SEC-1700: Allow for case where JAAS config is not a simple file, but may be a jar resource, for example.
This commit is contained in:
parent
1b2fdf8b02
commit
5a9aa6d1aa
|
@ -15,16 +15,6 @@
|
||||||
|
|
||||||
package org.springframework.security.authentication.jaas;
|
package org.springframework.security.authentication.jaas;
|
||||||
|
|
||||||
import java.io.File;
|
|
||||||
import java.io.IOException;
|
|
||||||
import java.net.URL;
|
|
||||||
import java.security.Security;
|
|
||||||
|
|
||||||
import javax.security.auth.callback.CallbackHandler;
|
|
||||||
import javax.security.auth.login.Configuration;
|
|
||||||
import javax.security.auth.login.LoginContext;
|
|
||||||
import javax.security.auth.login.LoginException;
|
|
||||||
|
|
||||||
import org.apache.commons.logging.Log;
|
import org.apache.commons.logging.Log;
|
||||||
import org.apache.commons.logging.LogFactory;
|
import org.apache.commons.logging.LogFactory;
|
||||||
import org.springframework.core.io.Resource;
|
import org.springframework.core.io.Resource;
|
||||||
|
@ -35,6 +25,15 @@ import org.springframework.security.core.AuthenticationException;
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
|
|
||||||
|
import javax.security.auth.callback.CallbackHandler;
|
||||||
|
import javax.security.auth.login.Configuration;
|
||||||
|
import javax.security.auth.login.LoginContext;
|
||||||
|
import javax.security.auth.login.LoginException;
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.net.URL;
|
||||||
|
import java.security.Security;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* An {@link AuthenticationProvider} implementation that retrieves user details from a JAAS login configuration.
|
* An {@link AuthenticationProvider} implementation that retrieves user details from a JAAS login configuration.
|
||||||
|
@ -192,14 +191,20 @@ public class JaasAuthenticationProvider extends AbstractJaasAuthenticationProvid
|
||||||
}
|
}
|
||||||
|
|
||||||
private String convertLoginConfigToUrl() throws IOException {
|
private String convertLoginConfigToUrl() throws IOException {
|
||||||
String loginConfigPath = loginConfig.getFile().getAbsolutePath();
|
String loginConfigPath;
|
||||||
loginConfigPath = loginConfigPath.replace(File.separatorChar, '/');
|
|
||||||
|
try {
|
||||||
|
loginConfigPath = loginConfig.getFile().getAbsolutePath().replace(File.separatorChar, '/');
|
||||||
|
|
||||||
if (!loginConfigPath.startsWith("/")) {
|
if (!loginConfigPath.startsWith("/")) {
|
||||||
loginConfigPath = "/" + loginConfigPath;
|
loginConfigPath = "/" + loginConfigPath;
|
||||||
}
|
}
|
||||||
|
|
||||||
return new URL("file", "", loginConfigPath).toString();
|
return new URL("file", "", loginConfigPath).toString();
|
||||||
|
} catch (IOException e) {
|
||||||
|
// SEC-1700: May be inside a jar
|
||||||
|
return loginConfig.getURL().toString();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -233,7 +238,7 @@ public class JaasAuthenticationProvider extends AbstractJaasAuthenticationProvid
|
||||||
* If set, a call to {@code Configuration#refresh()} will be made by {@code #configureJaas(Resource) }
|
* If set, a call to {@code Configuration#refresh()} will be made by {@code #configureJaas(Resource) }
|
||||||
* method. Defaults to {@code true}.
|
* method. Defaults to {@code true}.
|
||||||
*
|
*
|
||||||
* @see <a href="https://jira.springsource.org/browse/SEC-1320">SEC-1230</a>
|
* @see <a href="https://jira.springsource.org/browse/SEC-1320">SEC-1320</a>
|
||||||
*
|
*
|
||||||
* @param refresh set to {@code false} to disable reloading of the configuration.
|
* @param refresh set to {@code false} to disable reloading of the configuration.
|
||||||
* May be useful in some environments.
|
* May be useful in some environments.
|
||||||
|
|
Loading…
Reference in New Issue