Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

SEC-1225: Use bean references for authentication providers. Updated AuthenticationManagerBDP to regsiter the providers as top level beans.

Luke Taylor 16 years ago
parent
24911eb606
commit
579644fa95
2 changed files with 20 additions and 1 deletions
Split View Show Diff Stats
  1. 3 1
      config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParser.java
  2. 17 0
      config/src/test/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParserTests.java

+ 3 - 1
config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParser.java
View File 

@@ -60,7 +60,9 @@ public class AuthenticationManagerBeanDefinitionParser implements BeanDefinition
 
                 } else {
 
                     BeanDefinition provider = resolver.resolve(providerElt.getNamespaceURI()).parse(providerElt, pc);
 
                     Assert.notNull(provider, "Parser for " + providerElt.getNodeName() + " returned a null bean definition");
 
-                    providers.add(provider);
 
+                    String id = pc.getReaderContext().registerWithGeneratedName(provider);
 
+                    pc.registerBeanComponent(new BeanComponentDefinition(provider, id));
 
+                    providers.add(new RuntimeBeanReference(id));
 
                 }
 
             }
 
         }

+ 17 - 0
config/src/test/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParserTests.java
View File 

@@ -1,8 +1,11 @@
 
 package org.springframework.security.config.authentication;
 
 
+import static org.junit.Assert.*;
 
+
 
 import org.junit.Test;
 
 import org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException;
 
 import org.springframework.context.support.AbstractXmlApplicationContext;
 
+import org.springframework.security.authentication.AuthenticationProvider;
 
 import org.springframework.security.authentication.concurrent.ConcurrentSessionControllerImpl;
 
 import org.springframework.security.authentication.concurrent.SessionRegistryImpl;
 
 import org.springframework.security.config.BeanIds;
 
@@ -23,6 +26,20 @@ public class AuthenticationManagerBeanDefinitionParserTests {
 
         "  </b:property>" +
 
         "</b:bean>";
 
 
+    @Test
 
+    // SEC-1225
 
+    public void providersAreRegisteredAsTopLevelBeans() throws Exception {
 
+        setContext(
 
+          "<authentication-manager>" +
 
+          "    <authentication-provider>" +
 
+          "        <user-service>" +
 
+          "            <user name='bob' password='bobspassword' authorities='ROLE_A,ROLE_B' />" +
 
+          "        </user-service>" +
 
+          "    </authentication-provider>" +
 
+          "</authentication-manager>" + SESSION_CONTROLLER, "3.0");
 
+        assertEquals(1, appContext.getBeansOfType(AuthenticationProvider.class).size());
 
+    }
 
+
 
     @Test(expected=XmlBeanDefinitionStoreException.class)
 
     public void sessionControllerRefAttributeIsRejectedFor30Context() throws Exception {
 
         setContext(