diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java
index 7299e3ebc8..e24b8d8f10 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -77,7 +77,7 @@ import static org.springframework.security.test.web.servlet.request.SecurityMock
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.forwardedUrl;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrlPattern;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
/**
@@ -167,7 +167,7 @@ public class NamespaceHttpTests {
// @formatter:off
this.mockMvc.perform(get("/"))
.andExpect(status().is3xxRedirection())
- .andExpect(redirectedUrl("/entry-point"));
+ .andExpect(redirectedUrlPattern("**/entry-point"));
// @formatter:on
}
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.java
index b519769bdb..f4646fe6f5 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2023 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -82,7 +82,7 @@ public class DefaultLoginPageConfigurerTests {
@Test
public void getWhenFormLoginEnabledThenRedirectsToLoginPage() throws Exception {
this.spring.register(DefaultLoginPageConfig.class).autowire();
- this.mvc.perform(get("/")).andExpect(redirectedUrl("/login"));
+ this.mvc.perform(get("/")).andExpect(redirectedUrl("http://localhost/login"));
}
@Test
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerTests.java
index cd57c7bd1b..d89526127e 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -213,7 +213,8 @@ public class ExceptionHandlingConfigurerTests {
@Test
public void getWhenUsingDefaultsAndUnauthenticatedThenRedirectsToLogin() throws Exception {
this.spring.register(DefaultHttpConfig.class).autowire();
- this.mvc.perform(get("/").header(HttpHeaders.ACCEPT, "bogus/type")).andExpect(redirectedUrl("/login"));
+ this.mvc.perform(get("/").header(HttpHeaders.ACCEPT, "bogus/type"))
+ .andExpect(redirectedUrl("http://localhost/login"));
}
@Test
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java
index 663b67bcbf..49b8ed2a1a 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -162,7 +162,7 @@ public class FormLoginConfigurerTests {
// @formatter:off
this.mockMvc.perform(get("/private"))
.andExpect(status().isFound())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
// @formatter:on
}
@@ -217,7 +217,7 @@ public class FormLoginConfigurerTests {
// @formatter:off
this.mockMvc.perform(get("/private"))
.andExpect(status().isFound())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
// @formatter:on
}
@@ -331,7 +331,7 @@ public class FormLoginConfigurerTests {
// @formatter:off
this.mockMvc.perform(get("/login?error"))
.andExpect(status().isFound())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
// @formatter:on
}
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java
index 2d46951de1..c1bd55dbdb 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -65,7 +65,7 @@ public class NamespaceHttpFormLoginTests {
@Test
public void formLoginWhenDefaultConfigurationThenMatchesNamespace() throws Exception {
this.spring.register(FormLoginConfig.class, UserDetailsServiceConfig.class).autowire();
- this.mvc.perform(get("/")).andExpect(redirectedUrl("/login"));
+ this.mvc.perform(get("/")).andExpect(redirectedUrl("http://localhost/login"));
this.mvc.perform(post("/login").with(csrf())).andExpect(redirectedUrl("/login?error"));
// @formatter:off
MockHttpServletRequestBuilder loginRequest = post("/login")
@@ -79,7 +79,7 @@ public class NamespaceHttpFormLoginTests {
@Test
public void formLoginWithCustomEndpointsThenBehaviorMatchesNamespace() throws Exception {
this.spring.register(FormLoginCustomConfig.class, UserDetailsServiceConfig.class).autowire();
- this.mvc.perform(get("/")).andExpect(redirectedUrl("/authentication/login"));
+ this.mvc.perform(get("/")).andExpect(redirectedUrl("http://localhost/authentication/login"));
this.mvc.perform(post("/authentication/login/process").with(csrf()))
.andExpect(redirectedUrl("/authentication/login?failed"));
// @formatter:off
@@ -94,7 +94,7 @@ public class NamespaceHttpFormLoginTests {
@Test
public void formLoginWithCustomHandlersThenBehaviorMatchesNamespace() throws Exception {
this.spring.register(FormLoginCustomRefsConfig.class, UserDetailsServiceConfig.class).autowire();
- this.mvc.perform(get("/")).andExpect(redirectedUrl("/login"));
+ this.mvc.perform(get("/")).andExpect(redirectedUrl("http://localhost/login"));
this.mvc.perform(post("/login").with(csrf())).andExpect(redirectedUrl("/custom/failure"));
verifyBean(WebAuthenticationDetailsSource.class).buildDetails(any(HttpServletRequest.class));
// @formatter:off
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java
index 2c448484e5..c55f865db8 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -104,7 +104,7 @@ public class NamespaceRememberMeTests {
