GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

SEC-576: Tidying.

2.0.x
Luke Taylor 18 years ago
parent
c8b9f24038
commit
7854e36029
5 changed files with 54 additions and 93 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      core/src/main/java/org/springframework/security/providers/preauth/PreAuthenticatedAuthenticationProvider.java
  2. 32
      core/src/main/java/org/springframework/security/ui/FilterChainOrder.java
  3. 64
      core/src/main/java/org/springframework/security/ui/preauth/AbstractPreAuthenticatedProcessingFilter.java
  4. 4
      core/src/main/java/org/springframework/security/ui/preauth/j2ee/J2eePreAuthenticatedProcessingFilter.java
  5. 38
      core/src/test/java/org/springframework/security/ui/preauth/PreAuthenticatedProcessingFilterTests.java

9
core/src/main/java/org/springframework/security/providers/preauth/PreAuthenticatedAuthenticationProvider.java
Unescape View File

@ -14,7 +14,7 @@ import org.springframework.util.Assert;
/** /**
* <p> * <p>
* Processes a pre-authenticated authentication request. The request will * Processes a pre-authenticated authentication request. The request will
* typically originate from a {@link AbstractPreAuthenticatedProcessingFilter} * typically originate from a {@link org.springframework.security.ui.preauth.AbstractPreAuthenticatedProcessingFilter}
* subclass. * subclass.
* </p> * </p>
* *
@ -55,8 +55,8 @@ public class PreAuthenticatedAuthenticationProvider implements AuthenticationPro
if (ud == null) { if (ud == null) {
return null; return null;
} }
PreAuthenticatedAuthenticationToken result = new PreAuthenticatedAuthenticationToken(ud, authentication.getCredentials(), ud PreAuthenticatedAuthenticationToken result =
.getAuthorities()); new PreAuthenticatedAuthenticationToken(ud, authentication.getCredentials(), ud.getAuthorities());
result.setDetails(authentication.getDetails()); result.setDetails(authentication.getDetails());
return result; return result;
@ -64,8 +64,7 @@ public class PreAuthenticatedAuthenticationProvider implements AuthenticationPro
} }
/** /**
* Indicate that this provider only supports * Indicate that this provider only supports PreAuthenticatedAuthenticationToken (sub)classes.
* PreAuthenticatedAuthenticationToken (sub)classes.
*/ */
public boolean supports(Class authentication) { public boolean supports(Class authentication) {
return PreAuthenticatedAuthenticationToken.class.isAssignableFrom(authentication); return PreAuthenticatedAuthenticationToken.class.isAssignableFrom(authentication);

32
core/src/main/java/org/springframework/security/ui/FilterChainOrder.java
Unescape View File

