diff --git a/core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java b/core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java
index 9381002144..34c265d88e 100644
--- a/core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java
+++ b/core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java
@@ -106,7 +106,7 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi
static final String FILTER_APPLIED = "__acegi_session_integration_filter_applied";
- public static final String ACEGI_SECURITY_CONTEXT_KEY = "ACEGI_SECURITY_CONTEXT";
+ public static final String SPRING_SECURITY_CONTEXT_KEY = "SPRING_SECURITY_CONTEXT";
//~ Instance fields ================================================================================================
@@ -224,7 +224,7 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi
}
} else {
if (logger.isDebugEnabled()) {
- logger.debug("Obtained a valid SecurityContext from ACEGI_SECURITY_CONTEXT to "
+ logger.debug("Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT to "
+ "associate with SecurityContextHolder: '" + contextBeforeChainExecution + "'");
}
}
@@ -293,11 +293,11 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi
// Session exists, so try to obtain a context from it.
- Object contextFromSessionObject = httpSession.getAttribute(ACEGI_SECURITY_CONTEXT_KEY);
+ Object contextFromSessionObject = httpSession.getAttribute(SPRING_SECURITY_CONTEXT_KEY);
if (contextFromSessionObject == null) {
if (logger.isDebugEnabled()) {
- logger.debug("HttpSession returned null object for ACEGI_SECURITY_CONTEXT");
+ logger.debug("HttpSession returned null object for SPRING_SECURITY_CONTEXT");
}
return null;
@@ -323,7 +323,7 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi
if (!(contextFromSessionObject instanceof SecurityContext)) {
if (logger.isWarnEnabled()) {
- logger.warn("ACEGI_SECURITY_CONTEXT did not contain a SecurityContext but contained: '"
+ logger.warn("SPRING_SECURITY_CONTEXT did not contain a SecurityContext but contained: '"
+ contextFromSessionObject
+ "'; are you improperly modifying the HttpSession directly "
+ "(you should always use SecurityContextHolder) or using the HttpSession attribute "
@@ -405,7 +405,7 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi
// If HttpSession exists, store current SecurityContextHolder contents but only if
// the SecurityContext has actually changed (see JIRA SEC-37)
if (httpSession != null && securityContext.hashCode() != contextHashBeforeChainExecution) {
- httpSession.setAttribute(ACEGI_SECURITY_CONTEXT_KEY, securityContext);
+ httpSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY, securityContext);
if (logger.isDebugEnabled()) {
logger.debug("SecurityContext stored to HttpSession: '" + securityContext + "'");
diff --git a/core/src/main/java/org/springframework/security/providers/jaas/JaasAuthenticationProvider.java b/core/src/main/java/org/springframework/security/providers/jaas/JaasAuthenticationProvider.java
index 3ba03c4b6f..dc0fce330e 100644
--- a/core/src/main/java/org/springframework/security/providers/jaas/JaasAuthenticationProvider.java
+++ b/core/src/main/java/org/springframework/security/providers/jaas/JaasAuthenticationProvider.java
@@ -321,7 +321,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
*/
protected void handleLogout(HttpSessionDestroyedEvent event) {
SecurityContext context = (SecurityContext)
- event.getSession().getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
+ event.getSession().getAttribute(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
if (context == null) {
log.debug("The destroyed session has no SecurityContext");
diff --git a/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java
index 1a1a2c5cb3..8a043bea26 100644
--- a/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java
+++ b/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java
@@ -71,7 +71,7 @@ import javax.servlet.http.HttpSession;
*
* If authentication fails, the AuthenticationException will be
* placed into the HttpSession with the attribute defined by
- * {@link #ACEGI_SECURITY_LAST_EXCEPTION_KEY}.
+ * {@link #SPRING_SECURITY_LAST_EXCEPTION_KEY}.
*
*
* To use this filter, it is necessary to specify the following properties:
@@ -79,7 +79,7 @@ import javax.servlet.http.HttpSession;
*
* defaultTargetUrl indicates the URL that should be used
* for redirection if the HttpSession attribute named
- * {@link #ACEGI_SAVED_REQUEST_KEY} does not indicate the target URL once
+ * {@link #SPRING_SECURITY_SAVED_REQUEST_KEY} does not indicate the target URL once
* authentication is completed successfully. eg: /. The
* defaultTargetUrl will be treated as relative to the web-app's
* context path, and should include the leading /.
@@ -93,7 +93,7 @@ import javax.servlet.http.HttpSession;
* alwaysUseDefaultTargetUrl causes successful
* authentication to always redirect to the defaultTargetUrl,
* even if the HttpSession attribute named {@link
- * #ACEGI_SAVED_REQUEST_KEY} defines the intended target URL.
