From 18c8ba4ac2116b57af6b6770672c8c4d9df3b9b9 Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Sun, 23 Sep 2007 11:16:01 +0000 Subject: [PATCH] SEC-562: Changing constants and key names. --- .../HttpSessionContextIntegrationFilter.java | 12 +++--- .../jaas/JaasAuthenticationProvider.java | 2 +- .../security/ui/AbstractProcessingFilter.java | 16 ++++---- .../security/ui/AccessDeniedHandlerImpl.java | 6 +-- .../ui/ExceptionTranslationFilter.java | 2 +- .../TokenBasedRememberMeServices.java | 4 +- .../SwitchUserProcessingFilter.java | 4 +- .../AuthenticationProcessingFilter.java | 14 +++---- ...eminderAuthenticationProcessingFilter.java | 12 +++--- .../ui/x509/X509ProcessingFilter.java | 2 +- .../wrapper/SavedRequestAwareWrapper.java | 4 +- ...pSessionContextIntegrationFilterTests.java | 14 +++---- .../jaas/JaasAuthenticationProviderTests.java | 2 +- .../ui/AbstractProcessingFilterTests.java | 4 +- .../ui/ExceptionTranslationFilterTests.java | 2 +- .../TokenBasedRememberMeServicesTests.java | 38 +++++++++---------- .../SwitchUserProcessingFilterTests.java | 16 ++++---- .../AuthenticationProcessingFilterTests.java | 12 +++--- ...erAuthenticationProcessingFilterTests.java | 8 ++-- .../ui/x509/X509ProcessingFilterTests.java | 2 +- .../ui/ntlm/NtlmProcessingFilter.java | 2 +- ...tSessionContextIntegrationInterceptor.java | 12 +++--- .../portlet/PortletProcessingInterceptor.java | 4 +- ...ionContextIntegrationInterceptorTests.java | 18 ++++----- .../PortletProcessingInterceptorTests.java | 2 +- .../contacts/src/main/webapp/accessDenied.jsp | 2 +- .../contacts/src/main/webapp/acegilogin.jsp | 4 +- .../contacts/src/main/webapp/casfailed.jsp | 2 +- samples/contacts/src/main/webapp/exitUser.jsp | 2 +- .../contacts/src/main/webapp/switchUser.jsp | 2 +- .../tutorial/src/main/webapp/accessDenied.jsp | 2 +- .../tutorial/src/main/webapp/acegilogin.jsp | 2 +- .../OpenIDResponseProcessingFilter.java | 2 +- .../OpenIdAuthenticationProcessingFilter.java | 8 ++-- 34 files changed, 120 insertions(+), 120 deletions(-) diff --git a/core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java b/core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java index 9381002144..34c265d88e 100644 --- a/core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java +++ b/core/src/main/java/org/springframework/security/context/HttpSessionContextIntegrationFilter.java @@ -106,7 +106,7 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi static final String FILTER_APPLIED = "__acegi_session_integration_filter_applied"; - public static final String ACEGI_SECURITY_CONTEXT_KEY = "ACEGI_SECURITY_CONTEXT"; + public static final String SPRING_SECURITY_CONTEXT_KEY = "SPRING_SECURITY_CONTEXT"; //~ Instance fields ================================================================================================ @@ -224,7 +224,7 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi } } else { if (logger.isDebugEnabled()) { - logger.debug("Obtained a valid SecurityContext from ACEGI_SECURITY_CONTEXT to " + logger.debug("Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT to " + "associate with SecurityContextHolder: '" + contextBeforeChainExecution + "'"); } } @@ -293,11 +293,11 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi // Session exists, so try to obtain a context from it. - Object contextFromSessionObject = httpSession.getAttribute(ACEGI_SECURITY_CONTEXT_KEY); + Object contextFromSessionObject = httpSession.getAttribute(SPRING_SECURITY_CONTEXT_KEY); if (contextFromSessionObject == null) { if (logger.isDebugEnabled()) { - logger.debug("HttpSession returned null object for ACEGI_SECURITY_CONTEXT"); + logger.debug("HttpSession returned null object for SPRING_SECURITY_CONTEXT"); } return null; @@ -323,7 +323,7 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi if (!(contextFromSessionObject instanceof SecurityContext)) { if (logger.isWarnEnabled()) { - logger.warn("ACEGI_SECURITY_CONTEXT did not contain a SecurityContext but contained: '" + logger.warn("SPRING_SECURITY_CONTEXT did not contain a SecurityContext but contained: '" + contextFromSessionObject + "'; are you improperly modifying the HttpSession directly " + "(you should always use SecurityContextHolder) or using the HttpSession attribute " @@ -405,7 +405,7 @@ public class HttpSessionContextIntegrationFilter implements InitializingBean, Fi // If HttpSession exists, store current SecurityContextHolder contents but only if // the SecurityContext has actually changed (see JIRA SEC-37) if (httpSession != null && securityContext.hashCode() != contextHashBeforeChainExecution) { - httpSession.setAttribute(ACEGI_SECURITY_CONTEXT_KEY, securityContext); + httpSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY, securityContext); if (logger.isDebugEnabled()) { logger.debug("SecurityContext stored to HttpSession: '" + securityContext + "'"); diff --git a/core/src/main/java/org/springframework/security/providers/jaas/JaasAuthenticationProvider.java b/core/src/main/java/org/springframework/security/providers/jaas/JaasAuthenticationProvider.java index 3ba03c4b6f..dc0fce330e 100644 --- a/core/src/main/java/org/springframework/security/providers/jaas/JaasAuthenticationProvider.java +++ b/core/src/main/java/org/springframework/security/providers/jaas/JaasAuthenticationProvider.java @@ -321,7 +321,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli */ protected void handleLogout(HttpSessionDestroyedEvent event) { SecurityContext context = (SecurityContext) - event.getSession().getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY); + event.getSession().getAttribute(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY); if (context == null) { log.debug("The destroyed session has no SecurityContext"); diff --git a/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java index 1a1a2c5cb3..8a043bea26 100644 --- a/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java +++ b/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java @@ -71,7 +71,7 @@ import javax.servlet.http.HttpSession; *

