SEC-1440: Add entry-point-ref to http-basic element to allow setting a separate AuthenticationEntryPoint for the BasicAuthenticationFilter.

This commit is contained in:
Luke Taylor
2010-03-26 12:47:24 +00:00
parent 2a0aae1904
commit 57150a6717
4 changed files with 47 additions and 29 deletions

View File

@@ -389,6 +389,20 @@ public class HttpSecurityBeanDefinitionParserTests {
assertFalse(fsi.isObserveOncePerRequest());
}
@Test
public void httpBasicSupportsSeparateEntryPoint() throws Exception {
setContext("<http><http-basic entry-point-ref='ep' /></http>" +
"<b:bean id='ep' class='org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint'>" +
" <b:property name='realmName' value='whocares'/>" +
"</b:bean>" + AUTH_PROVIDER_XML);
BasicAuthenticationFilter baf = getFilter(BasicAuthenticationFilter.class);
assertSame(appContext.getBean("ep"), FieldUtils.getFieldValue(baf, "authenticationEntryPoint"));
// Since no other authentication system is in use, this should also end up on the ETF
ExceptionTranslationFilter etf = getFilter(ExceptionTranslationFilter.class);
assertSame(appContext.getBean("ep"), FieldUtils.getFieldValue(etf, "authenticationEntryPoint"));
}
@Test
public void accessDeniedPageAttributeIsSupported() throws Exception {
setContext("<http access-denied-page='/access-denied'><http-basic /></http>" + AUTH_PROVIDER_XML);