SEC-1160: Renaming of authentication filters and entry points and associated doc changes
This commit is contained in:
@@ -44,7 +44,7 @@ import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.PortResolverImpl;
|
||||
import org.springframework.security.web.authentication.AbstractProcessingFilter;
|
||||
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
|
||||
import org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler;
|
||||
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
|
||||
@@ -53,7 +53,7 @@ import org.springframework.security.web.savedrequest.SavedRequest;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link AbstractProcessingFilter}.
|
||||
* Tests {@link AbstractAuthenticationProcessingFilter}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
@@ -191,7 +191,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testGettersSetters() throws Exception {
|
||||
AbstractProcessingFilter filter = new MockAbstractProcessingFilter();
|
||||
AbstractAuthenticationProcessingFilter filter = new MockAbstractProcessingFilter();
|
||||
filter.setAuthenticationManager(mock(AuthenticationManager.class));
|
||||
filter.setFilterProcessesUrl("/p");
|
||||
filter.afterPropertiesSet();
|
||||
@@ -254,7 +254,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testStartupDetectsInvalidAuthenticationManager() throws Exception {
|
||||
AbstractProcessingFilter filter = new MockAbstractProcessingFilter();
|
||||
AbstractAuthenticationProcessingFilter filter = new MockAbstractProcessingFilter();
|
||||
filter.setAuthenticationFailureHandler(failureHandler);
|
||||
successHandler.setDefaultTargetUrl("/");
|
||||
filter.setAuthenticationSuccessHandler(successHandler);
|
||||
@@ -269,7 +269,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testStartupDetectsInvalidFilterProcessesUrl() throws Exception {
|
||||
AbstractProcessingFilter filter = new MockAbstractProcessingFilter();
|
||||
AbstractAuthenticationProcessingFilter filter = new MockAbstractProcessingFilter();
|
||||
filter.setAuthenticationFailureHandler(failureHandler);
|
||||
filter.setAuthenticationManager(mock(AuthenticationManager.class));
|
||||
filter.setAuthenticationSuccessHandler(successHandler);
|
||||
@@ -520,7 +520,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
|
||||
//~ Inner Classes ==================================================================================================
|
||||
|
||||
private class MockAbstractProcessingFilter extends AbstractProcessingFilter {
|
||||
private class MockAbstractProcessingFilter extends AbstractAuthenticationProcessingFilter {
|
||||
private AuthenticationException exceptionToThrow;
|
||||
private boolean grantAccess;
|
||||
|
||||
|
||||
@@ -20,7 +20,7 @@ import junit.framework.TestCase;
|
||||
import org.springframework.security.MockPortResolver;
|
||||
|
||||
import org.springframework.security.web.PortMapperImpl;
|
||||
import org.springframework.security.web.authentication.AuthenticationProcessingFilterEntryPoint;
|
||||
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
|
||||
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
@@ -30,7 +30,7 @@ import java.util.Map;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link AuthenticationProcessingFilterEntryPoint}.