* If authentication fails, the AuthenticationException will be * placed into the HttpSession with the attribute defined by - * {@link #ACEGI_SECURITY_LAST_EXCEPTION_KEY}. + * {@link #SPRING_SECURITY_LAST_EXCEPTION_KEY}. *

*

* To use this filter, it is necessary to specify the following properties: @@ -79,7 +79,7 @@ import javax.servlet.http.HttpSession; *

*

* To configure this filter to redirect to specific pages as the result of @@ -143,9 +143,9 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe MessageSourceAware { //~ Static fields/initializers ===================================================================================== - public static final String ACEGI_SAVED_REQUEST_KEY = "ACEGI_SAVED_REQUEST_KEY"; + public static final String SPRING_SECURITY_SAVED_REQUEST_KEY = "SPRING_SECURITY_SAVED_REQUEST_KEY"; - public static final String ACEGI_SECURITY_LAST_EXCEPTION_KEY = "ACEGI_SECURITY_LAST_EXCEPTION"; + public static final String SPRING_SECURITY_LAST_EXCEPTION_KEY = "SPRING_SECURITY_LAST_EXCEPTION"; //~ Instance fields ================================================================================================ @@ -168,7 +168,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe /** * Where to redirect the browser to if authentication is successful but - * ACEGI_SAVED_REQUEST_KEY is null + * SPRING_SECURITY_SAVED_REQUEST_KEY is null */ private String defaultTargetUrl; @@ -349,7 +349,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe } public static String obtainFullRequestUrl(HttpServletRequest request) { - SavedRequest savedRequest = (SavedRequest) request.getSession().getAttribute(ACEGI_SAVED_REQUEST_KEY); + SavedRequest savedRequest = (SavedRequest) request.getSession().getAttribute(SPRING_SECURITY_SAVED_REQUEST_KEY); return (savedRequest == null) ? null : savedRequest.getFullRequestUrl(); } @@ -575,7 +575,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe } try { - request.getSession().setAttribute(ACEGI_SECURITY_LAST_EXCEPTION_KEY, failed); + request.getSession().setAttribute(SPRING_SECURITY_LAST_EXCEPTION_KEY, failed); } catch (Exception ignored) { } diff --git a/core/src/main/java/org/springframework/security/ui/AccessDeniedHandlerImpl.java b/core/src/main/java/org/springframework/security/ui/AccessDeniedHandlerImpl.java index a145832867..3d9213b298 100644 --- a/core/src/main/java/org/springframework/security/ui/AccessDeniedHandlerImpl.java +++ b/core/src/main/java/org/springframework/security/ui/AccessDeniedHandlerImpl.java @@ -36,7 +36,7 @@ import javax.servlet.http.HttpServletResponse; * "forward" to the specified error page view. Being a "forward", the SecurityContextHolder will remain * populated. This is of benefit if the view (or a tag library or macro) wishes to access the * SecurityContextHolder. The request scope will also be populated with the exception itself, available - * from the key {@link #ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY}.

+ * from the key {@link #SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY}.

* * @author Ben Alex * @version $Id$ @@ -44,7 +44,7 @@ import javax.servlet.http.HttpServletResponse; public class AccessDeniedHandlerImpl implements AccessDeniedHandler { //~ Static fields/initializers ===================================================================================== - public static final String ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY = "ACEGI_SECURITY_403_EXCEPTION"; + public static final String SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY = "SPRING_SECURITY_403_EXCEPTION"; protected static final Log logger = LogFactory.getLog(AccessDeniedHandlerImpl.class); //~ Instance fields ================================================================================================ @@ -57,7 +57,7 @@ public class AccessDeniedHandlerImpl implements AccessDeniedHandler { throws IOException, ServletException { if (errorPage != null) { // Put exception into request scope (perhaps of use to a view) - ((HttpServletRequest) request).setAttribute(ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY, + ((HttpServletRequest) request).setAttribute(SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY, accessDeniedException); // Perform RequestDispatcher "forward" diff --git a/core/src/main/java/org/springframework/security/ui/ExceptionTranslationFilter.java b/core/src/main/java/org/springframework/security/ui/ExceptionTranslationFilter.java index f94957fc24..ce8f6cd9e4 100644 --- a/core/src/main/java/org/springframework/security/ui/ExceptionTranslationFilter.java +++ b/core/src/main/java/org/springframework/security/ui/ExceptionTranslationFilter.java @@ -216,7 +216,7 @@ public class ExceptionTranslationFilter implements Filter, InitializingBean { if (createSessionAllowed) { // Store the HTTP request itself. Used by AbstractProcessingFilter // for redirection after successful authentication (SEC-29) - httpRequest.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY, savedRequest); + httpRequest.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY, savedRequest); } // SEC-112: Clear the SecurityContextHolder's Authentication, as the diff --git a/core/src/main/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServices.java b/core/src/main/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServices.java index fce98c5cca..ec3d555518 100644 --- a/core/src/main/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServices.java +++ b/core/src/main/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServices.java @@ -104,7 +104,7 @@ import org.springframework.web.bind.RequestUtils; public class TokenBasedRememberMeServices implements RememberMeServices, InitializingBean, LogoutHandler { //~ Static fields/initializers ===================================================================================== - public static final String ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY = "ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE"; + public static final String SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY = "SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE"; public static final String DEFAULT_PARAMETER = "_acegi_security_remember_me"; @@ -124,7 +124,7 @@ public class TokenBasedRememberMeServices implements RememberMeServices, Initial private boolean alwaysRemember = false; - private String cookieName = ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY; + private String cookieName = SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY; //~ Methods ======================================================================================================== diff --git a/core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilter.java index c977e75501..188d566864 100644 --- a/core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilter.java +++ b/core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilter.java @@ -104,7 +104,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App // ~ Static fields/initializers // ============================================= - public static final String ACEGI_SECURITY_SWITCH_USERNAME_KEY = "j_username"; + public static final String SPRING_SECURITY_SWITCH_USERNAME_KEY = "j_username"; public static final String ROLE_PREVIOUS_ADMINISTRATOR = "ROLE_PREVIOUS_ADMINISTRATOR"; //~ Instance fields ================================================================================================ @@ -197,7 +197,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App throws AuthenticationException { UsernamePasswordAuthenticationToken targetUserRequest = null; - String username = request.getParameter(ACEGI_SECURITY_SWITCH_USERNAME_KEY); + String username = request.getParameter(SPRING_SECURITY_SWITCH_USERNAME_KEY); if (username == null) { username = ""; diff --git a/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java index 4156cc3975..9f1ac92e35 100644 --- a/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java +++ b/core/src/main/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilter.java @@ -32,7 +32,7 @@ import javax.servlet.http.HttpServletRequest; * Processes an authentication form. *

