GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

SEC-1434: Remove use of BeanDefinition of type java.lang.String which causes problems in Google App Engine. 

This results in the method BeanUtils.findEditorByConvention attempting to get hold of the system classloader which isn't allowed by the security manager in GAE.
3.0.x
Luke Taylor 16 years ago
parent
b8e50c0933
commit
59b69f6f48
2 changed files with 6 additions and 8 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java
  2. 8
      config/src/main/java/org/springframework/security/config/http/HttpSecurityBeanDefinitionParser.java

6
config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java
Unescape View File

@ -83,7 +83,7 @@ class HttpConfigurationBuilder { @@ -83,7 +83,7 @@ class HttpConfigurationBuilder {
private final List<Element> interceptUrls;
// Use ManagedMap to allow placeholder resolution
private ManagedMap<BeanDefinition, List<BeanMetadataElement>> filterChainMap;
private ManagedMap<Object, List<BeanMetadataElement>> filterChainMap;
private BeanDefinition cpf;
private BeanDefinition securityContextPersistenceFilter;
@ -109,7 +109,7 @@ class HttpConfigurationBuilder { @@ -109,7 +109,7 @@ class HttpConfigurationBuilder {
}
void parseInterceptUrlsForEmptyFilterChains() {
filterChainMap = new ManagedMap<BeanDefinition, List<BeanMetadataElement>>();
filterChainMap = new ManagedMap<Object, List<BeanMetadataElement>>();
for (Element urlElt : interceptUrls) {
String path = urlElt.getAttribute(ATT_PATH_PATTERN);
@ -464,7 +464,7 @@ class HttpConfigurationBuilder { @@ -464,7 +464,7 @@ class HttpConfigurationBuilder {
return allowSessionCreation;
}
public ManagedMap<BeanDefinition, List<BeanMetadataElement>> getFilterChainMap() {
public ManagedMap<Object, List<BeanMetadataElement>> getFilterChainMap() {
return filterChainMap;
}

8
config/src/main/java/org/springframework/security/config/http/HttpSecurityBeanDefinitionParser.java
Unescape View File

@ -135,10 +135,8 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser { @@ -135,10 +135,8 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
filterChain.add(od.bean);
}
ManagedMap<BeanDefinition, List<BeanMetadataElement>> filterChainMap = httpBldr.getFilterChainMap();
BeanDefinition universalMatch = new RootBeanDefinition(String.class);
universalMatch.getConstructorArgumentValues().addGenericArgumentValue(matcher.getUniversalMatchPattern());
filterChainMap.put(universalMatch, filterChain);
ManagedMap<Object, List<BeanMetadataElement>> filterChainMap = httpBldr.getFilterChainMap();
filterChainMap.put(matcher.getUniversalMatchPattern(), filterChain);
registerFilterChainProxy(pc, filterChainMap, matcher, source);
@ -247,7 +245,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser { @@ -247,7 +245,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
return customFilters;
}
private void registerFilterChainProxy(ParserContext pc, Map<BeanDefinition, List<BeanMetadataElement>> filterChainMap, UrlMatcher matcher, Object source) {
private void registerFilterChainProxy(ParserContext pc, Map<Object, List<BeanMetadataElement>> filterChainMap, UrlMatcher matcher, Object source) {
if (pc.getRegistry().containsBeanDefinition(BeanIds.FILTER_CHAIN_PROXY)) {
pc.getReaderContext().error("Duplicate <http> element detected", source);
}

Write Preview
Loading…
Cancel
Save