SEC-1167: Introduce more flexible SavedRequest handling. Introduced interface for SavedRequest.
This commit is contained in:
@@ -42,7 +42,7 @@ import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
|
||||
import org.springframework.security.web.savedrequest.SavedRequest;
|
||||
import org.springframework.security.web.savedrequest.DefaultSavedRequest;
|
||||
import org.springframework.security.web.util.ThrowableAnalyzer;
|
||||
|
||||
/**
|
||||
@@ -66,9 +66,9 @@ public class ExceptionTranslationFilterTests {
|
||||
return null;
|
||||
}
|
||||
|
||||
SavedRequest savedRequest = (SavedRequest) session.getAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY);
|
||||
DefaultSavedRequest savedRequest = (DefaultSavedRequest) session.getAttribute(DefaultSavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY);
|
||||
|
||||
return savedRequest.getFullRequestUrl();
|
||||
return savedRequest.getRedirectUrl();
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -199,7 +199,7 @@ public class ExceptionTranslationFilterTests {
|
||||
doThrow(new BadCredentialsException("")).when(fc).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
|
||||
request.setMethod("POST");
|
||||
filter.doFilter(request, new MockHttpServletResponse(), fc);
|
||||
assertTrue(request.getSession().getAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY) == null);
|
||||
assertTrue(request.getSession().getAttribute(DefaultSavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY) == null);
|
||||
}
|
||||
|
||||
@Test(expected=IllegalArgumentException.class)
|
||||
|
||||
@@ -49,7 +49,7 @@ import org.springframework.security.web.authentication.ExceptionMappingAuthentic
|
||||
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
|
||||
import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;
|
||||
import org.springframework.security.web.savedrequest.SavedRequest;
|
||||
import org.springframework.security.web.savedrequest.DefaultSavedRequest;
|
||||
import org.springframework.security.web.session.SessionAuthenticationStrategy;
|
||||
|
||||
|
||||
@@ -83,7 +83,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
filter.destroy();
|
||||
}
|
||||
|
||||
private SavedRequest makeSavedRequestForUrl() {
|
||||
private DefaultSavedRequest makeSavedRequestForUrl() {
|
||||
MockHttpServletRequest request = createMockRequest();
|
||||
request.setMethod("GET");
|
||||
request.setServletPath("/some_protected_file.html");
|
||||
@@ -91,10 +91,10 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
request.setServerName("www.example.com");
|
||||
request.setRequestURI("/mycontext/some_protected_file.html");
|
||||
|
||||
return new SavedRequest(request, new PortResolverImpl());
|
||||
return new DefaultSavedRequest(request, new PortResolverImpl());
|
||||
}
|
||||
|
||||
// private SavedRequest makePostSavedRequestForUrl() {
|
||||
// private DefaultSavedRequest makePostSavedRequestForUrl() {
|
||||
// MockHttpServletRequest request = createMockRequest();
|
||||
// request.setServletPath("/some_protected_file.html");
|
||||
// request.setScheme("http");
|
||||
@@ -102,7 +102,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
// request.setRequestURI("/mycontext/post/some_protected_file.html");
|
||||
// request.setMethod("POST");
|
||||
//
|
||||
// return new SavedRequest(request, new PortResolverImpl());
|
||||
// return new DefaultSavedRequest(request, new PortResolverImpl());
|
||||
// }
|
||||
|
||||
protected void setUp() throws Exception {
|
||||
@@ -327,7 +327,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
throws Exception {
|
||||
// Setup our HTTP request
|
||||
MockHttpServletRequest request = createMockRequest();
|
||||
request.getSession().setAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY, makeSavedRequestForUrl());
|
||||
request.getSession().setAttribute(DefaultSavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY, makeSavedRequestForUrl());
|
||||
|
||||
// Setup our filter configuration
|
||||
MockFilterConfig config = new MockFilterConfig(null, null);
|
||||
@@ -352,7 +352,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
public void testSuccessfulAuthenticationCausesRedirectToSessionSpecifiedUrl() throws Exception {
|
||||
// Setup our HTTP request
|
||||
MockHttpServletRequest request = createMockRequest();
|
||||
request.getSession().setAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY, makeSavedRequestForUrl());
|
||||
request.getSession().setAttribute(DefaultSavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY, makeSavedRequestForUrl());
|
||||
|
||||
// Setup our filter configuration
|
||||
MockFilterConfig config = new MockFilterConfig(null, null);
|
||||
@@ -367,7 +367,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
|
||||
// Test
|
||||
executeFilterInContainerSimulator(config, filter, request, response, chain);
|
||||
assertEquals(makeSavedRequestForUrl().getFullRequestUrl(), response.getRedirectedUrl());
|
||||
assertEquals(makeSavedRequestForUrl().getRedirectUrl(), response.getRedirectedUrl());
|
||||
assertNotNull(SecurityContextHolder.getContext().getAuthentication());
|
||||
}
|
||||
|
||||
|
||||
@@ -0,0 +1,33 @@
|
||||
package org.springframework.security.web.savedrequest;
|
||||
|
||||
import static org.junit.Assert.*;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author Luke Taylor
|
||||
* @version $Id$