*
* To configure this filter to redirect to specific pages as the result of
@@ -143,9 +143,9 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
MessageSourceAware {
//~ Static fields/initializers =====================================================================================
- public static final String ACEGI_SAVED_REQUEST_KEY = "ACEGI_SAVED_REQUEST_KEY";
+ public static final String SPRING_SECURITY_SAVED_REQUEST_KEY = "SPRING_SECURITY_SAVED_REQUEST_KEY";
- public static final String ACEGI_SECURITY_LAST_EXCEPTION_KEY = "ACEGI_SECURITY_LAST_EXCEPTION";
+ public static final String SPRING_SECURITY_LAST_EXCEPTION_KEY = "SPRING_SECURITY_LAST_EXCEPTION";
//~ Instance fields ================================================================================================
@@ -168,7 +168,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
/**
* Where to redirect the browser to if authentication is successful but
- * ACEGI_SAVED_REQUEST_KEY is null
+ * SPRING_SECURITY_SAVED_REQUEST_KEY is null
*/
private String defaultTargetUrl;
@@ -349,7 +349,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
}
public static String obtainFullRequestUrl(HttpServletRequest request) {
- SavedRequest savedRequest = (SavedRequest) request.getSession().getAttribute(ACEGI_SAVED_REQUEST_KEY);
+ SavedRequest savedRequest = (SavedRequest) request.getSession().getAttribute(SPRING_SECURITY_SAVED_REQUEST_KEY);
return (savedRequest == null) ? null : savedRequest.getFullRequestUrl();
}
@@ -575,7 +575,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
}
try {
- request.getSession().setAttribute(ACEGI_SECURITY_LAST_EXCEPTION_KEY, failed);
+ request.getSession().setAttribute(SPRING_SECURITY_LAST_EXCEPTION_KEY, failed);
}
catch (Exception ignored) {
}
diff --git a/core/src/main/java/org/springframework/security/ui/AccessDeniedHandlerImpl.java b/core/src/main/java/org/springframework/security/ui/AccessDeniedHandlerImpl.java
index a145832867..3d9213b298 100644
--- a/core/src/main/java/org/springframework/security/ui/AccessDeniedHandlerImpl.java
+++ b/core/src/main/java/org/springframework/security/ui/AccessDeniedHandlerImpl.java
@@ -36,7 +36,7 @@ import javax.servlet.http.HttpServletResponse;
* "forward" to the specified error page view. Being a "forward", the SecurityContextHolder will remain
* populated. This is of benefit if the view (or a tag library or macro) wishes to access the
* SecurityContextHolder. The request scope will also be populated with the exception itself, available
- * from the key {@link #ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY}.
+ * from the key {@link #SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY}.
*
* @author Ben Alex
* @version $Id$
@@ -44,7 +44,7 @@ import javax.servlet.http.HttpServletResponse;
public class AccessDeniedHandlerImpl implements AccessDeniedHandler {
//~ Static fields/initializers =====================================================================================
- public static final String ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY = "ACEGI_SECURITY_403_EXCEPTION";
+ public static final String SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY = "SPRING_SECURITY_403_EXCEPTION";
protected static final Log logger = LogFactory.getLog(AccessDeniedHandlerImpl.class);
//~ Instance fields ================================================================================================
@@ -57,7 +57,7 @@ public class AccessDeniedHandlerImpl implements AccessDeniedHandler {
throws IOException, ServletException {
if (errorPage != null) {
// Put exception into request scope (perhaps of use to a view)
- ((HttpServletRequest) request).setAttribute(ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY,
+ ((HttpServletRequest) request).setAttribute(SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY,
accessDeniedException);
// Perform RequestDispatcher "forward"
diff --git a/core/src/main/java/org/springframework/security/ui/ExceptionTranslationFilter.java b/core/src/main/java/org/springframework/security/ui/ExceptionTranslationFilter.java
index f94957fc24..ce8f6cd9e4 100644
--- a/core/src/main/java/org/springframework/security/ui/ExceptionTranslationFilter.java
+++ b/core/src/main/java/org/springframework/security/ui/ExceptionTranslationFilter.java
@@ -216,7 +216,7 @@ public class ExceptionTranslationFilter implements Filter, InitializingBean {
if (createSessionAllowed) {
// Store the HTTP request itself. Used by AbstractProcessingFilter
// for redirection after successful authentication (SEC-29)
- httpRequest.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY, savedRequest);
+ httpRequest.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY, savedRequest);
}
// SEC-112: Clear the SecurityContextHolder's Authentication, as the
diff --git a/core/src/main/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServices.java b/core/src/main/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServices.java
index fce98c5cca..ec3d555518 100644
--- a/core/src/main/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServices.java
+++ b/core/src/main/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServices.java
@@ -104,7 +104,7 @@ import org.springframework.web.bind.RequestUtils;
public class TokenBasedRememberMeServices implements RememberMeServices, InitializingBean, LogoutHandler {
//~ Static fields/initializers =====================================================================================
- public static final String ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY = "ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE";
+ public static final String SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY = "SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE";
public static final String DEFAULT_PARAMETER = "_acegi_security_remember_me";
@@ -124,7 +124,7 @@ public class TokenBasedRememberMeServices implements RememberMeServices, Initial
private boolean alwaysRemember = false;
- private String cookieName = ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY;
+ private String cookieName = SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY;
//~ Methods ========================================================================================================
diff --git a/core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilter.java
index c977e75501..188d566864 100644
--- a/core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilter.java
+++ b/core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilter.java
@@ -104,7 +104,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
// ~ Static fields/initializers
// =============================================
- public static final String ACEGI_SECURITY_SWITCH_USERNAME_KEY = "j_username";
+ public static final String SPRING_SECURITY_SWITCH_USERNAME_KEY = "j_username";
public static final String ROLE_PREVIOUS_ADMINISTRATOR = "ROLE_PREVIOUS_ADMINISTRATOR";
//~ Instance fields ================================================================================================
@@ -197,7 +197,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
throws AuthenticationException {
UsernamePasswordAuthenticationToken targetUserRequest = null;
- String username = request.getParameter(ACEGI_SECURITY_SWITCH_USERNAME_KEY);
+ String username = request.getParameter(SPRING_SECURITY_SWITCH_USERNAME_KEY);
if (username == null) {
username = "";
diff --git a/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java
index 4156cc3975..9f1ac92e35 100644
--- a/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java
+++ b/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java
@@ -32,7 +32,7 @@ import javax.servlet.http.HttpServletRequest;
* Processes an authentication form.