Login forms must present two parameters to this filter: a username and * password. The default parameter names to use are contained in the - * static fields {@link #ACEGI_SECURITY_FORM_USERNAME_KEY} and {@link #ACEGI_SECURITY_FORM_PASSWORD_KEY}. + * static fields {@link #SPRING_SECURITY_FORM_USERNAME_KEY} and {@link #SPRING_SECURITY_FORM_PASSWORD_KEY}. * The parameter names can also be changed by setting the usernameParameter and passwordParameter * properties. *

@@ -47,12 +47,12 @@ import javax.servlet.http.HttpServletRequest; public class AuthenticationProcessingFilter extends AbstractProcessingFilter { //~ Static fields/initializers ===================================================================================== - public static final String ACEGI_SECURITY_FORM_USERNAME_KEY = "j_username"; - public static final String ACEGI_SECURITY_FORM_PASSWORD_KEY = "j_password"; - public static final String ACEGI_SECURITY_LAST_USERNAME_KEY = "ACEGI_SECURITY_LAST_USERNAME"; + public static final String SPRING_SECURITY_FORM_USERNAME_KEY = "j_username"; + public static final String SPRING_SECURITY_FORM_PASSWORD_KEY = "j_password"; + public static final String SPRING_SECURITY_LAST_USERNAME_KEY = "SECURITY_SECURITY_LAST_USERNAME"; - private String usernameParameter = ACEGI_SECURITY_FORM_USERNAME_KEY; - private String passwordParameter = ACEGI_SECURITY_FORM_PASSWORD_KEY; + private String usernameParameter = SPRING_SECURITY_FORM_USERNAME_KEY; + private String passwordParameter = SPRING_SECURITY_FORM_PASSWORD_KEY; //~ Methods ======================================================================================================== @@ -73,7 +73,7 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter { UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password); // Place the last username attempted into HttpSession for views - request.getSession().setAttribute(ACEGI_SECURITY_LAST_USERNAME_KEY, username); + request.getSession().setAttribute(SPRING_SECURITY_LAST_USERNAME_KEY, username); // Allow subclasses to set the "details" property setDetails(request, authRequest); diff --git a/core/src/main/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilter.java index 2d3786a36e..a6fe7a57c6 100644 --- a/core/src/main/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilter.java +++ b/core/src/main/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilter.java @@ -39,8 +39,8 @@ import javax.servlet.http.HttpServletResponse; * next paragraph). This allows applications to optionally function even when their Siteminder infrastructure is * unavailable, as is often the case during development.

*

Login forms must present two parameters to this filter: a username and password. If not - * specified, the parameter names to use are contained in the static fields {@link #ACEGI_SECURITY_FORM_USERNAME_KEY} - * and {@link #ACEGI_SECURITY_FORM_PASSWORD_KEY}.

+ * specified, the parameter names to use are contained in the static fields {@link #SPRING_SECURITY_FORM_USERNAME_KEY} + * and {@link #SPRING_SECURITY_FORM_PASSWORD_KEY}.

*

Do not use this class directly. Instead, configure web.xml to use the {@link * org.springframework.security.util.FilterToBeanProxy}.

