svn commit: r933901 - /camel/trunk/components/camel-spring-security/src/main/java/org/apache/camel/component/spring/security/SpringSecurityAuthorizationPolicy.java

Wed, 14 Apr 2010 03:01:58 -0700 

Author: ningjiang
Date: Wed Apr 14 10:01:31 2010
New Revision: 933901

URL: http://svn.apache.org/viewvc?rev=933901&view=rev
Log:
CAMEL-2643 Using CamelAuthorizationException to avoid the NPE of Authentication

Modified:
    
camel/trunk/components/camel-spring-security/src/main/java/org/apache/camel/component/spring/security/SpringSecurityAuthorizationPolicy.java

Modified: 
camel/trunk/components/camel-spring-security/src/main/java/org/apache/camel/component/spring/security/SpringSecurityAuthorizationPolicy.java
URL: 
http://svn.apache.org/viewvc/camel/trunk/components/camel-spring-security/src/main/java/org/apache/camel/component/spring/security/SpringSecurityAuthorizationPolicy.java?rev=933901&r1=933900&r2=933901&view=diff
==============================================================================
--- 
camel/trunk/components/camel-spring-security/src/main/java/org/apache/camel/component/spring/security/SpringSecurityAuthorizationPolicy.java
 (original)
+++ 
camel/trunk/components/camel-spring-security/src/main/java/org/apache/camel/component/spring/security/SpringSecurityAuthorizationPolicy.java
 Wed Apr 14 10:01:31 2010
@@ -59,8 +59,14 @@ public class SpringSecurityAuthorization
         ConfigAttributeDefinition attributes = 
accessPolicy.getConfigAttributeDefinition();
         
         try {
+            Authentication authToken = getAuthentication(exchange);
+            if (authToken == null) {
+                CamelAuthorizationException authorizationException =
+                    new CamelAuthorizationException("Cannot find the 
Authentication instance.", exchange);
+                throw authorizationException;
+            }
             
-            Authentication authenticated = 
authenticateIfRequired(getAuthentication(exchange));
+            Authentication authenticated = authenticateIfRequired(authToken);
             
             // Attempt authorization with exchange
             try {
@@ -75,7 +81,7 @@ public class SpringSecurityAuthorization
             
         } catch (SpringSecurityException exception) {
             CamelAuthorizationException authorizationException =
-                new CamelAuthorizationException("Cannot access the below 
process", exchange, exception);
+                new CamelAuthorizationException("Cannot access the processor 
which has been protected.", exchange, exception);
             throw authorizationException;
         }
     }
@@ -88,8 +94,7 @@ public class SpringSecurityAuthorization
             if (LOG.isDebugEnabled()) {
                 LOG.debug("Get the authentication from SecurityContextHolder");
             }
-        }
-        
+        }        
         return answer;
     }
 
@@ -114,7 +119,7 @@ public class SpringSecurityAuthorization
     }
     
     private Authentication authenticateIfRequired(Authentication 
authentication) {
-        
+                    
         if (authentication.isAuthenticated() && !alwaysReauthenticate) {
             if (LOG.isDebugEnabled()) {
                 LOG.debug("Previously Authenticated: " + authentication);

Reply via email to