From ae71e9a5bd16f666c4dafa43910a858f534027a2 Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Sun, 27 Jan 2008 00:48:53 +0000 Subject: [PATCH] SEC-632: Changed user-filter to custom-filter to avoid confusion with system "users". --- .../springframework/security/config/Elements.java | 2 +- .../config/HttpSecurityConfigPostProcessor.java | 2 +- .../OrderedFilterBeanDefinitionDecorator.java | 3 ++- .../security/config/SecurityNamespaceHandler.java | 2 +- .../security/config/spring-security-2.0.rnc | 8 ++++---- .../security/config/spring-security-2.0.xsd | 14 +++++++------- .../HttpSecurityBeanDefinitionParserTests.java | 2 +- 7 files changed, 17 insertions(+), 16 deletions(-) diff --git a/core/src/main/java/org/springframework/security/config/Elements.java b/core/src/main/java/org/springframework/security/config/Elements.java index 9bb7d73690..b0f063df2c 100644 --- a/core/src/main/java/org/springframework/security/config/Elements.java +++ b/core/src/main/java/org/springframework/security/config/Elements.java @@ -29,5 +29,5 @@ abstract class Elements { public static final String SALT_SOURCE = "salt-source"; public static final String PORT_MAPPINGS = "port-mappings"; public static final String PORT_MAPPING = "port-mapping"; - public static final String USER_FILTER = "user-filter"; + public static final String CUSTOM_FILTER = "custom-filter"; } diff --git a/core/src/main/java/org/springframework/security/config/HttpSecurityConfigPostProcessor.java b/core/src/main/java/org/springframework/security/config/HttpSecurityConfigPostProcessor.java index 4cf5575f36..b6e9fdb7e2 100644 --- a/core/src/main/java/org/springframework/security/config/HttpSecurityConfigPostProcessor.java +++ b/core/src/main/java/org/springframework/security/config/HttpSecurityConfigPostProcessor.java @@ -188,7 +188,7 @@ public class HttpSecurityConfigPostProcessor implements BeanFactoryPostProcessor continue; } - // Filters must be Spring security filters or wrapped using + // Filters must be Spring security filters or wrapped using if (!filter.getClass().getName().startsWith("org.springframework.security")) { continue; } diff --git a/core/src/main/java/org/springframework/security/config/OrderedFilterBeanDefinitionDecorator.java b/core/src/main/java/org/springframework/security/config/OrderedFilterBeanDefinitionDecorator.java index 787e0a2ead..553b6bab7d 100644 --- a/core/src/main/java/org/springframework/security/config/OrderedFilterBeanDefinitionDecorator.java +++ b/core/src/main/java/org/springframework/security/config/OrderedFilterBeanDefinitionDecorator.java @@ -95,7 +95,8 @@ public class OrderedFilterBeanDefinitionDecorator implements BeanDefinitionDecor public final int getOrder() { if(order == null) { Assert.isInstanceOf(Ordered.class, "Filter '"+ beanName +"' must implement the 'Ordered' interface " + - " or you must specify one of the attributes 'after' or 'before' in "); + " or you must specify one of the attributes '" + ATT_AFTER + "' or '" + + ATT_BEFORE + "' in <" + Elements.CUSTOM_FILTER +">"); return ((Ordered)delegate).getOrder(); } diff --git a/core/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java b/core/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java index 8363caa5d6..181e07037c 100644 --- a/core/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java +++ b/core/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java @@ -24,6 +24,6 @@ public class SecurityNamespaceHandler extends NamespaceHandlerSupport { // Decorators registerBeanDefinitionDecorator(Elements.INTERCEPT_METHODS, new InterceptMethodsBeanDefinitionDecorator()); registerBeanDefinitionDecorator(Elements.FILTER_CHAIN_MAP, new FilterChainMapBeanDefinitionDecorator()); - registerBeanDefinitionDecorator(Elements.USER_FILTER, new OrderedFilterBeanDefinitionDecorator()); + registerBeanDefinitionDecorator(Elements.CUSTOM_FILTER, new OrderedFilterBeanDefinitionDecorator()); } } diff --git a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc index a67234e5cf..5d2ab71f7c 100644 --- a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc +++ b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc @@ -270,14 +270,14 @@ jdbc-user-service.attlist &= attribute data-source-ref {xsd:string} -user-filter = +custom-filter = ## Used to indicate that a filter bean declaration should be incorporated into the security filter chain. If neither the 'after' or 'before' options are supplied, then the filter must implement the Ordered interface directly. - element user-filter {after | before}? + element