*/ @@ -101,7 +101,7 @@ public class SiteminderAuthenticationProcessingFilter extends AuthenticationProc if ((formUsernameParameterKey != null) && (formUsernameParameterKey.length() > 0)) { username = request.getParameter(formUsernameParameterKey); } else { - username = request.getParameter(ACEGI_SECURITY_FORM_USERNAME_KEY); + username = request.getParameter(SPRING_SECURITY_FORM_USERNAME_KEY); } password = obtainPassword(request); @@ -130,7 +130,7 @@ public class SiteminderAuthenticationProcessingFilter extends AuthenticationProc setDetails(request, authRequest); // Place the last username attempted into HttpSession for views - request.getSession().setAttribute(ACEGI_SECURITY_LAST_USERNAME_KEY, username); + request.getSession().setAttribute(SPRING_SECURITY_LAST_USERNAME_KEY, username); return this.getAuthenticationManager().authenticate(authRequest); } @@ -184,7 +184,7 @@ public class SiteminderAuthenticationProcessingFilter extends AuthenticationProc if ((formPasswordParameterKey != null) && (formPasswordParameterKey.length() > 0)) { return request.getParameter(formPasswordParameterKey); } else { - return request.getParameter(ACEGI_SECURITY_FORM_PASSWORD_KEY); + return request.getParameter(SPRING_SECURITY_FORM_PASSWORD_KEY); } } @@ -209,7 +209,7 @@ public class SiteminderAuthenticationProcessingFilter extends AuthenticationProc //is present and user is not already authenticated. boolean bAuthenticated = false; SecurityContext context = (SecurityContext) - request.getSession().getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY); + request.getSession().getAttribute(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY); if (context != null) { Authentication auth = context.getAuthentication(); diff --git a/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilter.java index 102d517c5d..8a412bf9b2 100644 --- a/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilter.java +++ b/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilter.java @@ -206,6 +206,6 @@ public class X509ProcessingFilter implements Filter, InitializingBean, Applicati logger.debug("Updated SecurityContextHolder to contain null Authentication"); } - request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY, failed); + request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, failed); } } diff --git a/core/src/main/java/org/springframework/security/wrapper/SavedRequestAwareWrapper.java b/core/src/main/java/org/springframework/security/wrapper/SavedRequestAwareWrapper.java index d9a7b905c1..f48e156695 100644 --- a/core/src/main/java/org/springframework/security/wrapper/SavedRequestAwareWrapper.java +++ b/core/src/main/java/org/springframework/security/wrapper/SavedRequestAwareWrapper.java @@ -90,7 +90,7 @@ public class SavedRequestAwareWrapper extends SecurityContextHolderAwareRequestW return; } - SavedRequest saved = (SavedRequest) session.getAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY); + SavedRequest saved = (SavedRequest) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY); if ((saved != null) && saved.doesRequestMatch(request, portResolver)) { if (logger.isDebugEnabled()) { @@ -98,7 +98,7 @@ public class SavedRequestAwareWrapper extends SecurityContextHolderAwareRequestW } savedRequest = saved; - session.removeAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY); + session.removeAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY); formats[0] = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss zzz", Locale.US); formats[1] = new SimpleDateFormat("EEEEEE, dd-MMM-yy HH:mm:ss zzz", Locale.US); diff --git a/core/src/test/java/org/springframework/security/context/HttpSessionContextIntegrationFilterTests.java b/core/src/test/java/org/springframework/security/context/HttpSessionContextIntegrationFilterTests.java index 93b90c315c..ab11a99f77 100644 --- a/core/src/test/java/org/springframework/security/context/HttpSessionContextIntegrationFilterTests.java +++ b/core/src/test/java/org/springframework/security/context/HttpSessionContextIntegrationFilterTests.java @@ -118,7 +118,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase { // Build a mock request MockHttpServletRequest request = new MockHttpServletRequest(); request.getSession().setAttribute( - HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY, + HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY, sc); MockHttpServletResponse response = new MockHttpServletResponse(); @@ -170,7 +170,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase { // Build a mock request MockHttpServletRequest request = new MockHttpServletRequest(); request.getSession().setAttribute( - HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY, + HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY, sc); MockHttpServletResponse response = new MockHttpServletResponse(); @@ -188,7 +188,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase { // Obtain new/update Authentication from HttpSession SecurityContext context = (SecurityContext) request.getSession().getAttribute( - HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY); + HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY); assertEquals(updatedPrincipal, ((SecurityContext) context).getAuthentication()); } @@ -214,7 +214,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase { // Obtain new/updated Authentication from HttpSession SecurityContext context = (SecurityContext) request.getSession(false).getAttribute( - HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY); + HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY); assertEquals(updatedPrincipal, ((SecurityContext) context).getAuthentication()); } @@ -268,7 +268,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase { // Build a mock request MockHttpServletRequest request = new MockHttpServletRequest(); request.getSession().setAttribute( - HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY, + HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY, "NOT_A_CONTEXT_OBJECT"); MockHttpServletResponse response = new MockHttpServletResponse(); @@ -284,7 +284,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase { // Obtain new/update Authentication from HttpSession SecurityContext context = (SecurityContext) request.getSession().getAttribute( - HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY); + HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY); assertEquals(updatedPrincipal, ((SecurityContext) context).getAuthentication()); } @@ -302,7 +302,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase { MockHttpServletRequest request = new MockHttpServletRequest(); request.getSession().setAttribute( - HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY, + HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY, sc); MockHttpServletResponse response = new MockHttpServletResponse(); diff --git a/core/src/test/java/org/springframework/security/providers/jaas/JaasAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/providers/jaas/JaasAuthenticationProviderTests.java index 2a54ae82fd..5ebad58e0d 100644 --- a/core/src/test/java/org/springframework/security/providers/jaas/JaasAuthenticationProviderTests.java +++ b/core/src/test/java/org/springframework/security/providers/jaas/JaasAuthenticationProviderTests.java @@ -214,7 +214,7 @@ public class JaasAuthenticationProviderTests extends TestCase { context.setAuthentication(token); MockHttpSession mockSession = new MockHttpSession(); - mockSession.setAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY, context); + mockSession.setAttribute(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY, context); jaasProvider.onApplicationEvent(new HttpSessionDestroyedEvent(mockSession)); diff --git a/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java index 2ad3371229..d542cd389c 100644 --- a/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java +++ b/core/src/test/java/org/springframework/security/ui/AbstractProcessingFilterTests.java @@ -376,7 +376,7 @@ public class AbstractProcessingFilterTests extends TestCase { throws Exception { // Setup our HTTP request MockHttpServletRequest request = createMockRequest(); - request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY, makeSavedRequestForUrl()); + request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY, makeSavedRequestForUrl()); // Setup our filter configuration MockFilterConfig config = new MockFilterConfig(null, null); @@ -402,7 +402,7 @@ public class AbstractProcessingFilterTests extends TestCase { public void testSuccessfulAuthenticationCausesRedirectToSessionSpecifiedUrl() throws Exception { // Setup our HTTP request MockHttpServletRequest request = createMockRequest(); - request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY, makeSavedRequestForUrl()); + request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_SAVED_REQUEST_KEY, makeSavedRequestForUrl()); // Setup our filter configuration MockFilterConfig config = new MockFilterConfig(null, null); diff --git a/core/src/test/java/org/springframework/security/ui/ExceptionTranslationFilterTests.java b/core/src/test/java/org/springframework/security/ui/ExceptionTranslationFilterTests.java index 92f743788a..ce4e0dc5fd 100644 --- a/core/src/test/java/org/springframework/security/ui/ExceptionTranslationFilterTests.java +++ b/core/src/test/java/org/springframework/security/ui/ExceptionTranslationFilterTests.java @@ -128,7 +128,7 @@ public class ExceptionTranslationFilterTests extends TestCase { filter.doFilter(request, response, chain); assertEquals(403, response.getStatus()); assertEquals(AccessDeniedException.class, request.getAttribute( - AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY).getClass()); + AccessDeniedHandlerImpl.SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY).getClass()); } public void testDoFilterWithNonHttpServletRequestDetected() throws Exception { diff --git a/core/src/test/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServicesTests.java b/core/src/test/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServicesTests.java index 363f25b84b..706f8398f3 100644 --- a/core/src/test/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServicesTests.java +++ b/core/src/test/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServicesTests.java @@ -105,7 +105,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { