2 жил өмнө · 2e92dad761
--- a/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilter.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilter.java
@@ -59,6 +59,7 @@ import org.springframework.security.web.authentication.AuthenticationSuccessHand
 
				 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
			
 
				 import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
			
 
				 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
			
 
				+import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
			
 
				 import org.springframework.security.web.context.RequestAttributeSecurityContextRepository;
			
 
				 import org.springframework.security.web.context.SecurityContextRepository;
			
 
				 import org.springframework.security.web.util.UrlUtils;
			
@@ -148,7 +149,7 @@ public class SwitchUserFilter extends GenericFilterBean implements ApplicationEv
 
				 
			
 
				 	private AuthenticationFailureHandler failureHandler;
			
 
				 
			
 
				-	private SecurityContextRepository securityContextRepository = new RequestAttributeSecurityContextRepository();
			
 
				+	private SecurityContextRepository securityContextRepository = new HttpSessionSecurityContextRepository();
			
 
				 
			
 
				 	@Override
			
 
				 	public void afterPropertiesSet() {
			
--- a/web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilterTests.java
+++ b/web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilterTests.java
@@ -50,7 +50,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
 
				 import org.springframework.security.util.FieldUtils;
			
 
				 import org.springframework.security.web.DefaultRedirectStrategy;
			
 
				 import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
			
 
				-import org.springframework.security.web.context.RequestAttributeSecurityContextRepository;
			
 
				+import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
			
 
				 import org.springframework.security.web.context.SecurityContextRepository;
			
 
				 import org.springframework.security.web.util.matcher.AnyRequestMatcher;
			
 
				 import org.springframework.test.util.ReflectionTestUtils;
			
@@ -511,10 +511,10 @@ public class SwitchUserFilterTests {
 
				 	}
			
 
				 
			
 
				 	@Test
			
 
				-	void filterWhenDefaultSecurityContextRepositoryThenRequestAttributeRepository() {
			
 
				+	void filterWhenDefaultSecurityContextRepositoryThenHttpSessionRepository() {
			
 
				 		SwitchUserFilter switchUserFilter = new SwitchUserFilter();
			
 
				 		assertThat(ReflectionTestUtils.getField(switchUserFilter, "securityContextRepository"))
			
 
				-				.isInstanceOf(RequestAttributeSecurityContextRepository.class);
			
 
				+				.isInstanceOf(HttpSessionSecurityContextRepository.class);
			
 
				 	}
			
 
				 
			
 
				 	@Test