SEC-1190: Added "checkForPrincipalChanges" property to AbstactPreAuthenticatedProcessingFilter.

This commit is contained in:
Luke Taylor
2009-08-31 23:28:40 +00:00
parent dbcb13ad14
commit 3cc47c9c4d
2 changed files with 57 additions and 1 deletions

View File

@@ -87,6 +87,30 @@ public class RequestHeaderPreAuthenticatedProcessingFilterTests {
assertEquals("catspassword", SecurityContextHolder.getContext().getAuthentication().getCredentials());
}
@Test
public void userIsReauthenticatedIfPrincipalChangesAndCheckForPrincipalChangesIsSet() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
RequestHeaderPreAuthenticatedProcessingFilter filter = new RequestHeaderPreAuthenticatedProcessingFilter();
filter.setAuthenticationManager(createAuthenticationManager());
filter.setCheckForPrincipalChanges(true);
request.addHeader("SM_USER", "cat");
filter.doFilter(request, response, new MockFilterChain());
request = new MockHttpServletRequest();
request.addHeader("SM_USER", "dog");
filter.doFilter(request, response, new MockFilterChain());
Authentication dog = SecurityContextHolder.getContext().getAuthentication();
assertNotNull(dog);
assertEquals("dog", dog.getName());
// Make sure authentication doesn't occur every time (i.e. if the header *doesn't change)
filter.setAuthenticationManager(mock(AuthenticationManager.class));
filter.doFilter(request, response, new MockFilterChain());
assertSame(dog, SecurityContextHolder.getContext().getAuthentication());
}
/**
* Create an authentication manager which returns the passed in object.
*/
private AuthenticationManager createAuthenticationManager() {
AuthenticationManager am = mock(AuthenticationManager.class);
when(am.authenticate(any(Authentication.class))).thenAnswer(new Answer<Authentication>() {