From 983780d9619fb630ab7c7b77f0033af72a7a48cb Mon Sep 17 00:00:00 2001
From: Bill Smith <wsmith@unicon.net>
Date: Wed, 23 Jan 2019 11:13:29 -0700
Subject: [PATCH] [SHIBUI-1179]

Replaced static.html web security entry with a new /unsecured/**/*
entry. Updated new user redirect to redirect to /unsecured/error.html.
Updated tests.
---
 .../main/java/net/unicon/shibui/pac4j/AddNewUserFilter.java   | 2 +-
 .../src/main/java/net/unicon/shibui/pac4j/WebSecurity.java    | 4 ++--
 .../net/unicon/shibui/pac4j/AddNewUserFilterTests.groovy      | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/AddNewUserFilter.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/AddNewUserFilter.java
index 5c5bf6e12..9ff528d30 100644
--- a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/AddNewUserFilter.java
+++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/AddNewUserFilter.java
@@ -75,7 +75,7 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
                     user = persistedUser.get();
                 }
                 if (user.getRole().equals(ROLE_NONE)) {
-                    ((HttpServletResponse) response).sendRedirect("/static.html");
+                    ((HttpServletResponse) response).sendRedirect("/unsecured/error.html");
                 } else {
                     chain.doFilter(request, response); // else, user is in the system already, carry on
                 }
diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java
index e0e156eec..4b1c549f7 100644
--- a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java
+++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java
@@ -35,10 +35,10 @@ protected void configure(HttpSecurity http) throws Exception {
 
     @Configuration
     @Order(1)
-    public static class StaticSecurityConfiguration extends WebSecurityConfigurerAdapter {
+    public static class UnsecuredSecurityConfiguration extends WebSecurityConfigurerAdapter {
         @Override
         protected void configure(HttpSecurity http) throws Exception {
-            http.antMatcher("/static.html").authorizeRequests().antMatchers("/static.html").permitAll();
+            http.antMatcher("/unsecured/**/*").authorizeRequests().antMatchers("/unsecured/**/*").permitAll();
         }
     }
 
diff --git a/pac4j-module/src/test/groovy/net/unicon/shibui/pac4j/AddNewUserFilterTests.groovy b/pac4j-module/src/test/groovy/net/unicon/shibui/pac4j/AddNewUserFilterTests.groovy
index 98c5e99f3..16c5fa42c 100644
--- a/pac4j-module/src/test/groovy/net/unicon/shibui/pac4j/AddNewUserFilterTests.groovy
+++ b/pac4j-module/src/test/groovy/net/unicon/shibui/pac4j/AddNewUserFilterTests.groovy
@@ -52,7 +52,7 @@ class AddNewUserFilterTests extends Specification {
         1 * roleRepository.save(_)
         1 * userRepository.save(_)
         1 * emailService.sendNewUserMail('newUser')
-        1 * response.sendRedirect("/static.html")
+        1 * response.sendRedirect("/unsecured/error.html")
     }
 
     def "existing users are not redirected"() {