首页 发现 帮助
注册 登录
github
/
spring-security
镜像自地址 https://github.com/spring-projects/spring-security
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

Polish userNotFoundEncodedPassword

Ensure that if passwordEncoder is set that userNotFoundEncodedPassword
is encoded again if already set.

Issue: gh-4915
Rob Winch 7 年之前
父节点
fd78d055aa
当前提交
6ba225b62d
共有 2 个文件被更改,包括 31 次插入0 次删除
合并视图 显示文件统计
  1. 1 0
      core/src/main/java/org/springframework/security/authentication/dao/DaoAuthenticationProvider.java
  2. 30 0
      core/src/test/java/org/springframework/security/authentication/dao/DaoAuthenticationProviderTests.java

+ 1 - 0
core/src/main/java/org/springframework/security/authentication/dao/DaoAuthenticationProvider.java
查看文件 

@@ -149,6 +149,7 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
 
 	public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
 
 	public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
 
 		Assert.notNull(passwordEncoder, "passwordEncoder cannot be null");
 
 		Assert.notNull(passwordEncoder, "passwordEncoder cannot be null");
 
 		this.passwordEncoder = passwordEncoder;
 
 		this.passwordEncoder = passwordEncoder;
 
+		this.userNotFoundEncodedPassword = null;
 
 	}
 
 	}
 
 
 
 	protected PasswordEncoder getPasswordEncoder() {
 
 	protected PasswordEncoder getPasswordEncoder() {

+ 30 - 0
core/src/test/java/org/springframework/security/authentication/dao/DaoAuthenticationProviderTests.java
查看文件 

@@ -50,6 +50,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
 
 import org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache;
 
 import org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache;
 
 import org.springframework.security.core.userdetails.cache.NullUserCache;
 
 import org.springframework.security.core.userdetails.cache.NullUserCache;
 
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
+import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 
 import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 
 import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 
 import org.springframework.security.crypto.password.PasswordEncoder;
 
 import org.springframework.security.crypto.password.PasswordEncoder;
 
 
 
@@ -280,6 +281,35 @@ public class DaoAuthenticationProviderTests {
 
 		}
 
 		}
 
 	}
 
 	}
 
 
 
+	@Test
 
+	public void testAuthenticateFailsWithInvalidUsernameAndChangePasswordEncoder() {
 
+		UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
 
+			"INVALID_USER", "koala");
 
+
 
+		DaoAuthenticationProvider provider = createProvider();
 
+		assertThat(provider.isHideUserNotFoundExceptions()).isTrue();
 
+		provider.setUserDetailsService(new MockAuthenticationDaoUserrod());
 
+		provider.setUserCache(new MockUserCache());
 
+
 
+		try {
 
+			provider.authenticate(token);
 
+			fail("Should have thrown BadCredentialsException");
 
+		}
 
+		catch (BadCredentialsException expected) {
 
+
 
+		}
 
+
 
+		provider.setPasswordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder());
 
+
 
+		try {
 
+			provider.authenticate(token);
 
+			fail("Should have thrown BadCredentialsException");
 
+		}
 
+		catch (BadCredentialsException expected) {
 
+
 
+		}
 
+	}
 
+
 
 	@Test
 
 	@Test
 
 	public void testAuthenticateFailsWithMixedCaseUsernameIfDefaultChanged() {
 
 	public void testAuthenticateFailsWithMixedCaseUsernameIfDefaultChanged() {
 
 		UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
 
 		UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(