root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 3 Packages Projects Releases Wiki Activity
spring-boot/spring-boot-tests/spring-boot-smoke-tests
History
Madhura Bhave d9d161cd6b Allow previously authorized users to access the error page 
Prior to this commit, the `ErrorPageSecurityFilter` verified if
access to the error page was allowed by invoking the
`WebInvocationPrivilegeEvaluator` with the Authentication from the
`SecurityContextHolder`.
This meant that access to the error page was denied for a `null` Authentication
 or `AnonymousAuthenticationToken` in cases where the error page required
authenticated access. This prevented authorized users from accessing the
error page in case the Authentication wasn't retrievable for the error dispatch,
which is the case for `@Transient` authentication or stateless session policy.

This commit updates the `ErrorPageSecurityFilter` to check access to the error page
only if the error is an authn or authz error in cases where an authentication object
is not found in the SecurityContextHolder. This makes the error response consistent
when bad credentials or no credentials are used while also allowing access to previously
authorized users.

Fixes gh-28953
 		2021-12-17 16:58:58 -08:00
..
spring-boot-smoke-test-activemq
spring-boot-smoke-test-actuator Update copyright year of changed files 2021-11-24 10:23:32 -08:00
spring-boot-smoke-test-actuator-custom-security Allow previously authorized users to access the error page 2021-12-17 16:58:58 -08:00
spring-boot-smoke-test-actuator-log4j2
spring-boot-smoke-test-actuator-noweb
spring-boot-smoke-test-actuator-ui
spring-boot-smoke-test-amqp
spring-boot-smoke-test-animated-banner
spring-boot-smoke-test-ant
spring-boot-smoke-test-aop Remove unnecessary throws declaration in tests 2021-05-17 09:31:51 +02:00
spring-boot-smoke-test-atmosphere
spring-boot-smoke-test-batch
spring-boot-smoke-test-bootstrap-registry
spring-boot-smoke-test-cache
spring-boot-smoke-test-data-couchbase Upgrade to Couchbase Client 3.1.5 2021-05-17 13:39:53 +01:00
spring-boot-smoke-test-data-elasticsearch
spring-boot-smoke-test-data-jdbc
spring-boot-smoke-test-data-jpa Merge branch '2.4.x' into 2.5.x 2021-08-18 17:56:32 +01:00
spring-boot-smoke-test-data-ldap
spring-boot-smoke-test-data-mongodb Merge branch '2.5.x' 2021-08-12 18:09:04 +01:00
spring-boot-smoke-test-data-neo4j Work around compile warnings from Data Neo4j's use of API Guardian 2021-07-14 18:28:24 +01:00
spring-boot-smoke-test-data-r2dbc
spring-boot-smoke-test-data-r2dbc-flyway
spring-boot-smoke-test-data-r2dbc-liquibase Prohibit unwanted dependencies in all modules not just starters 2021-11-12 20:04:35 +00:00
spring-boot-smoke-test-data-redis
spring-boot-smoke-test-data-rest
spring-boot-smoke-test-devtools Remove use of Thymeleaf from smoke tests 2021-11-23 12:13:05 -06:00
spring-boot-smoke-test-flyway Merge branch '2.4.x' 2021-06-08 18:05:50 -07:00
spring-boot-smoke-test-hateoas
spring-boot-smoke-test-hazelcast3
spring-boot-smoke-test-hibernate52 Reinstate support for Hibernate < 5.5 2021-07-19 13:52:40 +01:00
spring-boot-smoke-test-integration Remove unnecessary throws declaration in tests 2021-05-17 09:31:51 +02:00
spring-boot-smoke-test-jersey Polish "Polish access modifiers for test classes" 2021-08-18 17:52:42 +01:00
spring-boot-smoke-test-jetty
spring-boot-smoke-test-jetty-jsp Prohibit unwanted dependencies in all modules not just starters 2021-11-12 20:04:35 +00:00
spring-boot-smoke-test-jetty-ssl Prohibit unwanted dependencies in all modules not just starters 2021-11-12 20:04:35 +00:00
spring-boot-smoke-test-jetty10 Polish 2021-07-21 11:55:38 +01:00
spring-boot-smoke-test-jpa Prohibit unwanted dependencies in all modules not just starters 2021-11-12 20:04:35 +00:00
spring-boot-smoke-test-jta-atomikos Merge branch '2.4.x' into 2.5.x 2021-11-12 20:31:25 +00:00
spring-boot-smoke-test-junit-vintage
spring-boot-smoke-test-kafka Disable on Windows tests that use embedded Kafka 2021-10-21 10:46:50 +01:00
spring-boot-smoke-test-liquibase Merge branch '2.4.x' into 2.5.x 2021-11-12 20:31:25 +00:00