@ -15,20 +15,22 @@ public abstract class FilterChainOrder {
*/ */
public static final int FILTER_CHAIN_FIRST = Ordered.HIGHEST_PRECEDENCE + 1000; public static final int FILTER_CHAIN_FIRST = Ordered.HIGHEST_PRECEDENCE + 1000;
private static final int INTERVAL = 100; private static final int INTERVAL = 100;
private static int i = 1;
public static final int CHANNEL_PROCESSING_FILTER = FILTER_CHAIN_FIRST + INTERVAL; public static final int CHANNEL_PROCESSING_FILTER = FILTER_CHAIN_FIRST;
public static final int CONCURRENT_SESSION_FILTER = FILTER_CHAIN_FIRST + INTERVAL * 2; public static final int CONCURRENT_SESSION_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
public static final int HTTP_SESSION_CONTEXT_FILTER = FILTER_CHAIN_FIRST + INTERVAL * 3; public static final int HTTP_SESSION_CONTEXT_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
public static final int LOGOUT_FILTER = FILTER_CHAIN_FIRST + INTERVAL * 4; public static final int LOGOUT_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
public static final int AUTH_PROCESSING_FILTER = FILTER_CHAIN_FIRST + INTERVAL * 5; public static final int PRE_AUTH_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
public static final int CAS_PROCESSING_FILTER = FILTER_CHAIN_FIRST + INTERVAL * 5; public static final int CAS_PROCESSING_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
public static final int LOGIN_PAGE_FILTER = FILTER_CHAIN_FIRST + INTERVAL * 6; public static final int AUTH_PROCESSING_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
public static final int BASIC_PROCESSING_FILTER = FILTER_CHAIN_FIRST + INTERVAL * 7; public static final int LOGIN_PAGE_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
public static final int SECURITY_CONTEXT_HOLDER_AWARE_FILTER = FILTER_CHAIN_FIRST + INTERVAL * 8; public static final int BASIC_PROCESSING_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
public static final int REMEMBER_ME_FILTER = FILTER_CHAIN_FIRST + INTERVAL * 9; public static final int SECURITY_CONTEXT_HOLDER_AWARE_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
public static final int ANON_PROCESSING_FILTER = FILTER_CHAIN_FIRST + INTERVAL * 10; public static final int REMEMBER_ME_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
public static final int EXCEPTION_TRANSLATION_FILTER = FILTER_CHAIN_FIRST + INTERVAL * 11; public static final int ANON_PROCESSING_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
public static final int NTLM_FILTER = FILTER_CHAIN_FIRST + INTERVAL * 12; public static final int EXCEPTION_TRANSLATION_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
public static final int FILTER_SECURITY_INTERCEPTOR = FILTER_CHAIN_FIRST + INTERVAL * 13; public static final int NTLM_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
public static final int SWITCH_USER_FILTER = FILTER_CHAIN_FIRST + INTERVAL * 14; public static final int FILTER_SECURITY_INTERCEPTOR = FILTER_CHAIN_FIRST + INTERVAL * i++;
public static final int SWITCH_USER_FILTER = FILTER_CHAIN_FIRST + INTERVAL * i++;
} }

64
core/src/main/java/org/springframework/security/ui/preauth/AbstractPreAuthenticatedProcessingFilter.java
Unescape View File

