Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
xxadev
jenkins
提交
a0095dc1
J
jenkins
项目概览
xxadev
/
jenkins
与 Fork 源项目一致
从无法访问的项目Fork
通知
3
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jenkins
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
未验证
提交
a0095dc1
编写于
7月 04, 2019
作者:
O
Oleg Nenashev
提交者:
GitHub
7月 04, 2019
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #4096 from jvz/JENKINS-56243
[JENKINS-56243] Ensure user seed saved to session
上级
f0363a57
92d6063c
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
57 addition
and
0 deletion
+57
-0
core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java
...n/java/hudson/security/TokenBasedRememberMeServices2.java
+8
-0
test/src/test/java/hudson/security/TokenBasedRememberMeServices2Test.java
...va/hudson/security/TokenBasedRememberMeServices2Test.java
+49
-0
未找到文件。
core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java
浏览文件 @
a0095dc1
...
...
@@ -269,6 +269,14 @@ public class TokenBasedRememberMeServices2 extends TokenBasedRememberMeServices
userDetails
.
getAuthorities
());
auth
.
setDetails
(
authenticationDetailsSource
.
buildDetails
(
request
));
// Ensure this session is linked to the user's seed
if
(!
UserSeedProperty
.
DISABLE_USER_SEED
)
{
User
user
=
User
.
get
(
auth
);
UserSeedProperty
userSeed
=
user
.
getProperty
(
UserSeedProperty
.
class
);
String
sessionSeed
=
userSeed
.
getSeed
();
request
.
getSession
().
setAttribute
(
UserSeedProperty
.
USER_SESSION_SEED
,
sessionSeed
);
}
return
auth
;
}
...
...
test/src/test/java/hudson/security/TokenBasedRememberMeServices2Test.java
浏览文件 @
a0095dc1
...
...
@@ -8,6 +8,7 @@ import java.util.Arrays;
import
static
java
.
util
.
logging
.
Level
.
FINEST
;
import
java.util.stream.Collectors
;
import
hudson.model.User
;
import
jenkins.model.Jenkins
;
import
jenkins.security.seed.UserSeedProperty
;
...
...
@@ -29,8 +30,11 @@ import org.jvnet.hudson.test.For;
import
org.jvnet.hudson.test.Issue
;
import
org.jvnet.hudson.test.JenkinsRule
;
import
org.jvnet.hudson.test.LoggerRule
;
import
org.kohsuke.stapler.Stapler
;
import
org.springframework.dao.DataAccessException
;
import
test.security.realm.InMemorySecurityRealm
;
import
javax.annotation.concurrent.GuardedBy
;
import
java.util.concurrent.TimeUnit
;
import
static
org
.
hamcrest
.
Matchers
.
is
;
...
...
@@ -289,6 +293,51 @@ public class TokenBasedRememberMeServices2Test {
}
}
@Test
@Issue
(
"JENKINS-56243"
)
public
void
rememberMeToken_shouldLoadUserDetailsOnlyOnce
()
throws
Exception
{
j
.
jenkins
.
setDisableRememberMe
(
false
);
LoadUserCountingSecurityRealm
realm
=
new
LoadUserCountingSecurityRealm
();
realm
.
createAccount
(
"alice"
);
j
.
jenkins
.
setSecurityRealm
(
realm
);
User
alice
=
User
.
getOrCreateByIdOrFullName
(
"alice"
);
realm
.
verifyInvocations
(
1
);
// first, start a session with a remember me token
Cookie
cookie
=
getRememberMeCookie
(
j
.
createWebClient
().
login
(
"alice"
,
"alice"
,
true
));
// next, start a new session with that token
JenkinsRule
.
WebClient
wc
=
j
.
createWebClient
();
wc
.
getCookieManager
().
addCookie
(
cookie
);
// trigger remember me
String
sessionSeed
=
wc
.
executeOnServer
(()
->
Stapler
.
getCurrentRequest
().
getSession
(
false
).
getAttribute
(
UserSeedProperty
.
USER_SESSION_SEED
).
toString
());
realm
.
verifyInvocations
(
1
);
String
userSeed
=
alice
.
getProperty
(
UserSeedProperty
.
class
).
getSeed
();
assertEquals
(
userSeed
,
sessionSeed
);
// finally, ensure that loadUserByUsername is not being called anymore
wc
.
goTo
(
""
);
assertUserConnected
(
wc
,
"alice"
);
realm
.
verifyInvocations
(
0
);
}
private
static
class
LoadUserCountingSecurityRealm
extends
InMemorySecurityRealm
{
// if this class wasn't serialized into config.xml, this could be replaced by @Spy from Mockito
@GuardedBy
(
"this"
)
private
int
counter
=
0
;
@Override
public
synchronized
UserDetails
loadUserByUsername
(
String
username
)
throws
UsernameNotFoundException
,
DataAccessException
{
++
counter
;
return
super
.
loadUserByUsername
(
username
);
}
synchronized
void
verifyInvocations
(
int
count
)
{
assertEquals
(
count
,
counter
);
counter
=
0
;
}
}
private
Cookie
createRememberMeCookie
(
TokenBasedRememberMeServices2
tokenService
,
long
deltaDuration
,
hudson
.
model
.
User
user
)
throws
Exception
{
long
tokenValiditySeconds
=
tokenService
.
getTokenValiditySeconds
();
long
expiryTime
=
System
.
currentTimeMillis
()
+
TimeUnit
.
SECONDS
.
toMillis
(
tokenValiditySeconds
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录