)
+ when:
+ conf.init(builder)
+ conf.configure(builder)
+ then:
+ conf.list.contains("a")
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/issue50/Issue50Tests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/issue50/Issue50Tests.groovy
index dc17ca99e3..2449a46f2a 100644
--- a/config/src/test/groovy/org/springframework/security/config/annotation/issue50/Issue50Tests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/annotation/issue50/Issue50Tests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -39,62 +39,62 @@ import spock.lang.Specification
@ContextConfiguration(classes=[ApplicationConfig,SecurityConfig])
@Transactional
class Issue50Tests extends Specification {
- @Autowired
- private FilterChainProxy springSecurityFilterChain
- @Autowired
- private AuthenticationManager authenticationManager
- @Autowired
- private UserRepository userRepo
+ @Autowired
+ private FilterChainProxy springSecurityFilterChain
+ @Autowired
+ private AuthenticationManager authenticationManager
+ @Autowired
+ private UserRepository userRepo
- def setup() {
- SecurityContextHolder.context.authentication = new TestingAuthenticationToken("test",null,"ROLE_ADMIN")
- }
+ def setup() {
+ SecurityContextHolder.context.authentication = new TestingAuthenticationToken("test",null,"ROLE_ADMIN")
+ }
- def cleanup() {
- SecurityContextHolder.clearContext()
- }
+ def cleanup() {
+ SecurityContextHolder.clearContext()
+ }
- // https://github.com/SpringSource/spring-security-javaconfig/issues/50
- def "#50 - GlobalMethodSecurityConfiguration should load AuthenticationManager lazily"() {
- when:
- "Configuration Loads"
- then: "GlobalMethodSecurityConfiguration loads AuthenticationManager lazily"
- noExceptionThrown()
- }
+ // https://github.com/SpringSource/spring-security-javaconfig/issues/50
+ def "#50 - GlobalMethodSecurityConfiguration should load AuthenticationManager lazily"() {
+ when:
+ "Configuration Loads"
+ then: "GlobalMethodSecurityConfiguration loads AuthenticationManager lazily"
+ noExceptionThrown()
+ }
- def "AuthenticationManager will not authenticate missing user"() {
- when:
- authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("test", "password"))
- then:
- thrown(UsernameNotFoundException)
- }
+ def "AuthenticationManager will not authenticate missing user"() {
+ when:
+ authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("test", "password"))
+ then:
+ thrown(UsernameNotFoundException)
+ }
- def "AuthenticationManager will not authenticate with invalid password"() {
- when:
- User user = new User(username:"test",password:"password")
- userRepo.save(user)
- authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.username , "invalid"))
- then:
- thrown(BadCredentialsException)
- }
+ def "AuthenticationManager will not authenticate with invalid password"() {
+ when:
+ User user = new User(username:"test",password:"password")
+ userRepo.save(user)
+ authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.username , "invalid"))
+ then:
+ thrown(BadCredentialsException)
+ }
- def "AuthenticationManager can be used to authenticate a user"() {
- when:
- User user = new User(username:"test",password:"password")
- userRepo.save(user)
- Authentication result = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.username , user.password))
- then:
- result.principal == user.username
- }
+ def "AuthenticationManager can be used to authenticate a user"() {
+ when:
+ User user = new User(username:"test",password:"password")
+ userRepo.save(user)
+ Authentication result = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.username , user.password))
+ then:
+ result.principal == user.username
+ }
- def "Global Method Security is enabled and works"() {
- setup:
- SecurityContextHolder.context.authentication = new TestingAuthenticationToken("test",null,"ROLE_USER")
- when:
- User user = new User(username:"denied",password:"password")
- userRepo.save(user)
- Authentication result = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.username , user.password))
- then:
- thrown(AccessDeniedException)
- }
+ def "Global Method Security is enabled and works"() {
+ setup:
+ SecurityContextHolder.context.authentication = new TestingAuthenticationToken("test",null,"ROLE_USER")
+ when:
+ User user = new User(username:"denied",password:"password")
+ userRepo.save(user)
+ Authentication result = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.username , user.password))
+ then:
+ thrown(AccessDeniedException)
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/sec2758/Sec2758Tests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/sec2758/Sec2758Tests.groovy
index 9327e55717..e65b091ae5 100644
--- a/config/src/test/groovy/org/springframework/security/config/annotation/sec2758/Sec2758Tests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/annotation/sec2758/Sec2758Tests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -44,100 +44,100 @@ import org.springframework.web.context.support.AnnotationConfigWebApplicationCon
public class Sec2758Tests extends BaseSpringSpec {
- def cleanup() {
- SecurityContextHolder.clearContext()
- }
+ def cleanup() {
+ SecurityContextHolder.clearContext()
+ }
- def "SEC-2758: Verify Passivity Restored with Advice from JIRA"() {
- setup:
- SecurityContextHolder.context.authentication = new TestingAuthenticationToken("user", "pass", "USER")
- loadConfig(SecurityConfig)
- Service service = context.getBean(Service)
+ def "SEC-2758: Verify Passivity Restored with Advice from JIRA"() {
+ setup:
+ SecurityContextHolder.context.authentication = new TestingAuthenticationToken("user", "pass", "USER")
+ loadConfig(SecurityConfig)
+ Service service = context.getBean(Service)
- when:
- findFilter(FilterSecurityInterceptor).doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), new MockFilterChain())
- then:
- noExceptionThrown()
+ when:
+ findFilter(FilterSecurityInterceptor).doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), new MockFilterChain())
+ then:
+ noExceptionThrown()
- when:
- service.doPreAuthorize()
- then:
- noExceptionThrown()
+ when:
+ service.doPreAuthorize()
+ then:
+ noExceptionThrown()
- when:
- service.doJsr250()
- then:
- noExceptionThrown()
- }
+ when:
+ service.doJsr250()
+ then:
+ noExceptionThrown()
+ }
- @EnableWebSecurity
- @EnableGlobalMethodSecurity(prePostEnabled=true)
- static class SecurityConfig extends WebSecurityConfigurerAdapter {
+ @EnableWebSecurity
+ @EnableGlobalMethodSecurity(prePostEnabled=true)
+ static class SecurityConfig extends WebSecurityConfigurerAdapter {
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .authorizeRequests()
- .anyRequest().hasAnyAuthority("USER");
- }
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .authorizeRequests()
+ .anyRequest().hasAnyAuthority("USER");
+ }
- @Autowired
- public void configureGlobal(AuthenticationManagerBuilder auth) {
- auth
- .inMemoryAuthentication()
- .withUser("user").password("password").authorities("USER")
- }
+ @Autowired
+ public void configureGlobal(AuthenticationManagerBuilder auth) {
+ auth
+ .inMemoryAuthentication()
+ .withUser("user").password("password").authorities("USER")
+ }
- @Bean
- Service service() {
- return new ServiceImpl()
- }
+ @Bean
+ Service service() {
+ return new ServiceImpl()
+ }
- @Bean
- static DefaultRolesPrefixPostProcessor defaultRolesPrefixPostProcessor() {
- new DefaultRolesPrefixPostProcessor()
- }
- }
+ @Bean
+ static DefaultRolesPrefixPostProcessor defaultRolesPrefixPostProcessor() {
+ new DefaultRolesPrefixPostProcessor()
+ }
+ }
- interface Service {
- void doPreAuthorize()
- void doJsr250()
- }
+ interface Service {
+ void doPreAuthorize()
+ void doJsr250()
+ }
- static class ServiceImpl implements Service {
- @PreAuthorize("hasRole('USER')")
- void doPreAuthorize() {}
+ static class ServiceImpl implements Service {
+ @PreAuthorize("hasRole('USER')")
+ void doPreAuthorize() {}
- @RolesAllowed("USER")
- void doJsr250() {}
- }
+ @RolesAllowed("USER")
+ void doJsr250() {}
+ }
- static class DefaultRolesPrefixPostProcessor implements BeanPostProcessor, PriorityOrdered {
+ static class DefaultRolesPrefixPostProcessor implements BeanPostProcessor, PriorityOrdered {
- @Override
- public Object postProcessAfterInitialization(Object bean, String beanName)
- throws BeansException {
- if(bean instanceof Jsr250MethodSecurityMetadataSource) {
- ((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(null);
- }
- if(bean instanceof DefaultMethodSecurityExpressionHandler) {
- ((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(null);
- }
- if(bean instanceof DefaultWebSecurityExpressionHandler) {
- ((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(null);
- }
- return bean;
- }
+ @Override
+ public Object postProcessAfterInitialization(Object bean, String beanName)
+ throws BeansException {
+ if(bean instanceof Jsr250MethodSecurityMetadataSource) {
+ ((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(null);
+ }
+ if(bean instanceof DefaultMethodSecurityExpressionHandler) {
+ ((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(null);
+ }
+ if(bean instanceof DefaultWebSecurityExpressionHandler) {
+ ((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(null);
+ }
+ return bean;
+ }
- @Override
- public Object postProcessBeforeInitialization(Object bean, String beanName)
- throws BeansException {
- return bean;
- }
+ @Override
+ public Object postProcessBeforeInitialization(Object bean, String beanName)
+ throws BeansException {
+ return bean;
+ }
- @Override
- public int getOrder() {
- return PriorityOrdered.HIGHEST_PRECEDENCE;
- }
+ @Override
+ public int getOrder() {
+ return PriorityOrdered.HIGHEST_PRECEDENCE;
+ }
}
}
diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/RequestMatchersTests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/RequestMatchersTests.groovy
index 17f7af8c86..873f2ed396 100644
--- a/config/src/test/groovy/org/springframework/security/config/annotation/web/RequestMatchersTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/RequestMatchersTests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -29,31 +29,31 @@ import spock.lang.Specification;
*/
class RequestMatchersTests extends Specification {
- def "regexMatchers(GET,'/a.*') uses RegexRequestMatcher"() {
- when:
- def matchers = regexMatchers(HttpMethod.GET, "/a.*")
- then: 'matcher is a RegexRequestMatcher'
- matchers.collect {it.class } == [RegexRequestMatcher]
- }
+ def "regexMatchers(GET,'/a.*') uses RegexRequestMatcher"() {
+ when:
+ def matchers = regexMatchers(HttpMethod.GET, "/a.*")
+ then: 'matcher is a RegexRequestMatcher'
+ matchers.collect {it.class } == [RegexRequestMatcher]
+ }
- def "regexMatchers('/a.*') uses RegexRequestMatcher"() {
- when:
- def matchers = regexMatchers("/a.*")
- then: 'matcher is a RegexRequestMatcher'
- matchers.collect {it.class } == [RegexRequestMatcher]
- }
+ def "regexMatchers('/a.*') uses RegexRequestMatcher"() {
+ when:
+ def matchers = regexMatchers("/a.*")
+ then: 'matcher is a RegexRequestMatcher'
+ matchers.collect {it.class } == [RegexRequestMatcher]
+ }
- def "antMatchers(GET,'/a.*') uses AntPathRequestMatcher"() {
- when:
- def matchers = antMatchers(HttpMethod.GET, "/a.*")
- then: 'matcher is a RegexRequestMatcher'
- matchers.collect {it.class } == [AntPathRequestMatcher]
- }
+ def "antMatchers(GET,'/a.*') uses AntPathRequestMatcher"() {
+ when:
+ def matchers = antMatchers(HttpMethod.GET, "/a.*")
+ then: 'matcher is a RegexRequestMatcher'
+ matchers.collect {it.class } == [AntPathRequestMatcher]
+ }
- def "antMatchers('/a.*') uses AntPathRequestMatcher"() {
- when:
- def matchers = antMatchers("/a.*")
- then: 'matcher is a AntPathRequestMatcher'
- matchers.collect {it.class } == [AntPathRequestMatcher]
- }
+ def "antMatchers('/a.*') uses AntPathRequestMatcher"() {
+ when:
+ def matchers = antMatchers("/a.*")
+ then: 'matcher is a AntPathRequestMatcher'
+ matchers.collect {it.class } == [AntPathRequestMatcher]
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.groovy
index d094c43766..4c9e6b3615 100644
--- a/config/src/test/groovy/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -60,440 +60,440 @@ import org.springframework.security.web.util.matcher.RequestMatcher
*
*/
public class NamespaceHttpTests extends BaseSpringSpec {
- def "http@access-decision-manager-ref"() {
- setup:
- AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR = Mock(AccessDecisionManager)
- AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR.supports(FilterInvocation) >> true
- AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR.supports(_ as ConfigAttribute) >> true
- when:
- loadConfig(AccessDecisionManagerRefConfig)
- then:
- findFilter(FilterSecurityInterceptor).accessDecisionManager == AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR
- }
+ def "http@access-decision-manager-ref"() {
+ setup:
+ AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR = Mock(AccessDecisionManager)
+ AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR.supports(FilterInvocation) >> true
+ AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR.supports(_ as ConfigAttribute) >> true
+ when:
+ loadConfig(AccessDecisionManagerRefConfig)
+ then:
+ findFilter(FilterSecurityInterceptor).accessDecisionManager == AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR
+ }
- @Configuration
- static class AccessDecisionManagerRefConfig extends BaseWebConfig {
- static AccessDecisionManager ACCESS_DECISION_MGR
+ @Configuration
+ static class AccessDecisionManagerRefConfig extends BaseWebConfig {
+ static AccessDecisionManager ACCESS_DECISION_MGR
- protected void configure(HttpSecurity http) throws Exception {
- http
- .authorizeRequests()
- .anyRequest().permitAll()
- .accessDecisionManager(ACCESS_DECISION_MGR)
- }
- }
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .authorizeRequests()
+ .anyRequest().permitAll()
+ .accessDecisionManager(ACCESS_DECISION_MGR)
+ }
+ }
- def "http@access-denied-page"() {
- when:
- loadConfig(AccessDeniedPageConfig)
- then:
- findFilter(ExceptionTranslationFilter).accessDeniedHandler.errorPage == "/AccessDeniedPageConfig"
- }
+ def "http@access-denied-page"() {
+ when:
+ loadConfig(AccessDeniedPageConfig)
+ then:
+ findFilter(ExceptionTranslationFilter).accessDeniedHandler.errorPage == "/AccessDeniedPageConfig"
+ }
- @Configuration
- static class AccessDeniedPageConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- http
- .exceptionHandling()
- .accessDeniedPage("/AccessDeniedPageConfig")
- }
- }
+ @Configuration
+ static class AccessDeniedPageConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .exceptionHandling()
+ .accessDeniedPage("/AccessDeniedPageConfig")
+ }
+ }
- def "http@authentication-manager-ref"() {
- when: "Specify AuthenticationManager"
- loadConfig(AuthenticationManagerRefConfig)
- then: "Populates the AuthenticationManager"
- findFilter(FilterSecurityInterceptor).authenticationManager.parent.class == CustomAuthenticationManager
- }
+ def "http@authentication-manager-ref"() {
+ when: "Specify AuthenticationManager"
+ loadConfig(AuthenticationManagerRefConfig)
+ then: "Populates the AuthenticationManager"
+ findFilter(FilterSecurityInterceptor).authenticationManager.parent.class == CustomAuthenticationManager
+ }
- @Configuration
- static class AuthenticationManagerRefConfig extends BaseWebConfig {
- // demo authentication-manager-ref (could be any value)
+ @Configuration
+ static class AuthenticationManagerRefConfig extends BaseWebConfig {
+ // demo authentication-manager-ref (could be any value)
- @Override
- protected AuthenticationManager authenticationManager() throws Exception {
- return new CustomAuthenticationManager();
- }
+ @Override
+ protected AuthenticationManager authenticationManager() throws Exception {
+ return new CustomAuthenticationManager();
+ }
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .authorizeRequests()
- .anyRequest().hasRole("USER");
- }
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .authorizeRequests()
+ .anyRequest().hasRole("USER");
+ }
- static class CustomAuthenticationManager implements AuthenticationManager {
- public Authentication authenticate(Authentication authentication)
- throws AuthenticationException {
- throw new BadCredentialsException("This always fails");
- }
- }
- }
+ static class CustomAuthenticationManager implements AuthenticationManager {
+ public Authentication authenticate(Authentication authentication)
+ throws AuthenticationException {
+ throw new BadCredentialsException("This always fails");
+ }
+ }
+ }
- // Note: There is no http@auto-config equivalent in Java Config
+ // Note: There is no http@auto-config equivalent in Java Config
- def "http@create-session=always"() {
- when:
- loadConfig(IfRequiredConfig)
- then:
- findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false
- findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == true
- findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == true
- findFilter(ExceptionTranslationFilter).requestCache.class == HttpSessionRequestCache
- }
+ def "http@create-session=always"() {
+ when:
+ loadConfig(IfRequiredConfig)
+ then:
+ findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false
+ findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == true
+ findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == true
+ findFilter(ExceptionTranslationFilter).requestCache.class == HttpSessionRequestCache
+ }
- @Configuration
- static class CreateSessionAlwaysConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- http
- .sessionManagement()
- .sessionCreationPolicy(SessionCreationPolicy.ALWAYS);
- }
- }
+ @Configuration
+ static class CreateSessionAlwaysConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .sessionManagement()
+ .sessionCreationPolicy(SessionCreationPolicy.ALWAYS);
+ }
+ }
- def "http@create-session=stateless"() {
- when:
- loadConfig(CreateSessionStatelessConfig)
- then:
- findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false
- findFilter(SecurityContextPersistenceFilter).repo.class == NullSecurityContextRepository
- findFilter(SessionManagementFilter).securityContextRepository.class == NullSecurityContextRepository
- findFilter(ExceptionTranslationFilter).requestCache.class == NullRequestCache
- findFilter(RequestCacheAwareFilter).requestCache.class == NullRequestCache
- }
+ def "http@create-session=stateless"() {
+ when:
+ loadConfig(CreateSessionStatelessConfig)
+ then:
+ findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false
+ findFilter(SecurityContextPersistenceFilter).repo.class == NullSecurityContextRepository
+ findFilter(SessionManagementFilter).securityContextRepository.class == NullSecurityContextRepository
+ findFilter(ExceptionTranslationFilter).requestCache.class == NullRequestCache
+ findFilter(RequestCacheAwareFilter).requestCache.class == NullRequestCache
+ }
- @Configuration
- static class CreateSessionStatelessConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- http
- .sessionManagement()
- .sessionCreationPolicy(SessionCreationPolicy.STATELESS);
- }
- }
+ @Configuration
+ static class CreateSessionStatelessConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .sessionManagement()
+ .sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+ }
+ }
- def "http@create-session=ifRequired"() {
- when:
- loadConfig(IfRequiredConfig)
- then:
- findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false
- findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == true
- findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == true
- }
+ def "http@create-session=ifRequired"() {
+ when:
+ loadConfig(IfRequiredConfig)
+ then:
+ findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false
+ findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == true
+ findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == true
+ }
- @Configuration
- static class IfRequiredConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- http
- .sessionManagement()
- .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
- }
- }
+ @Configuration
+ static class IfRequiredConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .sessionManagement()
+ .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
+ }
+ }
- def "http@create-session defaults to ifRequired"() {
- when:
- loadConfig(IfRequiredConfig)
- then:
- findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false
- findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == true
- findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == true
- }
+ def "http@create-session defaults to ifRequired"() {
+ when:
+ loadConfig(IfRequiredConfig)
+ then:
+ findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false
+ findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == true
+ findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == true
+ }
- def "http@create-session=never"() {
- when:
- loadConfig(CreateSessionNeverConfig)
- then:
- findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false
- findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == false
- findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == false
- }
+ def "http@create-session=never"() {
+ when:
+ loadConfig(CreateSessionNeverConfig)
+ then:
+ findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false
+ findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == false
+ findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == false
+ }
- @Configuration
- static class CreateSessionNeverConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- http
- .sessionManagement()
- .sessionCreationPolicy(SessionCreationPolicy.NEVER);
- }
- }
+ @Configuration
+ static class CreateSessionNeverConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .sessionManagement()
+ .sessionCreationPolicy(SessionCreationPolicy.NEVER);
+ }
+ }
- @Configuration
- static class DefaultCreateSessionConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- }
- }
+ @Configuration
+ static class DefaultCreateSessionConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ }
+ }
- def "http@disable-url-rewriting = true (default for Java Config)"() {
- when:
- loadConfig(DefaultUrlRewritingConfig)
- then:
- findFilter(SecurityContextPersistenceFilter).repo.disableUrlRewriting
- }
+ def "http@disable-url-rewriting = true (default for Java Config)"() {
+ when:
+ loadConfig(DefaultUrlRewritingConfig)
+ then:
+ findFilter(SecurityContextPersistenceFilter).repo.disableUrlRewriting
+ }
- @Configuration
- static class DefaultUrlRewritingConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- }
- }
+ @Configuration
+ static class DefaultUrlRewritingConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ }
+ }
- // http@disable-url-rewriting is on by default to disable it create a custom HttpSecurityContextRepository and use security-context-repository-ref
+ // http@disable-url-rewriting is on by default to disable it create a custom HttpSecurityContextRepository and use security-context-repository-ref
- def "http@disable-url-rewriting = false"() {
- when:
- loadConfig(EnableUrlRewritingConfig)
- then:
- findFilter(SecurityContextPersistenceFilter).repo.disableUrlRewriting == false
- }
+ def "http@disable-url-rewriting = false"() {
+ when:
+ loadConfig(EnableUrlRewritingConfig)
+ then:
+ findFilter(SecurityContextPersistenceFilter).repo.disableUrlRewriting == false
+ }
- @Configuration
- static class EnableUrlRewritingConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- HttpSessionSecurityContextRepository repository = new HttpSessionSecurityContextRepository()
- repository.disableUrlRewriting = false // explicitly configured (not necessary due to default values)
+ @Configuration
+ static class EnableUrlRewritingConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ HttpSessionSecurityContextRepository repository = new HttpSessionSecurityContextRepository()
+ repository.disableUrlRewriting = false // explicitly configured (not necessary due to default values)
- http.
