
public class OpenIDAuthenticationProcessingFilter extends AbstractAuthenticationProcessingFilter { public class OpenIDAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
//~ Static fields/initializers ===================================================================================== //~ Static fields/initializers =====================================================================================
public static final String DEFAULT_CLAIMED_IDENTITY_FIELD = "j_username"; public static final String DEFAULT_CLAIMED_IDENTITY_FIELD = "j_username";
@ -76,7 +76,7 @@ public class OpenIDAuthenticationProcessingFilter extends AbstractAuthentication
//~ Constructors =================================================================================================== //~ Constructors ===================================================================================================
public OpenIDAuthenticationProcessingFilter() { public OpenIDAuthenticationFilter() {
super("/j_spring_openid_security_check"); super("/j_spring_openid_security_check");
} }
@ -158,7 +158,7 @@ public class OpenIDAuthenticationProcessingFilter extends AbstractAuthentication
HttpSession session = request.getSession(false); HttpSession session = request.getSession(false);
if (session != null || getAllowSessionCreation()) { if (session != null || getAllowSessionCreation()) {
request.getSession().setAttribute(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY, username); request.getSession().setAttribute(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY, username);
} }
} }

6
openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationProcessingFilterTests.java
Unescape View File

@ -13,13 +13,13 @@ import org.junit.Test;
import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.MockAuthenticationManager; import org.springframework.security.MockAuthenticationManager;
import org.springframework.security.openid.OpenIDAuthenticationProcessingFilter; import org.springframework.security.openid.OpenIDAuthenticationFilter;
import org.springframework.security.openid.OpenIDConsumerException; import org.springframework.security.openid.OpenIDConsumerException;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
public class OpenIDAuthenticationProcessingFilterTests { public class OpenIDAuthenticationProcessingFilterTests {
OpenIDAuthenticationProcessingFilter filter; OpenIDAuthenticationFilter filter;
private static final String REDIRECT_URL = "http://www.example.com/redirect"; private static final String REDIRECT_URL = "http://www.example.com/redirect";
private static final String CLAIMED_IDENTITY_URL = "http://www.example.com/identity"; private static final String CLAIMED_IDENTITY_URL = "http://www.example.com/identity";
private static final String REQUEST_PATH = "/j_spring_openid_security_check"; private static final String REQUEST_PATH = "/j_spring_openid_security_check";
@ -28,7 +28,7 @@ public class OpenIDAuthenticationProcessingFilterTests {
@Before @Before
public void setUp() throws Exception { public void setUp() throws Exception {
filter = new OpenIDAuthenticationProcessingFilter(); filter = new OpenIDAuthenticationFilter();
filter.setConsumer(new MockOpenIDConsumer(REDIRECT_URL)); filter.setConsumer(new MockOpenIDConsumer(REDIRECT_URL));
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler(); SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
filter.setAuthenticationSuccessHandler(new SavedRequestAwareAuthenticationSuccessHandler()); filter.setAuthenticationSuccessHandler(new SavedRequestAwareAuthenticationSuccessHandler());

6
web/src/main/java/org/springframework/security/web/authentication/AuthenticationProcessingFilter.java
Unescape View File

@ -3,13 +3,13 @@ package org.springframework.security.web.authentication;
/** /**
* Renamed class, retained for backwards compatibility. * Renamed class, retained for backwards compatibility.
* <p> * <p>
* See {@link UsernamePasswordAuthenticationProcessingFilter}. * See {@link UsernamePasswordAuthenticationFilter}.
* *
* @author Luke Taylor * @author Luke Taylor
* @version $Id$ * @version $Id$
* @deprecated Use UsernamePasswordAuthenticationProcessingFilter instead. * @deprecated Use UsernamePasswordAuthenticationFilter instead.
*/ */
public class AuthenticationProcessingFilter extends UsernamePasswordAuthenticationProcessingFilter { public class AuthenticationProcessingFilter extends UsernamePasswordAuthenticationFilter {
} }

4
web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java
Unescape View File

