10 vuotta sitten · 821333434d
--- a/core/src/main/resources/org/springframework/security/messages_en.properties
+++ b/core/src/main/resources/org/springframework/security/messages_en.properties
@@ -0,0 +1,47 @@
 
				+AbstractAccessDecisionManager.accessDenied=Access is denied
			
 
				+AbstractLdapAuthenticationProvider.emptyPassword=Empty Password
			
 
				+AbstractSecurityInterceptor.authenticationNotFound=An Authentication object was not found in the SecurityContext
			
 
				+AbstractUserDetailsAuthenticationProvider.badCredentials=Bad credentials
			
 
				+AbstractUserDetailsAuthenticationProvider.credentialsExpired=User credentials have expired
			
 
				+AbstractUserDetailsAuthenticationProvider.disabled=User is disabled
			
 
				+AbstractUserDetailsAuthenticationProvider.expired=User account has expired
			
 
				+AbstractUserDetailsAuthenticationProvider.locked=User account is locked
			
 
				+AbstractUserDetailsAuthenticationProvider.onlySupports=Only UsernamePasswordAuthenticationToken is supported
			
 
				+AccountStatusUserDetailsChecker.credentialsExpired=User credentials have expired
			
 
				+AccountStatusUserDetailsChecker.disabled=User is disabled
			
 
				+AccountStatusUserDetailsChecker.expired=User account has expired
			
 
				+AccountStatusUserDetailsChecker.locked=User account is locked
			
 
				+AclEntryAfterInvocationProvider.noPermission=Authentication {0} has NO permissions to the domain object {1}
			
 
				+AnonymousAuthenticationProvider.incorrectKey=The presented AnonymousAuthenticationToken does not contain the expected key
			
 
				+BindAuthenticator.badCredentials=Bad credentials
			
 
				+BindAuthenticator.emptyPassword=Empty Password
			
 
				+CasAuthenticationProvider.incorrectKey=The presented CasAuthenticationToken does not contain the expected key
			
 
				+CasAuthenticationProvider.noServiceTicket=Failed to provide a CAS service ticket to validate
			
 
				+ConcurrentSessionControlStrategy.exceededAllowed=Maximum sessions of {0} for this principal exceeded
			
 
				+DigestAuthenticationFilter.incorrectRealm=Response realm name {0} does not match system realm name of {1}
			
 
				+DigestAuthenticationFilter.incorrectResponse=Incorrect response
			
 
				+DigestAuthenticationFilter.missingAuth=Missing mandatory digest value for 'auth' QOP; received header {0}
			
 
				+DigestAuthenticationFilter.missingMandatory=Missing mandatory digest value; received header {0}
			
 
				+DigestAuthenticationFilter.nonceCompromised=Nonce token compromised {0}
			
 
				+DigestAuthenticationFilter.nonceEncoding=Nonce is not encoded in Base64; received nonce {0}
			
 
				+DigestAuthenticationFilter.nonceExpired=Nonce has expired/timed out
			
 
				+DigestAuthenticationFilter.nonceNotNumeric=Nonce token should have yielded a numeric first token, but was {0}
			
 
				+DigestAuthenticationFilter.nonceNotTwoTokens=Nonce should have yielded two tokens but was {0}
			
 
				+DigestAuthenticationFilter.usernameNotFound=Username {0} not found
			
 
				+JdbcDaoImpl.noAuthority=User {0} has no GrantedAuthority
			
 
				+JdbcDaoImpl.notFound=User {0} not found
			
 
				+LdapAuthenticationProvider.badCredentials=Bad credentials
			
 
				+LdapAuthenticationProvider.credentialsExpired=User credentials have expired
			
 
				+LdapAuthenticationProvider.disabled=User is disabled
			
 
				+LdapAuthenticationProvider.expired=User account has expired
			
 
				+LdapAuthenticationProvider.locked=User account is locked
			
 
				+LdapAuthenticationProvider.emptyUsername=Empty username not allowed
			
 
				+LdapAuthenticationProvider.onlySupports=Only UsernamePasswordAuthenticationToken is supported
			
 
				+PasswordComparisonAuthenticator.badCredentials=Bad credentials
			
 
				+PersistentTokenBasedRememberMeServices.cookieStolen=Invalid remember-me token (Series/token) mismatch. Implies previous cookie theft attack.
			
 
				+ProviderManager.providerNotFound=No AuthenticationProvider found for {0}
			
 
				+RememberMeAuthenticationProvider.incorrectKey=The presented RememberMeAuthenticationToken does not contain the expected key
			
 
				+RunAsImplAuthenticationProvider.incorrectKey=The presented RunAsUserToken does not contain the expected key
			
 
				+SubjectDnX509PrincipalExtractor.noMatching=No matching pattern was found in subjectDN: {0}
			
 
				+SwitchUserFilter.noCurrentUser=No current user associated with this request
			
 
				+SwitchUserFilter.noOriginalAuthentication=Could not find original Authentication object
			
--- a/core/src/test/java/org/springframework/security/core/SpringSecurityMessageSourceTests.java
+++ b/core/src/test/java/org/springframework/security/core/SpringSecurityMessageSourceTests.java
@@ -51,4 +51,21 @@ public class SpringSecurityMessageSourceTests extends TestCase {
 
				 		// Revert to original Locale
			
 
				 		LocaleContextHolder.setLocale(before);
			
 
				 	}
			
 
				+
			
 
				+	// SEC-3013
			
 
				+	public void germanSystemLocaleWithEnglishLocaleContextHolder() {
			
 
				+		Locale beforeSystem = Locale.getDefault();
			
 
				+		Locale.setDefault(Locale.GERMAN);
			
 
				+
			
 
				+		Locale beforeHolder = LocaleContextHolder.getLocale();
			
 
				+		LocaleContextHolder.setLocale(Locale.US);
			
 
				+
			
 
				+		MessageSourceAccessor msgs = SpringSecurityMessageSource.getAccessor();
			
 
				+		assertEquals("Access is denied", msgs.getMessage(
			
 
				+				"AbstractAccessDecisionManager.accessDenied", "Ooops"));
			
 
				+
			
 
				+		// Revert to original Locale
			
 
				+		Locale.setDefault(beforeSystem);
			
 
				+		LocaleContextHolder.setLocale(beforeHolder);
			
 
				+	}
			
 
				 }