- securityContext()
- .securityContextRepository(repository)
- }
- }
+ http.
+ securityContext()
+ .securityContextRepository(repository)
+ }
+ }
- def "http@entry-point-ref"() {
- when:
- loadConfig(EntryPointRefConfig)
- then:
- findFilter(ExceptionTranslationFilter).authenticationEntryPoint.loginFormUrl == "/EntryPointRefConfig"
- }
+ def "http@entry-point-ref"() {
+ when:
+ loadConfig(EntryPointRefConfig)
+ then:
+ findFilter(ExceptionTranslationFilter).authenticationEntryPoint.loginFormUrl == "/EntryPointRefConfig"
+ }
- @Configuration
- static class EntryPointRefConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- http
- .exceptionHandling()
- .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/EntryPointRefConfig"))
- }
- }
+ @Configuration
+ static class EntryPointRefConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .exceptionHandling()
+ .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/EntryPointRefConfig"))
+ }
+ }
- def "http@jaas-api-provision"() {
- when:
- loadConfig(JaasApiProvisionConfig)
- then:
- findFilter(JaasApiIntegrationFilter)
- }
+ def "http@jaas-api-provision"() {
+ when:
+ loadConfig(JaasApiProvisionConfig)
+ then:
+ findFilter(JaasApiIntegrationFilter)
+ }
- @Configuration
- static class JaasApiProvisionConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- http
- .addFilter(new JaasApiIntegrationFilter())
- }
- }
+ @Configuration
+ static class JaasApiProvisionConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .addFilter(new JaasApiIntegrationFilter())
+ }
+ }
- // http@name is not available since it can be done w/ standard bean configuration easily
+ // http@name is not available since it can be done w/ standard bean configuration easily
- def "http@once-per-request=true"() {
- when:
- loadConfig(OncePerRequestConfig)
- then:
- findFilter(FilterSecurityInterceptor).observeOncePerRequest
- }
+ def "http@once-per-request=true"() {
+ when:
+ loadConfig(OncePerRequestConfig)
+ then:
+ findFilter(FilterSecurityInterceptor).observeOncePerRequest
+ }
- @Configuration
- static class OncePerRequestConfig extends BaseWebConfig {
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .authorizeRequests()
- .anyRequest().hasRole("USER");
- }
- }
+ @Configuration
+ static class OncePerRequestConfig extends BaseWebConfig {
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .authorizeRequests()
+ .anyRequest().hasRole("USER");
+ }
+ }
- def "http@once-per-request=false"() {
- when:
- loadConfig(OncePerRequestFalseConfig)
- then:
- !findFilter(FilterSecurityInterceptor).observeOncePerRequest
- }
+ def "http@once-per-request=false"() {
+ when:
+ loadConfig(OncePerRequestFalseConfig)
+ then:
+ !findFilter(FilterSecurityInterceptor).observeOncePerRequest
+ }
- @Configuration
- static class OncePerRequestFalseConfig extends BaseWebConfig {
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.
- authorizeRequests()
- .filterSecurityInterceptorOncePerRequest(false)
- .antMatchers("/users**","/sessions/**").hasRole("ADMIN")
- .antMatchers("/signup").permitAll()
- .anyRequest().hasRole("USER");
- }
- }
+ @Configuration
+ static class OncePerRequestFalseConfig extends BaseWebConfig {
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.
+ authorizeRequests()
+ .filterSecurityInterceptorOncePerRequest(false)
+ .antMatchers("/users**","/sessions/**").hasRole("ADMIN")
+ .antMatchers("/signup").permitAll()
+ .anyRequest().hasRole("USER");
+ }
+ }
- def "http@realm"() {
- setup:
- loadConfig(RealmConfig)
- when:
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- response.getHeader("WWW-Authenticate") == 'Basic realm="RealmConfig"'
- }
+ def "http@realm"() {
+ setup:
+ loadConfig(RealmConfig)
+ when:
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ response.getHeader("WWW-Authenticate") == 'Basic realm="RealmConfig"'
+ }
- @Configuration
- static class RealmConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- http
- .authorizeRequests()
- .anyRequest().authenticated()
- .and()
- .httpBasic().realmName("RealmConfig")
- }
- }
+ @Configuration
+ static class RealmConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .authorizeRequests()
+ .anyRequest().authenticated()
+ .and()
+ .httpBasic().realmName("RealmConfig")
+ }
+ }
- // http@request-matcher is not available (instead request matcher instances are used)
+ // http@request-matcher is not available (instead request matcher instances are used)
- def "http@request-matcher-ref ant"() {
- when:
- loadConfig(RequestMatcherAntConfig)
- then:
- filterChain(0).requestMatcher.pattern == "/api/**"
- }
+ def "http@request-matcher-ref ant"() {
+ when:
+ loadConfig(RequestMatcherAntConfig)
+ then:
+ filterChain(0).requestMatcher.pattern == "/api/**"
+ }
- @Configuration
- static class RequestMatcherAntConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- http
- .antMatcher("/api/**")
- }
- }
+ @Configuration
+ static class RequestMatcherAntConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .antMatcher("/api/**")
+ }
+ }
- def "http@request-matcher-ref regex"() {
- when:
- loadConfig(RequestMatcherRegexConfig)
- then:
- filterChain(0).requestMatcher.class == RegexRequestMatcher
- filterChain(0).requestMatcher.pattern.matcher("/regex/a")
- filterChain(0).requestMatcher.pattern.matcher("/regex/b")
- !filterChain(0).requestMatcher.pattern.matcher("/regex1/b")
- }
+ def "http@request-matcher-ref regex"() {
+ when:
+ loadConfig(RequestMatcherRegexConfig)
+ then:
+ filterChain(0).requestMatcher.class == RegexRequestMatcher
+ filterChain(0).requestMatcher.pattern.matcher("/regex/a")
+ filterChain(0).requestMatcher.pattern.matcher("/regex/b")
+ !filterChain(0).requestMatcher.pattern.matcher("/regex1/b")
+ }
- @Configuration
- static class RequestMatcherRegexConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- http
- .regexMatcher("/regex/.*")
- }
- }
+ @Configuration
+ static class RequestMatcherRegexConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .regexMatcher("/regex/.*")
+ }
+ }
- def "http@request-matcher-ref"() {
- when:
- loadConfig(RequestMatcherRefConfig)
- then:
- filterChain(0).requestMatcher.class == MyRequestMatcher
- }
+ def "http@request-matcher-ref"() {
+ when:
+ loadConfig(RequestMatcherRefConfig)
+ then:
+ filterChain(0).requestMatcher.class == MyRequestMatcher
+ }
- @Configuration
- static class RequestMatcherRefConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- http
- .requestMatcher(new MyRequestMatcher());
- }
- static class MyRequestMatcher implements RequestMatcher {
- public boolean matches(HttpServletRequest request) {
- return true;
- }
- }
- }
+ @Configuration
+ static class RequestMatcherRefConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .requestMatcher(new MyRequestMatcher());
+ }
+ static class MyRequestMatcher implements RequestMatcher {
+ public boolean matches(HttpServletRequest request) {
+ return true;
+ }
+ }
+ }
- def "http@security=none"() {
- when:
- loadConfig(SecurityNoneConfig)
- then:
- filterChain(0).requestMatcher.pattern == "/resources/**"
- filterChain(0).filters.empty
- filterChain(1).requestMatcher.pattern == "/public/**"
- filterChain(1).filters.empty
- }
+ def "http@security=none"() {
+ when:
+ loadConfig(SecurityNoneConfig)
+ then:
+ filterChain(0).requestMatcher.pattern == "/resources/**"
+ filterChain(0).filters.empty
+ filterChain(1).requestMatcher.pattern == "/public/**"
+ filterChain(1).filters.empty
+ }
- @Configuration
- static class SecurityNoneConfig extends BaseWebConfig {
+ @Configuration
+ static class SecurityNoneConfig extends BaseWebConfig {
- @Override
- public void configure(WebSecurity web)
- throws Exception {
- web
- .ignoring()
- .antMatchers("/resources/**","/public/**")
- }
+ @Override
+ public void configure(WebSecurity web)
+ throws Exception {
+ web
+ .ignoring()
+ .antMatchers("/resources/**","/public/**")
+ }
- @Override
- protected void configure(HttpSecurity http) throws Exception {}
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {}
- }
+ }
- def "http@security-context-repository-ref"() {
- when:
- loadConfig(SecurityContextRepoConfig)
- then:
- findFilter(SecurityContextPersistenceFilter).repo.class == NullSecurityContextRepository
- }
+ def "http@security-context-repository-ref"() {
+ when:
+ loadConfig(SecurityContextRepoConfig)
+ then:
+ findFilter(SecurityContextPersistenceFilter).repo.class == NullSecurityContextRepository
+ }
- @Configuration
- static class SecurityContextRepoConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- http
- .securityContext()
- .securityContextRepository(new NullSecurityContextRepository()) // security-context-repository-ref
- }
- }
+ @Configuration
+ static class SecurityContextRepoConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .securityContext()
+ .securityContextRepository(new NullSecurityContextRepository()) // security-context-repository-ref
+ }
+ }
- def "http@servlet-api-provision=false"() {
- when:
- loadConfig(ServletApiProvisionConfig)
- then:
- findFilter(SecurityContextHolderAwareRequestFilter) == null
- }
+ def "http@servlet-api-provision=false"() {
+ when:
+ loadConfig(ServletApiProvisionConfig)
+ then:
+ findFilter(SecurityContextHolderAwareRequestFilter) == null
+ }
- @Configuration
- static class ServletApiProvisionConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- http.servletApi().disable()
- }
- }
+ @Configuration
+ static class ServletApiProvisionConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ http.servletApi().disable()
+ }
+ }
- def "http@servlet-api-provision defaults to true"() {
- when:
- loadConfig(ServletApiProvisionDefaultsConfig)
- then:
- findFilter(SecurityContextHolderAwareRequestFilter) != null
- }
+ def "http@servlet-api-provision defaults to true"() {
+ when:
+ loadConfig(ServletApiProvisionDefaultsConfig)
+ then:
+ findFilter(SecurityContextHolderAwareRequestFilter) != null
+ }
- @Configuration
- static class ServletApiProvisionDefaultsConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- }
- }
+ @Configuration
+ static class ServletApiProvisionDefaultsConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ }
+ }
- def "http@use-expressions=true"() {
- when:
- loadConfig(UseExpressionsConfig)
- then:
- findFilter(FilterSecurityInterceptor).securityMetadataSource.class == ExpressionBasedFilterInvocationSecurityMetadataSource
- findFilter(FilterSecurityInterceptor).accessDecisionManager.decisionVoters.collect { it.class } == [WebExpressionVoter]
- }
+ def "http@use-expressions=true"() {
+ when:
+ loadConfig(UseExpressionsConfig)
+ then:
+ findFilter(FilterSecurityInterceptor).securityMetadataSource.class == ExpressionBasedFilterInvocationSecurityMetadataSource
+ findFilter(FilterSecurityInterceptor).accessDecisionManager.decisionVoters.collect { it.class } == [WebExpressionVoter]
+ }
- @EnableWebSecurity
- static class UseExpressionsConfig extends BaseWebConfig {
- protected void configure(HttpSecurity http) throws Exception {
- http
- .authorizeRequests()
- .antMatchers("/users**","/sessions/**").hasRole("USER")
- .antMatchers("/signup").permitAll()
- .anyRequest().hasRole("USER")
- }
- }
+ @EnableWebSecurity
+ static class UseExpressionsConfig extends BaseWebConfig {
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .authorizeRequests()
+ .antMatchers("/users**","/sessions/**").hasRole("USER")
+ .antMatchers("/signup").permitAll()
+ .anyRequest().hasRole("USER")
+ }
+ }
- def "http@use-expressions=false"() {
- when:
- loadConfig(DisableUseExpressionsConfig)
- then:
- findFilter(FilterSecurityInterceptor).securityMetadataSource.class == DefaultFilterInvocationSecurityMetadataSource
- findFilter(FilterSecurityInterceptor).accessDecisionManager.decisionVoters.collect { it.class } == [RoleVoter, AuthenticatedVoter]
- }
+ def "http@use-expressions=false"() {
+ when:
+ loadConfig(DisableUseExpressionsConfig)
+ then:
+ findFilter(FilterSecurityInterceptor).securityMetadataSource.class == DefaultFilterInvocationSecurityMetadataSource
+ findFilter(FilterSecurityInterceptor).accessDecisionManager.decisionVoters.collect { it.class } == [RoleVoter, AuthenticatedVoter]
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/BaseWebConfig.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/BaseWebConfig.groovy
index 81d09f3603..7d0699590d 100644
--- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/BaseWebConfig.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/BaseWebConfig.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -24,17 +24,17 @@ import org.springframework.security.config.annotation.authentication.builders.Au
*/
@EnableWebSecurity
public abstract class BaseWebConfig extends WebSecurityConfigurerAdapter {
- BaseWebConfig(boolean disableDefaults) {
- super(disableDefaults)
- }
+ BaseWebConfig(boolean disableDefaults) {
+ super(disableDefaults)
+ }
- BaseWebConfig() {
- }
+ BaseWebConfig() {
+ }
- protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- auth
- .inMemoryAuthentication()
- .withUser("user").password("password").roles("USER").and()
- .withUser("admin").password("password").roles("USER", "ADMIN");
- }
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ auth
+ .inMemoryAuthentication()
+ .withUser("user").password("password").roles("USER").and()
+ .withUser("admin").password("password").roles("USER", "ADMIN");
+ }
}
\ No newline at end of file
diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/Sec2515Tests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/Sec2515Tests.groovy
index e80059787a..7ee3a2bcd1 100644
--- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/Sec2515Tests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/Sec2515Tests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -28,86 +28,86 @@ import org.springframework.security.config.annotation.authentication.builders.Au
public class Sec2515Tests extends BaseSpringSpec {
- def "SEC-2515: Prevent StackOverflow with bean graph cycle"() {
- when:
- loadConfig(StackOverflowSecurityConfig)
- then:
- thrown(FatalBeanException)
- }
+ def "SEC-2515: Prevent StackOverflow with bean graph cycle"() {
+ when:
+ loadConfig(StackOverflowSecurityConfig)
+ then:
+ thrown(FatalBeanException)
+ }
- @EnableWebSecurity
- static class StackOverflowSecurityConfig extends WebSecurityConfigurerAdapter {
+ @EnableWebSecurity
+ static class StackOverflowSecurityConfig extends WebSecurityConfigurerAdapter {
- @Override
- @Bean
- public AuthenticationManager authenticationManagerBean()
- throws Exception {
- return super.authenticationManagerBean();
- }
- }
+ @Override
+ @Bean
+ public AuthenticationManager authenticationManagerBean()
+ throws Exception {
+ return super.authenticationManagerBean();
+ }
+ }
- def "Custom Name Prevent StackOverflow with bean graph cycle"() {
- when:
- loadConfig(StackOverflowSecurityConfig)
- then:
- thrown(FatalBeanException)
- }
+ def "Custom Name Prevent StackOverflow with bean graph cycle"() {
+ when:
+ loadConfig(StackOverflowSecurityConfig)
+ then:
+ thrown(FatalBeanException)
+ }
- @EnableWebSecurity
- static class CustomBeanNameStackOverflowSecurityConfig extends WebSecurityConfigurerAdapter {
+ @EnableWebSecurity
+ static class CustomBeanNameStackOverflowSecurityConfig extends WebSecurityConfigurerAdapter {
- @Override
- @Bean(name="custom")
- public AuthenticationManager authenticationManagerBean()
- throws Exception {
- return super.authenticationManagerBean();
- }
- }
+ @Override
+ @Bean(name="custom")
+ public AuthenticationManager authenticationManagerBean()
+ throws Exception {
+ return super.authenticationManagerBean();
+ }
+ }
- def "SEC-2549: Can load with child classloader"() {
- setup:
- CanLoadWithChildConfig.AM = Mock(AuthenticationManager)
- context = new AnnotationConfigApplicationContext()
- context.classLoader = new URLClassLoader(new URL[0], context.classLoader)
- context.register(CanLoadWithChildConfig)
- context.refresh()
- when:
- authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("user", "password"))
- then:
- noExceptionThrown()
- 1 * CanLoadWithChildConfig.AM.authenticate(_) >> new TestingAuthenticationToken("user","password","ROLE_USER")
- }
+ def "SEC-2549: Can load with child classloader"() {
+ setup:
+ CanLoadWithChildConfig.AM = Mock(AuthenticationManager)
+ context = new AnnotationConfigApplicationContext()
+ context.classLoader = new URLClassLoader(new URL[0], context.classLoader)
+ context.register(CanLoadWithChildConfig)
+ context.refresh()
+ when:
+ authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("user", "password"))
+ then:
+ noExceptionThrown()
+ 1 * CanLoadWithChildConfig.AM.authenticate(_) >> new TestingAuthenticationToken("user","password","ROLE_USER")
+ }
- @EnableWebSecurity
- static class CanLoadWithChildConfig extends WebSecurityConfigurerAdapter {
- static AuthenticationManager AM
- @Bean
- public AuthenticationManager am() {
- AM
- }
- }
+ @EnableWebSecurity
+ static class CanLoadWithChildConfig extends WebSecurityConfigurerAdapter {
+ static AuthenticationManager AM
+ @Bean
+ public AuthenticationManager am() {
+ AM
+ }
+ }
- def "SEC-2515: @Bean still works when configure(AuthenticationManagerBuilder) used"() {
- when:
- loadConfig(SecurityConfig)
- then:
- noExceptionThrown();
- }
+ def "SEC-2515: @Bean still works when configure(AuthenticationManagerBuilder) used"() {
+ when:
+ loadConfig(SecurityConfig)
+ then:
+ noExceptionThrown();
+ }
- @EnableWebSecurity
- static class SecurityConfig extends WebSecurityConfigurerAdapter {
+ @EnableWebSecurity
+ static class SecurityConfig extends WebSecurityConfigurerAdapter {
- @Override
- @Bean
- public AuthenticationManager authenticationManagerBean()
- throws Exception {
- return super.authenticationManagerBean();
- }
+ @Override
+ @Bean
+ public AuthenticationManager authenticationManagerBean()
+ throws Exception {
+ return super.authenticationManagerBean();
+ }
- @Override
- protected void configure(AuthenticationManagerBuilder auth)
- throws Exception {
- auth.inMemoryAuthentication()
- }
- }
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth)
+ throws Exception {
+ auth.inMemoryAuthentication()
+ }
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/Issue55Tests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/Issue55Tests.groovy
index 635c41b1e2..325a1a6c9c 100644
--- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/Issue55Tests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/Issue55Tests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -36,83 +36,83 @@ import org.springframework.stereotype.Component
*/
class Issue55Tests extends BaseSpringSpec {
- def "WebSecurityConfigurerAdapter defaults to @Autowired"() {
- setup:
- TestingAuthenticationToken token = new TestingAuthenticationToken("test", "this")
- when:
- loadConfig(WebSecurityConfigurerAdapterDefaultsAuthManagerConfig)
- then:
- context.getBean(FilterChainProxy)
- findFilter(FilterSecurityInterceptor).authenticationManager.authenticate(token) == CustomAuthenticationManager.RESULT
- }
+ def "WebSecurityConfigurerAdapter defaults to @Autowired"() {
+ setup:
+ TestingAuthenticationToken token = new TestingAuthenticationToken("test", "this")
+ when:
+ loadConfig(WebSecurityConfigurerAdapterDefaultsAuthManagerConfig)
+ then:
+ context.getBean(FilterChainProxy)
+ findFilter(FilterSecurityInterceptor).authenticationManager.authenticate(token) == CustomAuthenticationManager.RESULT
+ }
- @EnableWebSecurity
- static class WebSecurityConfigurerAdapterDefaultsAuthManagerConfig {
- @Component
- public static class WebSecurityAdapter extends WebSecurityConfigurerAdapter {
+ @EnableWebSecurity
+ static class WebSecurityConfigurerAdapterDefaultsAuthManagerConfig {
+ @Component
+ public static class WebSecurityAdapter extends WebSecurityConfigurerAdapter {
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .authorizeRequests()
- .anyRequest().hasRole("USER");
- }
- }
- @Configuration
- public static class AuthenticationManagerConfiguration {
- @Bean
- public AuthenticationManager authenticationManager() throws Exception {
- return new CustomAuthenticationManager();
- }
- }
- }
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .authorizeRequests()
+ .anyRequest().hasRole("USER");
+ }
+ }
+ @Configuration
+ public static class AuthenticationManagerConfiguration {
+ @Bean
+ public AuthenticationManager authenticationManager() throws Exception {
+ return new CustomAuthenticationManager();
+ }
+ }
+ }
- def "multi http WebSecurityConfigurerAdapter defaults to @Autowired"() {
- setup:
- TestingAuthenticationToken token = new TestingAuthenticationToken("test", "this")
- when:
- loadConfig(MultiWebSecurityConfigurerAdapterDefaultsAuthManagerConfig)
- then:
- context.getBean(FilterChainProxy)
- findFilter(FilterSecurityInterceptor).authenticationManager.authenticate(token) == CustomAuthenticationManager.RESULT
- findFilter(FilterSecurityInterceptor,1).authenticationManager.authenticate(token) == CustomAuthenticationManager.RESULT
- }
+ def "multi http WebSecurityConfigurerAdapter defaults to @Autowired"() {
+ setup:
+ TestingAuthenticationToken token = new TestingAuthenticationToken("test", "this")
+ when:
+ loadConfig(MultiWebSecurityConfigurerAdapterDefaultsAuthManagerConfig)
+ then:
+ context.getBean(FilterChainProxy)
+ findFilter(FilterSecurityInterceptor).authenticationManager.authenticate(token) == CustomAuthenticationManager.RESULT
+ findFilter(FilterSecurityInterceptor,1).authenticationManager.authenticate(token) == CustomAuthenticationManager.RESULT
+ }
- @EnableWebSecurity
- static class MultiWebSecurityConfigurerAdapterDefaultsAuthManagerConfig {
- @Component
- @Order(1)
- public static class ApiWebSecurityAdapter extends WebSecurityConfigurerAdapter {
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .antMatcher("/api/**")
- .authorizeRequests()
- .anyRequest().hasRole("USER");
- }
- }
- @Component
- public static class WebSecurityAdapter extends WebSecurityConfigurerAdapter {
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .authorizeRequests()
- .anyRequest().hasRole("USER");
- }
- }
- @Configuration
- public static class AuthenticationManagerConfiguration {
- @Bean
- public AuthenticationManager authenticationManager() throws Exception {
- return new CustomAuthenticationManager();
- }
- }
- }
+ @EnableWebSecurity
+ static class MultiWebSecurityConfigurerAdapterDefaultsAuthManagerConfig {
+ @Component
+ @Order(1)
+ public static class ApiWebSecurityAdapter extends WebSecurityConfigurerAdapter {
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .antMatcher("/api/**")
+ .authorizeRequests()
+ .anyRequest().hasRole("USER");
+ }
+ }
+ @Component
+ public static class WebSecurityAdapter extends WebSecurityConfigurerAdapter {
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .authorizeRequests()
+ .anyRequest().hasRole("USER");
+ }
+ }
+ @Configuration
+ public static class AuthenticationManagerConfiguration {
+ @Bean
+ public AuthenticationManager authenticationManager() throws Exception {
+ return new CustomAuthenticationManager();
+ }
+ }
+ }
- static class CustomAuthenticationManager implements AuthenticationManager {
- static Authentication RESULT = new TestingAuthenticationToken("test", "this","ROLE_USER")
- public Authentication authenticate(Authentication authentication) throws AuthenticationException {
- return RESULT;
- }
- }
+ static class CustomAuthenticationManager implements AuthenticationManager {
+ static Authentication RESULT = new TestingAuthenticationToken("test", "this","ROLE_USER")
+ public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+ return RESULT;
+ }
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/debug/AuthProviderDependency.groovy b/config/src/test/groovy/org/springframework/security/config/debug/AuthProviderDependency.groovy
index ca5c47e1b1..25acb45216 100644
--- a/config/src/test/groovy/org/springframework/security/config/debug/AuthProviderDependency.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/debug/AuthProviderDependency.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
diff --git a/config/src/test/groovy/org/springframework/security/config/debug/TestAuthenticationProvider.groovy b/config/src/test/groovy/org/springframework/security/config/debug/TestAuthenticationProvider.groovy
index 0cb8ce8176..8f310c9e6e 100644
--- a/config/src/test/groovy/org/springframework/security/config/debug/TestAuthenticationProvider.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/debug/TestAuthenticationProvider.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -29,15 +29,15 @@ import org.springframework.stereotype.Service
@Service("authProvider")
public class TestAuthenticationProvider implements AuthenticationProvider {
- @Autowired
- public TestAuthenticationProvider(AuthProviderDependency authProviderDependency) {
- }
+ @Autowired
+ public TestAuthenticationProvider(AuthProviderDependency authProviderDependency) {
+ }
- public Authentication authenticate(Authentication authentication) throws AuthenticationException {
- throw new UnsupportedOperationException();
- }
+ public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+ throw new UnsupportedOperationException();
+ }
- public boolean supports(Class authentication) {
- throw new UnsupportedOperationException();
- }
+ public boolean supports(Class authentication) {
+ throw new UnsupportedOperationException();
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/doc/Attribute.groovy b/config/src/test/groovy/org/springframework/security/config/doc/Attribute.groovy
index 6ec02e4011..3dd3eb552f 100644
--- a/config/src/test/groovy/org/springframework/security/config/doc/Attribute.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/doc/Attribute.groovy
@@ -23,11 +23,11 @@ package org.springframework.security.config.doc
* @see XsdDocumentedSpec
*/
class Attribute {
- def name
- def desc
- def elmt
+ def name
+ def desc
+ def elmt
- def getId() {
- return "${elmt.id}-${name}".toString()
- }
+ def getId() {
+ return "${elmt.id}-${name}".toString()
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/doc/Element.groovy b/config/src/test/groovy/org/springframework/security/config/doc/Element.groovy
index 225eff05a9..f62ee0f381 100644
--- a/config/src/test/groovy/org/springframework/security/config/doc/Element.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/doc/Element.groovy
@@ -23,68 +23,68 @@ package org.springframework.security.config.doc
* @see XsdDocumentedSpec
*/
class Element {
- def name
- def desc
- def attrs
- /**
- * Contains the elements that extend this element (i.e. any-user-service contains ldap-user-service)
- */
- def subGrps = []
- def childElmts = [:]
- def parentElmts = [:]
+ def name
+ def desc
+ def attrs
+ /**
+ * Contains the elements that extend this element (i.e. any-user-service contains ldap-user-service)
+ */
+ def subGrps = []
+ def childElmts = [:]
+ def parentElmts = [:]
- def getId() {
- return "nsa-${name}".toString()
- }
+ def getId() {
+ return "nsa-${name}".toString()
+ }
- /**
- * Gets all the ids related to this Element including attributes, parent elements, and child elements.