.with(csrf())
.cookie(rememberMe);
this.mvc.perform(authenticationClassRequest)
- .andExpect(redirectedUrl("/login"))
+ .andExpect(redirectedUrl("http://localhost/login"))
.andReturn();
// @formatter:on
}
@@ -150,7 +150,7 @@ public class NamespaceRememberMeTests {
// @formatter:off
this.mvc.perform(somewhereRequest)
.andExpect(status().isFound())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
MockHttpServletRequestBuilder loginWithRememberme = post("/login").with(rememberMeLogin());
Cookie withKey = this.mvc.perform(loginWithRememberme)
.andReturn()
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurerTests.java
index 9277158ba2..e3cb83f76f 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurerTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2023 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -240,7 +240,7 @@ public class RememberMeConfigurerTests {
.with(csrf())
.cookie(expiredRememberMeCookie);
// @formatter:on
- this.mvc.perform(expiredRequest).andExpect(redirectedUrl("/login"));
+ this.mvc.perform(expiredRequest).andExpect(redirectedUrl("http://localhost/login"));
}
@Test
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java
index 09ada968b6..f22e55043d 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -90,7 +90,7 @@ public class RequestCacheConfigurerTests {
this.spring.register(RequestCacheDefaultsConfig.class, DefaultSecurityConfig.class).autowire();
// @formatter:off
MockHttpSession session = (MockHttpSession) this.mvc.perform(get("/favicon.ico"))
- .andExpect(redirectedUrl("/login"))
+ .andExpect(redirectedUrl("http://localhost/login"))
.andReturn()
.getRequest()
.getSession();
@@ -104,7 +104,7 @@ public class RequestCacheConfigurerTests {
this.spring.register(RequestCacheDefaultsConfig.class, DefaultSecurityConfig.class).autowire();
// @formatter:off
MockHttpSession session = (MockHttpSession) this.mvc.perform(get("/favicon.png"))
- .andExpect(redirectedUrl("/login"))
+ .andExpect(redirectedUrl("http://localhost/login"))
.andReturn()
.getRequest()
.getSession();
@@ -120,7 +120,7 @@ public class RequestCacheConfigurerTests {
MockHttpServletRequestBuilder request = get("/messages").header(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON);
// @formatter:off
MockHttpSession session = (MockHttpSession) this.mvc.perform(request)
- .andExpect(redirectedUrl("/login"))
+ .andExpect(redirectedUrl("http://localhost/login"))
.andReturn()
.getRequest()
.getSession();
@@ -140,7 +140,7 @@ public class RequestCacheConfigurerTests {
.header("X-Requested-With", "XMLHttpRequest");
MockHttpSession session = (MockHttpSession) this.mvc
.perform(xRequestedWith)
- .andExpect(redirectedUrl("/login"))
+ .andExpect(redirectedUrl("http://localhost/login"))
.andReturn()
.getRequest()
.getSession();
@@ -157,7 +157,7 @@ public class RequestCacheConfigurerTests {
MediaType.TEXT_EVENT_STREAM);
// @formatter:off
MockHttpSession session = (MockHttpSession) this.mvc.perform(request)
- .andExpect(redirectedUrl("/login"))
+ .andExpect(redirectedUrl("http://localhost/login"))
.andReturn()
.getRequest()
.getSession();
@@ -174,7 +174,7 @@ public class RequestCacheConfigurerTests {
MockHttpServletRequestBuilder request = get("/messages").header(HttpHeaders.ACCEPT, MediaType.ALL);
// @formatter:off
MockHttpSession session = (MockHttpSession) this.mvc.perform(request)
- .andExpect(redirectedUrl("/login"))
+ .andExpect(redirectedUrl("http://localhost/login"))
.andReturn()
.getRequest()
.getSession();
@@ -188,7 +188,7 @@ public class RequestCacheConfigurerTests {
MockHttpServletRequestBuilder request = get("/messages").header(HttpHeaders.ACCEPT, MediaType.TEXT_HTML);
// @formatter:off
MockHttpSession session = (MockHttpSession) this.mvc.perform(request)
- .andExpect(redirectedUrl("/login"))
+ .andExpect(redirectedUrl("http://localhost/login"))
.andReturn()
.getRequest()
.getSession();
@@ -203,7 +203,7 @@ public class RequestCacheConfigurerTests {
MockHttpServletRequestBuilder request = get("/messages")
.header(HttpHeaders.ACCEPT, "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8");
MockHttpSession session = (MockHttpSession) this.mvc.perform(request)
- .andExpect(redirectedUrl("/login"))
+ .andExpect(redirectedUrl("http://localhost/login"))
.andReturn()
.getRequest()
.getSession();
@@ -218,7 +218,7 @@ public class RequestCacheConfigurerTests {
MockHttpServletRequestBuilder request = get("/messages")
.header("X-Requested-With", "com.android");
MockHttpSession session = (MockHttpSession) this.mvc.perform(request)
- .andExpect(redirectedUrl("/login"))
+ .andExpect(redirectedUrl("http://localhost/login"))
.andReturn()