assertNull(result); - Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); + Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); assertNull(returnedCookie); // shouldn't try to invalidate our cookie } @@ -126,7 +126,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { assertNull(result); - Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); + Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); assertNull(returnedCookie); // shouldn't try to invalidate our cookie } @@ -139,7 +139,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { services.setUserDetailsService(new MockAuthenticationDao(user, false)); // services.afterPropertiesSet(); - Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, + Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, generateCorrectCookieContentForToken(System.currentTimeMillis() - 1000000, "someone", "password", "key")); MockHttpServletRequest request = new MockHttpServletRequest(); request.setCookies(new Cookie[] {cookie}); @@ -150,7 +150,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { assertNull(result); - Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); + Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); assertNotNull(returnedCookie); assertEquals(0, returnedCookie.getMaxAge()); } @@ -165,7 +165,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { services.setUserDetailsService(new MockAuthenticationDao(user, false)); //services.afterPropertiesSet(); - Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, + Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, new String(Base64.encodeBase64("x".getBytes()))); MockHttpServletRequest request = new MockHttpServletRequest(); request.setCookies(new Cookie[] {cookie}); @@ -176,7 +176,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { assertNull(result); - Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); + Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); assertNotNull(returnedCookie); assertEquals(0, returnedCookie.getMaxAge()); } @@ -190,7 +190,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { services.setUserDetailsService(new MockAuthenticationDao(user, false)); //services.afterPropertiesSet(); - Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, + Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, "NOT_BASE_64_ENCODED"); MockHttpServletRequest request = new MockHttpServletRequest(); request.setCookies(new Cookie[] {cookie}); @@ -201,7 +201,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { assertNull(result); - Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); + Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); assertNotNull(returnedCookie); assertEquals(0, returnedCookie.getMaxAge()); } @@ -216,7 +216,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { services.setUserDetailsService(new MockAuthenticationDao(user, false)); //services.afterPropertiesSet(); - Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, + Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password", "WRONG_KEY")); MockHttpServletRequest request = new MockHttpServletRequest(); @@ -228,7 +228,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { assertNull(result); - Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); + Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); assertNotNull(returnedCookie); assertEquals(0, returnedCookie.getMaxAge()); } @@ -243,7 +243,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { services.setUserDetailsService(new MockAuthenticationDao(user, false)); //services.afterPropertiesSet(); - Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, + Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, new String(Base64.encodeBase64("username:NOT_A_NUMBER:signature".getBytes()))); MockHttpServletRequest request = new MockHttpServletRequest(); request.setCookies(new Cookie[] {cookie}); @@ -254,7 +254,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { assertNull(result); - Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); + Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); assertNotNull(returnedCookie); assertEquals(0, returnedCookie.getMaxAge()); } @@ -265,7 +265,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { services.setUserDetailsService(new MockAuthenticationDao(null, true)); //services.afterPropertiesSet(); - Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, + Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password", "key")); MockHttpServletRequest request = new MockHttpServletRequest(); request.setCookies(new Cookie[] {cookie}); @@ -276,7 +276,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { assertNull(result); - Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); + Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); assertNotNull(returnedCookie); assertEquals(0, returnedCookie.getMaxAge()); } @@ -290,7 +290,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { services.setUserDetailsService(new MockAuthenticationDao(user, false)); // services.afterPropertiesSet(); - Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, + Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password", "key")); MockHttpServletRequest request = new MockHttpServletRequest(); request.setCookies(new Cookie[] {cookie}); @@ -330,7 +330,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { MockHttpServletResponse response = new MockHttpServletResponse(); services.loginFail(request, response); - Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); + Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); assertNotNull(cookie); assertEquals(0, cookie.getMaxAge()); } @@ -346,7 +346,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { new TestingAuthenticationToken("someone", "password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")})); - Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); + Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); assertNull(cookie); } @@ -361,7 +361,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { new TestingAuthenticationToken("someone", "password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")})); - Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); + Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); assertNotNull(cookie); assertEquals(services.getTokenValiditySeconds(), cookie.getMaxAge()); assertTrue(Base64.isArrayByteBase64(cookie.getValue().getBytes())); @@ -381,7 +381,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase { new TestingAuthenticationToken(user, "ignored", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")})); - Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); + Cookie cookie = response.getCookie(TokenBasedRememberMeServices.SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY); assertNotNull(cookie); assertEquals(services.getTokenValiditySeconds(), cookie.getMaxAge()); assertTrue(Base64.isArrayByteBase64(cookie.getValue().getBytes())); diff --git a/core/src/test/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests.java index c34d38ca72..3a2873ad1a 100644 --- a/core/src/test/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests.java +++ b/core/src/test/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests.java @@ -80,7 +80,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { SecurityContextHolder.getContext().setAuthentication(auth); MockHttpServletRequest request = new MockHttpServletRequest(); - request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "user-that-doesnt-exist"); + request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "user-that-doesnt-exist"); SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord()); @@ -101,7 +101,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { MockHttpServletRequest request = new MockHttpServletRequest(); // this user is disabled - request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "mcgarrett"); + request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "mcgarrett"); SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord()); @@ -124,7 +124,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { MockHttpServletRequest request = new MockHttpServletRequest(); // this user is disabled - request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "wofat"); + request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "wofat"); SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord()); @@ -147,7 +147,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { MockHttpServletRequest request = new MockHttpServletRequest(); // this user is disabled - request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "steve"); + request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "steve"); SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord()); @@ -167,7 +167,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { SecurityContextHolder.getContext().setAuthentication(auth); MockHttpServletRequest request = new MockHttpServletRequest(); - request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "jacklord"); + request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord"); SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord()); @@ -183,7 +183,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { MockHttpServletRequest request = new MockHttpServletRequest(); String username = null; - request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, username); + request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, username); SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord()); @@ -304,7 +304,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { SecurityContextHolder.getContext().setAuthentication(auth); MockHttpServletRequest request = createMockSwitchRequest(); - request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "jacklord"); + request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord"); request.setRequestURI("/webapp/j_acegi_switch_user"); MockHttpServletResponse response = new MockHttpServletResponse(); @@ -351,7 +351,7 @@ public class SwitchUserProcessingFilterTests extends TestCase { // http request MockHttpServletRequest request = new MockHttpServletRequest(); request.setRequestURI("/webapp/j_acegi_switch_user"); - request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "jacklord"); + request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord"); // http response MockHttpServletResponse response = new MockHttpServletResponse(); diff --git a/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java