* Login forms must present two parameters to this filter: a username and
* password. The default parameter names to use are contained in the
- * static fields {@link #ACEGI_SECURITY_FORM_USERNAME_KEY} and {@link #ACEGI_SECURITY_FORM_PASSWORD_KEY}.
+ * static fields {@link #SPRING_SECURITY_FORM_USERNAME_KEY} and {@link #SPRING_SECURITY_FORM_PASSWORD_KEY}.
* The parameter names can also be changed by setting the usernameParameter and passwordParameter
* properties.
*
@@ -47,12 +47,12 @@ import javax.servlet.http.HttpServletRequest;
public class AuthenticationProcessingFilter extends AbstractProcessingFilter {
//~ Static fields/initializers =====================================================================================
- public static final String ACEGI_SECURITY_FORM_USERNAME_KEY = "j_username";
- public static final String ACEGI_SECURITY_FORM_PASSWORD_KEY = "j_password";
- public static final String ACEGI_SECURITY_LAST_USERNAME_KEY = "ACEGI_SECURITY_LAST_USERNAME";
+ public static final String SPRING_SECURITY_FORM_USERNAME_KEY = "j_username";
+ public static final String SPRING_SECURITY_FORM_PASSWORD_KEY = "j_password";
+ public static final String SPRING_SECURITY_LAST_USERNAME_KEY = "SECURITY_SECURITY_LAST_USERNAME";
- private String usernameParameter = ACEGI_SECURITY_FORM_USERNAME_KEY;
- private String passwordParameter = ACEGI_SECURITY_FORM_PASSWORD_KEY;
+ private String usernameParameter = SPRING_SECURITY_FORM_USERNAME_KEY;
+ private String passwordParameter = SPRING_SECURITY_FORM_PASSWORD_KEY;
//~ Methods ========================================================================================================
@@ -73,7 +73,7 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter {
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password);
// Place the last username attempted into HttpSession for views
- request.getSession().setAttribute(ACEGI_SECURITY_LAST_USERNAME_KEY, username);
+ request.getSession().setAttribute(SPRING_SECURITY_LAST_USERNAME_KEY, username);
// Allow subclasses to set the "details" property
setDetails(request, authRequest);
diff --git a/core/src/main/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilter.java
index 2d3786a36e..a6fe7a57c6 100644
--- a/core/src/main/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilter.java
+++ b/core/src/main/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilter.java
@@ -39,8 +39,8 @@ import javax.servlet.http.HttpServletResponse;
* next paragraph). This allows applications to optionally function even when their Siteminder infrastructure is
* unavailable, as is often the case during development.
* Login forms must present two parameters to this filter: a username and password. If not
- * specified, the parameter names to use are contained in the static fields {@link #ACEGI_SECURITY_FORM_USERNAME_KEY}
- * and {@link #ACEGI_SECURITY_FORM_PASSWORD_KEY}.
+ * specified, the parameter names to use are contained in the static fields {@link #SPRING_SECURITY_FORM_USERNAME_KEY}
+ * and {@link #SPRING_SECURITY_FORM_PASSWORD_KEY}.
* Do not use this class directly. Instead, configure web.xml to use the {@link
* org.springframework.security.util.FilterToBeanProxy}.
*/
@@ -101,7 +101,7 @@ public class SiteminderAuthenticationProcessingFilter extends AuthenticationProc
if ((formUsernameParameterKey != null) && (formUsernameParameterKey.length() > 0)) {
username = request.getParameter(formUsernameParameterKey);
} else {
- username = request.getParameter(ACEGI_SECURITY_FORM_USERNAME_KEY);
+ username = request.getParameter(SPRING_SECURITY_FORM_USERNAME_KEY);
}
password = obtainPassword(request);
@@ -130,7 +130,7 @@ public class SiteminderAuthenticationProcessingFilter extends AuthenticationProc
setDetails(request, authRequest);
// Place the last username attempted into HttpSession for views
- request.getSession().setAttribute(ACEGI_SECURITY_LAST_USERNAME_KEY, username);
+ request.getSession().setAttribute(SPRING_SECURITY_LAST_USERNAME_KEY, username);
return this.getAuthenticationManager().authenticate(authRequest);
}
@@ -184,7 +184,7 @@ public class SiteminderAuthenticationProcessingFilter extends AuthenticationProc
if ((formPasswordParameterKey != null) && (formPasswordParameterKey.length() > 0)) {
return request.getParameter(formPasswordParameterKey);
} else {
- return request.getParameter(ACEGI_SECURITY_FORM_PASSWORD_KEY);
+ return request.getParameter(SPRING_SECURITY_FORM_PASSWORD_KEY);
}
}
@@ -209,7 +209,7 @@ public class SiteminderAuthenticationProcessingFilter extends AuthenticationProc
//is present and user is not already authenticated.