.getRequest()
.getSession();
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java
index 65a56cdb7a..b56d047a5f 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java
@@ -437,7 +437,7 @@ public class OAuth2LoginConfigurerTests {
this.request = new MockHttpServletRequest("GET", requestUri);
this.request.setServletPath(requestUri);
this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain);
- assertThat(this.response.getRedirectedUrl()).matches("/oauth2/authorization/google");
+ assertThat(this.response.getRedirectedUrl()).matches("http://localhost/oauth2/authorization/google");
}
// gh-6802
@@ -448,7 +448,7 @@ public class OAuth2LoginConfigurerTests {
this.request = new MockHttpServletRequest("GET", requestUri);
this.request.setServletPath(requestUri);
this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain);
- assertThat(this.response.getRedirectedUrl()).matches("/login");
+ assertThat(this.response.getRedirectedUrl()).matches("http://localhost/login");
}
// gh-5347
@@ -461,7 +461,7 @@ public class OAuth2LoginConfigurerTests {
this.request.setServletPath(requestUri);
this.request.addHeader(HttpHeaders.ACCEPT, new MediaType("image", "*").toString());
this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain);
- assertThat(this.response.getRedirectedUrl()).matches("/login");
+ assertThat(this.response.getRedirectedUrl()).matches("http://localhost/login");
}
// gh-5347
@@ -472,7 +472,7 @@ public class OAuth2LoginConfigurerTests {
this.request = new MockHttpServletRequest("GET", requestUri);
this.request.setServletPath(requestUri);
this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain);
- assertThat(this.response.getRedirectedUrl()).matches("/login");
+ assertThat(this.response.getRedirectedUrl()).matches("http://localhost/login");
}
// gh-6812
@@ -521,7 +521,7 @@ public class OAuth2LoginConfigurerTests {
this.request = new MockHttpServletRequest("GET", requestUri);
this.request.setServletPath(requestUri);
this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain);
- assertThat(this.response.getRedirectedUrl()).matches("/oauth2/authorization/google");
+ assertThat(this.response.getRedirectedUrl()).matches("http://localhost/oauth2/authorization/google");
}
@Test
@@ -531,7 +531,7 @@ public class OAuth2LoginConfigurerTests {
this.request = new MockHttpServletRequest("GET", requestUri);
this.request.setServletPath(requestUri);
this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain);
- assertThat(this.response.getRedirectedUrl()).matches("/custom-login");
+ assertThat(this.response.getRedirectedUrl()).matches("http://localhost/custom-login");
}
@Test
@@ -541,7 +541,7 @@ public class OAuth2LoginConfigurerTests {
this.request = new MockHttpServletRequest("GET", requestUri);
this.request.setServletPath(requestUri);
this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain);
- assertThat(this.response.getRedirectedUrl()).matches("/custom-login");
+ assertThat(this.response.getRedirectedUrl()).matches("http://localhost/custom-login");
}
@Test
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java
index 2dad6916fe..c247a6d7fe 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -1210,7 +1210,7 @@ public class OAuth2ResourceServerConfigurerTests {
MvcResult result = this.mvc.perform(get("/authenticated")
.header("Accept", "text/html"))
.andExpect(status().isFound())
- .andExpect(redirectedUrl("/login"))
+ .andExpect(redirectedUrl("http://localhost/login"))
.andReturn();
// @formatter:on
assertThat(result.getRequest().getSession(false)).isNotNull();
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java
index 3a91207290..6d874a583d 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -412,11 +412,10 @@ public class Saml2LoginConfigurerTests {
this.spring.register(Saml2LoginConfig.class).autowire();
this.mvc.perform(get("/favicon.ico").accept(MediaType.TEXT_HTML))
.andExpect(status().isFound())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
this.mvc.perform(get("/").accept(MediaType.TEXT_HTML))
.andExpect(status().isFound())
- .andExpect(header().string("Location", startsWith("/saml2/authenticate")));
-
+ .andExpect(header().string("Location", startsWith("http://localhost/saml2/authenticate")));
}
@Test
diff --git a/config/src/test/java/org/springframework/security/config/http/CsrfConfigTests.java b/config/src/test/java/org/springframework/security/config/http/CsrfConfigTests.java
index 781cce82e9..901945e73a 100644
--- a/config/src/test/java/org/springframework/security/config/http/CsrfConfigTests.java
+++ b/config/src/test/java/org/springframework/security/config/http/CsrfConfigTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -342,7 +342,7 @@ public class CsrfConfigTests {
