Problem: The assignable check was reversed, always resulting in a false return value.
Solution: Add test to confirm failure and then swap check. Unit tests pass.
Problem: THe HttpsURLConnectionFactory is not serializable, causing problems for clients that must serialize
the principal (which depends on a ProxyRetriever).
Solution: Make the HttpsURLConnectionFactory serializable.
QA Notes: added unit test to confirm serialize-deserialize
Problem: the ErrorRedirectFilter assumes there is a root cause and will null pointer if there is not.
Solution: Only use the root cause if there is one, otherwise use the original exception.
QA Notes: Added unit test to confirm non-root cause error.
Problem: The lookup strategy for configuration is hard-coded into the filter, making it impossible to replace or expand.
Solution: Pull the strategies into their own classees and make it configurable. Default to the previous strategy.
QA Notes: The current unit tests work. New unit tests for the configuration will have to be added once the design is approved.
Problem: Spring Security adopters will fail to be able to drop in a new version of CAS Client for Java if this feature is enabled by default/required.
Solution: Force a fail-safe optional mode if the value is not provided.
Problem: We removed the two string constructor which breaks Spring Security compatibility.
Solution: Add it back as deprecated so that Spring Security can upgrade.
Problem: We currently don't pass encoded values to the server, possibly resolving in parsing/extraction errors.
Solution: URL Encode all values instead of just the service url.
QA Notes: Added unit test.
Problem: Some clients such as Spring Security configure the filter via Spring configuration, meaning the handler's init method
is not called vai the Filter#init method.
Solution: For now, have an atomic boolean to determine if init was called or not and call it if necessary as part of the flow.
Problem: Previous versions of the CAS Client remove a public API method without sufficient deprecation time resulting in
problems for clients who want to upgrade.
Solution: Add Method back and mark it as deprecated.
Scott
Marvin S. Addison
LELEU Jerome
Misagh Moayyed