1
0
mirror of synced 2026-07-19 09:35:12 +00:00

Remove MvcRequestMatcher.afterPropertiesSet()

The validation does not work due to restrictions within the servlet
container. Specifically we cannot access the servlets that are registered.

This commit reverts the validation logic for MvcRequestMatcher to determine
if servletPath is required.

Fixes gh-4027
This commit is contained in:
Rob Winch
2016-08-19 11:12:38 -05:00
parent a070046f26
commit 9dc3242db3
4 changed files with 15 additions and 195 deletions
@@ -15,9 +15,13 @@
*/
package org.springframework.security.config.http
import javax.servlet.ServletContext
import javax.servlet.ServletRegistration
import javax.servlet.http.HttpServletResponse
import org.mockito.invocation.InvocationOnMock
import org.mockito.stubbing.Answer
import org.springframework.beans.factory.BeanCreationException
import org.springframework.beans.factory.parsing.BeanDefinitionParsingException
import org.springframework.mock.web.MockFilterChain
import org.springframework.mock.web.MockHttpServletRequest
@@ -29,10 +33,6 @@ import org.springframework.security.web.access.intercept.FilterSecurityIntercept
import org.springframework.web.bind.annotation.RequestMapping
import org.springframework.web.bind.annotation.RestController
import javax.servlet.ServletContext
import javax.servlet.ServletRegistration
import javax.servlet.http.HttpServletResponse
import static org.mockito.Mockito.*
/**
*
@@ -313,30 +313,6 @@ class InterceptUrlConfigTests extends AbstractHttpConfigTests {
response.status == HttpServletResponse.SC_UNAUTHORIZED
}
def "intercept-url mvc matchers servlet path required"() {
when:
MockServletContext servletContext = mockServletContext("/spring");
xml.http('request-matcher':'mvc') {
'http-basic'()
'intercept-url'(pattern: '/path', access: "denyAll")
}
createWebAppContext(servletContext)
then:
thrown(BeanCreationException)
}
def "intercept-url mvc matchers servlet path NOT required"() {
when:
MockServletContext servletContext = mockServletContext();
xml.http('request-matcher':'mvc') {
'http-basic'()
'intercept-url'(pattern: '/path', access: "denyAll")
}
createWebAppContext(servletContext)
then:
noExceptionThrown()
}
def "intercept-url ant matcher with servlet path fails"() {
when:
xml.http('request-matcher':'ant') {
@@ -1,89 +0,0 @@
/*
* Copyright 2012-2016 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.config.annotation.web;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.invocation.InvocationOnMock;
import org.mockito.runners.MockitoJUnitRunner;
import org.mockito.stubbing.Answer;
import org.springframework.mock.web.MockServletContext;
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
import javax.servlet.ServletContext;
import javax.servlet.ServletRegistration;
import java.util.Arrays;
import java.util.Collections;
import java.util.Map;
import static org.mockito.Mockito.*;
/**
* @author Rob Winch
*/
@RunWith(MockitoJUnitRunner.class)
public class AbstractRequestMatcherRegistryTests {
@Mock
HandlerMappingIntrospector introspector;
MvcRequestMatcher matcher;
ServletContext servletContext;
@Before
public void setup() {
servletContext = spy(new MockServletContext());
matcher = new MvcRequestMatcher(introspector, "/foo");
matcher.setServletContext(servletContext);
}
@Test(expected = IllegalStateException.class)
public void servletPathValidatingMvcRequestMatcherAfterPropertiesSetFailsWithSpringServlet() throws Exception {
setMappings("/spring");
matcher.afterPropertiesSet();
}
@Test
public void servletPathValidatingMvcRequestMatcherAfterPropertiesSetWithSpringServlet() throws Exception {
matcher.setServletPath("/spring");
setMappings("/spring");
matcher.afterPropertiesSet();
}
@Test
public void servletPathValidatingMvcRequestMatcherAfterPropertiesSetDefaultServlet() throws Exception {
setMappings("/");
matcher.afterPropertiesSet();
}
private void setMappings(String... mappings) {
final ServletRegistration registration = mock(ServletRegistration.class);
when(registration.getMappings()).thenReturn(Arrays.asList(mappings));
Answer<Map<String, ? extends ServletRegistration>> answer = new Answer<Map<String, ? extends ServletRegistration>>() {
@Override
public Map<String, ? extends ServletRegistration> answer(InvocationOnMock invocation) throws Throwable {
return Collections.<String, ServletRegistration>singletonMap("spring", registration);
}
};
when(servletContext.getServletRegistrations()).thenAnswer(answer);
}
}
@@ -15,19 +15,12 @@
*/
package org.springframework.security.config.annotation.web.configurers;
import java.util.Collections;
import java.util.Map;
import javax.servlet.ServletRegistration;
import javax.servlet.http.HttpServletResponse;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.mockito.invocation.InvocationOnMock;
import org.mockito.stubbing.Answer;
import org.springframework.beans.factory.BeanCreationException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@@ -55,9 +48,7 @@ import org.springframework.web.context.support.AnnotationConfigWebApplicationCon
