|
@@ -2,15 +2,22 @@ package org.springframework.security.web.authentication;
|
|
|
|
|
|
|
|
import static org.mockito.Mockito.mock;
|
|
import static org.mockito.Mockito.mock;
|
|
|
|
|
|
|
|
|
|
+import java.io.IOException;
|
|
|
|
|
+import java.util.Locale;
|
|
|
|
|
+
|
|
|
import javax.servlet.FilterChain;
|
|
import javax.servlet.FilterChain;
|
|
|
|
|
+import javax.servlet.ServletException;
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
import javax.servlet.http.HttpServletResponse;
|
|
import javax.servlet.http.HttpServletResponse;
|
|
|
|
|
|
|
|
import org.junit.Test;
|
|
import org.junit.Test;
|
|
|
|
|
+import org.springframework.context.support.MessageSourceAccessor;
|
|
|
import org.springframework.mock.web.MockHttpServletRequest;
|
|
import org.springframework.mock.web.MockHttpServletRequest;
|
|
|
import org.springframework.mock.web.MockHttpServletResponse;
|
|
import org.springframework.mock.web.MockHttpServletResponse;
|
|
|
|
|
+import org.springframework.security.authentication.BadCredentialsException;
|
|
|
import org.springframework.security.core.Authentication;
|
|
import org.springframework.security.core.Authentication;
|
|
|
import org.springframework.security.core.AuthenticationException;
|
|
import org.springframework.security.core.AuthenticationException;
|
|
|
|
|
+import org.springframework.security.core.SpringSecurityMessageSource;
|
|
|
import org.springframework.security.web.FilterChainOrder;
|
|
import org.springframework.security.web.FilterChainOrder;
|
|
|
import org.springframework.security.web.authentication.AbstractProcessingFilter;
|
|
import org.springframework.security.web.authentication.AbstractProcessingFilter;
|
|
|
import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
|
|
import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
|
|
@@ -57,4 +64,19 @@ public class DefaultLoginPageGeneratingFilterTests {
|
|
|
return "unused";
|
|
return "unused";
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
|
|
+
|
|
|
|
|
+ /* SEC-1111 */
|
|
|
|
|
+ @Test
|
|
|
|
|
+ public void handlesNonIso8859CharsInErrorMessage() throws Exception {
|
|
|
|
|
+ DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new AuthenticationProcessingFilter());
|
|
|
|
|
+ MockHttpServletRequest request = new MockHttpServletRequest("GET", "/spring_security_login");
|
|
|
|
|
+ request.addParameter("login_error", "true");
|
|
|
|
|
+ MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
|
|
|
|
|
+ String message = messages.getMessage(
|
|
|
|
|
+ "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials", Locale.KOREA);
|
|
|
|
|
+ System.out.println("Message: " + message);
|
|
|
|
|
+ request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, new BadCredentialsException(message));
|
|
|
|
|
+
|
|
|
|
|
+ filter.doFilter(request, new MockHttpServletResponse(), chain);
|
|
|
|
|
+ }
|
|
|
}
|
|
}
|
Luke Taylor