Accueil Explorer Aide
S'inscrire Connexion
github
/
spring-security
miroir de https://github.com/spring-projects/spring-security
2
0
Fork 0
Fichiers Tickets 0 Wiki
Parcourir la source

Merge branch '5.7.x' into 5.8.x

Closes gh-14664
Marcus Hert Da Coregio il y a 1 an
Parent
3b355a0278 5a7f12f1a9
commit
2c9dc08e43
2 fichiers modifiés avec 4 ajouts et 1 suppressions
Vue séparée Afficher les stats Diff
  1. 1 1
      core/src/main/java/org/springframework/security/access/vote/AuthenticatedVoter.java
  2. 3 0
      core/src/test/java/org/springframework/security/access/vote/AuthenticatedVoterTests.java

+ 1 - 1
core/src/main/java/org/springframework/security/access/vote/AuthenticatedVoter.java
Voir le fichier 

@@ -61,7 +61,7 @@ public class AuthenticatedVoter implements AccessDecisionVoter<Object> {
 
 	private AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl();
 
 
 	private boolean isFullyAuthenticated(Authentication authentication) {
 
-		return (!this.authenticationTrustResolver.isAnonymous(authentication)
 
+		return authentication != null && (!this.authenticationTrustResolver.isAnonymous(authentication)
 
 				&& !this.authenticationTrustResolver.isRememberMe(authentication));
 
 	}

+ 3 - 0
core/src/test/java/org/springframework/security/access/vote/AuthenticatedVoterTests.java
Voir le fichier 

@@ -59,6 +59,7 @@ public class AuthenticatedVoterTests {
 
 		assertThat(AccessDecisionVoter.ACCESS_GRANTED).isEqualTo(voter.vote(createAnonymous(), null, def));
 
 		assertThat(AccessDecisionVoter.ACCESS_GRANTED).isEqualTo(voter.vote(createRememberMe(), null, def));
 
 		assertThat(AccessDecisionVoter.ACCESS_GRANTED).isEqualTo(voter.vote(createFullyAuthenticated(), null, def));
 
+		assertThat(AccessDecisionVoter.ACCESS_DENIED).isEqualTo(voter.vote(null, null, def));
 
 	}
 
 
 	@Test
 
@@ -68,6 +69,7 @@ public class AuthenticatedVoterTests {
 
 		assertThat(AccessDecisionVoter.ACCESS_DENIED).isEqualTo(voter.vote(createAnonymous(), null, def));
 
 		assertThat(AccessDecisionVoter.ACCESS_DENIED).isEqualTo(voter.vote(createRememberMe(), null, def));
 
 		assertThat(AccessDecisionVoter.ACCESS_GRANTED).isEqualTo(voter.vote(createFullyAuthenticated(), null, def));
 
+		assertThat(AccessDecisionVoter.ACCESS_DENIED).isEqualTo(voter.vote(null, null, def));
 
 	}
 
 
 	@Test
 
@@ -77,6 +79,7 @@ public class AuthenticatedVoterTests {
 
 		assertThat(AccessDecisionVoter.ACCESS_DENIED).isEqualTo(voter.vote(createAnonymous(), null, def));
 
 		assertThat(AccessDecisionVoter.ACCESS_GRANTED).isEqualTo(voter.vote(createRememberMe(), null, def));
 
 		assertThat(AccessDecisionVoter.ACCESS_GRANTED).isEqualTo(voter.vote(createFullyAuthenticated(), null, def));
 
+		assertThat(AccessDecisionVoter.ACCESS_DENIED).isEqualTo(voter.vote(null, null, def));
 
 	}
 
 
 	@Test