diff --git a/config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java b/config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java index 7cd1ffd22b9..55ed97f2404 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java +++ b/config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java @@ -343,7 +343,7 @@ protected final O doBuild() throws Exception { * method. Subclasses may override this method to hook into the lifecycle without * using a {@link SecurityConfigurer}. */ - protected void beforeInit() { + protected void beforeInit() throws Exception { } /** diff --git a/config/src/main/java/org/springframework/security/config/annotation/authentication/builders/AuthenticationManagerBuilder.java b/config/src/main/java/org/springframework/security/config/annotation/authentication/builders/AuthenticationManagerBuilder.java index e77a1c16c42..36b4a97a282 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/authentication/builders/AuthenticationManagerBuilder.java +++ b/config/src/main/java/org/springframework/security/config/annotation/authentication/builders/AuthenticationManagerBuilder.java @@ -228,7 +228,7 @@ public AuthenticationManagerBuilder authenticationProvider( } @Override - protected ProviderManager performBuild() { + protected ProviderManager performBuild() throws Exception { if (!isConfigured()) { logger.debug("No authenticationProviders and no parentAuthenticationManager defined. Returning null."); return null; diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java index 5c5976f746e..46e5fce86f8 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java @@ -331,7 +331,7 @@ public void init(final WebSecurity web) throws Exception { * Override this method to configure {@link WebSecurity}. For example, if you wish to * ignore certain requests. */ - public void configure(WebSecurity web) { + public void configure(WebSecurity web) throws Exception { } /** diff --git a/core/src/main/java/org/springframework/security/authentication/dao/AbstractUserDetailsAuthenticationProvider.java b/core/src/main/java/org/springframework/security/authentication/dao/AbstractUserDetailsAuthenticationProvider.java index 4fc122a5cbd..c752c811976 100644 --- a/core/src/main/java/org/springframework/security/authentication/dao/AbstractUserDetailsAuthenticationProvider.java +++ b/core/src/main/java/org/springframework/security/authentication/dao/AbstractUserDetailsAuthenticationProvider.java @@ -228,7 +228,7 @@ protected Authentication createSuccessAuthentication(Object principal, return result; } - protected void doAfterPropertiesSet() { + protected void doAfterPropertiesSet() throws Exception { } public UserCache getUserCache() { diff --git a/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationCallbackHandler.java b/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationCallbackHandler.java index 7c547ea8306..070ba6599f4 100644 --- a/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationCallbackHandler.java +++ b/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationCallbackHandler.java @@ -16,9 +16,11 @@ package org.springframework.security.authentication.jaas; -import org.springframework.security.core.Authentication; - +import java.io.IOException; import javax.security.auth.callback.Callback; +import javax.security.auth.callback.UnsupportedCallbackException; + +import org.springframework.security.core.Authentication; /** * The JaasAuthenticationCallbackHandler is similar to the @@ -58,5 +60,6 @@ public interface JaasAuthenticationCallbackHandler { * @param auth The Authentication object currently being authenticated. * */ - void handle(Callback callback, Authentication auth); + void handle(Callback callback, Authentication auth) throws IOException, + UnsupportedCallbackException; } diff --git a/remoting/src/main/java/org/springframework/security/remoting/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutor.java b/remoting/src/main/java/org/springframework/security/remoting/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutor.java index 0d225d423b2..59e61d31b64 100644 --- a/remoting/src/main/java/org/springframework/security/remoting/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutor.java +++ b/remoting/src/main/java/org/springframework/security/remoting/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutor.java @@ -58,7 +58,8 @@ public class AuthenticationSimpleHttpInvokerRequestExecutor extends * @param contentLength the length of the content to send * */ - protected void doPrepareConnection(HttpURLConnection con, int contentLength) { + protected void doPrepareConnection(HttpURLConnection con, int contentLength) + throws IOException { } /** diff --git a/web/src/main/java/org/springframework/security/web/access/channel/ChannelEntryPoint.java b/web/src/main/java/org/springframework/security/web/access/channel/ChannelEntryPoint.java index 39c4575f28d..b6fa10e0e86 100644 --- a/web/src/main/java/org/springframework/security/web/access/channel/ChannelEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/ChannelEntryPoint.java @@ -17,7 +17,7 @@ package org.springframework.security.web.access.channel; import java.io.IOException; - +import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -47,5 +47,5 @@ public interface ChannelEntryPoint { * */ void commence(HttpServletRequest request, HttpServletResponse response) - throws