@ -2,12 +2,8 @@ package org.springframework.security.ui.preauth;
import java.io.IOException; import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain; import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
@ -19,6 +15,7 @@ import org.springframework.security.event.authentication.InteractiveAuthenticati
import org.springframework.security.ui.AuthenticationDetailsSource; import org.springframework.security.ui.AuthenticationDetailsSource;
import org.springframework.security.ui.AuthenticationDetailsSourceImpl; import org.springframework.security.ui.AuthenticationDetailsSourceImpl;
import org.springframework.security.ui.AbstractProcessingFilter; import org.springframework.security.ui.AbstractProcessingFilter;
import org.springframework.security.ui.SpringSecurityFilter;
import org.springframework.security.context.SecurityContextHolder; import org.springframework.security.context.SecurityContextHolder;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
@ -29,16 +26,16 @@ import org.springframework.context.ApplicationEventPublisherAware;
import org.springframework.util.Assert; import org.springframework.util.Assert;
/** /**
* Base class for processing filters that handle pre-authenticated * Base class for processing filters that handle pre-authenticated authentication requests. Subclasses must implement
* authentication requests. Subclasses must implement the * the getPreAuthenticatedPrincipal() and getPreAuthenticatedCredentials() methods.
* getPreAuthenticatedPrincipal() and getPreAuthenticatedCredentials() methods. *
* <p> * @author Ruud Senden
* This code is partly based on * @since 2.0
* {@link org.springframework.security.ui.x509.X509ProcessingFilter}.
* </p>
*/ */
public abstract class AbstractPreAuthenticatedProcessingFilter implements Filter, InitializingBean, ApplicationEventPublisherAware { public abstract class AbstractPreAuthenticatedProcessingFilter extends SpringSecurityFilter implements
private static final Log LOG = LogFactory.getLog(AbstractPreAuthenticatedProcessingFilter.class); InitializingBean, ApplicationEventPublisherAware {
private static final Log LOG = LogFactory.getLog(AbstractPreAuthenticatedProcessingFilter.class);
private ApplicationEventPublisher eventPublisher = null; private ApplicationEventPublisher eventPublisher = null;
@ -54,37 +51,21 @@ public abstract class AbstractPreAuthenticatedProcessingFilter implements Filter
} }
/** /**
* Try to authenticate a pre-authenticated user with Acegi if the user has * Try to authenticate a pre-authenticated user with Spring Security if the user has not yet been authenticated.
* not yet been authenticated.
*/ */
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException { public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
if (!(request instanceof HttpServletRequest)) {
throw new ServletException("Can only process HttpServletRequest");
}
if (!(response instanceof HttpServletResponse)) {
throw new ServletException("Can only process HttpServletResponse");
}
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
if (LOG.isDebugEnabled()) { if (LOG.isDebugEnabled()) {
LOG.debug("Checking secure context token: " + SecurityContextHolder.getContext().getAuthentication()); LOG.debug("Checking secure context token: " + SecurityContextHolder.getContext().getAuthentication());
} }
if (SecurityContextHolder.getContext().getAuthentication() == null) { if (SecurityContextHolder.getContext().getAuthentication() == null) {
doAuthenticate(httpRequest, httpResponse); doAuthenticate(request, response);
} }
filterChain.doFilter(request, response); filterChain.doFilter(request, response);
} }
/** /**
* Do the actual authentication for a pre-authenticated user. * Do the actual authentication for a pre-authenticated user.
*
* @param httpRequest
* The HttpServletRequest object
* @param httpResponse
* The HttpServletResponse object
*/ */
private void doAuthenticate(HttpServletRequest httpRequest, HttpServletResponse httpResponse) { private void doAuthenticate(HttpServletRequest httpRequest, HttpServletResponse httpResponse) {
Authentication authResult = null; Authentication authResult = null;
@ -126,9 +107,10 @@ public abstract class AbstractPreAuthenticatedProcessingFilter implements Filter
* when authentication fails. * when authentication fails.
*/ */
protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) { protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) {
SecurityContextHolder.getContext().setAuthentication(null); SecurityContextHolder.clearContext();
if (LOG.isDebugEnabled()) {
LOG.debug("Updated SecurityContextHolder to contain null Authentication due to exception", failed); if (LOG.isDebugEnabled()) {
LOG.debug("Cleared security context due to exception", failed);
} }
request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, failed); request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, failed);
} }
@ -158,18 +140,6 @@ public abstract class AbstractPreAuthenticatedProcessingFilter implements Filter
this.authenticationManager = authenticationManager; this.authenticationManager = authenticationManager;
} }
/**
* Required method, does nothing.
*/
public void init(FilterConfig filterConfig) {
}
/**
* Required method, does nothing.
*/
public void destroy() {
}
protected abstract Object getPreAuthenticatedPrincipal(HttpServletRequest httpRequest); protected abstract Object getPreAuthenticatedPrincipal(HttpServletRequest httpRequest);
protected abstract Object getPreAuthenticatedCredentials(HttpServletRequest httpRequest); protected abstract Object getPreAuthenticatedCredentials(HttpServletRequest httpRequest);

4
core/src/main/java/org/springframework/security/ui/preauth/j2ee/J2eePreAuthenticatedProcessingFilter.java
Unescape View File

@ -33,4 +33,8 @@ public class J2eePreAuthenticatedProcessingFilter extends AbstractPreAuthenticat
protected Object getPreAuthenticatedCredentials(HttpServletRequest httpRequest) { protected Object getPreAuthenticatedCredentials(HttpServletRequest httpRequest) {
return "N/A"; return "N/A";
} }
public int getOrder() {
return 0;
}
} }

38
core/src/test/java/org/springframework/security/ui/preauth/PreAuthenticatedProcessingFilterTests.java
Unescape View File