index 592f15612a..1e0cfce229 100644 --- a/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java +++ b/core/src/test/java/org/springframework/security/ui/webapp/AuthenticationProcessingFilterTests.java @@ -52,8 +52,8 @@ public class AuthenticationProcessingFilterTests extends TestCase { public void testNormalOperation() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); - request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, "marissa"); - request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala"); + request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "marissa"); + request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala"); AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter(); filter.setAuthenticationManager(new MockAuthenticationManager(true)); @@ -66,7 +66,7 @@ public class AuthenticationProcessingFilterTests extends TestCase { public void testNullPasswordHandledGracefully() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); - request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, "marissa"); + request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "marissa"); AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter(); filter.setAuthenticationManager(new MockAuthenticationManager(true)); @@ -78,7 +78,7 @@ public class AuthenticationProcessingFilterTests extends TestCase { public void testNullUsernameHandledGracefully() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); - request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala"); + request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala"); AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter(); filter.setAuthenticationManager(new MockAuthenticationManager(true)); @@ -106,8 +106,8 @@ public class AuthenticationProcessingFilterTests extends TestCase { public void testSpacesAreTrimmedCorrectlyFromUsername() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); - request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, " marissa "); - request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala"); + request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, " marissa "); + request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala"); AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter(); filter.setAuthenticationManager(new MockAuthenticationManager(true)); diff --git a/core/src/test/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilterTests.java index 51b9c82a27..01aba7488e 100644 --- a/core/src/test/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilterTests.java +++ b/core/src/test/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilterTests.java @@ -103,8 +103,8 @@ public class SiteminderAuthenticationProcessingFilterTests extends TestCase { */ public void testFormNormalOperation() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); - request.addParameter(SiteminderAuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, "marissa"); - request.addParameter(SiteminderAuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala"); + request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "marissa"); + request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala"); MockAuthenticationManager authMgr = new MockAuthenticationManager(true); @@ -124,7 +124,7 @@ public class SiteminderAuthenticationProcessingFilterTests extends TestCase { */ public void testFormNullPasswordHandledGracefully() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); - request.addParameter(SiteminderAuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY, "marissa"); + request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "marissa"); MockAuthenticationManager authMgr = new MockAuthenticationManager(true); @@ -143,7 +143,7 @@ public class SiteminderAuthenticationProcessingFilterTests extends TestCase { */ public void testFormNullUsernameHandledGracefully() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); - request.addParameter(SiteminderAuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY, "koala"); + request.addParameter(SiteminderAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala"); MockAuthenticationManager authMgr = new MockAuthenticationManager(true); diff --git a/core/src/test/java/org/springframework/security/ui/x509/X509ProcessingFilterTests.java b/core/src/test/java/org/springframework/security/ui/x509/X509ProcessingFilterTests.java index 9d74368062..baa1ae9b5b 100644 --- a/core/src/test/java/org/springframework/security/ui/x509/X509ProcessingFilterTests.java +++ b/core/src/test/java/org/springframework/security/ui/x509/X509ProcessingFilterTests.java @@ -82,7 +82,7 @@ public class X509ProcessingFilterTests extends TestCase { filter.doFilter(request, response, chain); Object lastException = request.getSession() - .getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY); + .getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY); assertNull("Authentication should be null", SecurityContextHolder.getContext().getAuthentication()); assertTrue("BadCredentialsException should have been thrown", lastException instanceof BadCredentialsException); diff --git a/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java b/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java index 57dde40b3b..7bd61766f6 100755 --- a/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java +++ b/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java @@ -426,7 +426,7 @@ public class NtlmProcessingFilter extends HttpFilter implements InitializingBean authRequest.setDetails(new WebAuthenticationDetails(request)); // Place the last username attempted into HttpSession for views - session.setAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY, authRequest.getName()); + session.setAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY, authRequest.getName()); // Backup the current authentication in case of an AuthenticationException backupAuth = SecurityContextHolder.getContext().getAuthentication(); diff --git a/portlet/src/main/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptor.java b/portlet/src/main/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptor.java index 514bca398c..b93a5f1011 100644 --- a/portlet/src/main/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptor.java +++ b/portlet/src/main/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptor.java @@ -101,7 +101,7 @@ public class PortletSessionContextIntegrationInterceptor protected static final Log logger = LogFactory.getLog(PortletSessionContextIntegrationInterceptor.class); - public static final String ACEGI_SECURITY_CONTEXT_KEY = HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY; + public static final String SPRING_SECURITY_CONTEXT_KEY = HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY; private static final String SESSION_EXISTED = PortletSessionContextIntegrationInterceptor.class.getName() + ".SESSION_EXISTED"; private static final String CONTEXT_HASHCODE = PortletSessionContextIntegrationInterceptor.class.getName() + ".CONTEXT_HASHCODE"; @@ -238,7 +238,7 @@ public class PortletSessionContextIntegrationInterceptor portletSessionExistedAtStartOfRequest = true; // attempt to retrieve the context from the session - Object contextFromSessionObject = portletSession.getAttribute(ACEGI_SECURITY_CONTEXT_KEY, portletSessionScope()); + Object contextFromSessionObject = portletSession.getAttribute(SPRING_SECURITY_CONTEXT_KEY, portletSessionScope()); // if we got a context then place it into the holder if (contextFromSessionObject != null) { @@ -262,12 +262,12 @@ public class PortletSessionContextIntegrationInterceptor // if what we got is a valid context then place it into the holder, otherwise create a new one if (contextFromSessionObject instanceof SecurityContext) { if (logger.isDebugEnabled()) - logger.debug("Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and " + logger.debug("Obtained from SPRING_SECURITY_CONTEXT a valid SecurityContext and " + "set to SecurityContextHolder: '" + contextFromSessionObject + "'"); SecurityContextHolder.setContext((SecurityContext) contextFromSessionObject); } else { if (logger.isWarnEnabled()) - logger.warn("ACEGI_SECURITY_CONTEXT did not contain a SecurityContext but contained: '" + logger.warn("SPRING_SECURITY_CONTEXT did not contain a SecurityContext but contained: '" + contextFromSessionObject + "'; are you improperly modifying the PortletSession directly " + "(you should always use SecurityContextHolder) or using the PortletSession attribute " @@ -280,7 +280,7 @@ public class PortletSessionContextIntegrationInterceptor // there was no context in the session, so create a new context and put it in the holder if (logger.isDebugEnabled()) - logger.debug("PortletSession returned null object for ACEGI_SECURITY_CONTEXT - new " + logger.debug("PortletSession returned null object for SPRING_SECURITY_CONTEXT - new " + "SecurityContext instance associated with SecurityContextHolder"); SecurityContextHolder.setContext(generateNewContext()); } @@ -354,7 +354,7 @@ public class PortletSessionContextIntegrationInterceptor // if the session exists and the context has changes, then store the context back into the session if ((portletSession != null) && (SecurityContextHolder.getContext().hashCode() != oldContextHashCode)) { - portletSession.setAttribute(ACEGI_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext(), portletSessionScope()); + portletSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext(), portletSessionScope()); if (logger.isDebugEnabled()) logger.debug("SecurityContext stored to PortletSession: '" + SecurityContextHolder.getContext() + "'"); diff --git a/portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingInterceptor.java b/portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingInterceptor.java index d12c11f2a1..3d259ce6a6 100644 --- a/portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingInterceptor.java +++ b/portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingInterceptor.java @@ -55,7 +55,7 @@ import org.springframework.web.portlet.ModelAndView; * is guaranteed to have already been created by an earlier interceptor. If authentication * fails, the AuthenticationException will be placed into the * APPLICATION_SCOPE of the PortletSession with the attribute defined - * by {@link AbstractProcessingFilter#ACEGI_SECURITY_LAST_EXCEPTION_KEY}.

