Domovská stránka Prehľadávať Pomoc
Registrovať Prihlásiť sa
github
/
spring-security
zrkadlo https://github.com/spring-projects/spring-security
2
0
Fork 0
Súbory Issues 0 Wiki
Prechádzať zdrojové kódy

SEC-1940: ProviderManager publishes any AccountStatusException

Previously there was a bug introduced by SEC-546 that prevented any
AccountStatusException from being published.

Now AccountStatusExceptions are also published.
Rob Winch 13 rokov pred
rodič
a0572418e6
commit
734188206d
2 zmenil súbory, kde vykonal 21 pridanie a 1 odobranie
Rozdelené zobrazenie Ukázať štatistiku rozdielnych dát
  1. 1 1
      core/src/main/java/org/springframework/security/authentication/ProviderManager.java
  2. 20 0
      core/src/test/java/org/springframework/security/authentication/ProviderManagerTests.java

+ 1 - 1
core/src/main/java/org/springframework/security/authentication/ProviderManager.java
Zobraziť súbor 

@@ -197,7 +197,6 @@ public class ProviderManager implements AuthenticationManager, MessageSourceAwar
 
                         new Object[] {toTest.getName()}, "No AuthenticationProvider found for {0}"));
 
         }
 
 
-        eventPublisher.publishAuthenticationFailure(lastException, authentication);
 
         prepareException(lastException, authentication);
 
 
         throw lastException;
 
@@ -205,6 +204,7 @@ public class ProviderManager implements AuthenticationManager, MessageSourceAwar
 
 
     @SuppressWarnings("deprecation")
 
     private void prepareException(AuthenticationException ex, Authentication auth) {
 
+        eventPublisher.publishAuthenticationFailure(ex, auth);
 
         ex.setAuthentication(auth);
 
 
         if (clearExtraInformation) {

+ 20 - 0
core/src/test/java/org/springframework/security/authentication/ProviderManagerTests.java
Zobraziť súbor 

@@ -267,6 +267,26 @@ public class ProviderManagerTests {
 
         verify(publisher).publishAuthenticationFailure(expected, authReq);
 
     }
 
 
+    @Test
 
+    @SuppressWarnings("deprecation")
 
+    public void statusExceptionIsPublished() throws Exception {
 
+        AuthenticationManager parent = mock(AuthenticationManager.class);
 
+        final LockedException expected = new LockedException("");
 
+        ProviderManager mgr = new ProviderManager(
 
+                Arrays.asList(createProviderWhichThrows(expected)), parent);
 
+        final Authentication authReq = mock(Authentication.class);
 
+        AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class);
 
+        mgr.setAuthenticationEventPublisher(publisher);
 
+        try {
 
+            mgr.authenticate(authReq);
 
+            fail("Expected exception");
 
+        } catch (LockedException e) {
 
+            assertSame(expected, e);
 
+            assertSame(authReq, e.getAuthentication());
 
+        }
 
+        verify(publisher).publishAuthenticationFailure(expected, authReq);
 
+    }
 
+
 
     private AuthenticationProvider createProviderWhichThrows(final AuthenticationException e) {
 
         AuthenticationProvider provider = mock(AuthenticationProvider.class);
 
         when(provider.supports(any(Class.class))).thenReturn(true);