Package org.springframework.security.web.context

Examples of org.springframework.security.web.context.SecurityContextRepository

429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
         * @param securityContext the {@link SecurityContext} to save
         * @param request the {@link HttpServletRequest} to use
         */
        final void save(SecurityContext securityContext,
                HttpServletRequest request) {
            SecurityContextRepository securityContextRepository = WebTestUtils.getSecurityContextRepository(request);
            boolean isTestRepository = securityContextRepository instanceof TestSecurityContextRepository;
            if(!isTestRepository) {
                securityContextRepository = new TestSecurityContextRepository(securityContextRepository);
                WebTestUtils.setSecurityContextRepository(request, securityContextRepository);
            }

            HttpServletResponse response = new MockHttpServletResponse();

            HttpRequestResponseHolder requestResponseHolder = new HttpRequestResponseHolder(
                    request, response);
            securityContextRepository.loadContext(requestResponseHolder);

            request = requestResponseHolder.getRequest();
            response = requestResponseHolder.getResponse();

            securityContextRepository.saveContext(securityContext, request,
                    response);
        }
View Full Code Here
341
342
343
344
345
346
347
348
349
350
351
        private ConcurrencyControlConfigurer() {}
    }

    @Override
    public void init(H http) throws Exception {
        SecurityContextRepository securityContextRepository = http.getSharedObject(SecurityContextRepository.class);
        boolean stateless = isStateless();

        if(securityContextRepository == null) {
            if(stateless) {
                http.setSharedObject(SecurityContextRepository.class, new NullSecurityContextRepository());
View Full Code Here
371
372
373
374
375
376
377
378
379
380
381
        http.setSharedObject(InvalidSessionStrategy.class, getInvalidSessionStrategy());
    }

    @Override
    public void configure(H http) throws Exception {
        SecurityContextRepository securityContextRepository = http.getSharedObject(SecurityContextRepository.class);
        SessionManagementFilter sessionManagementFilter = new SessionManagementFilter(securityContextRepository, getSessionAuthenticationStrategy());
        if(sessionAuthenticationErrorUrl != null) {
            sessionManagementFilter.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler(sessionAuthenticationErrorUrl));
        }
        if(invalidSessionUrl != null) {
View Full Code Here
79
80
81
82
83
84
85
86
87
88
89
    @Override
    @SuppressWarnings("unchecked")
    public void configure(H http) throws Exception {

        SecurityContextRepository securityContextRepository = http.getSharedObject(SecurityContextRepository.class);
        SecurityContextPersistenceFilter securityContextFilter = new SecurityContextPersistenceFilter(
                securityContextRepository);
        SessionManagementConfigurer<?> sessionManagement = http.getConfigurer(SessionManagementConfigurer.class);
        SessionCreationPolicy sessionCreationPolicy = sessionManagement == null ? null
                : sessionManagement.getSessionCreationPolicy();
View Full Code Here
48
49
50
51
52
53
54
55
56
57
58
        SecurityContextHolder.clearContext();
    }

    @Test
    public void newSessionShouldNotBeCreatedIfSessionExistsAndUserIsNotAuthenticated() throws Exception {
        SecurityContextRepository repo = mock(SecurityContextRepository.class);
        SessionManagementFilter filter = new SessionManagementFilter(repo);
        HttpServletRequest request = new MockHttpServletRequest();
        String sessionId = request.getSession().getId();

        filter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
View Full Code Here
60
61
62
63
64
65
66
67
68
69
70
71
72
73
        assertEquals(sessionId, request.getSession().getId());
    }

    @Test
    public void strategyIsNotInvokedIfSecurityContextAlreadyExistsForRequest() throws Exception {
        SecurityContextRepository repo = mock(SecurityContextRepository.class);
        SessionAuthenticationStrategy strategy = mock(SessionAuthenticationStrategy.class);
        // mock that repo contains a security context
        when(repo.containsContext(any(HttpServletRequest.class))).thenReturn(true);
        SessionManagementFilter filter = new SessionManagementFilter(repo);
        filter.setSessionAuthenticationStrategy(strategy);
        HttpServletRequest request = new MockHttpServletRequest();
        authenticateUser();
View Full Code Here
76
77
78
79
80
81
82
83
84
85
86
        verifyZeroInteractions(strategy);
    }

    @Test
    public void strategyIsNotInvokedIfAuthenticationIsNull() throws Exception {
        SecurityContextRepository repo = mock(SecurityContextRepository.class);
        SessionAuthenticationStrategy strategy = mock(SessionAuthenticationStrategy.class);
        SessionManagementFilter filter = new SessionManagementFilter(repo);
        filter.setSessionAuthenticationStrategy(strategy);
        HttpServletRequest request = new MockHttpServletRequest();
View Full Code Here
89
90
91
92
93
94
95
96
97
98
99
        verifyZeroInteractions(strategy);
    }

    @Test
    public void strategyIsInvokedIfUserIsNewlyAuthenticated() throws Exception {
        SecurityContextRepository repo = mock(SecurityContextRepository.class);
        // repo will return false to containsContext()
        SessionAuthenticationStrategy strategy = mock(SessionAuthenticationStrategy.class);
        SessionManagementFilter filter = new SessionManagementFilter(repo);
        filter.setSessionAuthenticationStrategy(strategy);
        HttpServletRequest request = new MockHttpServletRequest();
View Full Code Here
107
108
109
110
111
112
113
114
115
116
117
        verifyNoMoreInteractions(strategy);
    }

    @Test
    public void strategyFailureInvokesFailureHandler() throws Exception {
        SecurityContextRepository repo = mock(SecurityContextRepository.class);
        // repo will return false to containsContext()
        SessionAuthenticationStrategy strategy = mock(SessionAuthenticationStrategy.class);

        AuthenticationFailureHandler failureHandler = mock(AuthenticationFailureHandler.class);
        SessionManagementFilter filter = new SessionManagementFilter(repo);
View Full Code Here
130
131
132
133
134
135
136
137
138
139
140
        verify(failureHandler).onAuthenticationFailure(request, response, exception);
    }

    @Test
    public void responseIsRedirectedToTimeoutUrlIfSetAndSessionIsInvalid() throws Exception {
        SecurityContextRepository repo = mock(SecurityContextRepository.class);
        // repo will return false to containsContext()
        SessionAuthenticationStrategy strategy = mock(SessionAuthenticationStrategy.class);
        SessionManagementFilter filter = new SessionManagementFilter(repo);
        filter.setSessionAuthenticationStrategy(strategy);
        MockHttpServletRequest request = new MockHttpServletRequest();
View Full Code Here
TOP

Related Classes of org.springframework.security.web.context.SecurityContextRepository

  • org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer
  • org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
  • org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors$SecurityContextRequestPostProcessorSupport
  • org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers$AuthenticationMatcher
  • org.springframework.security.web.session.SessionManagementFilterTests
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.