Home Verkennen Help
Registreren Inloggen
github
/
spring-security
spiegel van https://github.com/spring-projects/spring-security
2
0
Vork 0
Bestanden Issues 0 Wiki
Bladeren bron

SEC-519: Fix. Changed notNull() assertion for "key" parameter to hasText() to prevent the use of empty keys.

Luke Taylor 18 jaren geleden
bovenliggende
1c72b7989e
commit
57f3d268a1
1 gewijzigde bestanden met toevoegingen van 1 en 1 verwijderingen
Zij-aan-zij weergave Toon Diff Stats
  1. 1 1
      core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationProvider.java

+ 1 - 1
core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationProvider.java
Bestand weergeven 

@@ -70,7 +70,7 @@ public class CasAuthenticationProvider implements AuthenticationProvider, Initia
 
         Assert.notNull(this.ticketValidator, "A ticketValidator must be set");
 
         Assert.notNull(this.casProxyDecider, "A casProxyDecider must be set");
 
         Assert.notNull(this.statelessTicketCache, "A statelessTicketCache must be set");
 
-        Assert.notNull(this.key, "A Key is required so CasAuthenticationProvider can identify tokens it previously authenticated");
 
+        Assert.hasText(this.key, "A Key is required so CasAuthenticationProvider can identify tokens it previously authenticated");
 
         Assert.notNull(this.messages, "A message source must be set");
 
     }