root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 24 Packages Projects Releases Wiki Activity

SEC-725: PasswordEncoderParser: <security:password-encoder> element does not pick up 'base64' attribute value 

http://jira.springframework.org/browse/SEC-725. Added fix as recommended in issue.
This commit is contained in:
Luke Taylor 2008-03-23 22:38:13 +00:00
parent b54e3978dc
commit fe0e05a6c8
2 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
core/src/main/java/org/springframework/security/config/PasswordEncoderParser.java
View File

@ -55,14 +55,17 @@ public class PasswordEncoderParser {
private BeanMetadataElement passwordEncoder; private BeanMetadataElement passwordEncoder;
private BeanDefinition saltSource; private BeanDefinition saltSource;
public PasswordEncoderParser(Element element, ParserContext parserContext) { public PasswordEncoderParser(Element element, ParserContext parserContext) {
parse(element, parserContext); parse(element, parserContext);
} }
private void parse(Element element, ParserContext parserContext) { private void parse(Element element, ParserContext parserContext) {
String hash = element.getAttribute(ATT_HASH); String hash = element.getAttribute(ATT_HASH);
boolean useBase64 = StringUtils.hasText(element.getAttribute(ATT_BASE_64)); boolean useBase64 = false;
if (StringUtils.hasText(element.getAttribute(ATT_BASE_64))) {
useBase64 = Boolean.parseBoolean(element.getAttribute(ATT_BASE_64));
}
String ref = element.getAttribute(ATT_REF); String ref = element.getAttribute(ATT_REF);
@ -73,10 +76,10 @@ public class PasswordEncoderParser {
RootBeanDefinition beanDefinition = new RootBeanDefinition(beanClass); RootBeanDefinition beanDefinition = new RootBeanDefinition(beanClass);
beanDefinition.setSource(parserContext.extractSource(element)); beanDefinition.setSource(parserContext.extractSource(element));
if (useBase64) { if (useBase64) {
if (beanClass.isAssignableFrom(BaseDigestPasswordEncoder.class)) { if (BaseDigestPasswordEncoder.class.isAssignableFrom(beanClass)) {
beanDefinition.getPropertyValues().addPropertyValue("encodeHashAsBase64", "true"); beanDefinition.getPropertyValues().addPropertyValue("encodeHashAsBase64", "true");
} else { } else {
logger.warn(ATT_BASE_64 + " isn't compatible with " + OPT_HASH_LDAP_SHA + " and will be ignored"); logger.warn(ATT_BASE_64 + " isn't compatible with " + hash + " and will be ignored");
} }
} }
passwordEncoder = beanDefinition; passwordEncoder = beanDefinition;

12
core/src/test/java/org/springframework/security/config/AuthenticationProviderBeanDefinitionParserTests.java
View File

@ -72,19 +72,17 @@ public class AuthenticationProviderBeanDefinitionParserTests {
} }
@Test @Test
public void worksWithJdbcUserService() throws Exception { public void passwordIsBase64EncodedWhenBase64IsEnabled() throws Exception {
setContext(" <authentication-provider>" + setContext(" <authentication-provider>" +
" <password-encoder hash='{sha}'/>" + " <password-encoder hash='md5' base64='true'/>" +
" <user-service>" + " <user-service>" +
" <user name='bob' password='{SSHA}PpuEwfdj7M1rs0C2W4ssSM2XEN/Y6S5U' authorities='ROLE_A' />" + " <user name='bob' password='ErFB811YuLOkbupl5qwXng==' authorities='ROLE_A' />" +
" </user-service>" + " </user-service>" +
" </authentication-provider>"); " </authentication-provider>");
getProvider().authenticate(bob); getProvider().authenticate(bob);
} }
@Test @Test
public void externalUserServiceAndPasswordEncoderWork() throws Exception { public void externalUserServiceAndPasswordEncoderWork() throws Exception {
setContext(" <authentication-provider user-service-ref='customUserService'>" + setContext(" <authentication-provider user-service-ref='customUserService'>" +