|
||||
* Tests {@link LoginUrlAuthenticationEntryPoint}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @author colin sampaleanu
|
||||
@@ -40,7 +40,7 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void testDetectsMissingLoginFormUrl() throws Exception {
|
||||
AuthenticationProcessingFilterEntryPoint ep = new AuthenticationProcessingFilterEntryPoint();
|
||||
LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint();
|
||||
ep.setPortMapper(new PortMapperImpl());
|
||||
ep.setPortResolver(new MockPortResolver(80, 443));
|
||||
|
||||
@@ -52,7 +52,7 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testDetectsMissingPortMapper() throws Exception {
|
||||
AuthenticationProcessingFilterEntryPoint ep = new AuthenticationProcessingFilterEntryPoint();
|
||||
LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint();
|
||||
ep.setLoginFormUrl("xxx");
|
||||
ep.setPortMapper(null);
|
||||
|
||||
@@ -64,7 +64,7 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testDetectsMissingPortResolver() throws Exception {
|
||||
AuthenticationProcessingFilterEntryPoint ep = new AuthenticationProcessingFilterEntryPoint();
|
||||
LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint();
|
||||
ep.setLoginFormUrl("xxx");
|
||||
ep.setPortResolver(null);
|
||||
|
||||
@@ -76,7 +76,7 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testGettersSetters() {
|
||||
AuthenticationProcessingFilterEntryPoint ep = new AuthenticationProcessingFilterEntryPoint();
|
||||
LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint();
|
||||
ep.setLoginFormUrl("/hello");
|
||||
ep.setPortMapper(new PortMapperImpl());
|
||||
ep.setPortResolver(new MockPortResolver(8080, 8443));
|
||||
@@ -100,7 +100,7 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
|
||||
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
AuthenticationProcessingFilterEntryPoint ep = new AuthenticationProcessingFilterEntryPoint();
|
||||
LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint();
|
||||
ep.setLoginFormUrl("/hello");
|
||||
ep.setPortMapper(new PortMapperImpl());
|
||||
ep.setForceHttps(true);
|
||||
@@ -129,7 +129,7 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
|
||||
portMapper.setPortMappings(map);
|
||||
response = new MockHttpServletResponse();
|
||||
|
||||
ep = new AuthenticationProcessingFilterEntryPoint();
|
||||
ep = new LoginUrlAuthenticationEntryPoint();
|
||||
ep.setLoginFormUrl("/hello");
|
||||
ep.setPortMapper(new PortMapperImpl());
|
||||
ep.setForceHttps(true);
|
||||
@@ -151,7 +151,7 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
|
||||
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
AuthenticationProcessingFilterEntryPoint ep = new AuthenticationProcessingFilterEntryPoint();
|
||||
LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint();
|
||||
ep.setLoginFormUrl("/hello");
|
||||
ep.setPortMapper(new PortMapperImpl());
|
||||
ep.setForceHttps(true);
|
||||
@@ -170,7 +170,7 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testNormalOperation() throws Exception {
|
||||
AuthenticationProcessingFilterEntryPoint ep = new AuthenticationProcessingFilterEntryPoint();
|
||||
LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint();
|
||||
ep.setLoginFormUrl("/hello");
|
||||
ep.setPortMapper(new PortMapperImpl());
|
||||
ep.setPortResolver(new MockPortResolver(80, 443));
|
||||
@@ -191,7 +191,7 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testOperationWhenHttpsRequestsButHttpsPortUnknown() throws Exception {
|
||||
AuthenticationProcessingFilterEntryPoint ep = new AuthenticationProcessingFilterEntryPoint();
|
||||
LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint();
|
||||
ep.setLoginFormUrl("/hello");
|
||||
ep.setPortResolver(new MockPortResolver(8888, 1234));
|
||||
ep.setForceHttps(true);
|
||||
@@ -214,7 +214,7 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testServerSideRedirectWithoutForceHttpsForwardsToLoginPage() throws Exception {
|
||||
AuthenticationProcessingFilterEntryPoint ep = new AuthenticationProcessingFilterEntryPoint();
|
||||
LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint();
|
||||
ep.setLoginFormUrl("/hello");
|
||||
ep.setUseForward(true);
|
||||
ep.afterPropertiesSet();
|
||||
@@ -234,7 +234,7 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testServerSideRedirectWithForceHttpsRedirectsCurrentRequest() throws Exception {
|
||||
AuthenticationProcessingFilterEntryPoint ep = new AuthenticationProcessingFilterEntryPoint();
|
||||
LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint();
|
||||
ep.setLoginFormUrl("/hello");
|
||||
ep.setUseForward(true);
|
||||
ep.setForceHttps(true);
|
||||
|
||||
@@ -35,7 +35,7 @@ import org.springframework.security.core.AuthenticationException;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link AuthenticationProcessingFilter}.