- *
- *
- * The expected ids to be found are documented below.
- *
- * - Elements - any xml element will have the nsa-<element>. For example the http element will have the id
- * nsa-http
- * - Parent Section - Any element with a parent other than beans will have a section named
- * nsa-<element>-parents. For example, authentication-provider would have a section id of
- * nsa-authentication-provider-parents. The section would then contain a list of links pointing to the
- * documentation for each parent element.
- * - Attributes Section - Any element with attributes will have a section with the id
- * nsa-<element>-attributes. For example the http element would require a section with the id
- * http-attributes.
- * - Attribute - Each attribute of an element would have an id of nsa-<element>-<attributeName>. For
- * example the attribute create-session for the http attribute would have the id http-create-session.
- * - Child Section - Any element with a child element will have a section named nsa-<element>-children.
- * For example, authentication-provider would have a section id of nsa-authentication-provider-children. The
- * section would then contain a list of links pointing to the documentation for each child element.
- *
- * @return
- */
- def getIds() {
- def ids = [id]
- childElmts.values()*.ids.each { ids.addAll it }
- attrs*.id.each { ids.add it }
- if(childElmts) {
- ids.add id+'-children'
- }
- if(attrs) {
- ids.add id+'-attributes'
- }
- if(parentElmts) {
- ids.add id+'-parents'
- }
- ids
- }
+ /**
+ * Gets all the ids related to this Element including attributes, parent elements, and child elements.
+ *
+ *
+ * The expected ids to be found are documented below.
+ *
+ * - Elements - any xml element will have the nsa-<element>. For example the http element will have the id
+ * nsa-http
+ * - Parent Section - Any element with a parent other than beans will have a section named
+ * nsa-<element>-parents. For example, authentication-provider would have a section id of
+ * nsa-authentication-provider-parents. The section would then contain a list of links pointing to the
+ * documentation for each parent element.
+ * - Attributes Section - Any element with attributes will have a section with the id
+ * nsa-<element>-attributes. For example the http element would require a section with the id
+ * http-attributes.
+ * - Attribute - Each attribute of an element would have an id of nsa-<element>-<attributeName>. For
+ * example the attribute create-session for the http attribute would have the id http-create-session.
+ * - Child Section - Any element with a child element will have a section named nsa-<element>-children.
+ * For example, authentication-provider would have a section id of nsa-authentication-provider-children. The
+ * section would then contain a list of links pointing to the documentation for each child element.
+ *
+ * @return
+ */
+ def getIds() {
+ def ids = [id]
+ childElmts.values()*.ids.each { ids.addAll it }
+ attrs*.id.each { ids.add it }
+ if(childElmts) {
+ ids.add id+'-children'
+ }
+ if(attrs) {
+ ids.add id+'-attributes'
+ }
+ if(parentElmts) {
+ ids.add id+'-parents'
+ }
+ ids
+ }
- def getAllChildElmts() {
- def result = [:]
- childElmts.values()*.subGrps*.each { elmt -> result.put(elmt.name,elmt) }
- result + childElmts
- }
+ def getAllChildElmts() {
+ def result = [:]
+ childElmts.values()*.subGrps*.each { elmt -> result.put(elmt.name,elmt) }
+ result + childElmts
+ }
- def getAllParentElmts() {
- def result = [:]
- parentElmts.values()*.subGrps*.each { elmt -> result.put(elmt.name,elmt) }
- result + parentElmts
- }
+ def getAllParentElmts() {
+ def result = [:]
+ parentElmts.values()*.subGrps*.each { elmt -> result.put(elmt.name,elmt) }
+ result + parentElmts
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/doc/SpringSecurityXsdParser.groovy b/config/src/test/groovy/org/springframework/security/config/doc/SpringSecurityXsdParser.groovy
index 013f044c11..d6d3b4e233 100644
--- a/config/src/test/groovy/org/springframework/security/config/doc/SpringSecurityXsdParser.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/doc/SpringSecurityXsdParser.groovy
@@ -23,155 +23,155 @@ import groovy.xml.Namespace
* @author Rob Winch
*/
class SpringSecurityXsdParser {
- private def rootElement
+ private def rootElement
- private def xs = new Namespace("http://www.w3.org/2001/XMLSchema", 'xs')
- private def attrElmts = [] as Set
- private def elementNameToElement = [:] as Map
+ private def xs = new Namespace("http://www.w3.org/2001/XMLSchema", 'xs')
+ private def attrElmts = [] as Set
+ private def elementNameToElement = [:] as Map
- /**
- * Returns a map of the element name to the {@link Element}.
- * @return
- */
- Map parse() {
- elements(rootElement)
- elementNameToElement
- }
+ /**
+ * Returns a map of the element name to the {@link Element}.
+ * @return
+ */
+ Map parse() {
+ elements(rootElement)
+ elementNameToElement
+ }
- /**
- * Creates a Map of the name to an Element object of all the children of element.
- *
- * @param element
- * @return
- */
- private def elements(element) {
- def elementNameToElement = [:] as Map
- element.children().each { c->
- if(c.name() == 'element') {
- def e = elmt(c)
- elementNameToElement.put(e.name,e)
- } else {
- elementNameToElement.putAll(elements(c))
- }
- }
- elementNameToElement
- }
+ /**
+ * Creates a Map of the name to an Element object of all the children of element.
+ *
+ * @param element
+ * @return
+ */
+ private def elements(element) {
+ def elementNameToElement = [:] as Map
+ element.children().each { c->
+ if(c.name() == 'element') {
+ def e = elmt(c)
+ elementNameToElement.put(e.name,e)
+ } else {
+ elementNameToElement.putAll(elements(c))
+ }
+ }
+ elementNameToElement
+ }
- /**
- * Any children that are attribute will be returned as an Attribute object.
- * @param element
- * @return a collection of Attribute objects that are children of element.
- */
- private def attrs(element) {
- def r = []
- element.children().each { c->
- if(c.name() == 'attribute') {
- r.add(attr(c))
- }else if(c.name() == 'element') {
- }else {
- r.addAll(attrs(c))
- }
- }
- r
- }
+ /**
+ * Any children that are attribute will be returned as an Attribute object.
+ * @param element
+ * @return a collection of Attribute objects that are children of element.
+ */
+ private def attrs(element) {
+ def r = []
+ element.children().each { c->
+ if(c.name() == 'attribute') {
+ r.add(attr(c))
+ }else if(c.name() == 'element') {
+ }else {
+ r.addAll(attrs(c))
+ }
+ }
+ r
+ }
- /**
- * Any children will be searched for an attributeGroup, each of it's children will be returned as an Attribute
- * @param element
- * @return
- */
- private def attrgrps(element) {
- def r = []
- element.children().each { c->
- if(c.name() == 'element') {
- }else if (c.name() == 'attributeGroup') {
- if(c.attributes().get('name')) {
- r.addAll(attrgrp(c))
- } else {
- def n = c.attributes().get('ref').split(':')[1]
- def attrGrp = findNode(element,n)
- r.addAll(attrgrp(attrGrp))
- }
- } else {
- r.addAll(attrgrps(c))
- }
- }
- r
- }
+ /**
+ * Any children will be searched for an attributeGroup, each of it's children will be returned as an Attribute
+ * @param element
+ * @return
+ */
+ private def attrgrps(element) {
+ def r = []
+ element.children().each { c->
+ if(c.name() == 'element') {
+ }else if (c.name() == 'attributeGroup') {
+ if(c.attributes().get('name')) {
+ r.addAll(attrgrp(c))
+ } else {
+ def n = c.attributes().get('ref').split(':')[1]
+ def attrGrp = findNode(element,n)
+ r.addAll(attrgrp(attrGrp))
+ }
+ } else {
+ r.addAll(attrgrps(c))
+ }
+ }
+ r
+ }
- private def findNode(c,name) {
- def root = c
- while(root.name() != 'schema') {
- root = root.parent()
- }
- def result = root.breadthFirst().find { child-> name == child.@name?.text() }
- assert result?.@name?.text() == name
- result
- }
+ private def findNode(c,name) {
+ def root = c
+ while(root.name() != 'schema') {
+ root = root.parent()
+ }
+ def result = root.breadthFirst().find { child-> name == child.@name?.text() }
+ assert result?.@name?.text() == name
+ result
+ }
- /**
- * Processes an individual attributeGroup by obtaining all the attributes and then looking for more attributeGroup elements and prcessing them.
- * @param e
- * @return all the attributes for a specific attributeGroup and any child attributeGroups
- */
- private def attrgrp(e) {
- def attrs = attrs(e)
- attrs.addAll(attrgrps(e))
- attrs
- }
+ /**
+ * Processes an individual attributeGroup by obtaining all the attributes and then looking for more attributeGroup elements and prcessing them.
+ * @param e
+ * @return all the attributes for a specific attributeGroup and any child attributeGroups
+ */
+ private def attrgrp(e) {
+ def attrs = attrs(e)
+ attrs.addAll(attrgrps(e))
+ attrs
+ }
- /**
- * Obtains the description for a specific element
- * @param element
- * @return
- */
- private def desc(element) {
- return element['annotation']['documentation']
- }
+ /**
+ * Obtains the description for a specific element
+ * @param element
+ * @return
+ */
+ private def desc(element) {
+ return element['annotation']['documentation']
+ }
- /**
- * Given an element creates an attribute from it.
- * @param n
- * @return
- */
- private def attr(n) {
- new Attribute(desc: desc(n), name: n.@name.text())
- }
+ /**
+ * Given an element creates an attribute from it.
+ * @param n
+ * @return
+ */
+ private def attr(n) {
+ new Attribute(desc: desc(n), name: n.@name.text())
+ }
- /**
- * Given an element creates an Element out of it by collecting all its attributes and child elements.
- *
- * @param n
- * @return
- */
- private def elmt(n) {
- def name = n.@ref.text()
- if(name) {
- name = name.split(':')[1]
- n = findNode(n,name)
- } else {
- name = n.@name.text()
- }
- if(elementNameToElement.containsKey(name)) {
- return elementNameToElement.get(name)
- }
- attrElmts.add(name)
- def e = new Element()
- e.name = n.@name.text()
- e.desc = desc(n)
- e.childElmts = elements(n)
- e.attrs = attrs(n)
- e.attrs.addAll(attrgrps(n))
- e.attrs*.elmt = e
- e.childElmts.values()*.each { it.parentElmts.put(e.name,e) }
+ /**
+ * Given an element creates an Element out of it by collecting all its attributes and child elements.
+ *
+ * @param n
+ * @return
+ */
+ private def elmt(n) {
+ def name = n.@ref.text()
+ if(name) {
+ name = name.split(':')[1]
+ n = findNode(n,name)
+ } else {
+ name = n.@name.text()
+ }
+ if(elementNameToElement.containsKey(name)) {
+ return elementNameToElement.get(name)
+ }
+ attrElmts.add(name)
+ def e = new Element()
+ e.name = n.@name.text()
+ e.desc = desc(n)
+ e.childElmts = elements(n)
+ e.attrs = attrs(n)
+ e.attrs.addAll(attrgrps(n))
+ e.attrs*.elmt = e
+ e.childElmts.values()*.each { it.parentElmts.put(e.name,e) }
- def subGrpName = n.@substitutionGroup.text()
- if(subGrpName) {
- def subGrp = elmt(findNode(n,subGrpName.split(":")[1]))
- subGrp.subGrps.add(e)
- }
+ def subGrpName = n.@substitutionGroup.text()
+ if(subGrpName) {
+ def subGrp = elmt(findNode(n,subGrpName.split(":")[1]))
+ subGrp.subGrps.add(e)
+ }
- elementNameToElement.put(name,e)
- e
- }
+ elementNameToElement.put(name,e)
+ e
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/doc/XsdDocumentedTests.groovy b/config/src/test/groovy/org/springframework/security/config/doc/XsdDocumentedTests.groovy
index c0c8f70c64..efb81264ce 100644
--- a/config/src/test/groovy/org/springframework/security/config/doc/XsdDocumentedTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/doc/XsdDocumentedTests.groovy
@@ -29,167 +29,167 @@ import spock.lang.*
*/
class XsdDocumentedTests extends Specification {
- def ignoredIds = ['nsa-any-user-service','nsa-any-user-service-parents','nsa-authentication','nsa-websocket-security','nsa-ldap','nsa-method-security','nsa-web']
- @Shared def reference = new File('../docs/manual/src/docs/asciidoc/index.adoc')
+ def ignoredIds = ['nsa-any-user-service','nsa-any-user-service-parents','nsa-authentication','nsa-websocket-security','nsa-ldap','nsa-method-security','nsa-web']
+ @Shared def reference = new File('../docs/manual/src/docs/asciidoc/index.adoc')
- @Shared File schema31xDocument = new File('src/main/resources/org/springframework/security/config/spring-security-3.1.xsd')
- @Shared File schemaDocument = new File('src/main/resources/org/springframework/security/config/spring-security-4.0.xsd')
- @Shared Map elementNameToElement
- @Shared GPathResult schemaRootElement
+ @Shared File schema31xDocument = new File('src/main/resources/org/springframework/security/config/spring-security-3.1.xsd')
+ @Shared File schemaDocument = new File('src/main/resources/org/springframework/security/config/spring-security-4.0.xsd')
+ @Shared Map elementNameToElement
+ @Shared GPathResult schemaRootElement
- def setupSpec() {
- schemaRootElement = new XmlSlurper().parse(schemaDocument)
- elementNameToElement = new SpringSecurityXsdParser(rootElement: schemaRootElement).parse()
- }
+ def setupSpec() {
+ schemaRootElement = new XmlSlurper().parse(schemaDocument)
+ elementNameToElement = new SpringSecurityXsdParser(rootElement: schemaRootElement).parse()
+ }
- def cleanupSpec() {
- reference = null
- schema31xDocument = null
- schemaDocument = null
- elementNameToElement = null
- schemaRootElement = null
- }
+ def cleanupSpec() {
+ reference = null
+ schema31xDocument = null
+ schemaDocument = null
+ elementNameToElement = null
+ schemaRootElement = null
+ }
- def 'SEC-2139: named-security-filter are all defined and ordered properly'() {
- setup:
- def expectedFilters = (EnumSet.allOf(SecurityFilters) as List).sort { it.order }
- when:
- def nsf = schemaRootElement.simpleType.find { it.@name == 'named-security-filter' }
- def nsfValues = nsf.children().children().collect { c ->
- Enum.valueOf(SecurityFilters, c.@value.toString())
- }
- then:
- expectedFilters == nsfValues
- }
+ def 'SEC-2139: named-security-filter are all defined and ordered properly'() {
+ setup:
+ def expectedFilters = (EnumSet.allOf(SecurityFilters) as List).sort { it.order }
+ when:
+ def nsf = schemaRootElement.simpleType.find { it.@name == 'named-security-filter' }
+ def nsfValues = nsf.children().children().collect { c ->
+ Enum.valueOf(SecurityFilters, c.@value.toString())
+ }
+ then:
+ expectedFilters == nsfValues
+ }
- def 'SEC-2139: 3.1.x named-security-filter are all defined and ordered properly'() {
- setup:
- def expectedFilters = ["FIRST", "CHANNEL_FILTER", "SECURITY_CONTEXT_FILTER", "CONCURRENT_SESSION_FILTER", "LOGOUT_FILTER", "X509_FILTER",
- "PRE_AUTH_FILTER", "CAS_FILTER", "FORM_LOGIN_FILTER", "OPENID_FILTER", "LOGIN_PAGE_FILTER", "DIGEST_AUTH_FILTER","BASIC_AUTH_FILTER",
- "REQUEST_CACHE_FILTER", "SERVLET_API_SUPPORT_FILTER", "JAAS_API_SUPPORT_FILTER", "REMEMBER_ME_FILTER", "ANONYMOUS_FILTER",
- "SESSION_MANAGEMENT_FILTER", "EXCEPTION_TRANSLATION_FILTER", "FILTER_SECURITY_INTERCEPTOR", "SWITCH_USER_FILTER", "LAST"].collect {
- Enum.valueOf(SecurityFilters, it)
- }
- def schema31xRootElement = new XmlSlurper().parse(schema31xDocument)
- when:
- def nsf = schema31xRootElement.simpleType.find { it.@name == 'named-security-filter' }
- def nsfValues = nsf.children().children().collect { c ->
- Enum.valueOf(SecurityFilters, c.@value.toString())
- }
- then:
- expectedFilters == nsfValues
- }
+ def 'SEC-2139: 3.1.x named-security-filter are all defined and ordered properly'() {
+ setup:
+ def expectedFilters = ["FIRST", "CHANNEL_FILTER", "SECURITY_CONTEXT_FILTER", "CONCURRENT_SESSION_FILTER", "LOGOUT_FILTER", "X509_FILTER",
+ "PRE_AUTH_FILTER", "CAS_FILTER", "FORM_LOGIN_FILTER", "OPENID_FILTER", "LOGIN_PAGE_FILTER", "DIGEST_AUTH_FILTER","BASIC_AUTH_FILTER",
+ "REQUEST_CACHE_FILTER", "SERVLET_API_SUPPORT_FILTER", "JAAS_API_SUPPORT_FILTER", "REMEMBER_ME_FILTER", "ANONYMOUS_FILTER",
+ "SESSION_MANAGEMENT_FILTER", "EXCEPTION_TRANSLATION_FILTER", "FILTER_SECURITY_INTERCEPTOR", "SWITCH_USER_FILTER", "LAST"].collect {
+ Enum.valueOf(SecurityFilters, it)
+ }
+ def schema31xRootElement = new XmlSlurper().parse(schema31xDocument)
+ when:
+ def nsf = schema31xRootElement.simpleType.find { it.@name == 'named-security-filter' }
+ def nsfValues = nsf.children().children().collect { c ->
+ Enum.valueOf(SecurityFilters, c.@value.toString())
+ }
+ then:
+ expectedFilters == nsfValues
+ }
- /**
- * This will check to ensure that the expected number of xsd documents are found to ensure that we are validating
- * against the current xsd document. If this test fails, all that is needed is to update the schemaDocument
- * and the expected size for this test.