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.when;
/**
* @author Rob Winch
@@ -450,20 +441,6 @@ public class AuthorizeRequestsTests {
}
}
@Test(expected = BeanCreationException.class)
public void mvcMatcherServletPathRequired() throws Exception {
final ServletRegistration registration = mock(ServletRegistration.class);
when(registration.getMappings()).thenReturn(Collections.singleton("/spring"));
Answer<Map<String, ? extends ServletRegistration>> answer = new Answer<Map<String, ? extends ServletRegistration>>() {
@Override
public Map<String, ? extends ServletRegistration> answer(InvocationOnMock invocation) throws Throwable {
return Collections.<String, ServletRegistration>singletonMap("spring", registration);
}
};
when(servletContext.getServletRegistrations()).thenAnswer(answer);
loadConfig(MvcMatcherPathServletPathRequiredConfig.class);
}
@EnableWebSecurity
@Configuration
@EnableWebMvc
@@ -16,27 +16,21 @@
package org.springframework.security.web.servlet.util.matcher;
import org.springframework.beans.factory.InitializingBean;
import java.util.Collections;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.springframework.http.HttpMethod;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.security.web.util.matcher.RequestVariablesExtractor;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.ClassUtils;
import org.springframework.util.PathMatcher;
import org.springframework.web.context.ServletContextAware;
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
import org.springframework.web.servlet.handler.MatchableHandlerMapping;
import org.springframework.web.servlet.handler.RequestMatchResult;
import org.springframework.web.util.UrlPathHelper;
import javax.servlet.ServletContext;
import javax.servlet.ServletRegistration;
import javax.servlet.http.HttpServletRequest;
import java.util.Collection;
import java.util.Collections;
import java.util.Map;
/**
* A {@link RequestMatcher} that uses Spring MVC's {@link HandlerMappingIntrospector} to
* match the path and extract variables.
@@ -44,18 +38,14 @@ import java.util.Map;
* <p>
* It is important to understand that Spring MVC's matching is relative to the servlet
* path. This means if you have mapped any servlet to a path that starts with "/" and is
* greater than one, you should also specify the {@link #setServletPath(String)}
* attribute to differentiate mappings.
* greater than one, you should also specify the {@link #setServletPath(String)} attribute
* to differentiate mappings.
* </p>
*
* @author Rob Winch
* @since 4.1.1
*/
public class MvcRequestMatcher
implements RequestMatcher, RequestVariablesExtractor, InitializingBean, ServletContextAware {
private static final boolean isServlet30 = ClassUtils.isPresent(
"javax.servlet.ServletRegistration", MvcRequestMatcher.class.getClassLoader());
public class MvcRequestMatcher implements RequestMatcher, RequestVariablesExtractor {
private final DefaultMatcher defaultMatcher = new DefaultMatcher();
@@ -63,7 +53,6 @@ public class MvcRequestMatcher
private final String pattern;
private HttpMethod method;
private String servletPath;
private ServletContext servletContext;
public MvcRequestMatcher(HandlerMappingIntrospector introspector, String pattern) {
this.introspector = introspector;
@@ -75,7 +64,8 @@ public class MvcRequestMatcher
if (this.method != null && !this.method.name().equals(request.getMethod())) {
return false;
}
if (this.servletPath != null && !this.servletPath.equals(request.getServletPath())) {
if (this.servletPath != null
&& !this.servletPath.equals(request.getServletPath())) {
return false;
}
MatchableHandlerMapping mapping = getMapping(request);
@@ -112,40 +102,6 @@ public class MvcRequestMatcher
: result.extractUriTemplateVariables();
}
/* (non-Javadoc)
* @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet()
*/
@Override
public void afterPropertiesSet() throws Exception {
// servletPath is required when at least one registered Servlet
// is mapped to a path other than the default (root) path '/'
if (this.servletContext == null || !isServlet30) {
return;
}
if (this.getServletPath() != null) {
return;
}
for (ServletRegistration registration : this.servletContext.getServletRegistrations().values()) {
for (String mapping : registration.getMappings()) {
if (mapping.startsWith("/") && mapping.length() > 1) {
throw new IllegalStateException(
"servletPath must not be null for mvcPattern \"" + this.getMvcPattern()
+ "\" when providing a servlet mapping of "
+ mapping + " for servlet "
+ registration.getClassName());
}
}
}
}
/* (non-Javadoc)
* @see org.springframework.web.context.ServletContextAware#setServletContext(javax.servlet.ServletContext)
*/
@Override
public void setServletContext(ServletContext servletContext) {
this.servletContext = servletContext;
}
/**
* @param method the method to set
*/