boolean bAuthenticated = false;
SecurityContext context = (SecurityContext)
- request.getSession().getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
+ request.getSession().getAttribute(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
if (context != null) {
Authentication auth = context.getAuthentication();
diff --git a/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilter.java
index 102d517c5d..8a412bf9b2 100644
--- a/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilter.java
+++ b/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilter.java
@@ -206,6 +206,6 @@ public class X509ProcessingFilter implements Filter, InitializingBean, Applicati
logger.debug("Updated SecurityContextHolder to contain null Authentication");
}
- request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY, failed);
+ request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, failed);
}
}
diff --git a/core/src/main/java/org/springframework/security/wrapper/SavedRequestAwareWrapper.java b/core/src/main/java/org/springframework/security/wrapper/SavedRequestAwareWrapper.java
index d9a7b905c1..f48e156695 100644
--- a/core/src/main/java/org/springframework/security/wrapper/SavedRequestAwareWrapper.java
+++ b/core/src/main/java/org/springframework/security/wrapper/SavedRequestAwareWrapper.java
@@ -90,7 +90,7 @@ public class SavedRequestAwareWrapper extends SecurityContextHolderAwareRequestW
return;
}
- SavedRequest saved = (SavedRequest) session.getAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY);
+ SavedRequest saved = (SavedRequest) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY);
if ((saved != null) && saved.doesRequestMatch(request, portResolver)) {
if (logger.isDebugEnabled()) {
@@ -98,7 +98,7 @@ public class SavedRequestAwareWrapper extends SecurityContextHolderAwareRequestW
}
savedRequest = saved;
- session.removeAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY);
+ session.removeAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY);
formats[0] = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss zzz", Locale.US);
formats[1] = new SimpleDateFormat("EEEEEE, dd-MMM-yy HH:mm:ss zzz", Locale.US);
diff --git a/core/src/test/java/org/springframework/security/context/HttpSessionContextIntegrationFilterTests.java b/core/src/test/java/org/springframework/security/context/HttpSessionContextIntegrationFilterTests.java
index 93b90c315c..ab11a99f77 100644
--- a/core/src/test/java/org/springframework/security/context/HttpSessionContextIntegrationFilterTests.java
+++ b/core/src/test/java/org/springframework/security/context/HttpSessionContextIntegrationFilterTests.java
@@ -118,7 +118,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
// Build a mock request
MockHttpServletRequest request = new MockHttpServletRequest();
request.getSession().setAttribute(
- HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
+ HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY,
sc);
MockHttpServletResponse response = new MockHttpServletResponse();
@@ -170,7 +170,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
// Build a mock request
MockHttpServletRequest request = new MockHttpServletRequest();
request.getSession().setAttribute(
- HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
+ HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY,
sc);
MockHttpServletResponse response = new MockHttpServletResponse();
@@ -188,7 +188,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
// Obtain new/update Authentication from HttpSession
SecurityContext context = (SecurityContext) request.getSession().getAttribute(
- HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
+ HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
assertEquals(updatedPrincipal, ((SecurityContext) context).getAuthentication());
}
@@ -214,7 +214,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
// Obtain new/updated Authentication from HttpSession
SecurityContext context = (SecurityContext) request.getSession(false).getAttribute(
- HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
+ HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
assertEquals(updatedPrincipal, ((SecurityContext) context).getAuthentication());
}
@@ -268,7 +268,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
// Build a mock request
MockHttpServletRequest request = new MockHttpServletRequest();
request.getSession().setAttribute(
- HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
+ HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY,
"NOT_A_CONTEXT_OBJECT");
MockHttpServletResponse response = new MockHttpServletResponse();
@@ -284,7 +284,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
// Obtain new/update Authentication from HttpSession
SecurityContext context = (SecurityContext) request.getSession().getAttribute(
- HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
+ HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
assertEquals(updatedPrincipal, ((SecurityContext) context).getAuthentication());
}
@@ -302,7 +302,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
MockHttpServletRequest request = new MockHttpServletRequest();
request.getSession().setAttribute(
- HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
+ HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY,
sc);
MockHttpServletResponse response = new MockHttpServletResponse();
diff --git a/core/src/test/java/org/springframework/security/providers/jaas/JaasAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/providers/jaas/JaasAuthenticationProviderTests.java
index 2a54ae82fd..5ebad58e0d 100644
--- a/core/src/test/java/org/springframework/security/providers/jaas/JaasAuthenticationProviderTests.java
+++ b/core/src/test/java/org/springframework/security/providers/jaas/JaasAuthenticationProviderTests.java
@@ -214,7 +214,7 @@ public class JaasAuthenticationProviderTests extends TestCase {
context.setAuthentication(token);
MockHttpSession mockSession = new MockHttpSession();
- mockSession.setAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY, context);
+ mockSession.setAttribute(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY, context);
jaasProvider.onApplicationEvent(new HttpSessionDestroyedEvent(mockSession));
diff --git a/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java
index 2ad3371229..d542cd389c 100644
--- a/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java
+++ b/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java
@@ -376,7 +376,7 @@ public class AbstractProcessingFilterTests extends TestCase {
throws Exception {
// Setup our HTTP request
MockHttpServletRequest request = createMockRequest();
- request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY, makeSavedRequestForUrl());
+ request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY, makeSavedRequestForUrl());
// Setup our filter configuration
MockFilterConfig config = new MockFilterConfig(null, null);
@@ -402,7 +402,7 @@ public class AbstractProcessingFilterTests extends TestCase {
public void testSuccessfulAuthenticationCausesRedirectToSessionSpecifiedUrl() throws Exception {
// Setup our HTTP request