@ -2,13 +2,13 @@ package org.springframework.security.ui.preauth;
import org.springframework.security.context.SecurityContextHolder; import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.MockAuthenticationManager; import org.springframework.security.MockAuthenticationManager;
import org.springframework.security.ui.FilterChainOrder;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import junit.framework.TestCase; import junit.framework.TestCase;
import org.springframework.mock.web.MockFilterChain; import org.springframework.mock.web.MockFilterChain;
import org.springframework.mock.web.MockFilterConfig;
import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.mock.web.MockHttpServletResponse;
@ -17,8 +17,7 @@ public class PreAuthenticatedProcessingFilterTests extends TestCase {
SecurityContextHolder.clearContext(); SecurityContextHolder.clearContext();
} }
public void testAfterPropertiesSet() public void testAfterPropertiesSet() {
{
ConcretePreAuthenticatedProcessingFilter filter = new ConcretePreAuthenticatedProcessingFilter(); ConcretePreAuthenticatedProcessingFilter filter = new ConcretePreAuthenticatedProcessingFilter();
try { try {
filter.afterPropertiesSet(); filter.afterPropertiesSet();
@ -28,52 +27,39 @@ public class PreAuthenticatedProcessingFilterTests extends TestCase {
fail("AfterPropertiesSet throws unexpected exception"); fail("AfterPropertiesSet throws unexpected exception");
} }
} }
public void testInit() throws Exception
{
getFilter(true).init(new MockFilterConfig());
// Init doesn't do anything, so nothing to test
}
public void testDestroy() throws Exception
{
getFilter(true).destroy();
// Destroy doesn't do anything, so nothing to test
}
public final void testDoFilterAuthenticated() throws Exception public final void testDoFilterAuthenticated() throws Exception {
{
testDoFilter(true); testDoFilter(true);
} }
public final void testDoFilterUnauthenticated() throws Exception public final void testDoFilterUnauthenticated() throws Exception {
{
testDoFilter(false); testDoFilter(false);
} }
private final void testDoFilter(boolean grantAccess) throws Exception private final void testDoFilter(boolean grantAccess) throws Exception {
{
MockHttpServletRequest req = new MockHttpServletRequest(); MockHttpServletRequest req = new MockHttpServletRequest();
MockHttpServletResponse res = new MockHttpServletResponse(); MockHttpServletResponse res = new MockHttpServletResponse();
getFilter(grantAccess).doFilter(req,res,new MockFilterChain()); getFilter(grantAccess).doFilter(req,res,new MockFilterChain());
assertEquals(grantAccess,null!= SecurityContextHolder.getContext().getAuthentication()); assertEquals(grantAccess,null!= SecurityContextHolder.getContext().getAuthentication());
} }
private static final ConcretePreAuthenticatedProcessingFilter getFilter(boolean grantAccess) throws Exception private static final ConcretePreAuthenticatedProcessingFilter getFilter(boolean grantAccess) throws Exception {
{
ConcretePreAuthenticatedProcessingFilter filter = new ConcretePreAuthenticatedProcessingFilter(); ConcretePreAuthenticatedProcessingFilter filter = new ConcretePreAuthenticatedProcessingFilter();
filter.setAuthenticationManager(new MockAuthenticationManager(grantAccess)); filter.setAuthenticationManager(new MockAuthenticationManager(grantAccess));
filter.afterPropertiesSet(); filter.afterPropertiesSet();
return filter; return filter;
} }
private static final class ConcretePreAuthenticatedProcessingFilter extends AbstractPreAuthenticatedProcessingFilter private static final class ConcretePreAuthenticatedProcessingFilter extends AbstractPreAuthenticatedProcessingFilter {
{
protected Object getPreAuthenticatedPrincipal(HttpServletRequest httpRequest) { protected Object getPreAuthenticatedPrincipal(HttpServletRequest httpRequest) {
return "testPrincipal"; return "testPrincipal";
} }
protected Object getPreAuthenticatedCredentials(HttpServletRequest httpRequest) { protected Object getPreAuthenticatedCredentials(HttpServletRequest httpRequest) {
return "testCredentials"; return "testCredentials";
} }
}
public int getOrder() {
return FilterChainOrder.PRE_AUTH_FILTER;
}
}
} }

Write Preview
Loading…
Cancel
Save