+ * by {@link AbstractProcessingFilter#SPRING_SECURITY_LAST_EXCEPTION_KEY}.

* *

Some portals do not properly provide the identity of the current user via the * getRemoteUser() or getUserPrincipal() methods of the @@ -170,7 +170,7 @@ public class PortletProcessingInterceptor implements logger.debug("Authentication failed - updating ContextHolder to contain null Authentication"); ctx.setAuthentication(null); request.getPortletSession().setAttribute( - AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY, + AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, failed, PortletSession.APPLICATION_SCOPE); onUnsuccessfulAuthentication(request, response, failed); } diff --git a/portlet/src/test/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptorTests.java b/portlet/src/test/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptorTests.java index dcb4d63eab..76e4eb0de3 100644 --- a/portlet/src/test/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptorTests.java +++ b/portlet/src/test/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptorTests.java @@ -108,7 +108,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase { MockRenderRequest request = PortletTestUtils.createRenderRequest(); MockRenderResponse response = PortletTestUtils.createRenderResponse(); request.getPortletSession().setAttribute( - PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY, + PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY, sc, PortletSession.APPLICATION_SCOPE); // Prepare interceptor @@ -145,7 +145,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase { MockActionRequest request = PortletTestUtils.createActionRequest(); MockActionResponse response = PortletTestUtils.createActionResponse(); request.getPortletSession().setAttribute( - PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY, + PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY, sc, PortletSession.APPLICATION_SCOPE); // Prepare interceptor @@ -178,7 +178,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase { MockActionRequest request = PortletTestUtils.createActionRequest(); MockActionResponse response = PortletTestUtils.createActionResponse(); request.getPortletSession().setAttribute( - PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY, + PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY, sc, PortletSession.APPLICATION_SCOPE); // Prepare interceptor @@ -209,7 +209,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase { // Verify the new principal is stored in the session sc = (SecurityContext)request.getPortletSession().getAttribute( - PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY, + PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY, PortletSession.APPLICATION_SCOPE); assertEquals(baselinePrincipal, sc.getAuthentication()); } @@ -232,7 +232,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase { // Verify Authentication is in the PortletSession SecurityContext sc = (SecurityContext)request.getPortletSession(false). - getAttribute(PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY, PortletSession.APPLICATION_SCOPE); + getAttribute(PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY, PortletSession.APPLICATION_SCOPE); assertEquals(principal, ((SecurityContext)sc).getAuthentication()); } @@ -280,7 +280,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase { MockActionRequest request = PortletTestUtils.createActionRequest(); MockActionResponse response = PortletTestUtils.createActionResponse(); request.getPortletSession().setAttribute( - PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY, + PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY, "NOT_A_CONTEXT_OBJECT", PortletSession.APPLICATION_SCOPE); // Prepare the interceptor @@ -295,7 +295,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase { // Verify Authentication is in the PortletSession SecurityContext sc = (SecurityContext)request.getPortletSession(false). - getAttribute(PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY, PortletSession.APPLICATION_SCOPE); + getAttribute(PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY, PortletSession.APPLICATION_SCOPE); assertEquals(principal, ((SecurityContext)sc).getAuthentication()); } @@ -334,7 +334,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase { MockActionRequest request = PortletTestUtils.createActionRequest(); MockActionResponse response = PortletTestUtils.createActionResponse(); request.getPortletSession().setAttribute( - PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY, + PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY, sc, PortletSession.PORTLET_SCOPE); // Prepare interceptor @@ -363,7 +363,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase { // Verify the new principal is stored in the session sc = (SecurityContext)request.getPortletSession().getAttribute( - PortletSessionContextIntegrationInterceptor.ACEGI_SECURITY_CONTEXT_KEY, + PortletSessionContextIntegrationInterceptor.SPRING_SECURITY_CONTEXT_KEY, PortletSession.PORTLET_SCOPE); assertEquals(baselinePrincipal, sc.getAuthentication()); } diff --git a/portlet/src/test/java/org/springframework/security/ui/portlet/PortletProcessingInterceptorTests.java b/portlet/src/test/java/org/springframework/security/ui/portlet/PortletProcessingInterceptorTests.java index 6779b59d76..2b5143f1b4 100644 --- a/portlet/src/test/java/org/springframework/security/ui/portlet/PortletProcessingInterceptorTests.java +++ b/portlet/src/test/java/org/springframework/security/ui/portlet/PortletProcessingInterceptorTests.java @@ -149,7 +149,7 @@ public class PortletProcessingInterceptorTests extends TestCase { // Verify that proper exception was thrown assertTrue(request.getPortletSession().getAttribute( - AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY, + AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, PortletSession.APPLICATION_SCOPE) instanceof BadCredentialsException); } diff --git a/samples/contacts/src/main/webapp/accessDenied.jsp b/samples/contacts/src/main/webapp/accessDenied.jsp index c957899b37..0a9dd506c4 100644 --- a/samples/contacts/src/main/webapp/accessDenied.jsp +++ b/samples/contacts/src/main/webapp/accessDenied.jsp @@ -6,7 +6,7 @@