|
||||
* @since 3.0
|
||||
*/
|
||||
public class HttpSessionRequestCacheTests {
|
||||
|
||||
@Test
|
||||
public void originalGetRequestDoesntMatchIncomingPost() {
|
||||
HttpSessionRequestCache cache = new HttpSessionRequestCache();
|
||||
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("GET", "/destination");
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
cache.saveRequest(request, response);
|
||||
assertNotNull(request.getSession().getAttribute(DefaultSavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY));
|
||||
assertNotNull(cache.getRequest(request, response));
|
||||
|
||||
MockHttpServletRequest newRequest = new MockHttpServletRequest("POST", "/destination");
|
||||
newRequest.setSession(request.getSession());
|
||||
assertNull(cache.getMatchingRequest(newRequest, response));
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@@ -9,7 +9,6 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
public class RequestCacheAwareFilterTests {
|
||||
|
||||
|
||||
@Test
|
||||
public void savedRequestIsRemovedAfterMatch() throws Exception {
|
||||
RequestCacheAwareFilter filter = new RequestCacheAwareFilter();
|
||||
@@ -18,10 +17,9 @@ public class RequestCacheAwareFilterTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/destination");
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
cache.saveRequest(request, response);
|
||||
assertNotNull(request.getSession().getAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY));
|
||||
assertNotNull(request.getSession().getAttribute(DefaultSavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY));
|
||||
|
||||
filter.doFilter(request, response, new MockFilterChain());
|
||||
assertNull(request.getSession().getAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY));
|
||||
assertNull(request.getSession().getAttribute(DefaultSavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -13,13 +13,13 @@ import org.junit.Test;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.security.web.PortResolverImpl;
|
||||
import org.springframework.security.web.savedrequest.FastHttpDateFormat;
|
||||
import org.springframework.security.web.savedrequest.SavedRequest;
|
||||
import org.springframework.security.web.savedrequest.DefaultSavedRequest;
|
||||
import org.springframework.security.web.savedrequest.SavedRequestAwareWrapper;
|
||||
|
||||
public class SavedRequestAwareWrapperTests {
|
||||
|
||||
private SavedRequestAwareWrapper createWrapper(MockHttpServletRequest requestToSave, MockHttpServletRequest requestToWrap) {
|
||||
SavedRequest saved = requestToSave == null ? null : new SavedRequest(requestToSave, new PortResolverImpl());
|
||||
DefaultSavedRequest saved = requestToSave == null ? null : new DefaultSavedRequest(requestToSave, new PortResolverImpl());
|
||||
return new SavedRequestAwareWrapper(saved, requestToWrap);
|
||||
}
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ import static org.junit.Assert.*;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.springframework.security.MockPortResolver;
|
||||
import org.springframework.security.web.savedrequest.SavedRequest;
|
||||
import org.springframework.security.web.savedrequest.DefaultSavedRequest;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
|
||||
/**
|
||||
@@ -16,7 +16,7 @@ public class SavedRequestTests {
|
||||
public void headersAreCaseInsensitive() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addHeader("USER-aGenT", "Mozilla");
|
||||
SavedRequest saved = new SavedRequest(request, new MockPortResolver(8080, 8443));
|
||||
DefaultSavedRequest saved = new DefaultSavedRequest(request, new MockPortResolver(8080, 8443));
|
||||
assertEquals("Mozilla", saved.getHeaderValues("user-agent").next());
|
||||
}
|
||||
|
||||
@@ -25,7 +25,7 @@ public class SavedRequestTests {
|
||||
public void parametersAreCaseInsensitive() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter("ThisIsATest", "Hi mom");
|
||||
SavedRequest saved = new SavedRequest(request, new MockPortResolver(8080, 8443));
|
||||
DefaultSavedRequest saved = new DefaultSavedRequest(request, new MockPortResolver(8080, 8443));
|
||||
assertEquals("Hi mom", saved.getParameterValues("thisisatest")[0]);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -10,7 +10,7 @@ import org.junit.Test;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.savedrequest.SavedRequest;
|
||||
import org.springframework.security.web.savedrequest.DefaultSavedRequest;
|
||||
|
||||
/**
|
||||
*
|
||||
@@ -48,12 +48,12 @@ public class DefaultSessionAuthenticationStrategyTests {
|
||||
HttpServletRequest request = new MockHttpServletRequest();
|
||||
HttpSession session = request.getSession();
|
||||
session.setAttribute("blah", "blah");
|
||||
session.setAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY, "SavedRequest");
|
||||
session.setAttribute(DefaultSavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY, "DefaultSavedRequest");
|
||||
|
||||
strategy.onAuthentication(mock(Authentication.class), request, new MockHttpServletResponse());
|
||||
|
||||
assertNull(request.getSession().getAttribute("blah"));
|
||||
assertNotNull(request.getSession().getAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY));
|
||||
assertNotNull(request.getSession().getAttribute(DefaultSavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
Reference in New Issue
Block a user