this.spring.configLocations(this.xml("CsrfEnabled")).autowire();
// simulates a request that has no authentication (e.g. session time-out)
MvcResult result = this.mvc.perform(post("/authenticated").with(csrf()))
- .andExpect(redirectedUrl("/login"))
+ .andExpect(redirectedUrl("http://localhost/login"))
.andReturn();
MockHttpSession session = (MockHttpSession) result.getRequest().getSession();
// if the request cache is consulted, then it will redirect back to /some-url,
@@ -363,7 +363,9 @@ public class CsrfConfigTests {
throws Exception {
this.spring.configLocations(this.xml("CsrfEnabled")).autowire();
// simulates a request that has no authentication (e.g. session time-out)
- MvcResult result = this.mvc.perform(get("/authenticated")).andExpect(redirectedUrl("/login")).andReturn();
+ MvcResult result = this.mvc.perform(get("/authenticated"))
+ .andExpect(redirectedUrl("http://localhost/login"))
+ .andReturn();
MockHttpSession session = (MockHttpSession) result.getRequest().getSession();
// if the request cache is consulted, then it will redirect back to /some-url,
// which we do want
diff --git a/config/src/test/java/org/springframework/security/config/http/FormLoginConfigTests.java b/config/src/test/java/org/springframework/security/config/http/FormLoginConfigTests.java
index b054762aac..52237273df 100644
--- a/config/src/test/java/org/springframework/security/config/http/FormLoginConfigTests.java
+++ b/config/src/test/java/org/springframework/security/config/http/FormLoginConfigTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -73,7 +73,7 @@ public class FormLoginConfigTests {
this.spring.configLocations(this.xml("WithAntRequestMatcher")).autowire();
// @formatter:off
this.mvc.perform(get("/"))
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
// @formatter:on
}
@@ -107,7 +107,7 @@ public class FormLoginConfigTests {
this.mvc.perform(invalidPassword)
.andExpect(redirectedUrl(WebConfigUtilsTests.URL + "/failure"));
this.mvc.perform(get("/"))
- .andExpect(redirectedUrl(WebConfigUtilsTests.URL + "/login"));
+ .andExpect(redirectedUrl("http://localhost" + WebConfigUtilsTests.URL + "/login"));
// @formatter:on
}
diff --git a/config/src/test/java/org/springframework/security/config/http/HttpConfigTests.java b/config/src/test/java/org/springframework/security/config/http/HttpConfigTests.java
index 62b4ab99dd..c7f0590bc1 100644
--- a/config/src/test/java/org/springframework/security/config/http/HttpConfigTests.java
+++ b/config/src/test/java/org/springframework/security/config/http/HttpConfigTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -71,7 +71,7 @@ public class HttpConfigTests {
// @formatter:off
this.mvc.perform(get("/"))
.andExpect(status().isFound())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
// @formatter:on
}
@@ -81,7 +81,7 @@ public class HttpConfigTests {
// @formatter:off
this.mvc.perform(get("/"))
.andExpect(status().isFound())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
// @formatter:on
}
@@ -95,7 +95,7 @@ public class HttpConfigTests {
// @formatter:off
this.mvc.perform(get("/"))
.andExpect(status().isFound())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
// @formatter:on
verify(authorizationManager).check(any(), any());
}
@@ -109,7 +109,7 @@ public class HttpConfigTests {
proxy.doFilter(request, new EncodeUrlDenyingHttpServletResponseWrapper(response), (req, resp) -> {
});
assertThat(response.getStatus()).isEqualTo(HttpStatus.SC_MOVED_TEMPORARILY);
- assertThat(response.getRedirectedUrl()).isEqualTo("/login");
+ assertThat(response.getRedirectedUrl()).isEqualTo("http://localhost/login");
}
@Test
diff --git a/config/src/test/java/org/springframework/security/config/http/MiscHttpConfigTests.java b/config/src/test/java/org/springframework/security/config/http/MiscHttpConfigTests.java
index b08a3c868a..180bd2ec53 100644
--- a/config/src/test/java/org/springframework/security/config/http/MiscHttpConfigTests.java
+++ b/config/src/test/java/org/springframework/security/config/http/MiscHttpConfigTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -573,7 +573,7 @@ public class MiscHttpConfigTests {
proxy.doFilter(request, new EncodeUrlDenyingHttpServletResponseWrapper(response), (req, resp) -> {
});
assertThat(response.getStatus()).isEqualTo(HttpStatus.SC_MOVED_TEMPORARILY);
- assertThat(response.getRedirectedUrl()).isEqualTo("/login");
+ assertThat(response.getRedirectedUrl()).isEqualTo("http://localhost/login");
}
@Test
@@ -802,7 +802,7 @@ public class MiscHttpConfigTests {
this.spring.configLocations(xml("PortsMappedRequiresHttps")).autowire();
// @formatter:off