@ -43,7 +43,7 @@ import org.springframework.util.StringUtils;
/** /**
* Used by the {@link ExceptionTranslationFilter} to commence a form login * Used by the {@link ExceptionTranslationFilter} to commence a form login
* authentication via the {@link UsernamePasswordAuthenticationProcessingFilter}. This object * authentication via the {@link UsernamePasswordAuthenticationFilter}. This object
* holds the location of the login form, relative to the web app context path, * holds the location of the login form, relative to the web app context path,
* and is used to commence a redirect to that form. * and is used to commence a redirect to that form.
* <p> * <p>
@ -220,7 +220,7 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin
} }
/** /**
* The URL where the <code>UsernamePasswordAuthenticationProcessingFilter</code> login * The URL where the <code>UsernamePasswordAuthenticationFilter</code> login
* page can be found. Should be relative to the web-app context path, and * page can be found. Should be relative to the web-app context path, and
* include a leading <code>/</code> * include a leading <code>/</code>
*/ */

4
web/src/main/java/org/springframework/security/web/authentication/UsernamePasswordAuthenticationProcessingFilter.java → web/src/main/java/org/springframework/security/web/authentication/UsernamePasswordAuthenticationFilter.java
Unescape View File

@ -46,7 +46,7 @@ import org.springframework.util.Assert;
* @version $Id$ * @version $Id$
* @since 3.0 * @since 3.0
*/ */
public class UsernamePasswordAuthenticationProcessingFilter extends AbstractAuthenticationProcessingFilter { public class UsernamePasswordAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
//~ Static fields/initializers ===================================================================================== //~ Static fields/initializers =====================================================================================
public static final String SPRING_SECURITY_FORM_USERNAME_KEY = "j_username"; public static final String SPRING_SECURITY_FORM_USERNAME_KEY = "j_username";
@ -59,7 +59,7 @@ public class UsernamePasswordAuthenticationProcessingFilter extends AbstractAuth
//~ Constructors =================================================================================================== //~ Constructors ===================================================================================================
public UsernamePasswordAuthenticationProcessingFilter() { public UsernamePasswordAuthenticationFilter() {
super("/j_spring_security_check"); super("/j_spring_security_check");
} }

4
web/src/main/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlStrategy.java
Unescape View File

@ -15,7 +15,7 @@ import org.springframework.security.core.SpringSecurityMessageSource;
import org.springframework.security.core.session.SessionInformation; import org.springframework.security.core.session.SessionInformation;
import org.springframework.security.core.session.SessionRegistry; import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.session.ConcurrentSessionFilter; import org.springframework.security.web.session.ConcurrentSessionFilter;
import org.springframework.security.web.session.SessionManagementFilter; import org.springframework.security.web.session.SessionManagementFilter;
import org.springframework.util.Assert; import org.springframework.util.Assert;
@ -33,7 +33,7 @@ import org.springframework.util.Assert;
* set to <tt>true</tt>, however, the user will be prevented from starting a new authenticated session. * set to <tt>true</tt>, however, the user will be prevented from starting a new authenticated session.
* <p> * <p>
* This strategy can be injected into both the {@link SessionManagementFilter} and instances of * This strategy can be injected into both the {@link SessionManagementFilter} and instances of
* {@link AbstractAuthenticationProcessingFilter} (typically {@link UsernamePasswordAuthenticationProcessingFilter}). * {@link AbstractAuthenticationProcessingFilter} (typically {@link UsernamePasswordAuthenticationFilter}).
* *
* @author Luke Taylor * @author Luke Taylor
* @version $Id$ * @version $Id$

12
web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java
Unescape View File