- * @return
- */
- def 'the latest schema is being validated'() {
- when: 'all the schemas are found'
- def schemas = schemaDocument.getParentFile().list().findAll { it.endsWith('.xsd') }
- then: 'the count is equal to 8, if not then schemaDocument needs updated'
- schemas.size() == 9
- }
+ /**
+ * This will check to ensure that the expected number of xsd documents are found to ensure that we are validating
+ * against the current xsd document. If this test fails, all that is needed is to update the schemaDocument
+ * and the expected size for this test.
+ * @return
+ */
+ def 'the latest schema is being validated'() {
+ when: 'all the schemas are found'
+ def schemas = schemaDocument.getParentFile().list().findAll { it.endsWith('.xsd') }
+ then: 'the count is equal to 8, if not then schemaDocument needs updated'
+ schemas.size() == 9
+ }
- /**
- * This uses a naming convention for the ids of the appendix to ensure that the entire appendix is documented.
- * The naming convention for the ids is documented in {@link Element#getIds()}.
- * @return
- */
- def 'the entire schema is included in the appendix documentation'() {
- setup: 'get all the documented ids and the expected ids'
- def documentedIds = []
- reference.eachLine { line ->
- if(line.matches("\\[\\[(nsa-.*)\\]\\]")) {
- documentedIds.add(line.substring(2,line.length() - 2))
- }
- }
- when: 'the schema is compared to the appendix documentation'
- def expectedIds = [] as Set
- elementNameToElement*.value*.ids*.each { expectedIds.addAll it }
- documentedIds.removeAll ignoredIds
- expectedIds.removeAll ignoredIds
- def undocumentedIds = (expectedIds - documentedIds)
- def shouldNotBeDocumented = (documentedIds - expectedIds)
- then: 'all the elements and attributes are documented'
- shouldNotBeDocumented.empty
- undocumentedIds.empty
- }
+ /**
+ * This uses a naming convention for the ids of the appendix to ensure that the entire appendix is documented.
+ * The naming convention for the ids is documented in {@link Element#getIds()}.
+ * @return
+ */
+ def 'the entire schema is included in the appendix documentation'() {
+ setup: 'get all the documented ids and the expected ids'
+ def documentedIds = []
+ reference.eachLine { line ->
+ if(line.matches("\\[\\[(nsa-.*)\\]\\]")) {
+ documentedIds.add(line.substring(2,line.length() - 2))
+ }
+ }
+ when: 'the schema is compared to the appendix documentation'
+ def expectedIds = [] as Set
+ elementNameToElement*.value*.ids*.each { expectedIds.addAll it }
+ documentedIds.removeAll ignoredIds
+ expectedIds.removeAll ignoredIds
+ def undocumentedIds = (expectedIds - documentedIds)
+ def shouldNotBeDocumented = (documentedIds - expectedIds)
+ then: 'all the elements and attributes are documented'
+ shouldNotBeDocumented.empty
+ undocumentedIds.empty
+ }
- /**
- * This test ensures that any element that has children or parents contains a section that has links pointing to that
- * documentation.
- * @return
- */
- def 'validate parents and children are linked in the appendix documentation'() {
- when: "get all the links for each element's children and parents"
- def docAttrNameToChildren = [:]
- def docAttrNameToParents = [:]
+ /**
+ * This test ensures that any element that has children or parents contains a section that has links pointing to that
+ * documentation.
+ * @return
+ */
+ def 'validate parents and children are linked in the appendix documentation'() {
+ when: "get all the links for each element's children and parents"
+ def docAttrNameToChildren = [:]
+ def docAttrNameToParents = [:]
- def currentDocAttrNameToElmt
- def docAttrName
+ def currentDocAttrNameToElmt
+ def docAttrName
- reference.eachLine { line ->
- if(line.matches('^\\[\\[.*\\]\\]$')) {
- def id = line.substring(2,line.length() - 2)
- if(id.endsWith("-children")) {
- docAttrName = id.substring(0,id.length() - 9)
- currentDocAttrNameToElmt = docAttrNameToChildren
- } else if(id.endsWith("-parents")) {
- docAttrName = id.substring(0,id.length() - 8)
- currentDocAttrNameToElmt = docAttrNameToParents
- } else if(docAttrName && !id.startsWith(docAttrName)) {
- currentDocAttrNameToElmt = null
- docAttrName = null
- }
- }
+ reference.eachLine { line ->
+ if(line.matches('^\\[\\[.*\\]\\]$')) {
+ def id = line.substring(2,line.length() - 2)
+ if(id.endsWith("-children")) {
+ docAttrName = id.substring(0,id.length() - 9)
+ currentDocAttrNameToElmt = docAttrNameToChildren
+ } else if(id.endsWith("-parents")) {
+ docAttrName = id.substring(0,id.length() - 8)
+ currentDocAttrNameToElmt = docAttrNameToParents
+ } else if(docAttrName && !id.startsWith(docAttrName)) {
+ currentDocAttrNameToElmt = null
+ docAttrName = null
+ }
+ }
- if(docAttrName) {
- def expression = '^\\* <<(nsa-.*),.*>>$'
- if(line.matches(expression)) {
- String elmtId = line.replaceAll(expression, '$1')
- currentDocAttrNameToElmt.get(docAttrName, []).add(elmtId)
- }
- }
- }
+ if(docAttrName) {
+ def expression = '^\\* <<(nsa-.*),.*>>$'
+ if(line.matches(expression)) {
+ String elmtId = line.replaceAll(expression, '$1')
+ currentDocAttrNameToElmt.get(docAttrName, []).add(elmtId)
+ }
+ }
+ }
- def schemaAttrNameToParents = [:]
- def schemaAttrNameToChildren = [:]
- elementNameToElement.each { entry ->
- def key = 'nsa-'+entry.key
- if(ignoredIds.contains(key)) {
- return
- }
- def parentIds = entry.value.allParentElmts.values()*.id.findAll { !ignoredIds.contains(it) }.sort()
- if(parentIds) {
- schemaAttrNameToParents.put(key,parentIds)
- }
- def childIds = entry.value.allChildElmts.values()*.id.findAll { !ignoredIds.contains(it) }.sort()
- if(childIds) {
- schemaAttrNameToChildren.put(key,childIds)
- }
- }
- then: "the expected parents and children are all documented"
- schemaAttrNameToChildren.sort() == docAttrNameToChildren.sort()
- schemaAttrNameToParents.sort() == docAttrNameToParents.sort()
- }
+ def schemaAttrNameToParents = [:]
+ def schemaAttrNameToChildren = [:]
+ elementNameToElement.each { entry ->
+ def key = 'nsa-'+entry.key
+ if(ignoredIds.contains(key)) {
+ return
+ }
+ def parentIds = entry.value.allParentElmts.values()*.id.findAll { !ignoredIds.contains(it) }.sort()
+ if(parentIds) {
+ schemaAttrNameToParents.put(key,parentIds)
+ }
+ def childIds = entry.value.allChildElmts.values()*.id.findAll { !ignoredIds.contains(it) }.sort()
+ if(childIds) {
+ schemaAttrNameToChildren.put(key,childIds)
+ }
+ }
+ then: "the expected parents and children are all documented"
+ schemaAttrNameToChildren.sort() == docAttrNameToChildren.sort()
+ schemaAttrNameToParents.sort() == docAttrNameToParents.sort()
+ }
- /**
- * This test checks each xsd element and ensures there is documentation for it.
- * @return
- */
- def 'entire xsd is documented'() {
- when: "validate that the entire xsd contains documentation"
- def notDocElmtIds = elementNameToElement.values().findAll {
- !it.desc.text() && !ignoredIds.contains(it.id)
- }*.id.sort().join("\n")
- def notDocAttrIds = elementNameToElement.values()*.attrs.flatten().findAll {
- !it.desc.text() && !ignoredIds.contains(it.id)
- }*.id.sort().join("\n")
- then: "all the elements and attributes have some documentation"
- !notDocElmtIds
- !notDocAttrIds
- }
+ /**
+ * This test checks each xsd element and ensures there is documentation for it.
+ * @return
+ */
+ def 'entire xsd is documented'() {
+ when: "validate that the entire xsd contains documentation"
+ def notDocElmtIds = elementNameToElement.values().findAll {
+ !it.desc.text() && !ignoredIds.contains(it.id)
+ }*.id.sort().join("\n")
+ def notDocAttrIds = elementNameToElement.values()*.attrs.flatten().findAll {
+ !it.desc.text() && !ignoredIds.contains(it.id)
+ }*.id.sort().join("\n")
+ then: "all the elements and attributes have some documentation"
+ !notDocElmtIds
+ !notDocAttrIds
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/http/AbstractHttpConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/AbstractHttpConfigTests.groovy
index 976d96c409..fc3e73baaa 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/AbstractHttpConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/AbstractHttpConfigTests.groovy
@@ -28,55 +28,55 @@ import javax.servlet.http.HttpServletRequest
*
*/
abstract class AbstractHttpConfigTests extends AbstractXmlConfigTests {
- final int AUTO_CONFIG_FILTERS = 14;
+ final int AUTO_CONFIG_FILTERS = 14;
- def httpAutoConfig(Closure c) {
- xml.http(['auto-config': 'true', 'use-expressions':false], c)
- }
+ def httpAutoConfig(Closure c) {
+ xml.http(['auto-config': 'true', 'use-expressions':false], c)
+ }
- def httpAutoConfig(String matcher, Closure c) {
- xml.http(['auto-config': 'true', 'use-expressions':false, 'request-matcher': matcher], c)
- }
+ def httpAutoConfig(String matcher, Closure c) {
+ xml.http(['auto-config': 'true', 'use-expressions':false, 'request-matcher': matcher], c)
+ }
- def interceptUrl(String path, String authz) {
- xml.'intercept-url'(pattern: path, access: authz)
- }
+ def interceptUrl(String path, String authz) {
+ xml.'intercept-url'(pattern: path, access: authz)
+ }
- def interceptUrl(String path, String httpMethod, String authz) {
- xml.'intercept-url'(pattern: path, method: httpMethod, access: authz)
- }
+ def interceptUrl(String path, String httpMethod, String authz) {
+ xml.'intercept-url'(pattern: path, method: httpMethod, access: authz)
+ }
- Filter getFilter(Class type) {
- List filters = getFilters("/any");
+ Filter getFilter(Class type) {
+ List filters = getFilters("/any");
- for (f in filters) {
- if (f.class.isAssignableFrom(type)) {
- return f;
- }
- }
+ for (f in filters) {
+ if (f.class.isAssignableFrom(type)) {
+ return f;
+ }
+ }
- return null;
- }
+ return null;
+ }
- List getFilters(String url) {
- springSecurityFilterChain.getFilters(url)
- }
+ List getFilters(String url) {
+ springSecurityFilterChain.getFilters(url)
+ }
- Filter getSpringSecurityFilterChain() {
- appContext.getBean(BeanIds.FILTER_CHAIN_PROXY)
- }
+ Filter getSpringSecurityFilterChain() {
+ appContext.getBean(BeanIds.FILTER_CHAIN_PROXY)
+ }
- FilterInvocation createFilterinvocation(String path, String method) {
- MockHttpServletRequest request = new MockHttpServletRequest();
- request.setMethod(method);
- request.setRequestURI(null);
- request.setServletPath(path);
+ FilterInvocation createFilterinvocation(String path, String method) {
+ MockHttpServletRequest request = new MockHttpServletRequest();
+ request.setMethod(method);
+ request.setRequestURI(null);
+ request.setServletPath(path);
- return new FilterInvocation(request, new MockHttpServletResponse(), new MockFilterChain());
- }
+ return new FilterInvocation(request, new MockHttpServletResponse(), new MockFilterChain());
+ }
- def basicLogin(HttpServletRequest request, String username="user",String password="password") {
- def credentials = username + ":" + password
- request.addHeader("Authorization", "Basic " + credentials.bytes.encodeBase64())
- }
+ def basicLogin(HttpServletRequest request, String username="user",String password="password") {
+ def credentials = username + ":" + password
+ request.addHeader("Authorization", "Basic " + credentials.bytes.encodeBase64())
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/http/AccessDeniedConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/AccessDeniedConfigTests.groovy
index 33d0e5b27b..b084d7888f 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/AccessDeniedConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/AccessDeniedConfigTests.groovy
@@ -10,38 +10,38 @@ import org.springframework.security.web.access.ExceptionTranslationFilter
* @author Luke Taylor
*/
class AccessDeniedConfigTests extends AbstractHttpConfigTests {
- def invalidAccessDeniedUrlIsDetected() {
- when:
- httpAutoConfig() {
- 'access-denied-handler'('error-page':'noLeadingSlash')
- }
- createAppContext();
- then:
- thrown(BeanCreationException)
- }
+ def invalidAccessDeniedUrlIsDetected() {
+ when:
+ httpAutoConfig() {
+ 'access-denied-handler'('error-page':'noLeadingSlash')
+ }
+ createAppContext();
+ then:
+ thrown(BeanCreationException)
+ }
- def accessDeniedHandlerIsSetCorectly() {
- httpAutoConfig() {
- 'access-denied-handler'(ref: 'adh')
- }
- bean('adh', AccessDeniedHandlerImpl)
- createAppContext();
+ def accessDeniedHandlerIsSetCorectly() {
+ httpAutoConfig() {
+ 'access-denied-handler'(ref: 'adh')
+ }
+ bean('adh', AccessDeniedHandlerImpl)
+ createAppContext();
- def filter = getFilter(ExceptionTranslationFilter.class);
- def adh = appContext.getBean("adh");
+ def filter = getFilter(ExceptionTranslationFilter.class);
+ def adh = appContext.getBean("adh");
- expect:
- filter.accessDeniedHandler == adh
- }
+ expect:
+ filter.accessDeniedHandler == adh
+ }
- def void accessDeniedHandlerPageAndRefAreMutuallyExclusive() {
- when:
- httpAutoConfig {
- 'access-denied-handler'('error-page': '/go-away', ref: 'adh')
- }
- createAppContext();
- bean('adh', AccessDeniedHandlerImpl)
- then:
- thrown(BeanDefinitionParsingException)
- }
+ def void accessDeniedHandlerPageAndRefAreMutuallyExclusive() {
+ when:
+ httpAutoConfig {
+ 'access-denied-handler'('error-page': '/go-away', ref: 'adh')
+ }
+ createAppContext();
+ bean('adh', AccessDeniedHandlerImpl)
+ then:
+ thrown(BeanDefinitionParsingException)
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy
index 9c9b7b8725..bc5d11a6ab 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy
@@ -43,303 +43,303 @@ import spock.lang.Unroll
* @author Rob Winch
*/
class CsrfConfigTests extends AbstractHttpConfigTests {
- MockHttpServletRequest request = new MockHttpServletRequest()
- MockHttpServletResponse response = new MockHttpServletResponse()
- MockFilterChain chain = new MockFilterChain()
+ MockHttpServletRequest request = new MockHttpServletRequest()
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ MockFilterChain chain = new MockFilterChain()
- @Unroll
- def 'csrf is enabled by default'() {
- setup:
- httpAutoConfig {
- }
- createAppContext()
- when:
- request.method = httpMethod
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- response.status == httpStatus
- where:
- httpMethod | httpStatus
- 'POST' | HttpServletResponse.SC_FORBIDDEN
- 'PUT' | HttpServletResponse.SC_FORBIDDEN
- 'PATCH' | HttpServletResponse.SC_FORBIDDEN
- 'DELETE' | HttpServletResponse.SC_FORBIDDEN
- 'INVALID' | HttpServletResponse.SC_FORBIDDEN
- 'GET' | HttpServletResponse.SC_OK
- 'HEAD' | HttpServletResponse.SC_OK
- 'TRACE' | HttpServletResponse.SC_OK
- 'OPTIONS' | HttpServletResponse.SC_OK
- }
+ @Unroll
+ def 'csrf is enabled by default'() {
+ setup:
+ httpAutoConfig {
+ }
+ createAppContext()
+ when:
+ request.method = httpMethod
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ response.status == httpStatus
+ where:
+ httpMethod | httpStatus
+ 'POST' | HttpServletResponse.SC_FORBIDDEN
+ 'PUT' | HttpServletResponse.SC_FORBIDDEN
+ 'PATCH' | HttpServletResponse.SC_FORBIDDEN
+ 'DELETE' | HttpServletResponse.SC_FORBIDDEN
+ 'INVALID' | HttpServletResponse.SC_FORBIDDEN
+ 'GET' | HttpServletResponse.SC_OK
+ 'HEAD' | HttpServletResponse.SC_OK
+ 'TRACE' | HttpServletResponse.SC_OK
+ 'OPTIONS' | HttpServletResponse.SC_OK
+ }
- def 'csrf disabled'() {
- when:
- httpAutoConfig {
- csrf(disabled:true)
- }
- createAppContext()
- then:
- !getFilter(CsrfFilter)
- }
+ def 'csrf disabled'() {
+ when:
+ httpAutoConfig {
+ csrf(disabled:true)
+ }
+ createAppContext()
+ then:
+ !getFilter(CsrfFilter)
+ }
- @Unroll
- def 'csrf defaults'() {
- setup:
- httpAutoConfig {
- 'csrf'()
- }
- createAppContext()
- when:
- request.method = httpMethod
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- response.status == httpStatus
- where:
- httpMethod | httpStatus
- 'POST' | HttpServletResponse.SC_FORBIDDEN
- 'PUT' | HttpServletResponse.SC_FORBIDDEN
- 'PATCH' | HttpServletResponse.SC_FORBIDDEN
- 'DELETE' | HttpServletResponse.SC_FORBIDDEN
- 'INVALID' | HttpServletResponse.SC_FORBIDDEN
- 'GET' | HttpServletResponse.SC_OK
- 'HEAD' | HttpServletResponse.SC_OK
- 'TRACE' | HttpServletResponse.SC_OK
- 'OPTIONS' | HttpServletResponse.SC_OK
- }
+ @Unroll
+ def 'csrf defaults'() {
+ setup:
+ httpAutoConfig {
+ 'csrf'()
+ }
+ createAppContext()
+ when:
+ request.method = httpMethod
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ response.status == httpStatus
+ where:
+ httpMethod | httpStatus
+ 'POST' | HttpServletResponse.SC_FORBIDDEN
+ 'PUT' | HttpServletResponse.SC_FORBIDDEN
+ 'PATCH' | HttpServletResponse.SC_FORBIDDEN
+ 'DELETE' | HttpServletResponse.SC_FORBIDDEN
+ 'INVALID' | HttpServletResponse.SC_FORBIDDEN
+ 'GET' | HttpServletResponse.SC_OK
+ 'HEAD' | HttpServletResponse.SC_OK
+ 'TRACE' | HttpServletResponse.SC_OK
+ 'OPTIONS' | HttpServletResponse.SC_OK
+ }
- def 'csrf default creates CsrfRequestDataValueProcessor'() {
- when:
- httpAutoConfig {
- 'csrf'()
- }
- createAppContext()
- then:
- appContext.getBean("requestDataValueProcessor",RequestDataValueProcessor)
- }
+ def 'csrf default creates CsrfRequestDataValueProcessor'() {
+ when:
+ httpAutoConfig {
+ 'csrf'()
+ }
+ createAppContext()
+ then:
+ appContext.getBean("requestDataValueProcessor",RequestDataValueProcessor)
+ }
- def 'csrf custom AccessDeniedHandler'() {
- setup:
- httpAutoConfig {
- 'access-denied-handler'(ref:'adh')
- 'csrf'()
- }
- mockBean(AccessDeniedHandler,'adh')
- createAppContext()
- AccessDeniedHandler adh = appContext.getBean(AccessDeniedHandler)
- request.method = "POST"
- when:
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- verify(adh).handle(any(HttpServletRequest),any(HttpServletResponse),any(AccessDeniedException))
- response.status == HttpServletResponse.SC_OK // our mock doesn't do anything
- }
+ def 'csrf custom AccessDeniedHandler'() {
+ setup:
+ httpAutoConfig {
+ 'access-denied-handler'(ref:'adh')
+ 'csrf'()
+ }
+ mockBean(AccessDeniedHandler,'adh')
+ createAppContext()
+ AccessDeniedHandler adh = appContext.getBean(AccessDeniedHandler)
+ request.method = "POST"
+ when:
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ verify(adh).handle(any(HttpServletRequest),any(HttpServletResponse),any(AccessDeniedException))
+ response.status == HttpServletResponse.SC_OK // our mock doesn't do anything
+ }
- def "csrf disables posts for RequestCache"() {
- setup:
- httpAutoConfig {
- 'csrf'('token-repository-ref':'repo')
- 'intercept-url'(pattern:"/**",access:'ROLE_USER')
- }
- mockBean(CsrfTokenRepository,'repo')
- createAppContext()
- CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository)
- CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc")
- when(repo.loadToken(any(HttpServletRequest))).thenReturn(token)
- when(repo.generateToken(any(HttpServletRequest))).thenReturn(token)
- request.setParameter(token.parameterName,token.token)
- request.servletPath = "/some-url"
- request.requestURI = "/some-url"
- request.method = "POST"
- when: "CSRF passes and our session times out"
- springSecurityFilterChain.doFilter(request,response,chain)
- then: "sent to the login page"
- response.status == HttpServletResponse.SC_MOVED_TEMPORARILY
- response.redirectedUrl == "http://localhost/login"
- when: "authenticate successfully"
- response = new MockHttpServletResponse()
- request = new MockHttpServletRequest(session: request.session)
- request.servletPath = "/login"
- request.setParameter(token.parameterName,token.token)
- request.setParameter("username","user")
- request.setParameter("password","password")
- request.method = "POST"
- springSecurityFilterChain.doFilter(request,response,chain)
- then: "sent to default success because we don't want csrf attempts made prior to authentication to pass"
- response.status == HttpServletResponse.SC_MOVED_TEMPORARILY
- response.redirectedUrl == "/"
- }
+ def "csrf disables posts for RequestCache"() {
+ setup:
+ httpAutoConfig {
+ 'csrf'('token-repository-ref':'repo')
+ 'intercept-url'(pattern:"/**",access:'ROLE_USER')
+ }
+ mockBean(CsrfTokenRepository,'repo')
+ createAppContext()
+ CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository)
+ CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc")
+ when(repo.loadToken(any(HttpServletRequest))).thenReturn(token)
+ when(repo.generateToken(any(HttpServletRequest))).thenReturn(token)
+ request.setParameter(token.parameterName,token.token)
+ request.servletPath = "/some-url"
+ request.requestURI = "/some-url"
+ request.method = "POST"
+ when: "CSRF passes and our session times out"
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then: "sent to the login page"
+ response.status == HttpServletResponse.SC_MOVED_TEMPORARILY
+ response.redirectedUrl == "http://localhost/login"
+ when: "authenticate successfully"
+ response = new MockHttpServletResponse()
+ request = new MockHttpServletRequest(session: request.session)
+ request.servletPath = "/login"
+ request.setParameter(token.parameterName,token.token)
+ request.setParameter("username","user")
+ request.setParameter("password","password")
+ request.method = "POST"
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then: "sent to default success because we don't want csrf attempts made prior to authentication to pass"
+ response.status == HttpServletResponse.SC_MOVED_TEMPORARILY
+ response.redirectedUrl == "/"
+ }
- def "csrf enables gets for RequestCache"() {
- setup:
- httpAutoConfig {
