Skip to content

Commit 247f54d

Browse files
author
Rob Winch
committed
Fix SwitchUserFilter.setSwitchFailureUrl assertion
Fixes spring-projectsgh-4198
1 parent 017e983 commit 247f54d

File tree

2 files changed

+19
-5
lines changed

2 files changed

+19
-5
lines changed

web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilter.java

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,6 @@
5858
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
5959
import org.springframework.security.web.util.UrlUtils;
6060
import org.springframework.util.Assert;
61-
import org.springframework.util.StringUtils;
6261
import org.springframework.web.filter.GenericFilterBean;
6362

6463
/**
@@ -494,10 +493,8 @@ public void setSuccessHandler(AuthenticationSuccessHandler successHandler) {
494493
* @param switchFailureUrl the url to redirect to.
495494
*/
496495
public void setSwitchFailureUrl(String switchFailureUrl) {
497-
Assert.isTrue(
498-
StringUtils.hasText(this.switchUserUrl)
499-
&& UrlUtils.isValidRedirectUrl(switchFailureUrl),
500-
"switchFailureUrl cannot be empty and must be a valid redirect URL");
496+
Assert.isTrue(UrlUtils.isValidRedirectUrl(switchFailureUrl),
497+
"switchFailureUrl must be a valid redirect URL");
501498
this.switchFailureUrl = switchFailureUrl;
502499
}
503500

web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilterTests.java

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -464,6 +464,23 @@ public void switchAuthorityRoleCanBeChanged() throws Exception {
464464
assertThat(switchAuthorityRole).isEqualTo(switchedFrom.getAuthority());
465465
}
466466

467+
@Test(expected = IllegalArgumentException.class)
468+
public void setSwitchFailureUrlWhenNullThenThrowException() {
469+
SwitchUserFilter filter = new SwitchUserFilter();
470+
filter.setSwitchFailureUrl(null);
471+
}
472+
473+
@Test(expected = IllegalArgumentException.class)
474+
public void setSwitchFailureUrlWhenEmptyThenThrowException() {
475+
SwitchUserFilter filter = new SwitchUserFilter();
476+
filter.setSwitchFailureUrl("");
477+
}
478+
479+
@Test
480+
public void setSwitchFailureUrlWhenValidThenNoException() {
481+
SwitchUserFilter filter = new SwitchUserFilter();
482+
filter.setSwitchFailureUrl("/foo");
483+
}
467484
// ~ Inner Classes
468485
// ==================================================================================================
469486

0 commit comments

Comments
 (0)