@ -13,7 +13,7 @@ import javax.servlet.http.HttpSession;
import org.springframework.beans.BeanWrapperImpl; import org.springframework.beans.BeanWrapperImpl;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationProcessingFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices; import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
import org.springframework.web.filter.GenericFilterBean; import org.springframework.web.filter.GenericFilterBean;
@ -41,18 +41,18 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean {
private String openIDrememberMeParameter; private String openIDrememberMeParameter;
public DefaultLoginPageGeneratingFilter(AbstractAuthenticationProcessingFilter filter) { public DefaultLoginPageGeneratingFilter(AbstractAuthenticationProcessingFilter filter) {
if (filter instanceof UsernamePasswordAuthenticationProcessingFilter) { if (filter instanceof UsernamePasswordAuthenticationFilter) {
init((UsernamePasswordAuthenticationProcessingFilter)filter, null); init((UsernamePasswordAuthenticationFilter)filter, null);
} else { } else {
init(null, filter); init(null, filter);
} }
} }
public DefaultLoginPageGeneratingFilter(UsernamePasswordAuthenticationProcessingFilter authFilter, AbstractAuthenticationProcessingFilter openIDFilter) { public DefaultLoginPageGeneratingFilter(UsernamePasswordAuthenticationFilter authFilter, AbstractAuthenticationProcessingFilter openIDFilter) {
init(authFilter, openIDFilter); init(authFilter, openIDFilter);
} }
private void init(UsernamePasswordAuthenticationProcessingFilter authFilter, AbstractAuthenticationProcessingFilter openIDFilter) { private void init(UsernamePasswordAuthenticationFilter authFilter, AbstractAuthenticationProcessingFilter openIDFilter) {
if (authFilter != null) { if (authFilter != null) {
formLoginEnabled = true; formLoginEnabled = true;
authenticationUrl = authFilter.getFilterProcessesUrl(); authenticationUrl = authFilter.getFilterProcessesUrl();
@ -101,7 +101,7 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean {
HttpSession session = request.getSession(false); HttpSession session = request.getSession(false);
if(session != null) { if(session != null) {
lastUser = (String) session.getAttribute(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY); lastUser = (String) session.getAttribute(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY);
AuthenticationException ex = (AuthenticationException) session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY); AuthenticationException ex = (AuthenticationException) session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY);
errorMsg = ex != null ? ex.getMessage() : "none"; errorMsg = ex != null ? ex.getMessage() : "none";
if (lastUser == null) { if (lastUser == null) {

4
web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java
Unescape View File

@ -29,7 +29,7 @@ public class DefaultLoginPageGeneratingFilterTests {
@Test @Test
public void generatingPageWithAuthenticationProcessingFilterOnlyIsSuccessFul() throws Exception { public void generatingPageWithAuthenticationProcessingFilterOnlyIsSuccessFul() throws Exception {
DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new UsernamePasswordAuthenticationProcessingFilter()); DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new UsernamePasswordAuthenticationFilter());
filter.doFilter(new MockHttpServletRequest("GET", "/spring_security_login"), new MockHttpServletResponse(), chain); filter.doFilter(new MockHttpServletRequest("GET", "/spring_security_login"), new MockHttpServletResponse(), chain);
filter.doFilter(new MockHttpServletRequest("GET", "/spring_security_login;pathparam=unused"), new MockHttpServletResponse(), chain); filter.doFilter(new MockHttpServletRequest("GET", "/spring_security_login;pathparam=unused"), new MockHttpServletResponse(), chain);
} }
@ -60,7 +60,7 @@ public class DefaultLoginPageGeneratingFilterTests {
/* SEC-1111 */ /* SEC-1111 */
@Test @Test
public void handlesNonIso8859CharsInErrorMessage() throws Exception { public void handlesNonIso8859CharsInErrorMessage() throws Exception {
DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new UsernamePasswordAuthenticationProcessingFilter()); DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new UsernamePasswordAuthenticationFilter());
MockHttpServletRequest request = new MockHttpServletRequest("GET", "/spring_security_login"); MockHttpServletRequest request = new MockHttpServletRequest("GET", "/spring_security_login");
request.addParameter("login_error", "true"); request.addParameter("login_error", "true");
MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor(); MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();

36
web/src/test/java/org/springframework/security/web/authentication/AuthenticationProcessingFilterTests.java → web/src/test/java/org/springframework/security/web/authentication/UsernamePasswordAuthenticationFilterTests.java
Unescape View File