MockHttpServletRequest request = createMockRequest();
- request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY, makeSavedRequestForUrl());
+ request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY, makeSavedRequestForUrl());
// Setup our filter configuration
MockFilterConfig config = new MockFilterConfig(null, null);
diff --git a/core/src/test/java/org/springframework/security/ui/ExceptionTranslationFilterTests.java b/core/src/test/java/org/springframework/security/ui/ExceptionTranslationFilterTests.java
index 92f743788a..ce4e0dc5fd 100644
--- a/core/src/test/java/org/springframework/security/ui/ExceptionTranslationFilterTests.java
+++ b/core/src/test/java/org/springframework/security/ui/ExceptionTranslationFilterTests.java
@@ -128,7 +128,7 @@ public class ExceptionTranslationFilterTests extends TestCase {
filter.doFilter(request, response, chain);
assertEquals(403, response.getStatus());
assertEquals(AccessDeniedException.class, request.getAttribute(
- AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY).getClass());
+ AccessDeniedHandlerImpl.SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY).getClass());
}
public void testDoFilterWithNonHttpServletRequestDetected() throws Exception {
diff --git a/core/src/test/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServicesTests.java b/core/src/test/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServicesTests.java
index 363f25b84b..706f8398f3 100644
--- a/core/src/test/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServicesTests.java
+++ b/core/src/test/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServicesTests.java
@@ -105,7 +105,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
assertNull(result);
- Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+ Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNull(returnedCookie); // shouldn't try to invalidate our cookie
}
@@ -126,7 +126,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
assertNull(result);
- Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+ Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNull(returnedCookie); // shouldn't try to invalidate our cookie
}
@@ -139,7 +139,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
services.setUserDetailsService(new MockAuthenticationDao(user, false));
// services.afterPropertiesSet();
- Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
+ Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
generateCorrectCookieContentForToken(System.currentTimeMillis() - 1000000, "someone", "password", "key"));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
@@ -150,7 +150,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
assertNull(result);
- Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+ Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(returnedCookie);
assertEquals(0, returnedCookie.getMaxAge());
}
@@ -165,7 +165,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
services.setUserDetailsService(new MockAuthenticationDao(user, false));
//services.afterPropertiesSet();
- Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
+ Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
new String(Base64.encodeBase64("x".getBytes())));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
@@ -176,7 +176,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
assertNull(result);
- Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+ Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(returnedCookie);
assertEquals(0, returnedCookie.getMaxAge());
}
@@ -190,7 +190,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
services.setUserDetailsService(new MockAuthenticationDao(user, false));
//services.afterPropertiesSet();
- Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
+ Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
"NOT_BASE_64_ENCODED");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
@@ -201,7 +201,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
assertNull(result);
- Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+ Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(returnedCookie);
assertEquals(0, returnedCookie.getMaxAge());
}
@@ -216,7 +216,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
services.setUserDetailsService(new MockAuthenticationDao(user, false));
//services.afterPropertiesSet();
- Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
+ Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password",
"WRONG_KEY"));
MockHttpServletRequest request = new MockHttpServletRequest();
@@ -228,7 +228,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
assertNull(result);
- Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+ Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(returnedCookie);
assertEquals(0, returnedCookie.getMaxAge());
}
@@ -243,7 +243,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
services.setUserDetailsService(new MockAuthenticationDao(user, false));
//services.afterPropertiesSet();
- Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
+ Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
new String(Base64.encodeBase64("username:NOT_A_NUMBER:signature".getBytes())));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
@@ -254,7 +254,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
assertNull(result);
- Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+ Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(returnedCookie);
assertEquals(0, returnedCookie.getMaxAge());
}
@@ -265,7 +265,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
services.setUserDetailsService(new MockAuthenticationDao(null, true));
//services.afterPropertiesSet();
- Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
+ Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password", "key"));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
@@ -276,7 +276,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
assertNull(result);
- Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+ Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(returnedCookie);
assertEquals(0, returnedCookie.getMaxAge());
}
@@ -290,7 +290,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
services.setUserDetailsService(new MockAuthenticationDao(user, false));
// services.afterPropertiesSet();
- Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
+ Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password", "key"));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
@@ -330,7 +330,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
MockHttpServletResponse response = new MockHttpServletResponse();
services.loginFail(request, response);
- Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+ Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(cookie);
assertEquals(0, cookie.getMaxAge());
}
@@ -346,7 +346,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
new TestingAuthenticationToken("someone", "password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")}));
- Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+ Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNull(cookie);
}