|
||||
* Tests {@link UsernamePasswordAuthenticationProcessingFilter}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
@@ -46,10 +46,10 @@ public class AuthenticationProcessingFilterTests extends TestCase {
|
||||
@Test
|
||||
public void testNormalOperation() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
|
||||
request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod");
|
||||
request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod");
|
||||
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
|
||||
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
|
||||
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter();
|
||||
assertEquals("/j_spring_security_check", filter.getFilterProcessesUrl());
|
||||
filter.setAuthenticationManager(createAuthenticationManager());
|
||||
filter.init(null);
|
||||
@@ -57,16 +57,16 @@ public class AuthenticationProcessingFilterTests extends TestCase {
|
||||
Authentication result = filter.attemptAuthentication(request, new MockHttpServletResponse());
|
||||
assertTrue(result != null);
|
||||
assertEquals("rod", request.getSession().getAttribute(
|
||||
AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY));
|
||||
UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY));
|
||||
assertEquals("127.0.0.1", ((WebAuthenticationDetails) result.getDetails()).getRemoteAddress());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testNullPasswordHandledGracefully() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
|
||||
request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod");
|
||||
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod");
|
||||
|
||||
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
|
||||
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter();
|
||||
filter.setAuthenticationManager(createAuthenticationManager());
|
||||
assertNotNull(filter.attemptAuthentication(request, new MockHttpServletResponse()));
|
||||
}
|
||||
@@ -74,16 +74,16 @@ public class AuthenticationProcessingFilterTests extends TestCase {
|
||||
@Test
|
||||
public void testNullUsernameHandledGracefully() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
|
||||
request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
|
||||
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
|
||||
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter();
|
||||
filter.setAuthenticationManager(createAuthenticationManager());
|
||||
assertNotNull(filter.attemptAuthentication(request, new MockHttpServletResponse()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testUsingDifferentParameterNamesWorksAsExpected() throws ServletException {
|
||||
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
|
||||
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter();
|
||||
filter.setAuthenticationManager(createAuthenticationManager());
|
||||
filter.setUsernameParameter("x");
|
||||
filter.setPasswordParameter("y");
|
||||
@@ -100,10 +100,10 @@ public class AuthenticationProcessingFilterTests extends TestCase {
|
||||
@Test
|
||||
public void testSpacesAreTrimmedCorrectlyFromUsername() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
|
||||
request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, " rod ");
|
||||
request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, " rod ");
|
||||
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, "koala");
|
||||
|
||||
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
|
||||
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter();
|
||||
filter.setAuthenticationManager(createAuthenticationManager());
|
||||
|
||||
Authentication result = filter.attemptAuthentication(request, new MockHttpServletResponse());
|
||||
@@ -113,8 +113,8 @@ public class AuthenticationProcessingFilterTests extends TestCase {
|
||||
@Test
|
||||
public void testFailedAuthenticationThrowsException() {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("POST", "/");
|
||||
request.addParameter(AuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod");
|
||||
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
|
||||
request.addParameter(UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_FORM_USERNAME_KEY, "rod");
|
||||
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter();
|
||||
AuthenticationManager am = mock(AuthenticationManager.class);
|
||||
when(am.authenticate(any(Authentication.class))).thenThrow(new BadCredentialsException(""));
|
||||
filter.setAuthenticationManager(am);
|
||||
@@ -127,7 +127,7 @@ public class AuthenticationProcessingFilterTests extends TestCase {
|
||||
|