custom-filter {after | before}? after = - ## The filter immediately after which the user-filter should be placed in the chain. This feature will only be needed by advanced users who wish to mix their own filters into the security filter chain and have some knowledge of the standard Spring Security filters. The filter names map to specific Spring Security implementation filters. + ## The filter immediately after which the custom-filter should be placed in the chain. This feature will only be needed by advanced users who wish to mix their own filters into the security filter chain and have some knowledge of the standard Spring Security filters. The filter names map to specific Spring Security implementation filters. attribute after {"FIRST" | "CHANNEL_FILTER" | "CONCURRENT_SESSION_FILTER" | "SESSION_CONTEXT_INTEGRATION_FILTER" | "LOGOUT_FILTER" | "X509_FILTER" | "PRE_AUTH_FILTER" | "CAS_PROCESSING_FILTER" | "AUTHENTICATION_PROCESSING_FILTER" | "BASIC_PROCESSING_FILTER" | "SERVLET_API_SUPPORT_FILTER" | "REMEMBER_ME_FILTER" | "ANONYMOUS_FILTER" | "EXCEPTION_TRANSLATION_FILTER" | "NTLM_FILTER" | "FILTER_SECURITY_INTERCEPTOR" | "SWITCH_USER_FILTER"} before = - ## The filter immediately before which the user-filter should be placed in the chain + ## The filter immediately before which the custom-filter should be placed in the chain attribute before {"FIRST" | "CHANNEL_FILTER" | "CONCURRENT_SESSION_FILTER" | "SESSION_CONTEXT_INTEGRATION_FILTER" | "LOGOUT_FILTER" | "X509_FILTER" | "PRE_AUTH_FILTER" | "CAS_PROCESSING_FILTER" | "AUTHENTICATION_PROCESSING_FILTER" | "BASIC_PROCESSING_FILTER" | "SERVLET_API_SUPPORT_FILTER" | "REMEMBER_ME_FILTER" | "ANONYMOUS_FILTER" | "EXCEPTION_TRANSLATION_FILTER" | "NTLM_FILTER" | "FILTER_SECURITY_INTERCEPTOR" | "SWITCH_USER_FILTER"} diff --git a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd index 69e70ba3c5..722c100115 100644 --- a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd +++ b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd @@ -650,19 +650,19 @@ - + - + - + Used to indicate that a filter bean declaration should be incorporated into the security filter chain. If neither the 'after' or 'before' options are supplied, then the filter must implement the Ordered interface directly. - The filter immediately after which the user-filter should be placed in the chain. This feature will only be needed by advanced users who wish to mix their own filters into the security filter chain and have some knowledge of the standard Spring Security filters. The filter names map to specific Spring Security implementation filters. + The filter immediately after which the custom-filter should be placed in the chain. This feature will only be needed by advanced users who wish to mix their own filters into the security filter chain and have some knowledge of the standard Spring Security filters. The filter names map to specific Spring Security implementation filters. @@ -688,7 +688,7 @@ - The filter immediately before which the user-filter should be placed in the chain + The filter immediately before which the custom-filter should be placed in the chain @@ -717,7 +717,7 @@ - The filter immediately after which the user-filter should be placed in the chain. This feature will only be needed by advanced users who wish to mix their own filters into the security filter chain and have some knowledge of the standard Spring Security filters. The filter names map to specific Spring Security implementation filters. + The filter immediately after which the custom-filter should be placed in the chain. This feature will only be needed by advanced users who wish to mix their own filters into the security filter chain and have some knowledge of the standard Spring Security filters. The filter names map to specific Spring Security implementation filters. @@ -745,7 +745,7 @@ - The filter immediately before which the user-filter should be placed in the chain + The filter immediately before which the custom-filter should be placed in the chain diff --git a/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java b/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java index 2bf071d978..fc8f712cac 100644 --- a/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java +++ b/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java @@ -199,7 +199,7 @@ public class HttpSecurityBeanDefinitionParserTests { setContext( "" + AUTH_PROVIDER_XML + "" + - " " + + " " + "" + ""); List filters = getFilterChainProxy().getFilters("/someurl");