@ -35,21 +35,21 @@ import org.springframework.security.core.AuthenticationException;
/** /**
* Tests {@link UsernamePasswordAuthenticationProcessingFilter}. * Tests {@link UsernamePasswordAuthenticationFilter}.
* *
* @author Ben Alex * @author Ben Alex
* @version $Id$ * @version $Id$
*/ */
public class AuthenticationProcessingFilterTests extends TestCase { public class UsernamePasswordAuthenticationFilterTests extends TestCase {
//~ Methods ======================================================================================================== //~ Methods ========================================================================================================
@Test @Test
public void testNormalOperation() throws Exception { public void testNormalOperation() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/"); MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod"); request.addParameter(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod");
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala"); request.addParameter(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter(); UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
assertEquals("/j_spring_security_check", filter.getFilterProcessesUrl()); assertEquals("/j_spring_security_check", filter.getFilterProcessesUrl());
filter.setAuthenticationManager(createAuthenticationManager()); filter.setAuthenticationManager(createAuthenticationManager());
// filter.init(null); // filter.init(null);
@ -57,16 +57,16 @@ public class AuthenticationProcessingFilterTests extends TestCase {
Authentication result = filter.attemptAuthentication(request, new MockHttpServletResponse()); Authentication result = filter.attemptAuthentication(request, new MockHttpServletResponse());
assertTrue(result != null); assertTrue(result != null);
assertEquals("rod", request.getSession().getAttribute( assertEquals("rod", request.getSession().getAttribute(
UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY)); UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY));
assertEquals("127.0.0.1", ((WebAuthenticationDetails) result.getDetails()).getRemoteAddress()); assertEquals("127.0.0.1", ((WebAuthenticationDetails) result.getDetails()).getRemoteAddress());
} }
@Test @Test
public void testNullPasswordHandledGracefully() throws Exception { public void testNullPasswordHandledGracefully() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/"); MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod"); request.addParameter(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod");
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter(); UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
filter.setAuthenticationManager(createAuthenticationManager()); filter.setAuthenticationManager(createAuthenticationManager());
assertNotNull(filter.attemptAuthentication(request, new MockHttpServletResponse())); assertNotNull(filter.attemptAuthentication(request, new MockHttpServletResponse()));
} }
@ -74,16 +74,16 @@ public class AuthenticationProcessingFilterTests extends TestCase {
@Test @Test
public void testNullUsernameHandledGracefully() throws Exception { public void testNullUsernameHandledGracefully() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/"); MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala"); request.addParameter(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter(); UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
filter.setAuthenticationManager(createAuthenticationManager()); filter.setAuthenticationManager(createAuthenticationManager());
assertNotNull(filter.attemptAuthentication(request, new MockHttpServletResponse())); assertNotNull(filter.attemptAuthentication(request, new MockHttpServletResponse()));
} }
@Test @Test
public void testUsingDifferentParameterNamesWorksAsExpected() throws ServletException { public void testUsingDifferentParameterNamesWorksAsExpected() throws ServletException {
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter(); UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
filter.setAuthenticationManager(createAuthenticationManager()); filter.setAuthenticationManager(createAuthenticationManager());
filter.setUsernameParameter("x"); filter.setUsernameParameter("x");
filter.setPasswordParameter("y"); filter.setPasswordParameter("y");
@ -100,10 +100,10 @@ public class AuthenticationProcessingFilterTests extends TestCase {
@Test @Test
public void testSpacesAreTrimmedCorrectlyFromUsername() throws Exception { public void testSpacesAreTrimmedCorrectlyFromUsername() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/"); MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, " rod "); request.addParameter(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_USERNAME_KEY, " rod ");
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala"); request.addParameter(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter(); UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
filter.setAuthenticationManager(createAuthenticationManager()); filter.setAuthenticationManager(createAuthenticationManager());
Authentication result = filter.attemptAuthentication(request, new MockHttpServletResponse()); Authentication result = filter.attemptAuthentication(request, new MockHttpServletResponse());
@ -113,8 +113,8 @@ public class AuthenticationProcessingFilterTests extends TestCase {
@Test @Test
public void testFailedAuthenticationThrowsException() { public void testFailedAuthenticationThrowsException() {
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/"); MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod"); request.addParameter(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod");
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter(); UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
AuthenticationManager am = mock(AuthenticationManager.class); AuthenticationManager am = mock(AuthenticationManager.class);
when(am.authenticate(any(Authentication.class))).thenThrow(new BadCredentialsException("")); when(am.authenticate(any(Authentication.class))).thenThrow(new BadCredentialsException(""));
filter.setAuthenticationManager(am); filter.setAuthenticationManager(am);
@ -127,7 +127,7 @@ public class AuthenticationProcessingFilterTests extends TestCase {
// Check username has still been set // Check username has still been set
assertEquals("rod", request.getSession().getAttribute( assertEquals("rod", request.getSession().getAttribute(
UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY)); UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY));
} }
/** /**
@ -137,7 +137,7 @@ public class AuthenticationProcessingFilterTests extends TestCase {
public void noSessionIsCreatedIfAllowSessionCreationIsFalse() throws Exception { public void noSessionIsCreatedIfAllowSessionCreationIsFalse() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletRequest request = new MockHttpServletRequest();
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter(); UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
filter.setAllowSessionCreation(false); filter.setAllowSessionCreation(false);
filter.setAuthenticationManager(createAuthenticationManager()); filter.setAuthenticationManager(createAuthenticationManager());
Write Preview
Loading…
Cancel
Save