@@ -361,7 +361,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
new TestingAuthenticationToken("someone", "password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")}));
- Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+ Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(cookie);
assertEquals(services.getTokenValiditySeconds(), cookie.getMaxAge());
assertTrue(Base64.isArrayByteBase64(cookie.getValue().getBytes()));
@@ -381,7 +381,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
new TestingAuthenticationToken(user, "ignored",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")}));
- Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+ Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(cookie);
assertEquals(services.getTokenValiditySeconds(), cookie.getMaxAge());
assertTrue(Base64.isArrayByteBase64(cookie.getValue().getBytes()));
diff --git a/core/src/test/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests.java
index c34d38ca72..3a2873ad1a 100644
--- a/core/src/test/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests.java
+++ b/core/src/test/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests.java
@@ -80,7 +80,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
SecurityContextHolder.getContext().setAuthentication(auth);
MockHttpServletRequest request = new MockHttpServletRequest();
- request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "user-that-doesnt-exist");
+ request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "user-that-doesnt-exist");
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord());
@@ -101,7 +101,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
MockHttpServletRequest request = new MockHttpServletRequest();
// this user is disabled
- request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "mcgarrett");
+ request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "mcgarrett");
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord());
@@ -124,7 +124,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
MockHttpServletRequest request = new MockHttpServletRequest();
// this user is disabled
- request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "wofat");
+ request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "wofat");
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord());
@@ -147,7 +147,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
MockHttpServletRequest request = new MockHttpServletRequest();
// this user is disabled
- request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "steve");
+ request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "steve");
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord());
@@ -167,7 +167,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
SecurityContextHolder.getContext().setAuthentication(auth);
MockHttpServletRequest request = new MockHttpServletRequest();
- request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
+ request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord());
@@ -183,7 +183,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
MockHttpServletRequest request = new MockHttpServletRequest();
String username = null;
- request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, username);
+ request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, username);
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord());
@@ -304,7 +304,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
SecurityContextHolder.getContext().setAuthentication(auth);
MockHttpServletRequest request = createMockSwitchRequest();
- request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
+ request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
request.setRequestURI("/webapp/j_acegi_switch_user");
MockHttpServletResponse response = new MockHttpServletResponse();
@@ -351,7 +351,7 @@ public class SwitchUserProcessingFilterTests extends TestCase {
// http request
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/webapp/j_acegi_switch_user");
- request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
+ request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
// http response
MockHttpServletResponse response = new MockHttpServletResponse();
diff --git a/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java
index 592f15612a..1e0cfce229 100644
--- a/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java
+++ b/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java
@@ -52,8 +52,8 @@ public class AuthenticationProcessingFilterTests extends TestCase {
public void testNormalOperation() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
- request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, "marissa");
- request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala");
+ request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "marissa");
+ request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
filter.setAuthenticationManager(new MockAuthenticationManager(true));
@@ -66,7 +66,7 @@ public class AuthenticationProcessingFilterTests extends TestCase {
public void testNullPasswordHandledGracefully() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
- request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, "marissa");
+ request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "marissa");
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
filter.setAuthenticationManager(new MockAuthenticationManager(true));
@@ -78,7 +78,7 @@ public class AuthenticationProcessingFilterTests extends TestCase {
public void testNullUsernameHandledGracefully() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
- request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala");
+ request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
filter.setAuthenticationManager(new MockAuthenticationManager(true));
@@ -106,8 +106,8 @@ public class AuthenticationProcessingFilterTests extends TestCase {
public void testSpacesAreTrimmedCorrectlyFromUsername() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
- request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, " marissa ");
- request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala");
+ request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, " marissa ");
+ request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
filter.setAuthenticationManager(new MockAuthenticationManager(true));
diff --git a/core/src/test/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilterTests.java
index 51b9c82a27..01aba7488e 100644
--- a/core/src/test/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilterTests.java
+++ b/core/src/test/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilterTests.java
@@ -103,8 +103,8 @@ public class SiteminderAuthenticationProcessingFilterTests extends TestCase {
*/
public void testFormNormalOperation() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
- request.addParameter(SiteminderAuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, "marissa");
- request.addParameter(SiteminderAuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala");
+ request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "marissa");
