GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Clarify variable names 

Issue gh-11327
pull/11488/head
Josh Cummings 4 years ago
parent
0c48b6bc7f
commit
cdafa4ee21
No known key found for this signature in database
GPG Key ID: A306A51F43B8E5A5
2 changed files with 23 additions and 21 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 24
      config/src/main/java/org/springframework/security/config/http/DefaultFilterChainValidator.java
  2. 20
      config/src/test/java/org/springframework/security/config/http/DefaultFilterChainValidatorTests.java

24
config/src/main/java/org/springframework/security/config/http/DefaultFilterChainValidator.java
Unescape View File

@ -134,11 +134,13 @@ public class DefaultFilterChainValidator implements FilterChainProxy.FilterChain @@ -134,11 +134,13 @@ public class DefaultFilterChainValidator implements FilterChainProxy.FilterChain
* interceptor
*/
private void checkLoginPageIsntProtected(FilterChainProxy fcp, List<Filter> filterStack) {
ExceptionTranslationFilter etf = getFilter(ExceptionTranslationFilter.class, filterStack);
if (etf == null || !(etf.getAuthenticationEntryPoint() instanceof LoginUrlAuthenticationEntryPoint)) {
ExceptionTranslationFilter exceptions = getFilter(ExceptionTranslationFilter.class, filterStack);
if (exceptions == null
|| !(exceptions.getAuthenticationEntryPoint() instanceof LoginUrlAuthenticationEntryPoint)) {
return;
}
String loginPage = ((LoginUrlAuthenticationEntryPoint) etf.getAuthenticationEntryPoint()).getLoginFormUrl();
String loginPage = ((LoginUrlAuthenticationEntryPoint) exceptions.getAuthenticationEntryPoint())
.getLoginFormUrl();
this.logger.info("Checking whether login URL '" + loginPage + "' is accessible with your configuration");
FilterInvocation loginRequest = new FilterInvocation(loginPage, "POST");
List<Filter> filters = null;
@ -159,28 +161,28 @@ public class DefaultFilterChainValidator implements FilterChainProxy.FilterChain @@ -159,28 +161,28 @@ public class DefaultFilterChainValidator implements FilterChainProxy.FilterChain
this.logger.debug("Default generated login page is in use");
return;
}
FilterSecurityInterceptor fsi = getFilter(FilterSecurityInterceptor.class, filters);
FilterInvocationSecurityMetadataSource fids = fsi.getSecurityMetadataSource();
FilterSecurityInterceptor authorizationInterceptor = getFilter(FilterSecurityInterceptor.class, filters);
FilterInvocationSecurityMetadataSource fids = authorizationInterceptor.getSecurityMetadataSource();
Collection<ConfigAttribute> attributes = fids.getAttributes(loginRequest);
if (attributes == null) {
this.logger.debug("No access attributes defined for login page URL");
if (fsi.isRejectPublicInvocations()) {
if (authorizationInterceptor.isRejectPublicInvocations()) {
this.logger.warn("FilterSecurityInterceptor is configured to reject public invocations."
+ " Your login page may not be accessible.");
}
return;
}
AnonymousAuthenticationFilter anonPF = getFilter(AnonymousAuthenticationFilter.class, filters);
if (anonPF == null) {
AnonymousAuthenticationFilter anonymous = getFilter(AnonymousAuthenticationFilter.class, filters);
if (anonymous == null) {
this.logger.warn("The login page is being protected by the filter chain, but you don't appear to have"
+ " anonymous authentication enabled. This is almost certainly an error.");
return;
}
// Simulate an anonymous access with the supplied attributes.
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("key", anonPF.getPrincipal(),
anonPF.getAuthorities());
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("key", anonymous.getPrincipal(),
anonymous.getAuthorities());
try {
fsi.getAccessDecisionManager().decide(token, loginRequest, attributes);
authorizationInterceptor.getAccessDecisionManager().decide(token, loginRequest, attributes);
}
catch (AccessDeniedException ex) {
this.logger.warn("Anonymous access to the login page doesn't appear to be enabled. "

20
config/src/test/java/org/springframework/security/config/http/DefaultFilterChainValidatorTests.java
Unescape View File

@ -53,7 +53,7 @@ public class DefaultFilterChainValidatorTests { @@ -53,7 +53,7 @@ public class DefaultFilterChainValidatorTests {
private DefaultFilterChainValidator validator;
private FilterChainProxy fcp;
private FilterChainProxy chain;
@Mock
private Log logger;
@ -64,19 +64,19 @@ public class DefaultFilterChainValidatorTests { @@ -64,19 +64,19 @@ public class DefaultFilterChainValidatorTests {
@Mock
private AccessDecisionManager accessDecisionManager;
private FilterSecurityInterceptor fsi;
private FilterSecurityInterceptor authorizationInterceptor;
@BeforeEach
public void setUp() {
AnonymousAuthenticationFilter aaf = new AnonymousAuthenticationFilter("anonymous");
this.fsi = new FilterSecurityInterceptor();
this.fsi.setAccessDecisionManager(this.accessDecisionManager);
this.fsi.setSecurityMetadataSource(this.metadataSource);
this.authorizationInterceptor = new FilterSecurityInterceptor();
this.authorizationInterceptor.setAccessDecisionManager(this.accessDecisionManager);
this.authorizationInterceptor.setSecurityMetadataSource(this.metadataSource);
AuthenticationEntryPoint authenticationEntryPoint = new LoginUrlAuthenticationEntryPoint("/login");
ExceptionTranslationFilter etf = new ExceptionTranslationFilter(authenticationEntryPoint);
DefaultSecurityFilterChain securityChain = new DefaultSecurityFilterChain(AnyRequestMatcher.INSTANCE, aaf, etf,
this.fsi);
this.fcp = new FilterChainProxy(securityChain);
this.authorizationInterceptor);
this.chain = new FilterChainProxy(securityChain);
this.validator = new DefaultFilterChainValidator();
ReflectionTestUtils.setField(this.validator, "logger", this.logger);
}
@ -88,7 +88,7 @@ public class DefaultFilterChainValidatorTests { @@ -88,7 +88,7 @@ public class DefaultFilterChainValidatorTests {
IllegalArgumentException toBeThrown = new IllegalArgumentException("failed to eval expression");
willThrow(toBeThrown).given(this.accessDecisionManager).decide(any(Authentication.class), anyObject(),
any(Collection.class));
this.validator.validate(this.fcp);
this.validator.validate(this.chain);
verify(this.logger).info(
"Unable to check access to the login page to determine if anonymous access is allowed. This might be an error, but can happen under normal circumstances.",
toBeThrown);
@ -99,8 +99,8 @@ public class DefaultFilterChainValidatorTests { @@ -99,8 +99,8 @@ public class DefaultFilterChainValidatorTests {
public void validateCustomMetadataSource() {
FilterInvocationSecurityMetadataSource customMetaDataSource = mock(
FilterInvocationSecurityMetadataSource.class);
this.fsi.setSecurityMetadataSource(customMetaDataSource);
this.validator.validate(this.fcp);
this.authorizationInterceptor.setSecurityMetadataSource(customMetaDataSource);
this.validator.validate(this.chain);
verify(customMetaDataSource).getAttributes(any());
}

Write Preview
Loading…
Cancel
Save