Add DefaultResourcesFitler to XML configuration
This commit is contained in:
Daniel Garnier-Moiroux
Rob Winch
parent
3bb1647138
commit
85693b2806
|
|
@ -60,6 +60,7 @@ import org.springframework.security.web.authentication.preauth.x509.SubjectDnX50
|
||||||
import org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter;
|
import org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter;
|
||||||
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
|
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
|
||||||
import org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter;
|
import org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter;
|
||||||
|
import org.springframework.security.web.authentication.ui.DefaultResourcesFilter;
|
||||||
import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
|
import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
|
||||||
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
||||||
import org.springframework.security.web.csrf.CsrfToken;
|
import org.springframework.security.web.csrf.CsrfToken;
|
||||||
|
|
@ -155,6 +156,8 @@ final class AuthenticationConfigBuilder {
|
||||||
|
|
||||||
private BeanDefinition logoutPageGenerationFilter;
|
private BeanDefinition logoutPageGenerationFilter;
|
||||||
|
|
||||||
|
private BeanDefinition defaultResourcesFilter;
|
||||||
|
|
||||||
private BeanDefinition etf;
|
private BeanDefinition etf;
|
||||||
|
|
||||||
private final BeanReference requestCache;
|
private final BeanReference requestCache;
|
||||||
|
|
@ -635,6 +638,9 @@ final class AuthenticationConfigBuilder {
|
||||||
}
|
}
|
||||||
this.loginPageGenerationFilter = loginPageFilter.getBeanDefinition();
|
this.loginPageGenerationFilter = loginPageFilter.getBeanDefinition();
|
||||||
this.logoutPageGenerationFilter = logoutPageFilter.getBeanDefinition();
|
this.logoutPageGenerationFilter = logoutPageFilter.getBeanDefinition();
|
||||||
|
this.defaultResourcesFilter = BeanDefinitionBuilder.rootBeanDefinition(DefaultResourcesFilter.class)
|
||||||
|
.setFactoryMethod("css")
|
||||||
|
.getBeanDefinition();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -890,6 +896,9 @@ final class AuthenticationConfigBuilder {
|
||||||
filters.add(new OrderDecorator(this.loginPageGenerationFilter, SecurityFilters.LOGIN_PAGE_FILTER));
|
filters.add(new OrderDecorator(this.loginPageGenerationFilter, SecurityFilters.LOGIN_PAGE_FILTER));
|
||||||
filters.add(new OrderDecorator(this.logoutPageGenerationFilter, SecurityFilters.LOGOUT_PAGE_FILTER));
|
filters.add(new OrderDecorator(this.logoutPageGenerationFilter, SecurityFilters.LOGOUT_PAGE_FILTER));
|
||||||
}
|
}
|
||||||
|
if (this.defaultResourcesFilter != null) {
|
||||||
|
filters.add(new OrderDecorator(this.defaultResourcesFilter, SecurityFilters.DEFAULT_RESOURCES_FILTER));
|
||||||
|
}
|
||||||
if (this.basicFilter != null) {
|
if (this.basicFilter != null) {
|
||||||
filters.add(new OrderDecorator(this.basicFilter, SecurityFilters.BASIC_AUTH_FILTER));
|
filters.add(new OrderDecorator(this.basicFilter, SecurityFilters.BASIC_AUTH_FILTER));
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -71,6 +71,8 @@ enum SecurityFilters {
|
||||||
|
|
||||||
FORM_LOGIN_FILTER,
|
FORM_LOGIN_FILTER,
|
||||||
|
|
||||||
|
DEFAULT_RESOURCES_FILTER,
|
||||||
|
|
||||||
LOGIN_PAGE_FILTER,
|
LOGIN_PAGE_FILTER,
|
||||||
|
|
||||||
LOGOUT_PAGE_FILTER,
|
LOGOUT_PAGE_FILTER,
|
||||||
|
|
|
||||||
|
|
@ -1346,4 +1346,4 @@ position =
|
||||||
## The explicit position at which the custom-filter should be placed in the chain. Use if you are replacing a standard filter.
|
## The explicit position at which the custom-filter should be placed in the chain. Use if you are replacing a standard filter.