+ request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
@@ -124,7 +124,7 @@ public class SiteminderAuthenticationProcessingFilterTests extends TestCase {
*/
public void testFormNullPasswordHandledGracefully() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
- request.addParameter(SiteminderAuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, "marissa");
+ request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "marissa");
MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
@@ -143,7 +143,7 @@ public class SiteminderAuthenticationProcessingFilterTests extends TestCase {
*/
public void testFormNullUsernameHandledGracefully() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
- request.addParameter(SiteminderAuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala");
+ request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
diff --git a/core/src/test/java/org/springframework/security/ui/x509/X509ProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/x509/X509ProcessingFilterTests.java
index 9d74368062..baa1ae9b5b 100644
--- a/core/src/test/java/org/springframework/security/ui/x509/X509ProcessingFilterTests.java
+++ b/core/src/test/java/org/springframework/security/ui/x509/X509ProcessingFilterTests.java
@@ -82,7 +82,7 @@ public class X509ProcessingFilterTests extends TestCase {
filter.doFilter(request, response, chain);
Object lastException = request.getSession()
- .getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY);
+ .getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY);
assertNull("Authentication should be null", SecurityContextHolder.getContext().getAuthentication());
assertTrue("BadCredentialsException should have been thrown", lastException instanceof BadCredentialsException);
diff --git a/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java b/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java
index 57dde40b3b..7bd61766f6 100755
--- a/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java
+++ b/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java
@@ -426,7 +426,7 @@ public class NtlmProcessingFilter extends HttpFilter implements InitializingBean
authRequest.setDetails(new WebAuthenticationDetails(request));
// Place the last username attempted into HttpSession for views
- session.setAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY, authRequest.getName());
+ session.setAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY, authRequest.getName());
// Backup the current authentication in case of an AuthenticationException
backupAuth = SecurityContextHolder.getContext().getAuthentication();
diff --git a/portlet/src/main/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptor.java b/portlet/src/main/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptor.java
index 514bca398c..b93a5f1011 100644
--- a/portlet/src/main/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptor.java
+++ b/portlet/src/main/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptor.java
@@ -101,7 +101,7 @@ public class PortletSessionContextIntegrationInterceptor
protected static final Log logger = LogFactory.getLog(PortletSessionContextIntegrationInterceptor.class);
- public static final String ACEGI_SECURITY_CONTEXT_KEY = HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY;
+ public static final String SPRING_SECURITY_CONTEXT_KEY = HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY;
private static final String SESSION_EXISTED = PortletSessionContextIntegrationInterceptor.class.getName() + ".SESSION_EXISTED";
private static final String CONTEXT_HASHCODE = PortletSessionContextIntegrationInterceptor.class.getName() + ".CONTEXT_HASHCODE";
@@ -238,7 +238,7 @@ public class PortletSessionContextIntegrationInterceptor
portletSessionExistedAtStartOfRequest = true;
// attempt to retrieve the context from the session
- Object contextFromSessionObject = portletSession.getAttribute(ACEGI_SECURITY_CONTEXT_KEY, portletSessionScope());
+ Object contextFromSessionObject = portletSession.getAttribute(SPRING_SECURITY_CONTEXT_KEY, portletSessionScope());
// if we got a context then place it into the holder
if (contextFromSessionObject != null) {
@@ -262,12 +262,12 @@ public class PortletSessionContextIntegrationInterceptor
// if what we got is a valid context then place it into the holder, otherwise create a new one
if (contextFromSessionObject instanceof SecurityContext) {
if (logger.isDebugEnabled())
- logger.debug("Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and "
+ logger.debug("Obtained from SPRING_SECURITY_CONTEXT a valid SecurityContext and "
+ "set to SecurityContextHolder: '" + contextFromSessionObject + "'");
SecurityContextHolder.setContext((SecurityContext) contextFromSessionObject);
} else {
if (logger.isWarnEnabled())
- logger.warn("ACEGI_SECURITY_CONTEXT did not contain a SecurityContext but contained: '"
+ logger.warn("SPRING_SECURITY_CONTEXT did not contain a SecurityContext but contained: '"
+ contextFromSessionObject
+ "'; are you improperly modifying the PortletSession directly "
+ "(you should always use SecurityContextHolder) or using the PortletSession attribute "
@@ -280,7 +280,7 @@ public class PortletSessionContextIntegrationInterceptor
// there was no context in the session, so create a new context and put it in the holder
if (logger.isDebugEnabled())
- logger.debug("PortletSession returned null object for ACEGI_SECURITY_CONTEXT - new "
+ logger.debug("PortletSession returned null object for SPRING_SECURITY_CONTEXT - new "
+ "SecurityContext instance associated with SecurityContextHolder");
SecurityContextHolder.setContext(generateNewContext());
}
@@ -354,7 +354,7 @@ public class PortletSessionContextIntegrationInterceptor
// if the session exists and the context has changes, then store the context back into the session
if ((portletSession != null)
&& (SecurityContextHolder.getContext().hashCode() != oldContextHashCode)) {
- portletSession.setAttribute(ACEGI_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext(), portletSessionScope());
+ portletSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext(), portletSessionScope());
if (logger.isDebugEnabled())
logger.debug("SecurityContext stored to PortletSession: '"
+ SecurityContextHolder.getContext() + "'");
diff --git a/portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingInterceptor.java b/portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingInterceptor.java
index d12c11f2a1..3d259ce6a6 100644
--- a/portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingInterceptor.java
+++ b/portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingInterceptor.java
@@ -55,7 +55,7 @@ import org.springframework.web.portlet.ModelAndView;
* is guaranteed to have already been created by an earlier interceptor. If authentication
* fails, the AuthenticationException will be placed into the
* APPLICATION_SCOPE of the PortletSession with the attribute defined
- * by {@link AbstractProcessingFilter#ACEGI_SECURITY_LAST_EXCEPTION_KEY}.
+ * by {@link AbstractProcessingFilter#SPRING_SECURITY_LAST_EXCEPTION_KEY}.
