Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Saving security context between requests

Anubhav Ahlawat 2 years ago
parent
537e10cf9c
commit
52b87f339c
1 changed files with 5 additions and 1 deletions
Unified View Show Diff Stats
  1. 5 1
      cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java

+ 5 - 1
cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java
View File 

@@ -42,6 +42,7 @@ import org.springframework.security.web.authentication.AbstractAuthenticationPro
 
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
 
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
 
 import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
 
 import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
 
+import org.springframework.security.web.context.SecurityContextRepository;
 
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
 import org.springframework.security.web.util.matcher.RequestMatcher;
 
 import org.springframework.security.web.util.matcher.RequestMatcher;
 
 import org.springframework.util.Assert;
 
 import org.springframework.util.Assert;
 
@@ -192,10 +193,12 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
 
 
 
 	private AuthenticationFailureHandler proxyFailureHandler = new SimpleUrlAuthenticationFailureHandler();
 
 	private AuthenticationFailureHandler proxyFailureHandler = new SimpleUrlAuthenticationFailureHandler();
 
 
 
+	private SecurityContextRepository securityContextRepository= new HttpSessionSecurityContextRepository();
 
+
 
 	public CasAuthenticationFilter() {
 
 	public CasAuthenticationFilter() {
 
 		super("/login/cas");
 
 		super("/login/cas");
 
 		setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler());
 
 		setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler());
 
-		setSecurityContextRepository(new HttpSessionSecurityContextRepository());
 
+		setSecurityContextRepository(this.securityContextRepository);
 
 	}
 
 	}
 
 
 
 	@Override
 
 	@Override
 
@@ -211,6 +214,7 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
 
 		SecurityContext context = SecurityContextHolder.createEmptyContext();
 
 		SecurityContext context = SecurityContextHolder.createEmptyContext();
 
 		context.setAuthentication(authResult);
 
 		context.setAuthentication(authResult);
 
 		SecurityContextHolder.setContext(context);
 
 		SecurityContextHolder.setContext(context);
 
+		this.securityContextRepository.saveContext(context,request,response);
 
 		if (this.eventPublisher != null) {
 
 		if (this.eventPublisher != null) {
 
 			this.eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authResult, this.getClass()));
 
 			this.eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authResult, this.getClass()));
 
 		}
 
 		}