||||
// Check username has still been set
|
||||
assertEquals("rod", request.getSession().getAttribute(
|
||||
AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY));
|
||||
UsernamePasswordAuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -137,7 +137,7 @@ public class AuthenticationProcessingFilterTests extends TestCase {
|
||||
public void noSessionIsCreatedIfAllowSessionCreationIsFalse() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
|
||||
AuthenticationProcessingFilter filter = new AuthenticationProcessingFilter();
|
||||
UsernamePasswordAuthenticationProcessingFilter filter = new UsernamePasswordAuthenticationProcessingFilter();
|
||||
filter.setAllowSessionCreation(false);
|
||||
filter.setAuthenticationManager(createAuthenticationManager());
|
||||
|
||||
|
||||
@@ -30,7 +30,7 @@ public class DefaultLoginPageGeneratingFilterTests {
|
||||
|
||||
@Test
|
||||
public void generatingPageWithAuthenticationProcessingFilterOnlyIsSuccessFul() throws Exception {
|
||||
DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new AuthenticationProcessingFilter());
|
||||
DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new UsernamePasswordAuthenticationProcessingFilter());
|
||||
filter.doFilter(new MockHttpServletRequest("GET", "/spring_security_login"), new MockHttpServletResponse(), chain);
|
||||
filter.doFilter(new MockHttpServletRequest("GET", "/spring_security_login;pathparam=unused"), new MockHttpServletResponse(), chain);
|
||||
}
|
||||
@@ -43,7 +43,7 @@ public class DefaultLoginPageGeneratingFilterTests {
|
||||
}
|
||||
|
||||
// Fake OpenID filter (since it's not in this module
|
||||
private static class MockProcessingFilter extends AbstractProcessingFilter {
|
||||
private static class MockProcessingFilter extends AbstractAuthenticationProcessingFilter {
|
||||
protected MockProcessingFilter() {
|
||||
super("/someurl");
|
||||
}
|
||||
@@ -65,14 +65,14 @@ public class DefaultLoginPageGeneratingFilterTests {
|
||||
/* SEC-1111 */
|
||||
@Test
|
||||
public void handlesNonIso8859CharsInErrorMessage() throws Exception {
|
||||
DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new AuthenticationProcessingFilter());
|
||||
DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new UsernamePasswordAuthenticationProcessingFilter());
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("GET", "/spring_security_login");
|
||||
request.addParameter("login_error", "true");
|
||||
MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
|
||||
String message = messages.getMessage(
|
||||
"AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials", Locale.KOREA);
|
||||
System.out.println("Message: " + message);
|
||||
request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, new BadCredentialsException(message));
|
||||
request.getSession().setAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, new BadCredentialsException(message));
|
||||
|
||||
filter.doFilter(request, new MockHttpServletResponse(), chain);
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package org.springframework.security.web.authentication.preauth;
|
||||
|
||||
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
|
||||
import org.springframework.security.web.authentication.preauth.PreAuthenticatedProcessingFilterEntryPoint;
|
||||
import org.springframework.security.web.authentication.Http403ForbiddenEntryPoint;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
@@ -21,7 +21,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
public class PreAuthenticatedProcessingFilterEntryPointTests extends TestCase {
|
||||
|
||||
public void testGetSetOrder() {
|
||||
PreAuthenticatedProcessingFilterEntryPoint fep = new PreAuthenticatedProcessingFilterEntryPoint();
|
||||
Http403ForbiddenEntryPoint fep = new Http403ForbiddenEntryPoint();
|
||||
fep.setOrder(333);
|
||||
assertEquals(fep.getOrder(), 333);
|
||||
}
|
||||
@@ -29,7 +29,7 @@ public class PreAuthenticatedProcessingFilterEntryPointTests extends TestCase {
|
||||
public void testCommence() {
|
||||
MockHttpServletRequest req = new MockHttpServletRequest();
|
||||
MockHttpServletResponse resp = new MockHttpServletResponse();
|
||||
PreAuthenticatedProcessingFilterEntryPoint fep = new PreAuthenticatedProcessingFilterEntryPoint();
|
||||
Http403ForbiddenEntryPoint fep = new Http403ForbiddenEntryPoint();
|
||||
try {
|
||||
fep.commence(req,resp,new AuthenticationCredentialsNotFoundException("test"));
|
||||
assertEquals("Incorrect status",resp.getStatus(),HttpServletResponse.SC_FORBIDDEN);
|
||||
|
||||
Reference in New Issue
Block a user