-<%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%> +<%= request.getAttribute(AccessDeniedHandlerImpl.SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>

diff --git a/samples/contacts/src/main/webapp/acegilogin.jsp b/samples/contacts/src/main/webapp/acegilogin.jsp index 549cc5b609..b91253d996 100644 --- a/samples/contacts/src/main/webapp/acegilogin.jsp +++ b/samples/contacts/src/main/webapp/acegilogin.jsp @@ -28,13 +28,13 @@ Your login attempt was not successful, try again.

- Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %> + Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>

- + diff --git a/samples/contacts/src/main/webapp/casfailed.jsp b/samples/contacts/src/main/webapp/casfailed.jsp index 92eb5a045a..6e5bf6af70 100644 --- a/samples/contacts/src/main/webapp/casfailed.jsp +++ b/samples/contacts/src/main/webapp/casfailed.jsp @@ -12,7 +12,7 @@ Your CAS credentials were rejected.

- Reason: <%= ((AuthenticationException) session.getAttribute(org.springframework.security.ui.AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %> + Reason: <%= ((AuthenticationException) session.getAttribute(org.springframework.security.ui.AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %> diff --git a/samples/contacts/src/main/webapp/exitUser.jsp b/samples/contacts/src/main/webapp/exitUser.jsp index a3c5ad7216..64bd876bdc 100644 --- a/samples/contacts/src/main/webapp/exitUser.jsp +++ b/samples/contacts/src/main/webapp/exitUser.jsp @@ -17,7 +17,7 @@ Your 'Exit User' attempt was not successful, try again.

- Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %> + Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %> diff --git a/samples/contacts/src/main/webapp/switchUser.jsp b/samples/contacts/src/main/webapp/switchUser.jsp index 93ea5a21d9..36a6cd8c35 100644 --- a/samples/contacts/src/main/webapp/switchUser.jsp +++ b/samples/contacts/src/main/webapp/switchUser.jsp @@ -26,7 +26,7 @@ Your 'su' attempt was not successful, try again.

- Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %> + Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %> diff --git a/samples/tutorial/src/main/webapp/accessDenied.jsp b/samples/tutorial/src/main/webapp/accessDenied.jsp index 8f75cb8341..a9582cde70 100644 --- a/samples/tutorial/src/main/webapp/accessDenied.jsp +++ b/samples/tutorial/src/main/webapp/accessDenied.jsp @@ -6,7 +6,7 @@

-<%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%> +<%= request.getAttribute(AccessDeniedHandlerImpl.SPRING_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>

diff --git a/samples/tutorial/src/main/webapp/acegilogin.jsp b/samples/tutorial/src/main/webapp/acegilogin.jsp index 6b5d4d0f5c..cc4d9995e6 100644 --- a/samples/tutorial/src/main/webapp/acegilogin.jsp +++ b/samples/tutorial/src/main/webapp/acegilogin.jsp @@ -25,7 +25,7 @@ Your login attempt was not successful, try again.

- Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %> + Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %> diff --git a/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilter.java b/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilter.java index af8732fdb9..6e3c5f81f9 100644 --- a/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilter.java +++ b/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilter.java @@ -58,7 +58,7 @@ public class OpenIDResponseProcessingFilter extends AbstractProcessingFilter { if (authentication.isAuthenticated()) { req.getSession() - .setAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY, token.getIdentityUrl()); + .setAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY, token.getIdentityUrl()); } return authentication; diff --git a/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIdAuthenticationProcessingFilter.java b/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIdAuthenticationProcessingFilter.java index 051c84635e..c786840703 100644 --- a/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIdAuthenticationProcessingFilter.java +++ b/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIdAuthenticationProcessingFilter.java @@ -41,12 +41,12 @@ public class OpenIdAuthenticationProcessingFilter extends AbstractProcessingFilt //~ Static fields/initializers ===================================================================================== private static final Log log = LogFactory.getLog(OpenIdAuthenticationProcessingFilter.class); - public static final String DEFAULT_CLAMED_IDENTITY_FIELD = "j_username"; + public static final String DEFAULT_CLAIMED_IDENTITY_FIELD = "j_username"; //~ Instance fields ================================================================================================ private OpenIDConsumer consumer; - private String claimedIdentityFieldName = DEFAULT_CLAMED_IDENTITY_FIELD; + private String claimedIdentityFieldName = DEFAULT_CLAIMED_IDENTITY_FIELD; private String errorPage = "index.jsp"; //~ Methods ======================================================================================================== @@ -72,7 +72,7 @@ public class OpenIdAuthenticationProcessingFilter extends AbstractProcessingFilt if (authentication.isAuthenticated()) { req.getSession() - .setAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY, token.getIdentityUrl()); + .setAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY, token.getIdentityUrl()); } return authentication; @@ -175,7 +175,7 @@ public class OpenIdAuthenticationProcessingFilter extends AbstractProcessingFilt } try { - request.getSession().setAttribute(ACEGI_SECURITY_LAST_EXCEPTION_KEY, failed); + request.getSession().setAttribute(SPRING_SECURITY_LAST_EXCEPTION_KEY, failed); } catch (Exception ignored) { }

User:value='<%= session.getAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY) %>'>
User:value='<%= session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY) %>'>
Password:
Don't ask for my password for two weeks