MockHttpSession session = (MockHttpSession) this.mvc.perform(get("https://localhost:9080/protected"))
- .andExpect(redirectedUrl("/login"))
+ .andExpect(redirectedUrl("https://localhost:9443/login"))
.andReturn()
.getRequest()
.getSession(false);
diff --git a/config/src/test/java/org/springframework/security/config/http/OAuth2LoginBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/http/OAuth2LoginBeanDefinitionParserTests.java
index 6c1e24dcee..b632f834de 100644
--- a/config/src/test/java/org/springframework/security/config/http/OAuth2LoginBeanDefinitionParserTests.java
+++ b/config/src/test/java/org/springframework/security/config/http/OAuth2LoginBeanDefinitionParserTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -174,7 +174,7 @@ public class OAuth2LoginBeanDefinitionParserTests {
// @formatter:off
this.mvc.perform(get("/"))
.andExpect(status().is3xxRedirection())
- .andExpect(redirectedUrl("/oauth2/authorization/google-login"));
+ .andExpect(redirectedUrl("http://localhost/oauth2/authorization/google-login"));
// @formatter:on
verify(this.requestCache).saveRequest(any(), any());
}
@@ -187,7 +187,7 @@ public class OAuth2LoginBeanDefinitionParserTests {
// @formatter:off
this.mvc.perform(get("/favicon.ico").accept(new MediaType("image", "*")))
.andExpect(status().is3xxRedirection())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
// @formatter:on
}
@@ -199,7 +199,7 @@ public class OAuth2LoginBeanDefinitionParserTests {
// @formatter:off
this.mvc.perform(get("/").header("X-Requested-With", "XMLHttpRequest"))
.andExpect(status().is3xxRedirection())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
// @formatter:on
}
@@ -411,7 +411,7 @@ public class OAuth2LoginBeanDefinitionParserTests {
// @formatter:off
this.mvc.perform(get("/"))
.andExpect(status().is3xxRedirection())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
// @formatter:on
}
@@ -421,7 +421,7 @@ public class OAuth2LoginBeanDefinitionParserTests {
// @formatter:off
this.mvc.perform(get("/"))
.andExpect(status().is3xxRedirection())
- .andExpect(redirectedUrl("/custom-login"));
+ .andExpect(redirectedUrl("http://localhost/custom-login"));
// @formatter:on
}
@@ -433,7 +433,7 @@ public class OAuth2LoginBeanDefinitionParserTests {
// @formatter:off
this.mvc.perform(get("/"))
.andExpect(status().is3xxRedirection())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
// @formatter:on
}
diff --git a/config/src/test/java/org/springframework/security/config/http/PlaceHolderAndELConfigTests.java b/config/src/test/java/org/springframework/security/config/http/PlaceHolderAndELConfigTests.java
index 0c1710f98b..ffe686efc1 100644
--- a/config/src/test/java/org/springframework/security/config/http/PlaceHolderAndELConfigTests.java
+++ b/config/src/test/java/org/springframework/security/config/http/PlaceHolderAndELConfigTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -73,7 +73,7 @@ public class PlaceHolderAndELConfigTests {
// login-page setting
// @formatter:off
this.mvc.perform(get("/secured"))
- .andExpect(redirectedUrl("/loginPage"));
+ .andExpect(redirectedUrl("http://localhost/loginPage"));
// login-processing-url setting
// default-target-url setting
this.mvc.perform(post("/loginPage").param("username", "user").param("password", "password"))
@@ -98,7 +98,7 @@ public class PlaceHolderAndELConfigTests {
// login-page setting
// @formatter:off
this.mvc.perform(get("/secured"))
- .andExpect(redirectedUrl("/loginPage"));
+ .andExpect(redirectedUrl("http://localhost/loginPage"));
// login-processing-url setting
// default-target-url setting
this.mvc.perform(post("/loginPage").param("username", "user").param("password", "password"))
diff --git a/config/src/test/java/org/springframework/security/config/http/Saml2LoginBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/http/Saml2LoginBeanDefinitionParserTests.java
index fad02a9ae0..9eb168233a 100644
--- a/config/src/test/java/org/springframework/security/config/http/Saml2LoginBeanDefinitionParserTests.java
+++ b/config/src/test/java/org/springframework/security/config/http/Saml2LoginBeanDefinitionParserTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -161,7 +161,7 @@ public class Saml2LoginBeanDefinitionParserTests {
// @formatter:off
this.mvc.perform(get("/"))
.andExpect(status().is3xxRedirection())
- .andExpect(redirectedUrl("/saml2/authenticate/one"));
+ .andExpect(redirectedUrl("http://localhost/saml2/authenticate/one"));
// @formatter:on
verify(this.requestCache).saveRequest(any(), any());
}
@@ -172,7 +172,7 @@ public class Saml2LoginBeanDefinitionParserTests {
// @formatter:off
this.mvc.perform(get("/"))
.andExpect(status().is3xxRedirection())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
