Merge branch '6.2.x'

This commit is contained in:
Marcus Hert Da Coregio
2024-01-24 11:37:30 -03:00
3 changed files with 10 additions and 3 deletions

View File

@@ -26,10 +26,13 @@ import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.security.web.context.SecurityContextRepository;
/**
* An authentication handler that saves an authentication either way.
@@ -43,6 +46,8 @@ public class MfaAuthenticationHandler implements AuthenticationSuccessHandler, A
private final AuthenticationSuccessHandler successHandler;
private final SecurityContextRepository securityContextRepository = new HttpSessionSecurityContextRepository();
public MfaAuthenticationHandler(String url) {
SimpleUrlAuthenticationSuccessHandler successHandler = new SimpleUrlAuthenticationSuccessHandler(url);
successHandler.setAlwaysUseDefaultTargetUrl(true);
@@ -65,7 +70,9 @@ public class MfaAuthenticationHandler implements AuthenticationSuccessHandler, A
private void saveMfaAuthentication(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
SecurityContextHolder.getContext().setAuthentication(new MfaAuthentication(authentication));
SecurityContext context = SecurityContextHolder.getContext();
context.setAuthentication(new MfaAuthentication(authentication));
this.securityContextRepository.saveContext(context, request, response);
this.successHandler.onAuthenticationSuccess(request, response, authentication);
}

View File

@@ -63,8 +63,7 @@ public class SecurityConfig {
return filter;
}
})
)
.securityContext((context) -> context.requireExplicitSave(false));
);
// @formatter:on
return http.build();
}

View File

@@ -0,0 +1 @@
logging.level.org.springframework.security=TRACE