use of org.springframework.security.web.access.channel.SecureChannelProcessor in project spring-security by spring-projects.
the class SecureChannelProcessorTests method testDecideDetectsUnacceptableChannel.
@Test
public void testDecideDetectsUnacceptableChannel() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("info=true");
request.setServerName("localhost");
request.setContextPath("/bigapp");
request.setServletPath("/servlet");
request.setScheme("http");
request.setServerPort(8080);
MockHttpServletResponse response = new MockHttpServletResponse();
FilterInvocation fi = new FilterInvocation(request, response, mock(FilterChain.class));
SecureChannelProcessor processor = new SecureChannelProcessor();
processor.decide(fi, SecurityConfig.createList(new String[] { "SOME_IGNORED_ATTRIBUTE", "REQUIRES_SECURE_CHANNEL" }));
assertThat(fi.getResponse().isCommitted()).isTrue();
}
use of org.springframework.security.web.access.channel.SecureChannelProcessor in project spring-security by spring-projects.
the class SecureChannelProcessorTests method testMissingSecureChannelKeyword.
@Test
public void testMissingSecureChannelKeyword() throws Exception {
SecureChannelProcessor processor = new SecureChannelProcessor();
processor.setSecureKeyword(null);
try {
processor.afterPropertiesSet();
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertThat(expected.getMessage()).isEqualTo("secureKeyword required");
}
processor.setSecureKeyword("");
try {
processor.afterPropertiesSet();
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertThat(expected.getMessage()).isEqualTo("secureKeyword required");
}
}
use of org.springframework.security.web.access.channel.SecureChannelProcessor in project spring-security by spring-projects.
the class SecureChannelProcessorTests method testSupports.
@Test
public void testSupports() {
SecureChannelProcessor processor = new SecureChannelProcessor();
assertThat(processor.supports(new SecurityConfig("REQUIRES_SECURE_CHANNEL"))).isTrue();
assertThat(processor.supports(null)).isFalse();
assertThat(processor.supports(new SecurityConfig("NOT_SUPPORTED"))).isFalse();
}
use of org.springframework.security.web.access.channel.SecureChannelProcessor in project spring-security by spring-projects.
the class SecureChannelProcessorTests method testMissingEntryPoint.
@Test
public void testMissingEntryPoint() throws Exception {
SecureChannelProcessor processor = new SecureChannelProcessor();
processor.setEntryPoint(null);
try {
processor.afterPropertiesSet();
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertThat(expected.getMessage()).isEqualTo("entryPoint required");
}
}
use of org.springframework.security.web.access.channel.SecureChannelProcessor in project spring-security by spring-projects.
the class ChannelSecurityConfigurer method getChannelProcessors.
private List<ChannelProcessor> getChannelProcessors(H http) {
if (channelProcessors != null) {
return channelProcessors;
}
InsecureChannelProcessor insecureChannelProcessor = new InsecureChannelProcessor();
SecureChannelProcessor secureChannelProcessor = new SecureChannelProcessor();
PortMapper portMapper = http.getSharedObject(PortMapper.class);
if (portMapper != null) {
RetryWithHttpEntryPoint httpEntryPoint = new RetryWithHttpEntryPoint();
httpEntryPoint.setPortMapper(portMapper);
insecureChannelProcessor.setEntryPoint(httpEntryPoint);
RetryWithHttpsEntryPoint httpsEntryPoint = new RetryWithHttpsEntryPoint();
httpsEntryPoint.setPortMapper(portMapper);
secureChannelProcessor.setEntryPoint(httpsEntryPoint);
}
insecureChannelProcessor = postProcess(insecureChannelProcessor);
secureChannelProcessor = postProcess(secureChannelProcessor);
return Arrays.<ChannelProcessor>asList(insecureChannelProcessor, secureChannelProcessor);
}
Aggregations