// @formatter:on
}
diff --git a/config/src/test/java/org/springframework/security/config/http/SecurityContextHolderAwareRequestConfigTests.java b/config/src/test/java/org/springframework/security/config/http/SecurityContextHolderAwareRequestConfigTests.java
index 5a7d0a9038..713a03b846 100644
--- a/config/src/test/java/org/springframework/security/config/http/SecurityContextHolderAwareRequestConfigTests.java
+++ b/config/src/test/java/org/springframework/security/config/http/SecurityContextHolderAwareRequestConfigTests.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -78,7 +78,7 @@ public class SecurityContextHolderAwareRequestConfigTests {
// @formatter:off
this.mvc.perform(get("/authenticate"))
.andExpect(status().isFound())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
// @formatter:on
}
@@ -114,7 +114,7 @@ public class SecurityContextHolderAwareRequestConfigTests {
// @formatter:off
this.mvc.perform(get("/authenticate"))
.andExpect(status().isFound())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
// @formatter:on
}
@@ -137,10 +137,10 @@ public class SecurityContextHolderAwareRequestConfigTests {
// @formatter:off
this.mvc.perform(get("/authenticate"))
.andExpect(status().isFound())
- .andExpect(redirectedUrl("/login"));
+ .andExpect(redirectedUrl("http://localhost/login"));
this.mvc.perform(get("/v2/authenticate"))
.andExpect(status().isFound())
- .andExpect(redirectedUrl("/login2"));
+ .andExpect(redirectedUrl("http://localhost/login2"));
// @formatter:on
}
@@ -177,10 +177,10 @@ public class SecurityContextHolderAwareRequestConfigTests {
@Test
public void servletLogoutWhenUsingCustomLogoutThenUsesSpringSecurity() throws Exception {
this.spring.configLocations(this.xml("Logout")).autowire();
- // @formatter:off
this.mvc.perform(get("/authenticate"))
- .andExpect(status().isFound())
- .andExpect(redirectedUrl("/signin"));
+ .andExpect(status().isFound())
+ .andExpect(redirectedUrl("http://localhost/signin"));
+ // @formatter:off
MvcResult result = this.mvc.perform(get("/good-login"))
.andReturn();
// @formatter:on
diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/ExceptionHandlingDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/ExceptionHandlingDslTests.kt
index 2aea44c6ff..ed3e409cff 100644
--- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/ExceptionHandlingDslTests.kt
+++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/ExceptionHandlingDslTests.kt
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -217,7 +217,7 @@ class ExceptionHandlingDslTests {
this.mockMvc.get("/")
.andExpect {
status { isFound() }
- redirectedUrl("/custom-login")
+ redirectedUrl("http://localhost/custom-login")
}
}
@@ -246,13 +246,13 @@ class ExceptionHandlingDslTests {
this.mockMvc.get("/secured1")
.andExpect {
status { isFound() }
- redirectedUrl("/custom-login1")
+ redirectedUrl("http://localhost/custom-login1")
}
this.mockMvc.get("/secured2")
.andExpect {
status { isFound() }
- redirectedUrl("/custom-login2")
+ redirectedUrl("http://localhost/custom-login2")
}
}
diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt
index 5b00105247..965c361b4a 100644
--- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt
+++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt
@@ -143,7 +143,7 @@ class FormLoginDslTests {
this.mockMvc.get("/")
.andExpect {
status { isFound() }
- redirectedUrl("/login")
+ redirectedUrl("http://localhost/login")
}
}
@@ -169,7 +169,7 @@ class FormLoginDslTests {
this.mockMvc.get("/")
.andExpect {
status { isFound() }
- redirectedUrl("/log-in")
+ redirectedUrl("http://localhost/log-in")
}
}
diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt
index a3a07cc010..b73b41f50d 100644
--- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt
+++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -153,7 +153,7 @@ internal class RememberMeDslTests {
cookie(expiredRememberMeCookie)
}.andExpect {
status { isFound() }
- redirectedUrl("/login")
+ redirectedUrl("http://localhost/login")
}
}
@@ -229,7 +229,7 @@ internal class RememberMeDslTests {
cookie(withoutKeyRememberMeCookie)
}.andExpect {
status { isFound() }
- redirectedUrl("/login")
+ redirectedUrl("http://localhost/login")
}
val keyMvcResult = mockMvc.post("/login") {
loginRememberMeRequest()
diff --git a/docs/modules/ROOT/pages/migration-7/web.adoc b/docs/modules/ROOT/pages/migration-7/web.adoc
new file mode 100644
index 0000000000..024d560449
--- /dev/null
+++ b/docs/modules/ROOT/pages/migration-7/web.adoc
@@ -0,0 +1,104 @@
+= Web Migrations
+
+== Favor Relative URIs
+
+When redirecting to a login endpoint, Spring Security has favored absolute URIs in the past.