|
||||||
attribute position {named-security-filter}
|
attribute position {named-security-filter}
|
||||||
|
|
||||||
named-security-filter = "FIRST" | "DISABLE_ENCODE_URL_FILTER" | "FORCE_EAGER_SESSION_FILTER" | "CHANNEL_FILTER" | "SECURITY_CONTEXT_FILTER" | "CONCURRENT_SESSION_FILTER" | "WEB_ASYNC_MANAGER_FILTER" | "HEADERS_FILTER" | "CORS_FILTER" | "SAML2_LOGOUT_REQUEST_FILTER" | "SAML2_LOGOUT_RESPONSE_FILTER" | "CSRF_FILTER" | "SAML2_LOGOUT_FILTER" | "LOGOUT_FILTER" | "OAUTH2_AUTHORIZATION_REQUEST_FILTER" | "SAML2_AUTHENTICATION_REQUEST_FILTER" | "X509_FILTER" | "PRE_AUTH_FILTER" | "CAS_FILTER" | "OAUTH2_LOGIN_FILTER" | "SAML2_AUTHENTICATION_FILTER" | "FORM_LOGIN_FILTER" | "LOGIN_PAGE_FILTER" |"LOGOUT_PAGE_FILTER" | "DIGEST_AUTH_FILTER" | "BEARER_TOKEN_AUTH_FILTER" | "BASIC_AUTH_FILTER" | "REQUEST_CACHE_FILTER" | "SERVLET_API_SUPPORT_FILTER" | "JAAS_API_SUPPORT_FILTER" | "REMEMBER_ME_FILTER" | "ANONYMOUS_FILTER" | "OAUTH2_AUTHORIZATION_CODE_GRANT_FILTER" | "WELL_KNOWN_CHANGE_PASSWORD_REDIRECT_FILTER" | "SESSION_MANAGEMENT_FILTER" | "EXCEPTION_TRANSLATION_FILTER" | "FILTER_SECURITY_INTERCEPTOR" | "SWITCH_USER_FILTER" | "LAST"
|
named-security-filter = "FIRST" | "DISABLE_ENCODE_URL_FILTER" | "FORCE_EAGER_SESSION_FILTER" | "CHANNEL_FILTER" | "SECURITY_CONTEXT_FILTER" | "CONCURRENT_SESSION_FILTER" | "WEB_ASYNC_MANAGER_FILTER" | "HEADERS_FILTER" | "CORS_FILTER" | "SAML2_LOGOUT_REQUEST_FILTER" | "SAML2_LOGOUT_RESPONSE_FILTER" | "CSRF_FILTER" | "SAML2_LOGOUT_FILTER" | "LOGOUT_FILTER" | "OAUTH2_AUTHORIZATION_REQUEST_FILTER" | "SAML2_AUTHENTICATION_REQUEST_FILTER" | "X509_FILTER" | "PRE_AUTH_FILTER" | "CAS_FILTER" | "OAUTH2_LOGIN_FILTER" | "SAML2_AUTHENTICATION_FILTER" | "FORM_LOGIN_FILTER" | "DEFAULT_RESOURCES_FILTER" | "LOGIN_PAGE_FILTER" | "LOGOUT_PAGE_FILTER" | "DIGEST_AUTH_FILTER" | "BEARER_TOKEN_AUTH_FILTER" | "BASIC_AUTH_FILTER" | "REQUEST_CACHE_FILTER" | "SERVLET_API_SUPPORT_FILTER" | "JAAS_API_SUPPORT_FILTER" | "REMEMBER_ME_FILTER" | "ANONYMOUS_FILTER" | "OAUTH2_AUTHORIZATION_CODE_GRANT_FILTER" | "WELL_KNOWN_CHANGE_PASSWORD_REDIRECT_FILTER" | "SESSION_MANAGEMENT_FILTER" | "EXCEPTION_TRANSLATION_FILTER" | "FILTER_SECURITY_INTERCEPTOR" | "SWITCH_USER_FILTER" | "LAST"
|
||||||
|
|
|
||||||
|
|
@ -3799,6 +3799,7 @@
|
||||||
<xs:enumeration value="OAUTH2_LOGIN_FILTER"/>
|
<xs:enumeration value="OAUTH2_LOGIN_FILTER"/>
|
||||||
<xs:enumeration value="SAML2_AUTHENTICATION_FILTER"/>
|
<xs:enumeration value="SAML2_AUTHENTICATION_FILTER"/>
|
||||||
<xs:enumeration value="FORM_LOGIN_FILTER"/>
|
<xs:enumeration value="FORM_LOGIN_FILTER"/>
|
||||||
|
<xs:enumeration value="DEFAULT_RESOURCES_FILTER"/>
|
||||||
<xs:enumeration value="LOGIN_PAGE_FILTER"/>
|
<xs:enumeration value="LOGIN_PAGE_FILTER"/>
|
||||||
<xs:enumeration value="LOGOUT_PAGE_FILTER"/>
|
<xs:enumeration value="LOGOUT_PAGE_FILTER"/>
|
||||||
<xs:enumeration value="DIGEST_AUTH_FILTER"/>
|
<xs:enumeration value="DIGEST_AUTH_FILTER"/>
|
||||||
|
|
|
||||||
|
|
@ -93,6 +93,7 @@ import org.springframework.security.web.authentication.logout.LogoutFilter;
|
||||||
import org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter;
|
import org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter;
|
||||||
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
|
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
|
||||||
import org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter;
|
import org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter;
|
||||||
|
import org.springframework.security.web.authentication.ui.DefaultResourcesFilter;
|
||||||
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
||||||
import org.springframework.security.web.context.HttpRequestResponseHolder;
|
import org.springframework.security.web.context.HttpRequestResponseHolder;
|
||||||
import org.springframework.security.web.context.SecurityContextHolderFilter;
|
import org.springframework.security.web.context.SecurityContextHolderFilter;
|
||||||
|
|
@ -848,6 +849,7 @@ public class MiscHttpConfigTests {
|
||||||
assertThat(filters.next()).isInstanceOf(CsrfFilter.class);
|
assertThat(filters.next()).isInstanceOf(CsrfFilter.class);
|
||||||
assertThat(filters.next()).isInstanceOf(LogoutFilter.class);
|
assertThat(filters.next()).isInstanceOf(LogoutFilter.class);
|
||||||
assertThat(filters.next()).isInstanceOf(UsernamePasswordAuthenticationFilter.class);
|
assertThat(filters.next()).isInstanceOf(UsernamePasswordAuthenticationFilter.class);
|
||||||
|
assertThat(filters.next()).isInstanceOf(DefaultResourcesFilter.class);
|
||||||
assertThat(filters.next()).isInstanceOf(DefaultLoginPageGeneratingFilter.class);
|
assertThat(filters.next()).isInstanceOf(DefaultLoginPageGeneratingFilter.class);
|
||||||
assertThat(filters.next()).isInstanceOf(DefaultLogoutPageGeneratingFilter.class);
|
assertThat(filters.next()).isInstanceOf(DefaultLogoutPageGeneratingFilter.class);
|
||||||
assertThat(filters.next()).isInstanceOf(BasicAuthenticationFilter.class);
|
assertThat(filters.next()).isInstanceOf(BasicAuthenticationFilter.class);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue