SEC-1668: Allow customization of username parameter in SwitchUserFilter.
This commit is contained in:
Luke Taylor
parent
6d04670f87
commit
ec97b70df9
|
|
@ -115,6 +115,7 @@ public class SwitchUserFilter extends GenericFilterBean implements ApplicationEv
|
||||||
private String switchUserUrl = "/j_spring_security_switch_user";
|
private String switchUserUrl = "/j_spring_security_switch_user";
|
||||||
private String targetUrl;
|
private String targetUrl;
|
||||||
private String switchFailureUrl;
|
private String switchFailureUrl;
|
||||||
|
private String usernameParameter = SPRING_SECURITY_SWITCH_USERNAME_KEY;
|
||||||
private SwitchUserAuthorityChanger switchUserAuthorityChanger;
|
private SwitchUserAuthorityChanger switchUserAuthorityChanger;
|
||||||
private UserDetailsService userDetailsService;
|
private UserDetailsService userDetailsService;
|
||||||
private UserDetailsChecker userDetailsChecker = new AccountStatusUserDetailsChecker();
|
private UserDetailsChecker userDetailsChecker = new AccountStatusUserDetailsChecker();
|
||||||
|
|
@ -193,7 +194,7 @@ public class SwitchUserFilter extends GenericFilterBean implements ApplicationEv
|
||||||
protected Authentication attemptSwitchUser(HttpServletRequest request) throws AuthenticationException {
|
protected Authentication attemptSwitchUser(HttpServletRequest request) throws AuthenticationException {
|
||||||
UsernamePasswordAuthenticationToken targetUserRequest;
|
UsernamePasswordAuthenticationToken targetUserRequest;
|
||||||
|
|
||||||
String username = request.getParameter(SPRING_SECURITY_SWITCH_USERNAME_KEY);
|
String username = request.getParameter(usernameParameter);
|
||||||
|
|
||||||
if (username == null) {
|
if (username == null) {
|
||||||
username = "";
|
username = "";
|
||||||
|
|
@ -474,6 +475,15 @@ public class SwitchUserFilter extends GenericFilterBean implements ApplicationEv
|
||||||
this.userDetailsChecker = userDetailsChecker;
|
this.userDetailsChecker = userDetailsChecker;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Allows the parameter containing the username to be customized.
|
||||||
|
*
|
||||||
|
* @param usernameParameter the parameter name. Defaults to {@code j_username}
|
||||||
|
*/
|
||||||
|
public void setUsernameParameter(String usernameParameter) {
|
||||||
|
this.usernameParameter = usernameParameter;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Strips any content after the ';' in the request URI
|
* Strips any content after the ';' in the request URI
|
||||||
*
|
*
|
||||||
|
|
|
||||||
|
|
@ -74,9 +74,10 @@ public class SwitchUserFilterTests {
|
||||||
|
|
||||||
private Authentication switchToUser(String name) {
|
private Authentication switchToUser(String name) {
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||||
request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, name);
|
request.addParameter("myUsernameParameter", name);
|
||||||
|
|
||||||
SwitchUserFilter filter = new SwitchUserFilter();
|
SwitchUserFilter filter = new SwitchUserFilter();
|
||||||
|
filter.setUsernameParameter("myUsernameParameter");
|
||||||
filter.setUserDetailsService(new MockUserDetailsService());
|
filter.setUserDetailsService(new MockUserDetailsService());
|
||||||
|
|
||||||
return filter.attemptSwitchUser(request);
|
return filter.attemptSwitchUser(request);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue