From 1fa6ac09752734ed00aebf90e81413f7990557cf Mon Sep 17 00:00:00 2001
From: Ben Alex <ben.alex@springsource.com>
Date: Wed, 8 Feb 2006 02:19:43 +0000
Subject: [PATCH] SEC-164: Copy Authentication.getDetails() to returned
 Authentication object.

---
 .../x509/X509AuthenticationProvider.java      | 28 +++++++++++++------
 1 file changed, 19 insertions(+), 9 deletions(-)

diff --git a/core/src/main/java/org/acegisecurity/providers/x509/X509AuthenticationProvider.java b/core/src/main/java/org/acegisecurity/providers/x509/X509AuthenticationProvider.java
index 5e60a3c7c4..be398159a2 100644
--- a/core/src/main/java/org/acegisecurity/providers/x509/X509AuthenticationProvider.java
+++ b/core/src/main/java/org/acegisecurity/providers/x509/X509AuthenticationProvider.java
@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -15,23 +15,29 @@
 
 package org.acegisecurity.providers.x509;
 
-import java.security.cert.X509Certificate;
-
 import org.acegisecurity.AcegiMessageSource;
 import org.acegisecurity.Authentication;
 import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.BadCredentialsException;
+
 import org.acegisecurity.providers.AuthenticationProvider;
 import org.acegisecurity.providers.x509.cache.NullX509UserCache;
+
 import org.acegisecurity.userdetails.UserDetails;
+
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+
 import org.springframework.beans.factory.InitializingBean;
+
 import org.springframework.context.MessageSource;
 import org.springframework.context.MessageSourceAware;
 import org.springframework.context.support.MessageSourceAccessor;
+
 import org.springframework.util.Assert;
 
+import java.security.cert.X509Certificate;
+
 
 /**
  * Processes an X.509 authentication request.
@@ -97,8 +103,8 @@ public class X509AuthenticationProvider implements AuthenticationProvider,
             logger.debug("X509 authentication request: " + authentication);
         }
 
-        X509Certificate clientCertificate =
-                (X509Certificate) authentication.getCredentials();
+        X509Certificate clientCertificate = (X509Certificate) authentication
+            .getCredentials();
 
         if (clientCertificate == null) {
             throw new BadCredentialsException(messages.getMessage(
@@ -109,14 +115,18 @@ public class X509AuthenticationProvider implements AuthenticationProvider,
         UserDetails user = userCache.getUserFromCache(clientCertificate);
 
         if (user == null) {
-            logger.debug("Authenticating with certificate "
-                + clientCertificate);
+            logger.debug("Authenticating with certificate " + clientCertificate);
             user = x509AuthoritiesPopulator.getUserDetails(clientCertificate);
             userCache.putUserInCache(clientCertificate, user);
         }
 
-        return new X509AuthenticationToken(user, clientCertificate,
-            user.getAuthorities());
+        X509AuthenticationToken result = new X509AuthenticationToken(user,
+                clientCertificate, user.getAuthorities());
+
+        result.setDetails((authentication.getDetails() != null)
+            ? authentication.getDetails() : null);
+
+        return result;
     }
 
     public void setMessageSource(MessageSource messageSource) {