SEC-1957: DefaultFilterChainValidator no longer casts to DefaultFilterInvocationSecurityMetadataSource
This commit is contained in:
@@ -15,6 +15,7 @@ package org.springframework.security.config.http;
|
||||
import static org.mockito.Matchers.any;
|
||||
import static org.mockito.Matchers.anyObject;
|
||||
import static org.mockito.Mockito.doThrow;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
|
||||
import java.util.Collection;
|
||||
@@ -33,6 +34,7 @@ import org.springframework.security.web.DefaultSecurityFilterChain;
|
||||
import org.springframework.security.web.FilterChainProxy;
|
||||
import org.springframework.security.web.access.ExceptionTranslationFilter;
|
||||
import org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
|
||||
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
|
||||
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
|
||||
@@ -53,15 +55,17 @@ public class DefaultFilterChainValidatorTests {
|
||||
@Mock
|
||||
private AccessDecisionManager accessDecisionManager;
|
||||
|
||||
private FilterSecurityInterceptor fsi;
|
||||
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
AnonymousAuthenticationFilter aaf = new AnonymousAuthenticationFilter("anonymous");
|
||||
FilterSecurityInterceptor fsi = new FilterSecurityInterceptor();
|
||||
fsi = new FilterSecurityInterceptor();
|
||||
fsi.setAccessDecisionManager(accessDecisionManager);
|
||||
fsi.setSecurityMetadataSource(metadataSource);
|
||||
AuthenticationEntryPoint authenticationEntryPoint = new LoginUrlAuthenticationEntryPoint("/login");
|
||||
ExceptionTranslationFilter etf = new ExceptionTranslationFilter(authenticationEntryPoint);
|
||||
DefaultSecurityFilterChain securityChain = new DefaultSecurityFilterChain(new AnyRequestMatcher(),aaf,etf,fsi);
|
||||
DefaultSecurityFilterChain securityChain = new DefaultSecurityFilterChain(new AnyRequestMatcher(), aaf, etf, fsi);
|
||||
fcp = new FilterChainProxy(securityChain);
|
||||
validator = new DefaultFilterChainValidator();
|
||||
Whitebox.setInternalState(validator, "logger", logger);
|
||||
@@ -77,4 +81,14 @@ public class DefaultFilterChainValidatorTests {
|
||||
verify(logger).info("Unable to check access to the login page to determine if anonymous access is allowed. This might be an error, but can happen under normal circumstances.", toBeThrown);
|
||||
}
|
||||
|
||||
// SEC-1957
|
||||
@Test
|
||||
public void validateCustomMetadataSource() {
|
||||
FilterInvocationSecurityMetadataSource customMetaDataSource = mock(FilterInvocationSecurityMetadataSource.class);
|
||||
fsi.setSecurityMetadataSource(customMetaDataSource);
|
||||
|
||||
validator.validate(fcp);
|
||||
|
||||
verify(customMetaDataSource).getAttributes(any());
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user