Examples with SecurityContextHolderFilter org.springframework.security.web.context.SecurityContextHolderFilter used on opensource projects

Example 1 with SecurityContextHolderFilter

use of org.springframework.security.web.context.SecurityContextHolderFilter in project spring-security by spring-projects.

the class SecurityContextConfigurer method configure.

@Override
@SuppressWarnings("unchecked")
public void configure(H http) {
    SecurityContextRepository securityContextRepository = getSecurityContextRepository();
    if (this.requireExplicitSave) {
        SecurityContextHolderFilter securityContextHolderFilter = postProcess(new SecurityContextHolderFilter(securityContextRepository));
        http.addFilter(securityContextHolderFilter);
    } else {
        SecurityContextPersistenceFilter securityContextFilter = new SecurityContextPersistenceFilter(securityContextRepository);
        SessionManagementConfigurer<?> sessionManagement = http.getConfigurer(SessionManagementConfigurer.class);
        SessionCreationPolicy sessionCreationPolicy = (sessionManagement != null) ? sessionManagement.getSessionCreationPolicy() : null;
        if (SessionCreationPolicy.ALWAYS == sessionCreationPolicy) {
            securityContextFilter.setForceEagerSessionCreation(true);
            http.addFilter(postProcess(new ForceEagerSessionCreationFilter()));
        }
        securityContextFilter = postProcess(securityContextFilter);
        http.addFilter(securityContextFilter);
    }
}

Example 2 with SecurityContextHolderFilter

use of org.springframework.security.web.context.SecurityContextHolderFilter in project spring-security by spring-projects.

the class WebTestUtils method setSecurityContextRepository.

/**
 * Sets the {@link SecurityContextRepository} for the specified
 * {@link HttpServletRequest}.
 * @param request the {@link HttpServletRequest} to obtain the
 * {@link SecurityContextRepository}
 * @param securityContextRepository the {@link SecurityContextRepository} to set
 */
public static void setSecurityContextRepository(HttpServletRequest request, SecurityContextRepository securityContextRepository) {
    SecurityContextPersistenceFilter filter = findFilter(request, SecurityContextPersistenceFilter.class);
    if (filter != null) {
        ReflectionTestUtils.setField(filter, "repo", securityContextRepository);
    }
    SecurityContextHolderFilter holderFilter = findFilter(request, SecurityContextHolderFilter.class);
    if (holderFilter != null) {
        ReflectionTestUtils.setField(holderFilter, "securityContextRepository", securityContextRepository);
    }
}

Example 3 with SecurityContextHolderFilter

use of org.springframework.security.web.context.SecurityContextHolderFilter in project spring-security by spring-projects.

the class WebTestUtils method getSecurityContextRepository.

/**
 * Gets the {@link SecurityContextRepository} for the specified
 * {@link HttpServletRequest}. If one is not found, a default
 * {@link HttpSessionSecurityContextRepository} is used.
 * @param request the {@link HttpServletRequest} to obtain the
 * {@link SecurityContextRepository}
 * @return the {@link SecurityContextRepository} for the specified
 * {@link HttpServletRequest}
 */
public static SecurityContextRepository getSecurityContextRepository(HttpServletRequest request) {
    SecurityContextPersistenceFilter filter = findFilter(request, SecurityContextPersistenceFilter.class);
    if (filter != null) {
        return (SecurityContextRepository) ReflectionTestUtils.getField(filter, "repo");
    }
    SecurityContextHolderFilter holderFilter = findFilter(request, SecurityContextHolderFilter.class);
    if (holderFilter != null) {
        return (SecurityContextRepository) ReflectionTestUtils.getField(holderFilter, "securityContextRepository");
    }
    return DEFAULT_CONTEXT_REPO;
}