17 жил өмнө · 358f284f42
--- a/core/src/main/java/org/springframework/security/providers/jaas/JaasAuthenticationProvider.java
+++ b/core/src/main/java/org/springframework/security/providers/jaas/JaasAuthenticationProvider.java
@@ -158,7 +158,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
 
				         Assert.hasLength(loginContextName, "loginContextName must be set on " + getClass());
			
 
				 
			
 
				         configureJaas(loginConfig);
			
 
				-
			
 
				+        
			
 
				         Assert.notNull(Configuration.getConfiguration(),
			
 
				               "As per http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html "
			
 
				             + "\"If a Configuration object was set via the Configuration.setConfiguration method, then that object is "
			
@@ -246,6 +246,9 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
 
				      */
			
 
				     protected void configureJaas(Resource loginConfig) throws IOException {
			
 
				         configureJaasUsingLoop();
			
 
				+
			
 
				+        // Overcome issue in SEC-760
			
 
				+        Configuration.getConfiguration().refresh();
			
 
				     }
			
 
				 
			
 
				     /**
			
@@ -375,7 +378,9 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
 
				      * @param token The {@link UsernamePasswordAuthenticationToken} being processed
			
 
				      */
			
 
				     protected void publishSuccessEvent(UsernamePasswordAuthenticationToken token) {
			
 
				-        applicationEventPublisher.publishEvent(new JaasAuthenticationSuccessEvent(token));
			
 
				+        if (applicationEventPublisher != null) {
			
 
				+        	applicationEventPublisher.publishEvent(new JaasAuthenticationSuccessEvent(token));
			
 
				+        }
			
 
				     }
			
 
				 
			
 
				     /**
			
--- a/core/src/test/java/org/springframework/security/providers/jaas/Sec760Tests.java
+++ b/core/src/test/java/org/springframework/security/providers/jaas/Sec760Tests.java
@@ -0,0 +1,64 @@
 
				+package org.springframework.security.providers.jaas;
			
 
				+
			
 
				+import java.net.URL;
			
 
				+import java.security.Security;
			
 
				+
			
 
				+import javax.security.auth.login.LoginContext;
			
 
				+
			
 
				+import junit.framework.Assert;
			
 
				+
			
 
				+import org.junit.Test;
			
 
				+import org.springframework.core.io.ClassPathResource;
			
 
				+import org.springframework.security.Authentication;
			
 
				+import org.springframework.security.GrantedAuthority;
			
 
				+import org.springframework.security.GrantedAuthorityImpl;
			
 
				+import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
			
 
				+
			
 
				+/**
			
 
				+ * Tests bug reported in SEC-760.
			
 
				+ * 
			
 
				+ * @author Ben Alex
			
 
				+ *
			
 
				+ */
			
 
				+public class Sec760Tests {
			
 
				+
			
 
				+	public String resolveConfigFile(String filename) {
			
 
				+        String resName = "/" + getClass().getPackage().getName().replace('.', '/') + filename;
			
 
				+        return resName;
			
 
				+	}
			
 
				+	
			
 
				+	private void testConfigureJaasCase(JaasAuthenticationProvider p1, JaasAuthenticationProvider p2) throws Exception {
			
 
				+		p1.setLoginConfig(new ClassPathResource(resolveConfigFile("/test1.conf")));
			
 
				+		p1.setLoginContextName("test1");
			
 
				+		p1.setCallbackHandlers(new JaasAuthenticationCallbackHandler[] {new TestCallbackHandler(), new JaasNameCallbackHandler(), new JaasPasswordCallbackHandler()});
			
 
				+		p1.setAuthorityGranters(new AuthorityGranter[] {new TestAuthorityGranter()});
			
 
				+		p1.afterPropertiesSet();
			
 
				+		testAuthenticate(p1);
			
 
				+
			
 
				+		p2.setLoginConfig(new ClassPathResource(resolveConfigFile("/test2.conf")));
			
 
				+		p2.setLoginContextName("test2");
			
 
				+		p2.setCallbackHandlers(new JaasAuthenticationCallbackHandler[] {new TestCallbackHandler(), new JaasNameCallbackHandler(), new JaasPasswordCallbackHandler()});
			
 
				+		p2.setAuthorityGranters(new AuthorityGranter[] {new TestAuthorityGranter()});
			
 
				+		p2.afterPropertiesSet();
			
 
				+		testAuthenticate(p2);
			
 
				+	}
			
 
				+	
			
 
				+	private void testAuthenticate(JaasAuthenticationProvider p1) {
			
 
				+        GrantedAuthorityImpl role1 = new GrantedAuthorityImpl("ROLE_1");
			
 
				+        GrantedAuthorityImpl role2 = new GrantedAuthorityImpl("ROLE_2");
			
 
				+
			
 
				+        GrantedAuthority[] defaultAuths = new GrantedAuthority[] {role1, role2,};
			
 
				+
			
 
				+        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("user", "password",
			
 
				+                defaultAuths);
			
 
				+
			
 
				+        Authentication auth = p1.authenticate(token);
			
 
				+		Assert.assertNotNull(auth);
			
 
				+	}
			
 
				+
			
 
				+	@Test
			
 
				+	public void testConfigureJaas() throws Exception {
			
 
				+		testConfigureJaasCase(new JaasAuthenticationProvider(), new JaasAuthenticationProvider());
			
 
				+	}
			
 
				+
			
 
				+}
			
--- a/core/src/test/resources/org/springframework/security/providers/jaas/test1.conf
+++ b/core/src/test/resources/org/springframework/security/providers/jaas/test1.conf
@@ -0,0 +1,3 @@
 
				+test1 {
			
 
				+    org.springframework.security.providers.jaas.TestLoginModule required;
			
 
				+};
			
--- a/core/src/test/resources/org/springframework/security/providers/jaas/test2.conf
+++ b/core/src/test/resources/org/springframework/security/providers/jaas/test2.conf
@@ -0,0 +1,3 @@
 
				+test2 {
			
 
				+    org.springframework.security.providers.jaas.TestLoginModule required;
			
 
				+};