Commit Graph

11 Commits (7caf39400c6adeedbeb015ad3afece9c8ec02e23)

Author SHA1 Message Date
Spring Buildmaster 3f6f57a80e Next Development Version 9 years ago
Andy Wilkinson d9d4cc2ef5 Ensure request context is setup before security filter runs
Previously, OrderedRequestContextFilter was ordered such that it
ran after Spring Security's Filter. This meant that the request
context was unavailable to any Filters in Spring Security's Filter
chain. Specifically, this caused a failure when using @EnableOAuth2Sso
as OAuth2ClientAuthenticationProcessingFilter, which is added to
Spring Security's Filter chain would be unable to use the
request-scoped bean upon which it depends.

This commit updates the order of OrderedRequestContextFilter so that
the request context is set up before Spring Security's Filter runs.
The tests for SampleGitHubApplication have been updated to use
TestRestTemplate rather than MockMvc. This is necessary as the latter,
via ServletTestExecutionListener, automatically populates the request
context holder, masking the fact that the request context filter was
setting it up too late.

Closes gh-4270
9 years ago
Phillip Webb 634bb770b2 Organize imports with new settings
See gh-4234
9 years ago
Phillip Webb c9fb9916b8 Reformat code using Eclipse Mars 9 years ago
Phillip Webb 1983b43830 Polish POM descriptions 9 years ago
Phillip Webb 2615990ffb Organize imports 9 years ago
Stephane Nicoll 7c0c953f81 Add value alias for SpringApplicationConfiguration
Given that Spring Boot uses java config accross the board, a new `value`
attribute is now aliased to the existing `classes` attribute such that
one could write the following:

@SpringApplicationConfiguration(MyConfig.class)
public class MyTest {}

Closes gh-3635
9 years ago
Stephane Nicoll a073a505ae Move spring.oauth2.* to security.oauth2.*
Unfortunately, we have no other choice to flip the ignoreUnknownFields
attribute of `SecurityProperties` has many different target are now set
for that namespace outside the class. See gh-3445 for a potential way
to improve that.

Closes gh-3327
10 years ago
Phillip Webb 1ce617f1ae Polish sample package names 10 years ago
Phillip Webb 412b7b9e50 Polish 10 years ago
Dave Syer c5dc3f564b Add @EnableOAuth2Sso and spring.oauth2.sso.*
User can enable OAuth2 SSO by declaring the intent (@EnableOAuth2Sso)
and also configuring the client properties (spring.oauth2.client.*).
The spring.oauth2.sso.* are only needed to change the path for the
login (defaults to /login) - any other security configuration for the
protected resources can be added in a WebSecurityConfigurerAdapter
which carries the @EnableOAuth2Sso annotation.
10 years ago