+For example, if you set your login page like so:
+
+[tabs]
+======
+Java::
++
+[source,java,role="primary"]
+----
+http
+ // ...
+ .formLogin((form) -> form.loginPage("/my-login"))
+ // ...
+----
+
+Kotlin::
++
+[source,kotlin,role="secondary"]
+----
+http {
+ formLogin {
+ loginPage = "/my-login"
+ }
+}
+----
+
+Xml::
++
+[source,kotlin,role="secondary"]
+----
+
+
+
+----
+======
+
+then when redirecting to `/my-login` Spring Security would use a `Location:` like the following:
+
+[source]
+----
+302 Found
+// ...
+Location: https://myapp.example.org/my-login
+----
+
+However, this is no longer necessary given that the RFC is was based on is now obsolete.
+
+In Spring Security 7, this is changed to use a relative URI like so:
+
+[source]
+----
+302 Found
+// ...
+Location: /my-login
+----
+
+Most applications will not notice a difference.
+However, in the event that this change causes problems, you can switch back to the Spring Security 6 behavior by setting the `favorRelativeUrls` value:
+
+[tabs]
+======
+Java::
++
+[source,java,role="primary"]
+----
+LoginUrlAuthenticationEntryPoint entryPoint = new LoginUrlAuthenticationEntryPoint("/my-login");
+entryPoint.setFavorRelativeUris(false);
+http
+ // ...
+ .exceptionHandling((exceptions) -> exceptions.authenticaitonEntryPoint(entryPoint))
+ // ...
+----
+
+Kotlin::
++
+[source,kotlin,role="secondary"]
+----
+LoginUrlAuthenticationEntryPoint entryPoint = LoginUrlAuthenticationEntryPoint("/my-login")
+entryPoint.setFavorRelativeUris(false)
+
+http {
+ exceptionHandling {
+ authenticationEntryPoint = entryPoint
+ }
+}
+----
+
+Xml::
++
+[source,kotlin,role="secondary"]
+----
+
+
+
+
+
+
+
+----
+======
diff --git a/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java b/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java
index 60cf4eef4c..5e62d2ebeb 100644
--- a/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java
@@ -78,6 +78,8 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin
private boolean useForward = false;
+ private boolean favorRelativeUris = false;
+
private final RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
/**
@@ -144,23 +146,41 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin
protected String buildRedirectUrlToLoginPage(HttpServletRequest request, HttpServletResponse response,
AuthenticationException authException) {
String loginForm = determineUrlToUseForThisRequest(request, response, authException);
- if (UrlUtils.isAbsoluteUrl(loginForm) || !this.forceHttps || "https".equals(request.getScheme())) {
+ if (UrlUtils.isAbsoluteUrl(loginForm)) {
return loginForm;
}
+ if (requiresRewrite(request)) {
+ return httpsUri(request, loginForm);
+ }
+ return this.favorRelativeUris ? loginForm : absoluteUri(request, loginForm).getUrl();
+ }
+
+ private boolean requiresRewrite(HttpServletRequest request) {
+ return this.forceHttps && "http".equals(request.getScheme());
+ }
+
+ private String httpsUri(HttpServletRequest request, String path) {
int serverPort = this.portResolver.getServerPort(request);
Integer httpsPort = this.portMapper.lookupHttpsPort(serverPort);
if (httpsPort == null) {
logger.warn(LogMessage.format("Unable to redirect to HTTPS as no port mapping found for HTTP port %s",
serverPort));
- return loginForm;
+ return this.favorRelativeUris ? path : absoluteUri(request, path).getUrl();
}
+ RedirectUrlBuilder builder = absoluteUri(request, path);
+ builder.setScheme("https");
+ builder.setPort(httpsPort);
+ return builder.getUrl();
+ }
+
+ private RedirectUrlBuilder absoluteUri(HttpServletRequest request, String path) {
RedirectUrlBuilder urlBuilder = new RedirectUrlBuilder();
- urlBuilder.setScheme("https");
+ urlBuilder.setScheme(request.getScheme());
urlBuilder.setServerName(request.getServerName());
- urlBuilder.setPort(httpsPort);
+ urlBuilder.setPort(this.portResolver.getServerPort(request));
urlBuilder.setContextPath(request.getContextPath());
- urlBuilder.setPathInfo(loginForm);
- return urlBuilder.getUrl();
+ urlBuilder.setPathInfo(path);
+ return urlBuilder;
}
/**
@@ -238,4 +258,18 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin
return this.useForward;
}
+ /**
+ * Favor using relative URIs when formulating a redirect.