- 'csrf'('token-repository-ref':'repo')
- 'intercept-url'(pattern:"/**",access:'ROLE_USER')
- }
- mockBean(CsrfTokenRepository,'repo')
- createAppContext()
- CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository)
- CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc")
- when(repo.loadToken(any(HttpServletRequest))).thenReturn(token)
- when(repo.generateToken(any(HttpServletRequest))).thenReturn(token)
- request.setParameter(token.parameterName,token.token)
- request.servletPath = "/some-url"
- request.requestURI = "/some-url"
- request.method = "GET"
- when: "CSRF passes and our session times out"
- springSecurityFilterChain.doFilter(request,response,chain)
- then: "sent to the login page"
- response.status == HttpServletResponse.SC_MOVED_TEMPORARILY
- response.redirectedUrl == "http://localhost/login"
- when: "authenticate successfully"
- response = new MockHttpServletResponse()
- request = new MockHttpServletRequest(session: request.session)
- request.servletPath = "/login"
- request.setParameter(token.parameterName,token.token)
- request.setParameter("username","user")
- request.setParameter("password","password")
- request.method = "POST"
- springSecurityFilterChain.doFilter(request,response,chain)
- then: "sent to original URL since it was a GET"
- response.status == HttpServletResponse.SC_MOVED_TEMPORARILY
- response.redirectedUrl == "http://localhost/some-url"
- }
+ def "csrf enables gets for RequestCache"() {
+ setup:
+ httpAutoConfig {
+ 'csrf'('token-repository-ref':'repo')
+ 'intercept-url'(pattern:"/**",access:'ROLE_USER')
+ }
+ mockBean(CsrfTokenRepository,'repo')
+ createAppContext()
+ CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository)
+ CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc")
+ when(repo.loadToken(any(HttpServletRequest))).thenReturn(token)
+ when(repo.generateToken(any(HttpServletRequest))).thenReturn(token)
+ request.setParameter(token.parameterName,token.token)
+ request.servletPath = "/some-url"
+ request.requestURI = "/some-url"
+ request.method = "GET"
+ when: "CSRF passes and our session times out"
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then: "sent to the login page"
+ response.status == HttpServletResponse.SC_MOVED_TEMPORARILY
+ response.redirectedUrl == "http://localhost/login"
+ when: "authenticate successfully"
+ response = new MockHttpServletResponse()
+ request = new MockHttpServletRequest(session: request.session)
+ request.servletPath = "/login"
+ request.setParameter(token.parameterName,token.token)
+ request.setParameter("username","user")
+ request.setParameter("password","password")
+ request.method = "POST"
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then: "sent to original URL since it was a GET"
+ response.status == HttpServletResponse.SC_MOVED_TEMPORARILY
+ response.redirectedUrl == "http://localhost/some-url"
+ }
- def "SEC-2422: csrf expire CSRF token and session-management invalid-session-url"() {
- setup:
- httpAutoConfig {
- 'csrf'()
- 'session-management'('invalid-session-url': '/error/sessionError')
- }
- createAppContext()
- request.setParameter("_csrf","abc")
- request.method = "POST"
- when: "No existing expected CsrfToken (session times out) and a POST"
- springSecurityFilterChain.doFilter(request,response,chain)
- then: "sent to the session timeout page page"
- response.status == HttpServletResponse.SC_MOVED_TEMPORARILY
- response.redirectedUrl == "/error/sessionError"
- when: "Existing expected CsrfToken and a POST (invalid token provided)"
- response = new MockHttpServletResponse()
- request = new MockHttpServletRequest(session: request.session, method:'POST')
- springSecurityFilterChain.doFilter(request,response,chain)
- then: "Access Denied occurs"
- response.status == HttpServletResponse.SC_FORBIDDEN
- }
+ def "SEC-2422: csrf expire CSRF token and session-management invalid-session-url"() {
+ setup:
+ httpAutoConfig {
+ 'csrf'()
+ 'session-management'('invalid-session-url': '/error/sessionError')
+ }
+ createAppContext()
+ request.setParameter("_csrf","abc")
+ request.method = "POST"
+ when: "No existing expected CsrfToken (session times out) and a POST"
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then: "sent to the session timeout page page"
+ response.status == HttpServletResponse.SC_MOVED_TEMPORARILY
+ response.redirectedUrl == "/error/sessionError"
+ when: "Existing expected CsrfToken and a POST (invalid token provided)"
+ response = new MockHttpServletResponse()
+ request = new MockHttpServletRequest(session: request.session, method:'POST')
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then: "Access Denied occurs"
+ response.status == HttpServletResponse.SC_FORBIDDEN
+ }
- def "csrf requireCsrfProtectionMatcher"() {
- setup:
- httpAutoConfig {
- 'csrf'('request-matcher-ref':'matcher')
- }
- mockBean(RequestMatcher,'matcher')
- createAppContext()
- request.method = 'POST'
- RequestMatcher matcher = appContext.getBean("matcher",RequestMatcher)
- when:
- when(matcher.matches(any(HttpServletRequest))).thenReturn(false)
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- response.status == HttpServletResponse.SC_OK
- when:
- when(matcher.matches(any(HttpServletRequest))).thenReturn(true)
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- response.status == HttpServletResponse.SC_FORBIDDEN
- }
+ def "csrf requireCsrfProtectionMatcher"() {
+ setup:
+ httpAutoConfig {
+ 'csrf'('request-matcher-ref':'matcher')
+ }
+ mockBean(RequestMatcher,'matcher')
+ createAppContext()
+ request.method = 'POST'
+ RequestMatcher matcher = appContext.getBean("matcher",RequestMatcher)
+ when:
+ when(matcher.matches(any(HttpServletRequest))).thenReturn(false)
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ response.status == HttpServletResponse.SC_OK
+ when:
+ when(matcher.matches(any(HttpServletRequest))).thenReturn(true)
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ response.status == HttpServletResponse.SC_FORBIDDEN
+ }
- def "csrf csrfTokenRepository"() {
- setup:
- httpAutoConfig {
- 'csrf'('token-repository-ref':'repo')
- }
- mockBean(CsrfTokenRepository,'repo')
- createAppContext()
- CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository)
- CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc")
- when(repo.loadToken(any(HttpServletRequest))).thenReturn(token)
- request.setParameter(token.parameterName,token.token)
- request.method = "POST"
- when:
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- response.status == HttpServletResponse.SC_OK
- when:
- request.setParameter(token.parameterName,token.token+"INVALID")
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- response.status == HttpServletResponse.SC_FORBIDDEN
- }
+ def "csrf csrfTokenRepository"() {
+ setup:
+ httpAutoConfig {
+ 'csrf'('token-repository-ref':'repo')
+ }
+ mockBean(CsrfTokenRepository,'repo')
+ createAppContext()
+ CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository)
+ CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc")
+ when(repo.loadToken(any(HttpServletRequest))).thenReturn(token)
+ request.setParameter(token.parameterName,token.token)
+ request.method = "POST"
+ when:
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ response.status == HttpServletResponse.SC_OK
+ when:
+ request.setParameter(token.parameterName,token.token+"INVALID")
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ response.status == HttpServletResponse.SC_FORBIDDEN
+ }
- def "csrf clears on login"() {
- setup:
- httpAutoConfig {
- 'csrf'('token-repository-ref':'repo')
- }
- mockBean(CsrfTokenRepository,'repo')
- createAppContext()
- CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository)
- CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc")
- when(repo.loadToken(any(HttpServletRequest))).thenReturn(token)
- when(repo.generateToken(any(HttpServletRequest))).thenReturn(token)
- request.setParameter(token.parameterName,token.token)
- request.method = "POST"
- request.setParameter("username","user")
- request.setParameter("password","password")
- request.servletPath = "/login"
- when:
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- verify(repo, atLeastOnce()).saveToken(eq(null),any(HttpServletRequest), any(HttpServletResponse))
- }
+ def "csrf clears on login"() {
+ setup:
+ httpAutoConfig {
+ 'csrf'('token-repository-ref':'repo')
+ }
+ mockBean(CsrfTokenRepository,'repo')
+ createAppContext()
+ CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository)
+ CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc")
+ when(repo.loadToken(any(HttpServletRequest))).thenReturn(token)
+ when(repo.generateToken(any(HttpServletRequest))).thenReturn(token)
+ request.setParameter(token.parameterName,token.token)
+ request.method = "POST"
+ request.setParameter("username","user")
+ request.setParameter("password","password")
+ request.servletPath = "/login"
+ when:
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ verify(repo, atLeastOnce()).saveToken(eq(null),any(HttpServletRequest), any(HttpServletResponse))
+ }
- def "csrf clears on logout"() {
- setup:
- httpAutoConfig {
- 'csrf'('token-repository-ref':'repo')
- }
- mockBean(CsrfTokenRepository,'repo')
- createAppContext()
- CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository)
- CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc")
- when(repo.loadToken(any(HttpServletRequest))).thenReturn(token)
- request.setParameter(token.parameterName,token.token)
- request.method = "POST"
- request.servletPath = "/logout"
- when:
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- verify(repo).saveToken(eq(null),any(HttpServletRequest), any(HttpServletResponse))
- }
+ def "csrf clears on logout"() {
+ setup:
+ httpAutoConfig {
+ 'csrf'('token-repository-ref':'repo')
+ }
+ mockBean(CsrfTokenRepository,'repo')
+ createAppContext()
+ CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository)
+ CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc")
+ when(repo.loadToken(any(HttpServletRequest))).thenReturn(token)
+ request.setParameter(token.parameterName,token.token)
+ request.method = "POST"
+ request.servletPath = "/logout"
+ when:
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ verify(repo).saveToken(eq(null),any(HttpServletRequest), any(HttpServletResponse))
+ }
- def "SEC-2495: csrf disables logout on GET"() {
- setup:
- httpAutoConfig {
- 'csrf'()
- }
- createAppContext()
- login()
- request.method = "GET"
- request.requestURI = "/logout"
- when:
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- getAuthentication(request) != null
- }
+ def "SEC-2495: csrf disables logout on GET"() {
+ setup:
+ httpAutoConfig {
+ 'csrf'()
+ }
+ createAppContext()
+ login()
+ request.method = "GET"
+ request.requestURI = "/logout"
+ when:
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ getAuthentication(request) != null
+ }
- def login(String username="user", String role="ROLE_USER") {
- login(new UsernamePasswordAuthenticationToken(username, null, AuthorityUtils.createAuthorityList(role)))
- }
+ def login(String username="user", String role="ROLE_USER") {
+ login(new UsernamePasswordAuthenticationToken(username, null, AuthorityUtils.createAuthorityList(role)))
+ }
- def login(Authentication auth) {
- HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository()
- HttpRequestResponseHolder requestResponseHolder = new HttpRequestResponseHolder(request, response)
- repo.loadContext(requestResponseHolder)
- repo.saveContext(new SecurityContextImpl(authentication:auth), requestResponseHolder.request, requestResponseHolder.response)
- }
+ def login(Authentication auth) {
+ HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository()
+ HttpRequestResponseHolder requestResponseHolder = new HttpRequestResponseHolder(request, response)
+ repo.loadContext(requestResponseHolder)
+ repo.saveContext(new SecurityContextImpl(authentication:auth), requestResponseHolder.request, requestResponseHolder.response)
+ }
- def getAuthentication(HttpServletRequest request) {
- HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository()
- HttpRequestResponseHolder requestResponseHolder = new HttpRequestResponseHolder(request, response)
- repo.loadContext(requestResponseHolder)?.authentication
- }
+ def getAuthentication(HttpServletRequest request) {
+ HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository()
+ HttpRequestResponseHolder requestResponseHolder = new HttpRequestResponseHolder(request, response)
+ repo.loadContext(requestResponseHolder)?.authentication
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/http/FormLoginBeanDefinitionParserTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/FormLoginBeanDefinitionParserTests.groovy
index d8def9663a..42c8d9b49a 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/FormLoginBeanDefinitionParserTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/FormLoginBeanDefinitionParserTests.groovy
@@ -10,104 +10,104 @@ import org.springframework.mock.web.MockHttpServletResponse
*/
class FormLoginBeanDefinitionParserTests extends AbstractHttpConfigTests {
- def 'form-login default login page'() {
- setup:
- MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login')
- MockHttpServletResponse response = new MockHttpServletResponse()
- MockFilterChain chain = new MockFilterChain()
- httpAutoConfig {
- csrf(disabled:true)
- }
- createAppContext()
- when:
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- response.getContentAsString() == """Login Page
+ def 'form-login default login page'() {
+ setup:
+ MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login')
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ MockFilterChain chain = new MockFilterChain()
+ httpAutoConfig {
+ csrf(disabled:true)
+ }
+ createAppContext()
+ when:
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ response.getContentAsString() == """Login Page
Login with Username and Password
"""
- }
+ }
- def 'form-login default login page custom attributes'() {
- setup:
- MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login')
- MockHttpServletResponse response = new MockHttpServletResponse()
- MockFilterChain chain = new MockFilterChain()
- httpAutoConfig {
- 'form-login'('login-processing-url':'/login_custom','username-parameter':'custom_user','password-parameter':'custom_password')
- csrf(disabled:true)
- }
- createAppContext()
- when:
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- response.getContentAsString() == """Login Page
+ def 'form-login default login page custom attributes'() {
+ setup:
+ MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login')
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ MockFilterChain chain = new MockFilterChain()
+ httpAutoConfig {
+ 'form-login'('login-processing-url':'/login_custom','username-parameter':'custom_user','password-parameter':'custom_password')
+ csrf(disabled:true)
+ }
+ createAppContext()
+ when:
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ response.getContentAsString() == """Login Page
Login with Username and Password
"""
- }
+ }
- def 'openid-login default login page'() {
- setup:
- MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login')
- MockHttpServletResponse response = new MockHttpServletResponse()
- MockFilterChain chain = new MockFilterChain()
- httpAutoConfig {
- 'openid-login'()
- csrf(disabled:true)
- }
- createAppContext()
- when:
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- response.getContentAsString() == """Login Page
+ def 'openid-login default login page'() {
+ setup:
+ MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login')
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ MockFilterChain chain = new MockFilterChain()
+ httpAutoConfig {
+ 'openid-login'()
+ csrf(disabled:true)
+ }
+ createAppContext()
+ when:
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ response.getContentAsString() == """Login Page
Login with Username and Password
Login with OpenID Identity
"""
- }
+ }
- def 'openid-login default login page custom attributes'() {
- setup:
- MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login')
- MockHttpServletResponse response = new MockHttpServletResponse()
- MockFilterChain chain = new MockFilterChain()
- httpAutoConfig {
- 'openid-login'('login-processing-url':'/login_custom')
- csrf(disabled:true)
- }
- createAppContext()
- when:
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- response.getContentAsString() == """Login Page
+ def 'openid-login default login page custom attributes'() {
+ setup:
+ MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login')
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ MockFilterChain chain = new MockFilterChain()
+ httpAutoConfig {
+ 'openid-login'('login-processing-url':'/login_custom')
+ csrf(disabled:true)
+ }
+ createAppContext()
+ when:
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ response.getContentAsString() == """Login Page
Login with Username and Password
Login with OpenID Identity
"""
- }
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/http/FormLoginConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/FormLoginConfigTests.groovy
index 75dbb95fbf..0f93981d90 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/FormLoginConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/FormLoginConfigTests.groovy
@@ -15,93 +15,93 @@ import org.springframework.util.ReflectionUtils;
*/
class FormLoginConfigTests extends AbstractHttpConfigTests {
- def formLoginWithNoLoginPageAddsDefaultLoginPageFilter() {
- httpAutoConfig('ant') {
- form-login()
- }
- createAppContext()
- filtersMatchExpectedAutoConfigList();
- }
+ def formLoginWithNoLoginPageAddsDefaultLoginPageFilter() {
+ httpAutoConfig('ant') {
+ form-login()
+ }
+ createAppContext()
+ filtersMatchExpectedAutoConfigList();
+ }
- def 'Form login alwaysUseDefaultTarget sets correct property'() {
- xml.http {
- 'form-login'('default-target-url':'/default', 'always-use-default-target': 'true')
- }
- createAppContext()
- def filter = getFilter(UsernamePasswordAuthenticationFilter.class);
+ def 'Form login alwaysUseDefaultTarget sets correct property'() {
+ xml.http {
+ 'form-login'('default-target-url':'/default', 'always-use-default-target': 'true')
+ }
+ createAppContext()
+ def filter = getFilter(UsernamePasswordAuthenticationFilter.class);
- expect:
- FieldUtils.getFieldValue(filter, 'successHandler.defaultTargetUrl') == '/default';
- FieldUtils.getFieldValue(filter, 'successHandler.alwaysUseDefaultTargetUrl');
- }
+ expect:
+ FieldUtils.getFieldValue(filter, 'successHandler.defaultTargetUrl') == '/default';
+ FieldUtils.getFieldValue(filter, 'successHandler.alwaysUseDefaultTargetUrl');
+ }
- def 'form-login attributes support SpEL'() {
- setup:
- def spelUrl = '#{T(org.springframework.security.config.http.WebConfigUtilsTest).URL}'
- def expectedUrl = WebConfigUtilsTest.URL
- when:
- xml.http {
- 'form-login'('default-target-url': spelUrl , 'authentication-failure-url': spelUrl, 'login-page': spelUrl)
- }
- createAppContext()
- def unPwdFilter = getFilter(UsernamePasswordAuthenticationFilter)
- def exTransFilter = getFilter(ExceptionTranslationFilter)
+ def 'form-login attributes support SpEL'() {
+ setup:
+ def spelUrl = '#{T(org.springframework.security.config.http.WebConfigUtilsTest).URL}'
+ def expectedUrl = WebConfigUtilsTest.URL
+ when:
+ xml.http {
+ 'form-login'('default-target-url': spelUrl , 'authentication-failure-url': spelUrl, 'login-page': spelUrl)
+ }
+ createAppContext()
+ def unPwdFilter = getFilter(UsernamePasswordAuthenticationFilter)
+ def exTransFilter = getFilter(ExceptionTranslationFilter)
- then:
- unPwdFilter.successHandler.defaultTargetUrl == expectedUrl
- unPwdFilter
- FieldUtils.getFieldValue(unPwdFilter, 'successHandler.defaultTargetUrl') == expectedUrl
- FieldUtils.getFieldValue(unPwdFilter, 'failureHandler.defaultFailureUrl') == expectedUrl
- FieldUtils.getFieldValue(exTransFilter, 'authenticationEntryPoint.loginFormUrl') == expectedUrl
- }
+ then:
+ unPwdFilter.successHandler.defaultTargetUrl == expectedUrl
+ unPwdFilter
+ FieldUtils.getFieldValue(unPwdFilter, 'successHandler.defaultTargetUrl') == expectedUrl
+ FieldUtils.getFieldValue(unPwdFilter, 'failureHandler.defaultFailureUrl') == expectedUrl
+ FieldUtils.getFieldValue(exTransFilter, 'authenticationEntryPoint.loginFormUrl') == expectedUrl
+ }
- def invalidLoginPageIsDetected() {
- when:
- xml.http {
- 'form-login'('login-page': 'noLeadingSlash')
- }
- createAppContext()
+ def invalidLoginPageIsDetected() {
+ when:
+ xml.http {
+ 'form-login'('login-page': 'noLeadingSlash')
+ }
+ createAppContext()
- then:
- BeanCreationException e = thrown();
- }
+ then:
+ BeanCreationException e = thrown();
+ }
- def invalidDefaultTargetUrlIsDetected() {
- when:
- xml.http {
- 'form-login'('default-target-url': 'noLeadingSlash')
- }
- createAppContext()
+ def invalidDefaultTargetUrlIsDetected() {
+ when:
+ xml.http {
+ 'form-login'('default-target-url': 'noLeadingSlash')
+ }
+ createAppContext()
- then:
- BeanCreationException e = thrown();
- }
+ then:
+ BeanCreationException e = thrown();
+ }
- def customSuccessAndFailureHandlersCanBeSetThroughTheNamespace() {
- xml.http {
- 'form-login'('authentication-success-handler-ref': 'sh', 'authentication-failure-handler-ref':'fh')