spring-boot-smoke-test-logback Remove unnecessary throws declaration in tests 2021-05-17 09:31:51 +02:00
spring-boot-smoke-test-oauth2-client Prohibit unwanted dependencies in all modules not just starters 2021-11-12 20:04:35 +00:00
spring-boot-smoke-test-oauth2-resource-server
spring-boot-smoke-test-parent-context Remove unnecessary throws declaration in tests 2021-05-17 09:31:51 +02:00
spring-boot-smoke-test-profile Convert environment used by SpringBootTestContextLoader 2021-11-17 16:40:53 -08:00
spring-boot-smoke-test-property-validation
spring-boot-smoke-test-quartz Merge branch '2.4.x' into 2.5.x 2021-08-18 17:56:32 +01:00
spring-boot-smoke-test-reactive-oauth2-client Prohibit unwanted dependencies in all modules not just starters 2021-11-12 20:04:35 +00:00
spring-boot-smoke-test-reactive-oauth2-resource-server
spring-boot-smoke-test-rsocket Polish "Polish access modifiers for test classes" 2021-08-18 17:52:42 +01:00
spring-boot-smoke-test-saml2-service-provider
spring-boot-smoke-test-secure
spring-boot-smoke-test-secure-jersey
spring-boot-smoke-test-secure-webflux Polish 2021-07-21 11:53:10 +01:00
spring-boot-smoke-test-servlet
spring-boot-smoke-test-session-hazelcast Merge branch '2.5.x' 2021-11-12 23:40:35 +00:00
spring-boot-smoke-test-session-jdbc Update copyright year of changed files 2021-11-24 10:23:32 -08:00
spring-boot-smoke-test-session-mongo Remove parameterization of session smoke tests 2021-10-19 16:47:53 -07:00
spring-boot-smoke-test-session-redis Remove parameterization of session smoke tests 2021-10-19 16:47:53 -07:00
spring-boot-smoke-test-session-webflux Remove default spring.mongodb.embedded.version 2021-07-13 10:13:54 +01:00
spring-boot-smoke-test-simple
spring-boot-smoke-test-test Merge branch '2.4.x' into 2.5.x 2021-11-12 20:31:25 +00:00
spring-boot-smoke-test-test-nomockito Remove unnecessary throws declaration in tests 2021-05-17 09:31:51 +02:00
spring-boot-smoke-test-testng
spring-boot-smoke-test-tomcat Remove unnecessary throws declaration in tests 2021-05-17 09:31:51 +02:00
spring-boot-smoke-test-tomcat-jsp Prohibit unwanted dependencies in all modules not just starters 2021-11-12 20:04:35 +00:00
spring-boot-smoke-test-tomcat-multi-connectors Prohibit unwanted dependencies in all modules not just starters 2021-11-12 20:04:35 +00:00
spring-boot-smoke-test-tomcat-ssl Prohibit unwanted dependencies in all modules not just starters 2021-11-12 20:04:35 +00:00
spring-boot-smoke-test-traditional Update web.xml xsd references to for 3.1 version 2021-12-16 13:45:12 -08:00
spring-boot-smoke-test-undertow
spring-boot-smoke-test-undertow-ssl Prohibit unwanted dependencies in all modules not just starters 2021-11-12 20:04:35 +00:00
spring-boot-smoke-test-war
spring-boot-smoke-test-web-freemarker
spring-boot-smoke-test-web-groovy-templates
spring-boot-smoke-test-web-jsp Merge branch '2.4.x' into 2.5.x 2021-11-12 20:31:25 +00:00
spring-boot-smoke-test-web-method-security Remove use of Thymeleaf from smoke tests 2021-11-23 12:13:05 -06:00
spring-boot-smoke-test-web-mustache
spring-boot-smoke-test-web-secure Allow previously authorized users to access the error page 2021-12-17 16:58:58 -08:00
spring-boot-smoke-test-web-secure-custom Remove use of Thymeleaf from smoke tests 2021-11-23 12:13:05 -06:00
spring-boot-smoke-test-web-secure-jdbc Remove use of Thymeleaf from smoke tests 2021-11-23 12:13:05 -06:00
spring-boot-smoke-test-web-static
spring-boot-smoke-test-web-thymeleaf Remove use of Thymeleaf from smoke tests 2021-11-23 12:13:05 -06:00
spring-boot-smoke-test-webflux
spring-boot-smoke-test-webflux-coroutines
spring-boot-smoke-test-webservices Polish "Add @WebServiceServerTest slice test support" 2021-07-16 11:28:39 +01:00
spring-boot-smoke-test-websocket-jetty
spring-boot-smoke-test-websocket-jetty10 Polish 2021-07-13 09:56:45 +02:00
spring-boot-smoke-test-websocket-tomcat
spring-boot-smoke-test-websocket-undertow
spring-boot-smoke-test-xml Remove unnecessary throws declaration in tests 2021-05-17 09:31:51 +02:00