*
* Some portals do not properly provide the identity of the current user via the
* getRemoteUser() or getUserPrincipal() methods of the
@@ -170,7 +170,7 @@ public class PortletProcessingInterceptor implements
logger.debug("Authentication failed - updating ContextHolder to contain null Authentication");
ctx.setAuthentication(null);
request.getPortletSession().setAttribute(
- AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY,
+ AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY,
failed, PortletSession.APPLICATION_SCOPE);
onUnsuccessfulAuthentication(request, response, failed);
}
diff --git a/portlet/src/test/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptorTests.java b/portlet/src/test/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptorTests.java
index dcb4d63eab..76e4eb0de3 100644
--- a/portlet/src/test/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptorTests.java
+++ b/portlet/src/test/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptorTests.java
@@ -108,7 +108,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
MockRenderRequest request = PortletTestUtils.createRenderRequest();
MockRenderResponse response = PortletTestUtils.createRenderResponse();
request.getPortletSession().setAttribute(
- PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY,
+ PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY,
sc, PortletSession.APPLICATION_SCOPE);
// Prepare interceptor
@@ -145,7 +145,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
MockActionRequest request = PortletTestUtils.createActionRequest();
MockActionResponse response = PortletTestUtils.createActionResponse();
request.getPortletSession().setAttribute(
- PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY,
+ PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY,
sc, PortletSession.APPLICATION_SCOPE);
// Prepare interceptor
@@ -178,7 +178,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
MockActionRequest request = PortletTestUtils.createActionRequest();
MockActionResponse response = PortletTestUtils.createActionResponse();
request.getPortletSession().setAttribute(
- PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY,
+ PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY,
sc, PortletSession.APPLICATION_SCOPE);
// Prepare interceptor
@@ -209,7 +209,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
// Verify the new principal is stored in the session
sc = (SecurityContext)request.getPortletSession().getAttribute(
- PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY,
+ PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY,
PortletSession.APPLICATION_SCOPE);
assertEquals(baselinePrincipal, sc.getAuthentication());
}
@@ -232,7 +232,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
// Verify Authentication is in the PortletSession
SecurityContext sc = (SecurityContext)request.getPortletSession(false).
- getAttribute(PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY, PortletSession.APPLICATION_SCOPE);
+ getAttribute(PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY, PortletSession.APPLICATION_SCOPE);
assertEquals(principal, ((SecurityContext)sc).getAuthentication());
}
@@ -280,7 +280,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
MockActionRequest request = PortletTestUtils.createActionRequest();
MockActionResponse response = PortletTestUtils.createActionResponse();
request.getPortletSession().setAttribute(
- PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY,
+ PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY,
"NOT_A_CONTEXT_OBJECT", PortletSession.APPLICATION_SCOPE);
// Prepare the interceptor
@@ -295,7 +295,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
// Verify Authentication is in the PortletSession
SecurityContext sc = (SecurityContext)request.getPortletSession(false).
- getAttribute(PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY, PortletSession.APPLICATION_SCOPE);
+ getAttribute(PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY, PortletSession.APPLICATION_SCOPE);
assertEquals(principal, ((SecurityContext)sc).getAuthentication());
}
@@ -334,7 +334,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
MockActionRequest request = PortletTestUtils.createActionRequest();
MockActionResponse response = PortletTestUtils.createActionResponse();
request.getPortletSession().setAttribute(
- PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY,
+ PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY,
sc, PortletSession.PORTLET_SCOPE);
// Prepare interceptor
@@ -363,7 +363,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
// Verify the new principal is stored in the session
sc = (SecurityContext)request.getPortletSession().getAttribute(
- PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY,
+ PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY,
PortletSession.PORTLET_SCOPE);
assertEquals(baselinePrincipal, sc.getAuthentication());
}
diff --git a/portlet/src/test/java/org/springframework/security/ui/portlet/PortletProcessingInterceptorTests.java b/portlet/src/test/java/org/springframework/security/ui/portlet/PortletProcessingInterceptorTests.java
index 6779b59d76..2b5143f1b4 100644
--- a/portlet/src/test/java/org/springframework/security/ui/portlet/PortletProcessingInterceptorTests.java
+++ b/portlet/src/test/java/org/springframework/security/ui/portlet/PortletProcessingInterceptorTests.java
@@ -149,7 +149,7 @@ public class PortletProcessingInterceptorTests extends TestCase {
// Verify that proper exception was thrown
assertTrue(request.getPortletSession().getAttribute(
- AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY,
+ AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY,
PortletSession.APPLICATION_SCOPE)
instanceof BadCredentialsException);
}
diff --git a/samples/contacts/src/main/webapp/accessDenied.jsp b/samples/contacts/src/main/webapp/accessDenied.jsp
index c957899b37..0a9dd506c4 100644
--- a/samples/contacts/src/main/webapp/accessDenied.jsp
+++ b/samples/contacts/src/main/webapp/accessDenied.jsp
@@ -6,7 +6,7 @@
-<%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>
+<%= request.getAttribute(AccessDeniedHandlerImpl.SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>
diff --git a/samples/contacts/src/main/webapp/acegilogin.jsp b/samples/contacts/src/main/webapp/acegilogin.jsp
index 549cc5b609..b91253d996 100644
--- a/samples/contacts/src/main/webapp/acegilogin.jsp
+++ b/samples/contacts/src/main/webapp/acegilogin.jsp
@@ -28,13 +28,13 @@
Your login attempt was not successful, try again.
- Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
+ Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
diff --git a/samples/contacts/src/main/webapp/exitUser.jsp b/samples/contacts/src/main/webapp/exitUser.jsp
index a3c5ad7216..64bd876bdc 100644
--- a/samples/contacts/src/main/webapp/exitUser.jsp
+++ b/samples/contacts/src/main/webapp/exitUser.jsp
@@ -17,7 +17,7 @@