- }
- bean('sh', SavedRequestAwareAuthenticationSuccessHandler.class.name)
- bean('fh', SimpleUrlAuthenticationFailureHandler.class.name)
- createAppContext()
+ def customSuccessAndFailureHandlersCanBeSetThroughTheNamespace() {
+ xml.http {
+ 'form-login'('authentication-success-handler-ref': 'sh', 'authentication-failure-handler-ref':'fh')
+ }
+ bean('sh', SavedRequestAwareAuthenticationSuccessHandler.class.name)
+ bean('fh', SimpleUrlAuthenticationFailureHandler.class.name)
+ createAppContext()
- def apf = getFilter(UsernamePasswordAuthenticationFilter.class);
+ def apf = getFilter(UsernamePasswordAuthenticationFilter.class);
- expect:
- FieldUtils.getFieldValue(apf, "successHandler") == appContext.getBean("sh");
- FieldUtils.getFieldValue(apf, "failureHandler") == appContext.getBean("fh")
- }
+ expect:
+ FieldUtils.getFieldValue(apf, "successHandler") == appContext.getBean("sh");
+ FieldUtils.getFieldValue(apf, "failureHandler") == appContext.getBean("fh")
+ }
- def usernameAndPasswordParametersCanBeSetThroughNamespace() {
- xml.http {
- 'form-login'('username-parameter': 'xname', 'password-parameter':'xpass')
- }
- createAppContext()
+ def usernameAndPasswordParametersCanBeSetThroughNamespace() {
+ xml.http {
+ 'form-login'('username-parameter': 'xname', 'password-parameter':'xpass')
+ }
+ createAppContext()
- def apf = getFilter(UsernamePasswordAuthenticationFilter.class);
+ def apf = getFilter(UsernamePasswordAuthenticationFilter.class);
- expect:
- apf.usernameParameter == 'xname';
- apf.passwordParameter == 'xpass'
- }
+ expect:
+ apf.usernameParameter == 'xname';
+ apf.passwordParameter == 'xpass'
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/http/HttpConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/HttpConfigTests.groovy
index 01130b7edf..59f1d812bb 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/HttpConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/HttpConfigTests.groovy
@@ -43,20 +43,20 @@ import static org.mockito.Mockito.*
* @author Rob Winch
*/
class HttpConfigTests extends AbstractHttpConfigTests {
- MockHttpServletRequest request = new MockHttpServletRequest('GET','/secure')
- MockHttpServletResponse response = new MockHttpServletResponse()
- MockFilterChain chain = new MockFilterChain()
+ MockHttpServletRequest request = new MockHttpServletRequest('GET','/secure')
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ MockFilterChain chain = new MockFilterChain()
- def 'http minimal configuration works'() {
- setup:
- xml.http() {}
- createAppContext("""
-
- """)
- when: 'request protected URL'
- springSecurityFilterChain.doFilter(request,response,chain)
- then: 'sent to login page'
- response.status == HttpServletResponse.SC_MOVED_TEMPORARILY
- response.redirectedUrl == 'http://localhost/login'
- }
+ def 'http minimal configuration works'() {
+ setup:
+ xml.http() {}
+ createAppContext("""
+
+ """)
+ when: 'request protected URL'
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then: 'sent to login page'
+ response.status == HttpServletResponse.SC_MOVED_TEMPORARILY
+ response.redirectedUrl == 'http://localhost/login'
+ }
}
\ No newline at end of file
diff --git a/config/src/test/groovy/org/springframework/security/config/http/HttpHeadersConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/HttpHeadersConfigTests.groovy
index c42550b9b8..93dff9b559 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/HttpHeadersConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/HttpHeadersConfigTests.groovy
@@ -27,620 +27,620 @@ import org.springframework.security.web.util.matcher.AnyRequestMatcher
* @author Rob Winch
*/
class HttpHeadersConfigTests extends AbstractHttpConfigTests {
- def defaultHeaders = ['X-Content-Type-Options':'nosniff',
- 'X-Frame-Options':'DENY',
- 'Strict-Transport-Security': 'max-age=31536000 ; includeSubDomains',
- 'Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate',
- 'Expires' : '0',
- 'Pragma':'no-cache',
- 'X-XSS-Protection' : '1; mode=block']
- def 'headers disabled'() {
- setup:
- httpAutoConfig {
- 'headers'(disabled:true)
- }
- createAppContext()
-
- when:
- def hf = getFilter(HeaderWriterFilter)
- then:
- !hf
- }
-
- def 'headers disabled with child fails'() {
- when:
- httpAutoConfig {
- 'headers'(disabled:true) {
- 'content-type-options'()
- }
- }
- createAppContext()
- then:
- thrown(BeanDefinitionParsingException)
- }
-
- def 'default headers'() {
- httpAutoConfig {
- }
- createAppContext()
-
- when:
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
- hf.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
- then:
- assertHeaders(response, defaultHeaders)
- }
-
- def 'http headers with empty headers'() {
- setup:
- httpAutoConfig {
- 'headers'()
- }
- createAppContext()
- when:
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
- hf.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
- then:
- assertHeaders(response, defaultHeaders)
- }
-
- def 'http headers frame-options@policy=SAMEORIGIN with defaults'() {
- httpAutoConfig {
- 'headers'() {
- 'frame-options'(policy:'SAMEORIGIN')
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
- hf.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
- def expectedHeaders = [:] << defaultHeaders
- expectedHeaders['X-Frame-Options'] = 'SAMEORIGIN'
-
- expect:
- assertHeaders(response, expectedHeaders)
- }
-
-
- // --- defaults disabled
-
- def 'http headers content-type-options'() {
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'content-type-options'()
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
- hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
-
- expect:
- assertHeaders(response, ['X-Content-Type-Options':'nosniff'])
- }
-
- def 'http headers frame-options defaults to DENY'() {
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'frame-options'()
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
- hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
-
- expect:
- assertHeaders(response, ['X-Frame-Options':'DENY'])
- }
-
- def 'http headers frame-options DENY'() {
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'frame-options'(policy : 'DENY')
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
- hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
-
- expect:
- assertHeaders(response, ['X-Frame-Options':'DENY'])
- }
-
- def 'http headers frame-options SAMEORIGIN'() {
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'frame-options'(policy : 'SAMEORIGIN')
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
- hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
-
- expect:
- assertHeaders(response, ['X-Frame-Options':'SAMEORIGIN'])
- }
-
- def 'http headers frame-options ALLOW-FROM no origin reports error'() {
- when:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'frame-options'(policy : 'ALLOW-FROM', strategy : 'static')
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
-
- then:
- BeanDefinitionParsingException e = thrown()
- e.message.contains "Strategy requires a 'value' to be set." // FIME better error message?
- }
-
- def 'http headers frame-options ALLOW-FROM spaces only origin reports error'() {
- when:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'frame-options'(policy : 'ALLOW-FROM', strategy: 'static', value : ' ')
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
-
- then:
- BeanDefinitionParsingException e = thrown()
- e.message.contains "Strategy requires a 'value' to be set." // FIME better error message?
- }
-
- def 'http headers frame-options ALLOW-FROM'() {
- when:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'frame-options'(policy : 'ALLOW-FROM', strategy: 'static', value : 'https://example.com')
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
- hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
-
- then:
- assertHeaders(response, ['X-Frame-Options':'ALLOW-FROM https://example.com'])
- }
-
- def 'http headers frame-options ALLOW-FROM with whitelist strategy'() {
- when:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'frame-options'(policy : 'ALLOW-FROM', strategy: 'whitelist', value : 'https://example.com')
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
-
- def request = new MockHttpServletRequest()
- request.setParameter("from", "https://example.com");
- hf.doFilter(request, response, new MockFilterChain())
-
- then:
- assertHeaders(response, ['X-Frame-Options':'ALLOW-FROM https://example.com'])
- }
-
- def 'http headers header a=b'() {
- when:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'header'(name : 'a', value: 'b')
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
- hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
-
- then:
- assertHeaders(response, ['a':'b'])
- }
-
- def 'http headers header a=b and c=d'() {
- when:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'header'(name : 'a', value: 'b')
- 'header'(name : 'c', value: 'd')
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
- hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
-
- then:
- assertHeaders(response , ['a':'b', 'c':'d'])
- }
-
- def 'http headers with ref'() {
- setup:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'header'(ref:'headerWriter')
- }
- }
- xml.'b:bean'(id: 'headerWriter', 'class': StaticHeadersWriter.name) {
- 'b:constructor-arg'(value:'abc') {}
- 'b:constructor-arg'(value:'def') {}
- }
- createAppContext()
- when:
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
- hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
- then:
- assertHeaders(response, ['abc':'def'])
- }
-
- def 'http headers header no name produces error'() {
- when:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'header'(value: 'b')
- }
- }
- createAppContext()
-
- then:
- thrown(BeanCreationException)
- }
-
- def 'http headers header no value produces error'() {
- when:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'header'(name: 'a')
- }
- }
- createAppContext()
-
- then:
- thrown(BeanCreationException)
- }
-
- def 'http headers xss-protection defaults'() {
- when:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'xss-protection'()
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
- hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
-
- then:
- assertHeaders(response, ['X-XSS-Protection':'1; mode=block'])
- }
-
- def 'http headers xss-protection enabled=true'() {
- when:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'xss-protection'(enabled:'true')
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
- hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
-
- then:
- assertHeaders(response, ['X-XSS-Protection':'1; mode=block'])
- }
-
- def 'http headers xss-protection enabled=false'() {
- when:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'xss-protection'(enabled:'false')
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
- MockHttpServletResponse response = new MockHttpServletResponse()
- hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
-
- then:
- assertHeaders(response, ['X-XSS-Protection':'0'])
- }
-
- def 'http headers xss-protection enabled=false and block=true produces error'() {
- when:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'xss-protection'(enabled:'false', block:'true')
- }
- }
- createAppContext()
-
- def hf = getFilter(HeaderWriterFilter)
-
- then:
- BeanCreationException e = thrown()
- e.message.contains 'Cannot set block to true with enabled false'
- }
-
- def 'http headers cache-control'() {
- setup:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'cache-control'()
- }
- }
- createAppContext()
- def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
- MockHttpServletResponse response = new MockHttpServletResponse()
- when:
- springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
- then:
- assertHeaders(response, ['Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate',
- 'Expires' : '0',
- 'Pragma':'no-cache'])
- }
-
- def 'http headers hsts'() {
- setup:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'hsts'()
- }
- }
- createAppContext()
- def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
- MockHttpServletResponse response = new MockHttpServletResponse()
- when:
- springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
- then:
- assertHeaders(response, ['Strict-Transport-Security': 'max-age=31536000 ; includeSubDomains'])
- }
-
- def 'http headers hsts default only invokes on HttpServletRequest.isSecure = true'() {
- setup:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'hsts'()
- }
- }
- createAppContext()
- def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
- MockHttpServletResponse response = new MockHttpServletResponse()
- when:
- springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
- then:
- response.headerNames.empty
- }
-
- def 'http headers hsts custom'() {
- setup:
- httpAutoConfig {
- 'headers'('defaults-disabled':true) {
- 'hsts'('max-age-seconds':'1','include-subdomains':false, 'request-matcher-ref' : 'matcher')
- }
- }
-
- xml.'b:bean'(id: 'matcher', 'class': AnyRequestMatcher.name)
- createAppContext()
- def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
- MockHttpServletResponse response = new MockHttpServletResponse()
- when:
- springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
- then:
- assertHeaders(response, ['Strict-Transport-Security': 'max-age=1'])
- }
-
- // --- disable single default header ---
-
- def 'http headers cache-controls@disabled=true'() {
- setup:
- httpAutoConfig {
- 'headers'() {
- 'cache-control'(disabled:true)
- }
- }
- createAppContext()
- def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
- MockHttpServletResponse response = new MockHttpServletResponse()
- def expectedHeaders = [:] << defaultHeaders
- expectedHeaders.remove('Cache-Control')
- expectedHeaders.remove('Expires')
- expectedHeaders.remove('Pragma')
- when:
- springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
- then:
- assertHeaders(response, expectedHeaders)
- }
-
- def 'http headers content-type-options@disabled=true'() {
- setup:
- httpAutoConfig {
- 'headers'() {
- 'content-type-options'(disabled:true)
- }
- }
- createAppContext()
- def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
- MockHttpServletResponse response = new MockHttpServletResponse()
- def expectedHeaders = [:] << defaultHeaders
- expectedHeaders.remove('X-Content-Type-Options')
- when:
- springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
- then:
- assertHeaders(response, expectedHeaders)
- }
-
- def 'http headers hsts@disabled=true'() {
- setup:
- httpAutoConfig {
- 'headers'() {
- 'hsts'(disabled:true)
- }
- }
- createAppContext()
- def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
- MockHttpServletResponse response = new MockHttpServletResponse()
- def expectedHeaders = [:] << defaultHeaders
- expectedHeaders.remove('Strict-Transport-Security')
- when:
- springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
- then:
- assertHeaders(response, expectedHeaders)
- }
-
- def 'http headers frame-options@disabled=true'() {
- setup:
- httpAutoConfig {
- 'headers'() {
- 'frame-options'(disabled:true)
- }
- }
- createAppContext()
- def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
- MockHttpServletResponse response = new MockHttpServletResponse()
- def expectedHeaders = [:] << defaultHeaders
- expectedHeaders.remove('X-Frame-Options')
- when:
- springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
- then:
- assertHeaders(response, expectedHeaders)
- }
-
- def 'http headers xss-protection@disabled=true'() {
- setup:
- httpAutoConfig {
- 'headers'() {
- 'xss-protection'(disabled:true)
- }
- }
- createAppContext()
- def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
- MockHttpServletResponse response = new MockHttpServletResponse()
- def expectedHeaders = [:] << defaultHeaders
- expectedHeaders.remove('X-XSS-Protection')
- when:
- springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
- then:
- assertHeaders(response, expectedHeaders)
- }
-
- // --- disable error handling ---
-
- def 'http headers hsts@disabled=true no include-subdomains'() {
- setup:
- httpAutoConfig {
- 'headers'() {
- 'hsts'(disabled:true,'include-subdomains':true)
- }
- }
- when:
- createAppContext()
- then:
- BeanDefinitionParsingException expected = thrown()
- expected.message.contains 'include-subdomains'
- }
-
- def 'http headers hsts@disabled=true no max-age'() {
- setup:
- httpAutoConfig {
- 'headers'() {
- 'hsts'(disabled:true,'max-age-seconds':123)
- }
- }
- when:
- createAppContext()
- then:
- BeanDefinitionParsingException expected = thrown()
- expected.message.contains 'max-age'
- }
-
- def 'http headers hsts@disabled=true no matcher-ref'() {
- setup:
- httpAutoConfig {
- 'headers'() {
- 'hsts'(disabled:true,'request-matcher-ref':'matcher')
- }
- }
- xml.'b:bean'(id: 'matcher', 'class': AnyRequestMatcher.name)
- when:
- createAppContext()
- then:
- BeanDefinitionParsingException expected = thrown()
- expected.message.contains 'request-matcher-ref'
- }
-
- def 'http xss@disabled=true no enabled'() {
- setup:
- httpAutoConfig {
- 'headers'() {
- 'xss-protection'(disabled:true,'enabled':true)
- }
- }
- when:
- createAppContext()
- then:
- BeanDefinitionParsingException expected = thrown()
- expected.message.contains 'enabled'
- }
-
- def 'http xss@disabled=true no block'() {
- setup:
- httpAutoConfig {
- 'headers'() {
- 'xss-protection'(disabled:true,'block':true)
- }
- }
- when:
- createAppContext()
- then:
- BeanDefinitionParsingException expected = thrown()
- expected.message.contains 'block'
- }
-
- def 'http frame-options@disabled=true no policy'() {
- setup:
- httpAutoConfig {
- 'headers'() {
- 'frame-options'(disabled:true,'policy':'DENY')
- }
- }
- when:
- createAppContext()
- then:
- BeanDefinitionParsingException expected = thrown()
- expected.message.contains 'policy'
- }
-
- def assertHeaders(MockHttpServletResponse response, Map expected) {
- assert response.headerNames == expected.keySet()
- expected.each { headerName, value ->
- assert response.getHeaderValues(headerName) == [value]
- }
- }
+ def defaultHeaders = ['X-Content-Type-Options':'nosniff',
+ 'X-Frame-Options':'DENY',
+ 'Strict-Transport-Security': 'max-age=31536000 ; includeSubDomains',
+ 'Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate',
+ 'Expires' : '0',
+ 'Pragma':'no-cache',
+ 'X-XSS-Protection' : '1; mode=block']
+ def 'headers disabled'() {
+ setup:
+ httpAutoConfig {
+ 'headers'(disabled:true)
+ }
+ createAppContext()
+
+ when:
+ def hf = getFilter(HeaderWriterFilter)
+ then:
+ !hf
+ }
+
+ def 'headers disabled with child fails'() {
+ when:
+ httpAutoConfig {
+ 'headers'(disabled:true) {
+ 'content-type-options'()
+ }
+ }
+ createAppContext()
+ then:
+ thrown(BeanDefinitionParsingException)
+ }
+
+ def 'default headers'() {
+ httpAutoConfig {
+ }
+ createAppContext()
+
+ when:
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ hf.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
+ then:
+ assertHeaders(response, defaultHeaders)
+ }
+
+ def 'http headers with empty headers'() {
+ setup:
+ httpAutoConfig {
+ 'headers'()
+ }
+ createAppContext()
+ when:
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ hf.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
+ then:
+ assertHeaders(response, defaultHeaders)
+ }
+
+ def 'http headers frame-options@policy=SAMEORIGIN with defaults'() {
+ httpAutoConfig {
+ 'headers'() {
+ 'frame-options'(policy:'SAMEORIGIN')
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ hf.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
+ def expectedHeaders = [:] << defaultHeaders
+ expectedHeaders['X-Frame-Options'] = 'SAMEORIGIN'
+
+ expect:
+ assertHeaders(response, expectedHeaders)
+ }
+
+
+ // --- defaults disabled
+
+ def 'http headers content-type-options'() {
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'content-type-options'()
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+
+ expect:
+ assertHeaders(response, ['X-Content-Type-Options':'nosniff'])
+ }
+
+ def 'http headers frame-options defaults to DENY'() {
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'frame-options'()
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+
+ expect:
+ assertHeaders(response, ['X-Frame-Options':'DENY'])
+ }
+
+ def 'http headers frame-options DENY'() {
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'frame-options'(policy : 'DENY')
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+
+ expect:
+ assertHeaders(response, ['X-Frame-Options':'DENY'])
+ }
+
+ def 'http headers frame-options SAMEORIGIN'() {
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'frame-options'(policy : 'SAMEORIGIN')
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+
+ expect:
+ assertHeaders(response, ['X-Frame-Options':'SAMEORIGIN'])
+ }
+
+ def 'http headers frame-options ALLOW-FROM no origin reports error'() {
+ when:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'frame-options'(policy : 'ALLOW-FROM', strategy : 'static')
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+
+ then:
+ BeanDefinitionParsingException e = thrown()
+ e.message.contains "Strategy requires a 'value' to be set." // FIME better error message?
