From 80aacf447f76b032806362da5b309f625251d01b Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Sun, 3 Jan 2010 16:28:44 +0000 Subject: [PATCH] Refactored JaasAuthenticationProvider The toUrl() method on File gives a deprecation warning with Java 6, so I reimplemented the logic for building the Jaas config URL. --- .../jaas/JaasAuthenticationProvider.java | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationProvider.java b/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationProvider.java index be51530e9b..229404e442 100644 --- a/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationProvider.java +++ b/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationProvider.java @@ -17,6 +17,7 @@ package org.springframework.security.authentication.jaas; import java.io.File; import java.io.IOException; +import java.net.URL; import java.security.Principal; import java.security.Security; import java.util.ArrayList; @@ -244,8 +245,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli * */ private void configureJaasUsingLoop() throws IOException { - File loginConfigFile = loginConfig.getFile(); - String loginConfigUrl = loginConfigFile.toURL().toString(); + String loginConfigUrl = convertLoginConfigToUrl(); boolean alreadySet = false; int n = 1; @@ -269,6 +269,17 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli } } + private String convertLoginConfigToUrl() throws IOException { + String loginConfigPath = loginConfig.getFile().getAbsolutePath(); + loginConfigPath.replace(File.separatorChar, '/'); + + if (!loginConfigPath.startsWith("/")) { + loginConfigPath = "/" + loginConfigPath; + } + + return new URL("file", "", loginConfigPath).toString(); + } + /** * Handles the logout by getting the SecurityContext for the session that was destroyed. MUST NOT use * SecurityContextHolder as we are logging out a session that is not related to the current user.