IOException; + throws IOException, ServletException; } diff --git a/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilter.java b/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilter.java index 776e6a34727..5f7cf4b8395 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilter.java @@ -280,7 +280,8 @@ protected boolean requiresAuthentication(HttpServletRequest request, * @throws AuthenticationException if authentication fails. */ public abstract Authentication attemptAuthentication(HttpServletRequest request, - HttpServletResponse response) throws AuthenticationException, IOException; + HttpServletResponse response) throws AuthenticationException, IOException, + ServletException; /** * Default behaviour for successful authentication. diff --git a/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java b/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java index a8de17a3439..ab14b48241c 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java @@ -16,12 +16,13 @@ package org.springframework.security.web.authentication; import java.io.IOException; - +import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; + import org.springframework.security.core.Authentication; import org.springframework.security.web.DefaultRedirectStrategy; import org.springframework.security.web.RedirectStrategy; @@ -78,7 +79,7 @@ protected AbstractAuthenticationTargetUrlRequestHandler() { * The redirect will not be performed if the response has already been committed. */ protected void handle(HttpServletRequest request, HttpServletResponse response, - Authentication authentication) throws IOException { + Authentication authentication) throws IOException, ServletException { String targetUrl = determineTargetUrl(request, response, authentication); if (response.isCommitted()) { diff --git a/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java b/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java index 0dff495c203..fde6d9f97ae 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java @@ -211,7 +211,8 @@ protected String buildRedirectUrlToLoginPage(HttpServletRequest request, * Builds a URL to redirect the supplied request to HTTPS. Used to redirect the * current request to HTTPS, before doing a forward to the login page. */ - protected String buildHttpsRedirectUrlForRequest(HttpServletRequest request) { + protected String buildHttpsRedirectUrlForRequest(HttpServletRequest request) + throws IOException, ServletException { int serverPort = portResolver.getServerPort(request); Integer httpsPort = portMapper.lookupHttpsPort(serverPort); diff --git a/web/src/main/java/org/springframework/security/web/authentication/www/BasicAuthenticationFilter.java b/web/src/main/java/org/springframework/security/web/authentication/www/BasicAuthenticationFilter.java index 622c36e8301..e5fc91940cc 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/www/BasicAuthenticationFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/www/BasicAuthenticationFilter.java @@ -244,11 +244,11 @@ private boolean authenticationIsRequired(String username) { } protected void onSuccessfulAuthentication(HttpServletRequest request, - HttpServletResponse response, Authentication authResult) { + HttpServletResponse response, Authentication authResult) throws IOException { } protected void onUnsuccessfulAuthentication(HttpServletRequest request, - HttpServletResponse response, AuthenticationException failed) { + HttpServletResponse response, AuthenticationException failed) throws IOException { } protected AuthenticationEntryPoint getAuthenticationEntryPoint() { diff --git a/web/src/main/java/org/springframework/security/web/session/InvalidSessionStrategy.java b/web/src/main/java/org/springframework/security/web/session/InvalidSessionStrategy.java index 925396b6da9..e77390b2f24 100644 --- a/web/src/main/java/org/springframework/security/web/session/InvalidSessionStrategy.java +++ b/web/src/main/java/org/springframework/security/web/session/InvalidSessionStrategy.java @@ -15,9 +15,10 @@ */ package org.springframework.security.web.session; +import java.io.IOException; +import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import java.io.IOException; /** * Determines the behaviour of the {@code SessionManagementFilter} when an invalid session @@ -28,6 +29,6 @@ public interface InvalidSessionStrategy { void onInvalidSessionDetected(HttpServletRequest request, HttpServletResponse response) - throws IOException; + throws IOException, ServletException; } diff --git a/web/src/main/java/org/springframework/security/web/session/SessionInformationExpiredStrategy.java b/web/src/main/java/org/springframework/security/web/session/SessionInformationExpiredStrategy.java index 02071284ac0..718e1aee749 100644 --- a/web/src/main/java/org/springframework/security/web/session/SessionInformationExpiredStrategy.java +++ b/web/src/main/java/org/springframework/security/web/session/SessionInformationExpiredStrategy.java @@ -16,6 +16,7 @@ package org.springframework.security.web.session; import java.io.IOException; +import javax.servlet.ServletException; /** * Determines the behaviour of the {@code ConcurrentSessionFilter} when an expired session @@ -28,5 +29,5 @@ public interface SessionInformationExpiredStrategy { void onExpiredSessionDetected(SessionInformationExpiredEvent event) - throws IOException; + throws IOException, ServletException; }