+ }
+
+ def 'http headers frame-options ALLOW-FROM spaces only origin reports error'() {
+ when:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'frame-options'(policy : 'ALLOW-FROM', strategy: 'static', value : ' ')
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+
+ then:
+ BeanDefinitionParsingException e = thrown()
+ e.message.contains "Strategy requires a 'value' to be set." // FIME better error message?
+ }
+
+ def 'http headers frame-options ALLOW-FROM'() {
+ when:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'frame-options'(policy : 'ALLOW-FROM', strategy: 'static', value : 'https://example.com')
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+
+ then:
+ assertHeaders(response, ['X-Frame-Options':'ALLOW-FROM https://example.com'])
+ }
+
+ def 'http headers frame-options ALLOW-FROM with whitelist strategy'() {
+ when:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'frame-options'(policy : 'ALLOW-FROM', strategy: 'whitelist', value : 'https://example.com')
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+
+ def request = new MockHttpServletRequest()
+ request.setParameter("from", "https://example.com");
+ hf.doFilter(request, response, new MockFilterChain())
+
+ then:
+ assertHeaders(response, ['X-Frame-Options':'ALLOW-FROM https://example.com'])
+ }
+
+ def 'http headers header a=b'() {
+ when:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'header'(name : 'a', value: 'b')
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+
+ then:
+ assertHeaders(response, ['a':'b'])
+ }
+
+ def 'http headers header a=b and c=d'() {
+ when:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'header'(name : 'a', value: 'b')
+ 'header'(name : 'c', value: 'd')
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+
+ then:
+ assertHeaders(response , ['a':'b', 'c':'d'])
+ }
+
+ def 'http headers with ref'() {
+ setup:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'header'(ref:'headerWriter')
+ }
+ }
+ xml.'b:bean'(id: 'headerWriter', 'class': StaticHeadersWriter.name) {
+ 'b:constructor-arg'(value:'abc') {}
+ 'b:constructor-arg'(value:'def') {}
+ }
+ createAppContext()
+ when:
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+ then:
+ assertHeaders(response, ['abc':'def'])
+ }
+
+ def 'http headers header no name produces error'() {
+ when:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'header'(value: 'b')
+ }
+ }
+ createAppContext()
+
+ then:
+ thrown(BeanCreationException)
+ }
+
+ def 'http headers header no value produces error'() {
+ when:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'header'(name: 'a')
+ }
+ }
+ createAppContext()
+
+ then:
+ thrown(BeanCreationException)
+ }
+
+ def 'http headers xss-protection defaults'() {
+ when:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'xss-protection'()
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+
+ then:
+ assertHeaders(response, ['X-XSS-Protection':'1; mode=block'])
+ }
+
+ def 'http headers xss-protection enabled=true'() {
+ when:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'xss-protection'(enabled:'true')
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+
+ then:
+ assertHeaders(response, ['X-XSS-Protection':'1; mode=block'])
+ }
+
+ def 'http headers xss-protection enabled=false'() {
+ when:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'xss-protection'(enabled:'false')
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+
+ then:
+ assertHeaders(response, ['X-XSS-Protection':'0'])
+ }
+
+ def 'http headers xss-protection enabled=false and block=true produces error'() {
+ when:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'xss-protection'(enabled:'false', block:'true')
+ }
+ }
+ createAppContext()
+
+ def hf = getFilter(HeaderWriterFilter)
+
+ then:
+ BeanCreationException e = thrown()
+ e.message.contains 'Cannot set block to true with enabled false'
+ }
+
+ def 'http headers cache-control'() {
+ setup:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'cache-control'()
+ }
+ }
+ createAppContext()
+ def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ when:
+ springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+ then:
+ assertHeaders(response, ['Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate',
+ 'Expires' : '0',
+ 'Pragma':'no-cache'])
+ }
+
+ def 'http headers hsts'() {
+ setup:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'hsts'()
+ }
+ }
+ createAppContext()
+ def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ when:
+ springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
+ then:
+ assertHeaders(response, ['Strict-Transport-Security': 'max-age=31536000 ; includeSubDomains'])
+ }
+
+ def 'http headers hsts default only invokes on HttpServletRequest.isSecure = true'() {
+ setup:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'hsts'()
+ }
+ }
+ createAppContext()
+ def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ when:
+ springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+ then:
+ response.headerNames.empty
+ }
+
+ def 'http headers hsts custom'() {
+ setup:
+ httpAutoConfig {
+ 'headers'('defaults-disabled':true) {
+ 'hsts'('max-age-seconds':'1','include-subdomains':false, 'request-matcher-ref' : 'matcher')
+ }
+ }
+
+ xml.'b:bean'(id: 'matcher', 'class': AnyRequestMatcher.name)
+ createAppContext()
+ def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ when:
+ springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+ then:
+ assertHeaders(response, ['Strict-Transport-Security': 'max-age=1'])
+ }
+
+ // --- disable single default header ---
+
+ def 'http headers cache-controls@disabled=true'() {
+ setup:
+ httpAutoConfig {
+ 'headers'() {
+ 'cache-control'(disabled:true)
+ }
+ }
+ createAppContext()
+ def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ def expectedHeaders = [:] << defaultHeaders
+ expectedHeaders.remove('Cache-Control')
+ expectedHeaders.remove('Expires')
+ expectedHeaders.remove('Pragma')
+ when:
+ springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
+ then:
+ assertHeaders(response, expectedHeaders)
+ }
+
+ def 'http headers content-type-options@disabled=true'() {
+ setup:
+ httpAutoConfig {
+ 'headers'() {
+ 'content-type-options'(disabled:true)
+ }
+ }
+ createAppContext()
+ def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ def expectedHeaders = [:] << defaultHeaders
+ expectedHeaders.remove('X-Content-Type-Options')
+ when:
+ springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
+ then:
+ assertHeaders(response, expectedHeaders)
+ }
+
+ def 'http headers hsts@disabled=true'() {
+ setup:
+ httpAutoConfig {
+ 'headers'() {
+ 'hsts'(disabled:true)
+ }
+ }
+ createAppContext()
+ def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ def expectedHeaders = [:] << defaultHeaders
+ expectedHeaders.remove('Strict-Transport-Security')
+ when:
+ springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain())
+ then:
+ assertHeaders(response, expectedHeaders)
+ }
+
+ def 'http headers frame-options@disabled=true'() {
+ setup:
+ httpAutoConfig {
+ 'headers'() {
+ 'frame-options'(disabled:true)
+ }
+ }
+ createAppContext()
+ def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ def expectedHeaders = [:] << defaultHeaders
+ expectedHeaders.remove('X-Frame-Options')
+ when:
+ springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
+ then:
+ assertHeaders(response, expectedHeaders)
+ }
+
+ def 'http headers xss-protection@disabled=true'() {
+ setup:
+ httpAutoConfig {
+ 'headers'() {
+ 'xss-protection'(disabled:true)
+ }
+ }
+ createAppContext()
+ def springSecurityFilterChain = appContext.getBean(FilterChainProxy)
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ def expectedHeaders = [:] << defaultHeaders
+ expectedHeaders.remove('X-XSS-Protection')
+ when:
+ springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain())
+ then:
+ assertHeaders(response, expectedHeaders)
+ }
+
+ // --- disable error handling ---
+
+ def 'http headers hsts@disabled=true no include-subdomains'() {
+ setup:
+ httpAutoConfig {
+ 'headers'() {
+ 'hsts'(disabled:true,'include-subdomains':true)
+ }
+ }
+ when:
+ createAppContext()
+ then:
+ BeanDefinitionParsingException expected = thrown()
+ expected.message.contains 'include-subdomains'
+ }
+
+ def 'http headers hsts@disabled=true no max-age'() {
+ setup:
+ httpAutoConfig {
+ 'headers'() {
+ 'hsts'(disabled:true,'max-age-seconds':123)
+ }
+ }
+ when:
+ createAppContext()
+ then:
+ BeanDefinitionParsingException expected = thrown()
+ expected.message.contains 'max-age'
+ }
+
+ def 'http headers hsts@disabled=true no matcher-ref'() {
+ setup:
+ httpAutoConfig {
+ 'headers'() {
+ 'hsts'(disabled:true,'request-matcher-ref':'matcher')
+ }
+ }
+ xml.'b:bean'(id: 'matcher', 'class': AnyRequestMatcher.name)
+ when:
+ createAppContext()
+ then:
+ BeanDefinitionParsingException expected = thrown()
+ expected.message.contains 'request-matcher-ref'
+ }
+
+ def 'http xss@disabled=true no enabled'() {
+ setup:
+ httpAutoConfig {
+ 'headers'() {
+ 'xss-protection'(disabled:true,'enabled':true)
+ }
+ }
+ when:
+ createAppContext()
+ then:
+ BeanDefinitionParsingException expected = thrown()
+ expected.message.contains 'enabled'
+ }
+
+ def 'http xss@disabled=true no block'() {
+ setup:
+ httpAutoConfig {
+ 'headers'() {
+ 'xss-protection'(disabled:true,'block':true)
+ }
+ }
+ when:
+ createAppContext()
+ then:
+ BeanDefinitionParsingException expected = thrown()
+ expected.message.contains 'block'
+ }
+
+ def 'http frame-options@disabled=true no policy'() {
+ setup:
+ httpAutoConfig {
+ 'headers'() {
+ 'frame-options'(disabled:true,'policy':'DENY')
+ }
+ }
+ when:
+ createAppContext()
+ then:
+ BeanDefinitionParsingException expected = thrown()
+ expected.message.contains 'policy'
+ }
+
+ def assertHeaders(MockHttpServletResponse response, Map expected) {
+ assert response.headerNames == expected.keySet()
+ expected.each { headerName, value ->
+ assert response.getHeaderValues(headerName) == [value]
+ }
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/http/HttpOpenIDConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/HttpOpenIDConfigTests.groovy
index 7b48a72759..e9ecbb209e 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/HttpOpenIDConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/HttpOpenIDConfigTests.groovy
@@ -23,132 +23,132 @@ import javax.servlet.Filter
*/
class OpenIDConfigTests extends AbstractHttpConfigTests {
- def openIDAndFormLoginWorkTogether() {
- xml.http() {
- 'openid-login'()
- 'form-login'()
- }
- createAppContext()
+ def openIDAndFormLoginWorkTogether() {
+ xml.http() {
+ 'openid-login'()
+ 'form-login'()
+ }
+ createAppContext()
- def etf = getFilter(ExceptionTranslationFilter)
- def ap = etf.getAuthenticationEntryPoint();
+ def etf = getFilter(ExceptionTranslationFilter)
+ def ap = etf.getAuthenticationEntryPoint();
- expect:
- ap.loginFormUrl == "/login"
- // Default login filter should be present since we haven't specified any login URLs
- getFilter(DefaultLoginPageGeneratingFilter) != null
- }
+ expect:
+ ap.loginFormUrl == "/login"
+ // Default login filter should be present since we haven't specified any login URLs
+ getFilter(DefaultLoginPageGeneratingFilter) != null
+ }
- def formLoginEntryPointTakesPrecedenceIfLoginUrlIsSet() {
- xml.http() {
- 'openid-login'()
- 'form-login'('login-page': '/form-page')
- }
- createAppContext()
+ def formLoginEntryPointTakesPrecedenceIfLoginUrlIsSet() {
+ xml.http() {
+ 'openid-login'()
+ 'form-login'('login-page': '/form-page')
+ }
+ createAppContext()
- expect:
- getFilter(ExceptionTranslationFilter).authenticationEntryPoint.loginFormUrl == '/form-page'
- }
+ expect:
+ getFilter(ExceptionTranslationFilter).authenticationEntryPoint.loginFormUrl == '/form-page'
+ }
- def openIDEntryPointTakesPrecedenceIfLoginUrlIsSet() {
- xml.http() {
- 'openid-login'('login-page': '/openid-page')
- 'form-login'()
- }
- createAppContext()
+ def openIDEntryPointTakesPrecedenceIfLoginUrlIsSet() {
+ xml.http() {
+ 'openid-login'('login-page': '/openid-page')
+ 'form-login'()
+ }
+ createAppContext()
- expect:
- getFilter(ExceptionTranslationFilter).authenticationEntryPoint.loginFormUrl == '/openid-page'
- }
+ expect:
+ getFilter(ExceptionTranslationFilter).authenticationEntryPoint.loginFormUrl == '/openid-page'
+ }
- def multipleLoginPagesCausesError() {
- when:
- xml.http() {
- 'openid-login'('login-page': '/openid-page')
- 'form-login'('login-page': '/form-page')
- }
- createAppContext()
- then:
- thrown(BeanDefinitionParsingException)
- }
+ def multipleLoginPagesCausesError() {
+ when:
+ xml.http() {
+ 'openid-login'('login-page': '/openid-page')
+ 'form-login'('login-page': '/form-page')
+ }
+ createAppContext()
+ then:
+ thrown(BeanDefinitionParsingException)
+ }
- def openIDAndRememberMeWorkTogether() {
- xml.debug()
- xml.http() {
- interceptUrl('/**', 'denyAll')
- 'openid-login'()
- 'remember-me'()
- 'csrf'(disabled:true)
- }
- createAppContext()
+ def openIDAndRememberMeWorkTogether() {
+ xml.debug()
+ xml.http() {
+ interceptUrl('/**', 'denyAll')
+ 'openid-login'()
+ 'remember-me'()
+ 'csrf'(disabled:true)
+ }
+ createAppContext()
- // Default login filter should be present since we haven't specified any login URLs
- def loginFilter = getFilter(DefaultLoginPageGeneratingFilter)
- def openIDFilter = getFilter(OpenIDAuthenticationFilter)
- openIDFilter.setConsumer(new OpenIDConsumer() {
- public String beginConsumption(HttpServletRequest req, String claimedIdentity, String returnToUrl, String realm)
- throws OpenIDConsumerException {
- return "http://testopenid.com?openid.return_to=" + returnToUrl;
- }
+ // Default login filter should be present since we haven't specified any login URLs
+ def loginFilter = getFilter(DefaultLoginPageGeneratingFilter)
+ def openIDFilter = getFilter(OpenIDAuthenticationFilter)
+ openIDFilter.setConsumer(new OpenIDConsumer() {
+ public String beginConsumption(HttpServletRequest req, String claimedIdentity, String returnToUrl, String realm)
+ throws OpenIDConsumerException {
+ return "http://testopenid.com?openid.return_to=" + returnToUrl;
+ }
- public OpenIDAuthenticationToken endConsumption(HttpServletRequest req) throws OpenIDConsumerException {
- throw new UnsupportedOperationException();
- }
- })
- Set returnToUrlParameters = new HashSet()
- returnToUrlParameters.add(AbstractRememberMeServices.DEFAULT_PARAMETER)
- openIDFilter.setReturnToUrlParameters(returnToUrlParameters)
- assert loginFilter.openIDrememberMeParameter != null
+ public OpenIDAuthenticationToken endConsumption(HttpServletRequest req) throws OpenIDConsumerException {
+ throw new UnsupportedOperationException();
+ }
+ })
+ Set returnToUrlParameters = new HashSet()
+ returnToUrlParameters.add(AbstractRememberMeServices.DEFAULT_PARAMETER)
+ openIDFilter.setReturnToUrlParameters(returnToUrlParameters)
+ assert loginFilter.openIDrememberMeParameter != null
- MockHttpServletRequest request = new MockHttpServletRequest(method:'GET');
- MockHttpServletResponse response = new MockHttpServletResponse();
+ MockHttpServletRequest request = new MockHttpServletRequest(method:'GET');
+ MockHttpServletResponse response = new MockHttpServletResponse();
- when: "Initial request is made"
- Filter fc = appContext.getBean(BeanIds.SPRING_SECURITY_FILTER_CHAIN)
- request.setServletPath("/something.html")
- fc.doFilter(request, response, new MockFilterChain())
- then: "Redirected to login"
- response.getRedirectedUrl().endsWith("/login")
- when: "Login page is requested"
- request.setServletPath("/login")
- request.setRequestURI("/login")
- response = new MockHttpServletResponse()
- fc.doFilter(request, response, new MockFilterChain())
- then: "Remember-me choice is added to page"
- response.getContentAsString().contains(AbstractRememberMeServices.DEFAULT_PARAMETER)
- when: "Login is submitted with remember-me selected"
- request.servletPath = "/login/openid"
- request.setParameter(OpenIDAuthenticationFilter.DEFAULT_CLAIMED_IDENTITY_FIELD, "http://hey.openid.com/")
- request.setParameter(AbstractRememberMeServices.DEFAULT_PARAMETER, "on")
- response = new MockHttpServletResponse();
- fc.doFilter(request, response, new MockFilterChain());
- String expectedReturnTo = request.getRequestURL().append("?")
- .append(AbstractRememberMeServices.DEFAULT_PARAMETER)
- .append("=").append("on").toString();
- then: "return_to URL contains remember-me choice"
- response.getRedirectedUrl() == "http://testopenid.com?openid.return_to=" + expectedReturnTo
- }
+ when: "Initial request is made"
+ Filter fc = appContext.getBean(BeanIds.SPRING_SECURITY_FILTER_CHAIN)
+ request.setServletPath("/something.html")
+ fc.doFilter(request, response, new MockFilterChain())
+ then: "Redirected to login"
+ response.getRedirectedUrl().endsWith("/login")
+ when: "Login page is requested"
+ request.setServletPath("/login")
+ request.setRequestURI("/login")
+ response = new MockHttpServletResponse()
+ fc.doFilter(request, response, new MockFilterChain())
+ then: "Remember-me choice is added to page"
+ response.getContentAsString().contains(AbstractRememberMeServices.DEFAULT_PARAMETER)
+ when: "Login is submitted with remember-me selected"
+ request.servletPath = "/login/openid"
+ request.setParameter(OpenIDAuthenticationFilter.DEFAULT_CLAIMED_IDENTITY_FIELD, "http://hey.openid.com/")
+ request.setParameter(AbstractRememberMeServices.DEFAULT_PARAMETER, "on")
+ response = new MockHttpServletResponse();
+ fc.doFilter(request, response, new MockFilterChain());
+ String expectedReturnTo = request.getRequestURL().append("?")