+ *
+ *
+ * Note that a relative redirect is not always possible. For example, when redirecting
+ * from {@code http} to {@code https}, the URL needs to be absolute.
+ *
+ * @param favorRelativeUris whether to favor relative URIs or not
+ * @since 6.5
+ */
+ public void setFavorRelativeUris(boolean favorRelativeUris) {
+ this.favorRelativeUris = favorRelativeUris;
+ }
+
}
diff --git a/web/src/test/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPointTests.java b/web/src/test/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPointTests.java
index ad699da8ea..91e2d93cdf 100644
--- a/web/src/test/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPointTests.java
+++ b/web/src/test/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPointTests.java
@@ -129,18 +129,18 @@ public class LoginUrlAuthenticationEntryPointTests {
ep.setPortResolver(new MockPortResolver(80, 443));
ep.afterPropertiesSet();
ep.commence(request, response, null);
- assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello");
+ assertThat(response.getRedirectedUrl()).isEqualTo("https://www.example.com/bigWebApp/hello");
request.setServerPort(8443);
response = new MockHttpServletResponse();
ep.setPortResolver(new MockPortResolver(8080, 8443));
ep.commence(request, response, null);
- assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello");
+ assertThat(response.getRedirectedUrl()).isEqualTo("https://www.example.com:8443/bigWebApp/hello");
// access to https via http port
request.setServerPort(8080);
response = new MockHttpServletResponse();
ep.setPortResolver(new MockPortResolver(8080, 8443));
ep.commence(request, response, null);
- assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello");
+ assertThat(response.getRedirectedUrl()).isEqualTo("https://www.example.com:8443/bigWebApp/hello");
}
@Test
@@ -158,7 +158,7 @@ public class LoginUrlAuthenticationEntryPointTests {
request.setServerPort(80);
MockHttpServletResponse response = new MockHttpServletResponse();
ep.commence(request, response, null);
- assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello");
+ assertThat(response.getRedirectedUrl()).isEqualTo("http://localhost/bigWebApp/hello");
}
@Test
@@ -178,7 +178,7 @@ public class LoginUrlAuthenticationEntryPointTests {
ep.commence(request, response, null);
// Response doesn't switch to HTTPS, as we didn't know HTTP port 8888 to HTTP port
// mapping
- assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello");
+ assertThat(response.getRedirectedUrl()).isEqualTo("http://localhost:8888/bigWebApp/hello");
}
@Test
@@ -237,4 +237,54 @@ public class LoginUrlAuthenticationEntryPointTests {
assertThatIllegalArgumentException().isThrownBy(ep::afterPropertiesSet);
}
+ @Test
+ public void commenceWhenFavorRelativeUrisThenHttpsSchemeNotIncluded() throws Exception {
+ MockHttpServletRequest request = new MockHttpServletRequest();
+ request.setRequestURI("/some_path");
+ request.setScheme("https");
+ request.setServerName("www.example.com");
+ request.setContextPath("/bigWebApp");
+ request.setServerPort(443);
+ MockHttpServletResponse response = new MockHttpServletResponse();
+ LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint("/hello");
+ ep.setFavorRelativeUris(true);
+ ep.setPortMapper(new PortMapperImpl());
+ ep.setForceHttps(true);
+ ep.setPortMapper(new PortMapperImpl());
+ ep.setPortResolver(new MockPortResolver(80, 443));
+ ep.afterPropertiesSet();
+ ep.commence(request, response, null);
+ assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello");
+ request.setServerPort(8443);
+ response = new MockHttpServletResponse();
+ ep.setPortResolver(new MockPortResolver(8080, 8443));
+ ep.commence(request, response, null);
+ assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello");
+ // access to https via http port
+ request.setServerPort(8080);
+ response = new MockHttpServletResponse();
+ ep.setPortResolver(new MockPortResolver(8080, 8443));
+ ep.commence(request, response, null);
+ assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello");
+ }
+
+ @Test
+ public void commenceWhenFavorRelativeUrisThenHttpSchemeNotIncluded() throws Exception {
+ LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint("/hello");
+ ep.setFavorRelativeUris(true);
+ ep.setPortMapper(new PortMapperImpl());
+ ep.setPortResolver(new MockPortResolver(80, 443));
+ ep.afterPropertiesSet();
+ MockHttpServletRequest request = new MockHttpServletRequest();
+ request.setRequestURI("/some_path");
+ request.setContextPath("/bigWebApp");
+ request.setScheme("http");
+ request.setServerName("localhost");
+ request.setContextPath("/bigWebApp");
+ request.setServerPort(80);
+ MockHttpServletResponse response = new MockHttpServletResponse();
+ ep.commence(request, response, null);
+ assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello");
+ }
+
}