+ .append(AbstractRememberMeServices.DEFAULT_PARAMETER)
+ .append("=").append("on").toString();
+ then: "return_to URL contains remember-me choice"
+ response.getRedirectedUrl() == "http://testopenid.com?openid.return_to=" + expectedReturnTo
+ }
- def openIDWithAttributeExchangeConfigurationIsParsedCorrectly() {
- xml.http() {
- 'openid-login'() {
- 'attribute-exchange'() {
- 'openid-attribute'(name: 'nickname', type: 'http://schema.openid.net/namePerson/friendly')
- 'openid-attribute'(name: 'email', type: 'http://schema.openid.net/contact/email', required: 'true',
- 'count': '2')
- }
- }
- }
- createAppContext()
+ def openIDWithAttributeExchangeConfigurationIsParsedCorrectly() {
+ xml.http() {
+ 'openid-login'() {
+ 'attribute-exchange'() {
+ 'openid-attribute'(name: 'nickname', type: 'http://schema.openid.net/namePerson/friendly')
+ 'openid-attribute'(name: 'email', type: 'http://schema.openid.net/contact/email', required: 'true',
+ 'count': '2')
+ }
+ }
+ }
+ createAppContext()
- List attributes = getFilter(OpenIDAuthenticationFilter).consumer.attributesToFetchFactory.createAttributeList('http://someid')
+ List attributes = getFilter(OpenIDAuthenticationFilter).consumer.attributesToFetchFactory.createAttributeList('http://someid')
- expect:
- attributes.size() == 2
- attributes[0].name == 'nickname'
- attributes[0].type == 'http://schema.openid.net/namePerson/friendly'
- !attributes[0].required
- attributes[1].required
- attributes[1].getCount() == 2
- }
+ expect:
+ attributes.size() == 2
+ attributes[0].name == 'nickname'
+ attributes[0].type == 'http://schema.openid.net/namePerson/friendly'
+ !attributes[0].required
+ attributes[1].required
+ attributes[1].getCount() == 2
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/http/InterceptUrlConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/InterceptUrlConfigTests.groovy
index 3a5a40c9b3..39471250da 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/InterceptUrlConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/InterceptUrlConfigTests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -85,80 +85,80 @@ import org.springframework.security.authentication.AuthenticationManager
class InterceptUrlConfigTests extends AbstractHttpConfigTests {
def "SEC-2256: intercept-url method is not given priority"() {
- when:
- httpAutoConfig {
- 'intercept-url'(pattern: '/anyurl', access: "ROLE_USER")
- 'intercept-url'(pattern: '/anyurl', 'method':'GET',access: 'ROLE_ADMIN')
- }
- createAppContext()
+ when:
+ httpAutoConfig {
+ 'intercept-url'(pattern: '/anyurl', access: "ROLE_USER")
+ 'intercept-url'(pattern: '/anyurl', 'method':'GET',access: 'ROLE_ADMIN')
+ }
+ createAppContext()
- def fids = getFilter(FilterSecurityInterceptor).securityMetadataSource
- def attrs = fids.getAttributes(createFilterinvocation("/anyurl", "GET"))
- def attrsPost = fids.getAttributes(createFilterinvocation("/anyurl", "POST"))
+ def fids = getFilter(FilterSecurityInterceptor).securityMetadataSource
+ def attrs = fids.getAttributes(createFilterinvocation("/anyurl", "GET"))
+ def attrsPost = fids.getAttributes(createFilterinvocation("/anyurl", "POST"))
- then:
- attrs.size() == 1
- attrs.contains(new SecurityConfig("ROLE_USER"))
- attrsPost.size() == 1
- attrsPost.contains(new SecurityConfig("ROLE_USER"))
+ then:
+ attrs.size() == 1
+ attrs.contains(new SecurityConfig("ROLE_USER"))
+ attrsPost.size() == 1
+ attrsPost.contains(new SecurityConfig("ROLE_USER"))
}
def "SEC-2355: intercept-url support patch"() {
- setup:
- MockHttpServletRequest request = new MockHttpServletRequest(method:'GET')
- MockHttpServletResponse response = new MockHttpServletResponse()
- MockFilterChain chain = new MockFilterChain()
- xml.http('use-expressions':false) {
- 'http-basic'()
- 'intercept-url'(pattern: '/**', 'method':'PATCH',access: 'ROLE_ADMIN')
- csrf(disabled:true)
- }
- createAppContext()
- when: 'Method other than PATCH is used'
- springSecurityFilterChain.doFilter(request,response,chain)
- then: 'The response is OK'
- response.status == HttpServletResponse.SC_OK
- when: 'Method of PATCH is used'
- request = new MockHttpServletRequest(method:'PATCH')
- response = new MockHttpServletResponse()
- chain = new MockFilterChain()
- springSecurityFilterChain.doFilter(request, response, chain)
- then: 'The response is unauthorized'
- response.status == HttpServletResponse.SC_UNAUTHORIZED
+ setup:
+ MockHttpServletRequest request = new MockHttpServletRequest(method:'GET')
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ MockFilterChain chain = new MockFilterChain()
+ xml.http('use-expressions':false) {
+ 'http-basic'()
+ 'intercept-url'(pattern: '/**', 'method':'PATCH',access: 'ROLE_ADMIN')
+ csrf(disabled:true)
+ }
+ createAppContext()
+ when: 'Method other than PATCH is used'
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then: 'The response is OK'
+ response.status == HttpServletResponse.SC_OK
+ when: 'Method of PATCH is used'
+ request = new MockHttpServletRequest(method:'PATCH')
+ response = new MockHttpServletResponse()
+ chain = new MockFilterChain()
+ springSecurityFilterChain.doFilter(request, response, chain)
+ then: 'The response is unauthorized'
+ response.status == HttpServletResponse.SC_UNAUTHORIZED
}
- def "intercept-url supports hasAnyRoles"() {
- setup:
- MockHttpServletRequest request = new MockHttpServletRequest(method:'GET')
- MockHttpServletResponse response = new MockHttpServletResponse()
- MockFilterChain chain = new MockFilterChain()
- xml.http('use-expressions':true) {
- 'http-basic'()
- 'intercept-url'(pattern: '/**', access: "hasAnyRole('ROLE_DEVELOPER','ROLE_USER')")
- csrf(disabled:true)
- }
- when:
- createAppContext()
- then: 'no error'
- noExceptionThrown()
- when: 'ROLE_USER can access'
- login(request, 'user', 'password')
- springSecurityFilterChain.doFilter(request,response,chain)
- then: 'The response is OK'
- response.status == HttpServletResponse.SC_OK
- when: 'ROLE_A cannot access'
- request = new MockHttpServletRequest(method:'GET')
- response = new MockHttpServletResponse()
- chain = new MockFilterChain()
- login(request, 'bob', 'bobspassword')
- springSecurityFilterChain.doFilter(request,response,chain)
- then: 'The response is Forbidden'
- response.status == HttpServletResponse.SC_FORBIDDEN
+ def "intercept-url supports hasAnyRoles"() {
+ setup:
+ MockHttpServletRequest request = new MockHttpServletRequest(method:'GET')
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ MockFilterChain chain = new MockFilterChain()
+ xml.http('use-expressions':true) {
+ 'http-basic'()
+ 'intercept-url'(pattern: '/**', access: "hasAnyRole('ROLE_DEVELOPER','ROLE_USER')")
+ csrf(disabled:true)
+ }
+ when:
+ createAppContext()
+ then: 'no error'
+ noExceptionThrown()
+ when: 'ROLE_USER can access'
+ login(request, 'user', 'password')
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then: 'The response is OK'
+ response.status == HttpServletResponse.SC_OK
+ when: 'ROLE_A cannot access'
+ request = new MockHttpServletRequest(method:'GET')
+ response = new MockHttpServletResponse()
+ chain = new MockFilterChain()
+ login(request, 'bob', 'bobspassword')
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then: 'The response is Forbidden'
+ response.status == HttpServletResponse.SC_FORBIDDEN
- }
+ }
- def login(MockHttpServletRequest request, String username, String password) {
- String toEncode = username + ':' + password
- request.addHeader('Authorization','Basic ' + new String(Base64.encode(toEncode.getBytes('UTF-8'))))
- }
+ def login(MockHttpServletRequest request, String username, String password) {
+ String toEncode = username + ':' + password
+ request.addHeader('Authorization','Basic ' + new String(Base64.encode(toEncode.getBytes('UTF-8'))))
+ }
}
\ No newline at end of file
diff --git a/config/src/test/groovy/org/springframework/security/config/http/MiscHttpConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/MiscHttpConfigTests.groovy
index 17fdadcfeb..befef784a3 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/MiscHttpConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/MiscHttpConfigTests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -84,719 +84,719 @@ import org.springframework.security.authentication.AuthenticationManager
*/
class MiscHttpConfigTests extends AbstractHttpConfigTests {
- def 'Minimal configuration parses'() {
- setup:
- xml.http {
- 'http-basic'()
- }
- createAppContext()
- }
+ def 'Minimal configuration parses'() {
+ setup:
+ xml.http {
+ 'http-basic'()
+ }
+ createAppContext()
+ }
- def httpAutoConfigSetsUpCorrectFilterList() {
- when:
- xml.http('auto-config': 'true')
- createAppContext()
+ def httpAutoConfigSetsUpCorrectFilterList() {
+ when:
+ xml.http('auto-config': 'true')
+ createAppContext()
- then:
- filtersMatchExpectedAutoConfigList('/anyurl');
- }
+ then:
+ filtersMatchExpectedAutoConfigList('/anyurl');
+ }
- void filtersMatchExpectedAutoConfigList(String url) {
- def filterList = getFilters(url);
- Iterator filters = filterList.iterator();
+ void filtersMatchExpectedAutoConfigList(String url) {
+ def filterList = getFilters(url);
+ Iterator filters = filterList.iterator();
- assert filters.next() instanceof SecurityContextPersistenceFilter
- assert filters.next() instanceof WebAsyncManagerIntegrationFilter
- assert filters.next() instanceof HeaderWriterFilter
- assert filters.next() instanceof CsrfFilter
- assert filters.next() instanceof LogoutFilter
- Object authProcFilter = filters.next();
- assert authProcFilter instanceof UsernamePasswordAuthenticationFilter
- assert filters.next() instanceof DefaultLoginPageGeneratingFilter
- assert filters.next() instanceof BasicAuthenticationFilter
- assert filters.next() instanceof RequestCacheAwareFilter
- assert filters.next() instanceof SecurityContextHolderAwareRequestFilter
- assert filters.next() instanceof AnonymousAuthenticationFilter
- assert filters.next() instanceof SessionManagementFilter
- assert filters.next() instanceof ExceptionTranslationFilter
- Object fsiObj = filters.next();
- assert fsiObj instanceof FilterSecurityInterceptor
- def fsi = (FilterSecurityInterceptor) fsiObj;
- assert fsi.isObserveOncePerRequest()
- }
+ assert filters.next() instanceof SecurityContextPersistenceFilter
+ assert filters.next() instanceof WebAsyncManagerIntegrationFilter
+ assert filters.next() instanceof HeaderWriterFilter
+ assert filters.next() instanceof CsrfFilter
+ assert filters.next() instanceof LogoutFilter
+ Object authProcFilter = filters.next();
+ assert authProcFilter instanceof UsernamePasswordAuthenticationFilter
+ assert filters.next() instanceof DefaultLoginPageGeneratingFilter
+ assert filters.next() instanceof BasicAuthenticationFilter
+ assert filters.next() instanceof RequestCacheAwareFilter
+ assert filters.next() instanceof SecurityContextHolderAwareRequestFilter
+ assert filters.next() instanceof AnonymousAuthenticationFilter
+ assert filters.next() instanceof SessionManagementFilter
+ assert filters.next() instanceof ExceptionTranslationFilter
+ Object fsiObj = filters.next();
+ assert fsiObj instanceof FilterSecurityInterceptor
+ def fsi = (FilterSecurityInterceptor) fsiObj;
+ assert fsi.isObserveOncePerRequest()
+ }
- def filterListShouldBeEmptyForPatternWithNoFilters() {
- xml.debug()
- xml.http(pattern: '/unprotected', security: 'none')
- httpAutoConfig() {}
- createAppContext()
+ def filterListShouldBeEmptyForPatternWithNoFilters() {
+ xml.debug()
+ xml.http(pattern: '/unprotected', security: 'none')
+ httpAutoConfig() {}
+ createAppContext()
- expect:
- getFilters("/unprotected").size() == 0
- }
+ expect:
+ getFilters("/unprotected").size() == 0
+ }
- def debugFilterHandlesMissingAndEmptyFilterChains() {
- when:
- xml.debug()
- xml.http(pattern: '/unprotected', security: 'none')
- createAppContext()
- then:
- Filter debugFilter = appContext.getBean(BeanIds.SPRING_SECURITY_FILTER_CHAIN);
- MockHttpServletRequest request = new MockHttpServletRequest()
- request.setServletPath("/unprotected");
- debugFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
- request.setServletPath("/nomatch");
- debugFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
- }
+ def debugFilterHandlesMissingAndEmptyFilterChains() {
+ when:
+ xml.debug()
+ xml.http(pattern: '/unprotected', security: 'none')
+ createAppContext()
+ then:
+ Filter debugFilter = appContext.getBean(BeanIds.SPRING_SECURITY_FILTER_CHAIN);
+ MockHttpServletRequest request = new MockHttpServletRequest()
+ request.setServletPath("/unprotected");
+ debugFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
+ request.setServletPath("/nomatch");
+ debugFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
+ }
- def regexPathsWorkCorrectly() {
- xml.http(pattern: '\\A\\/[a-z]+', security: 'none', 'request-matcher': 'regex')
- httpAutoConfig() {}
- createAppContext()
+ def regexPathsWorkCorrectly() {
+ xml.http(pattern: '\\A\\/[a-z]+', security: 'none', 'request-matcher': 'regex')
+ httpAutoConfig() {}
+ createAppContext()
- expect:
- getFilters('/imlowercase').size() == 0
- filtersMatchExpectedAutoConfigList('/MixedCase');
- }
+ expect:
+ getFilters('/imlowercase').size() == 0
+ filtersMatchExpectedAutoConfigList('/MixedCase');
+ }
- def ciRegexPathsWorkCorrectly() {
- when:
- xml.http(pattern: '\\A\\/[a-z]+', security: 'none', 'request-matcher': 'ciRegex')
- httpAutoConfig() {}
- createAppContext()
+ def ciRegexPathsWorkCorrectly() {
+ when:
+ xml.http(pattern: '\\A\\/[a-z]+', security: 'none', 'request-matcher': 'ciRegex')
+ httpAutoConfig() {}
+ createAppContext()
- then:
- getFilters('/imMixedCase').size() == 0
- filtersMatchExpectedAutoConfigList('/Im_caught_by_the_Universal_Match');
- }
+ then:
+ getFilters('/imMixedCase').size() == 0
+ filtersMatchExpectedAutoConfigList('/Im_caught_by_the_Universal_Match');
+ }
- def requestMatcherRefWorksCorrectly() {
- xml.http('request-matcher-ref': 'matcher', security: 'none')
- bean('matcher', AntPathRequestMatcher.class.name, ['/nofilters'])
- httpAutoConfig() {}
- createAppContext()
+ def requestMatcherRefWorksCorrectly() {
+ xml.http('request-matcher-ref': 'matcher', security: 'none')
+ bean('matcher', AntPathRequestMatcher.class.name, ['/nofilters'])
+ httpAutoConfig() {}
+ createAppContext()
- expect:
- getFilters('/nofilters').size() == 0
- filtersMatchExpectedAutoConfigList('/somethingElse');
- }
+ expect:
+ getFilters('/nofilters').size() == 0
+ filtersMatchExpectedAutoConfigList('/somethingElse');
+ }
- // SEC-1152
- def anonymousFilterIsAddedByDefault() {
- xml.http {
- 'form-login'()
- }
- createAppContext()
+ // SEC-1152
+ def anonymousFilterIsAddedByDefault() {
+ xml.http {
+ 'form-login'()
+ }
+ createAppContext()
- expect:
- getFilters("/anything")[8] instanceof AnonymousAuthenticationFilter
- }
+ expect:
+ getFilters("/anything")[8] instanceof AnonymousAuthenticationFilter
+ }
- def anonymousFilterIsRemovedIfDisabledFlagSet() {
- xml.http {
- 'form-login'()
- 'anonymous'(enabled: 'false')
- }
- createAppContext()
+ def anonymousFilterIsRemovedIfDisabledFlagSet() {
+ xml.http {
+ 'form-login'()
+ 'anonymous'(enabled: 'false')
+ }
+ createAppContext()
- expect:
- !(getFilters("/anything").get(5) instanceof AnonymousAuthenticationFilter)
- }
+ expect:
+ !(getFilters("/anything").get(5) instanceof AnonymousAuthenticationFilter)
+ }
- def anonymousCustomAttributesAreSetCorrectly() {
- xml.http {
- 'form-login'()
- 'anonymous'(username: 'joe', 'granted-authority':'anonymity', key: 'customKey')
- }
- createAppContext()
+ def anonymousCustomAttributesAreSetCorrectly() {
+ xml.http {
+ 'form-login'()
+ 'anonymous'(username: 'joe', 'granted-authority':'anonymity', key: 'customKey')
+ }
+ createAppContext()
- AnonymousAuthenticationFilter filter = getFilter(AnonymousAuthenticationFilter);
- def providers = appContext.getBeansOfType(AuthenticationManager).values()*.providers.flatten()
+ AnonymousAuthenticationFilter filter = getFilter(AnonymousAuthenticationFilter);
+ def providers = appContext.getBeansOfType(AuthenticationManager).values()*.providers.flatten()
- expect:
- 'customKey' == providers.find { it instanceof AnonymousAuthenticationProvider }.key
- 'customKey' == filter.key
- 'joe' == filter.principal
- 'anonymity' == filter.authorities[0].authority
- }
+ expect:
+ 'customKey' == providers.find { it instanceof AnonymousAuthenticationProvider }.key
+ 'customKey' == filter.key
+ 'joe' == filter.principal
+ 'anonymity' == filter.authorities[0].authority
+ }
- def anonymousSupportsMultipleGrantedAuthorities() {
- xml.http {
- 'form-login'()
- 'anonymous'(username: 'joe', 'granted-authority':'ROLE_INVITADO,ROLE_PROFILE_INVITADO,ROLE_GRUPO_PUBLICO', key: 'customKey')
- }
- createAppContext()
+ def anonymousSupportsMultipleGrantedAuthorities() {
+ xml.http {
+ 'form-login'()
+ 'anonymous'(username: 'joe', 'granted-authority':'ROLE_INVITADO,ROLE_PROFILE_INVITADO,ROLE_GRUPO_PUBLICO', key: 'customKey')
+ }
+ createAppContext()
- AnonymousAuthenticationFilter filter = getFilter(AnonymousAuthenticationFilter);
- def providers = appContext.getBeansOfType(AuthenticationManager).values()*.providers.flatten()
+ AnonymousAuthenticationFilter filter = getFilter(AnonymousAuthenticationFilter);
+ def providers = appContext.getBeansOfType(AuthenticationManager).values()*.providers.flatten()
- expect:
- 'customKey' == providers.find { it instanceof AnonymousAuthenticationProvider }.key
- 'customKey' == filter.key
- 'joe' == filter.principal
- ['ROLE_INVITADO','ROLE_PROFILE_INVITADO','ROLE_GRUPO_PUBLICO'] == filter.authorities*.authority
- }
+ expect:
+ 'customKey' == providers.find { it instanceof AnonymousAuthenticationProvider }.key
+ 'customKey' == filter.key
+ 'joe' == filter.principal
+ ['ROLE_INVITADO','ROLE_PROFILE_INVITADO','ROLE_GRUPO_PUBLICO'] == filter.authorities*.authority
+ }
- def httpMethodMatchIsSupported() {
- httpAutoConfig {
- interceptUrl '/secure*', 'DELETE', 'ROLE_SUPERVISOR'
- interceptUrl '/secure*', 'POST', 'ROLE_A,ROLE_B'
- interceptUrl '/**', 'ROLE_C'
- }
- createAppContext()
+ def httpMethodMatchIsSupported() {
+ httpAutoConfig {
+ interceptUrl '/secure*', 'DELETE', 'ROLE_SUPERVISOR'
+ interceptUrl '/secure*', 'POST', 'ROLE_A,ROLE_B'
+ interceptUrl '/**', 'ROLE_C'
+ }
+ createAppContext()
- def fids = getFilter(FilterSecurityInterceptor).getSecurityMetadataSource();
- def attrs = fids.getAttributes(createFilterinvocation("/secure", "POST"));
+ def fids = getFilter(FilterSecurityInterceptor).getSecurityMetadataSource();
+ def attrs = fids.getAttributes(createFilterinvocation("/secure", "POST"));
- expect:
- attrs.size() == 2
- attrs.contains(new SecurityConfig("ROLE_A"))
- attrs.contains(new SecurityConfig("ROLE_B"))
- }
+ expect:
+ attrs.size() == 2
+ attrs.contains(new SecurityConfig("ROLE_A"))
+ attrs.contains(new SecurityConfig("ROLE_B"))
+ }
def httpMethodMatchIsSupportedForRequiresChannel() {
- httpAutoConfig {
- 'intercept-url'(pattern: '/anyurl')
- 'intercept-url'(pattern: '/anyurl', 'method':'GET',access: 'ROLE_ADMIN', 'requires-channel': 'https')
- }
- createAppContext()
+ httpAutoConfig {
+ 'intercept-url'(pattern: '/anyurl')
+ 'intercept-url'(pattern: '/anyurl', 'method':'GET',access: 'ROLE_ADMIN', 'requires-channel': 'https')
+ }
+ createAppContext()
- def fids = getFilter(ChannelProcessingFilter).getSecurityMetadataSource();
- def attrs = fids.getAttributes(createFilterinvocation("/anyurl", "GET"));
- def attrsPost = fids.getAttributes(createFilterinvocation("/anyurl", "POST"));
+ def fids = getFilter(ChannelProcessingFilter).getSecurityMetadataSource();
+ def attrs = fids.getAttributes(createFilterinvocation("/anyurl", "GET"));
+ def attrsPost = fids.getAttributes(createFilterinvocation("/anyurl", "POST"));
- expect:
- attrs.size() == 1
- attrs.contains(new SecurityConfig("REQUIRES_SECURE_CHANNEL"))
- attrsPost == null
+ expect:
+ attrs.size() == 1
+ attrs.contains(new SecurityConfig("REQUIRES_SECURE_CHANNEL"))
+ attrsPost == null
}
def httpMethodMatchIsSupportedForRequiresChannelAny() {
- httpAutoConfig {
- 'intercept-url'(pattern: '/**')
- 'intercept-url'(pattern: '/**', 'method':'GET',access: 'ROLE_ADMIN', 'requires-channel': 'https')
- }
- createAppContext()
+ httpAutoConfig {
+ 'intercept-url'(pattern: '/**')
+ 'intercept-url'(pattern: '/**', 'method':'GET',access: 'ROLE_ADMIN', 'requires-channel': 'https')
+ }
+ createAppContext()
- def fids = getFilter(ChannelProcessingFilter).getSecurityMetadataSource();
- def attrs = fids.getAttributes(createFilterinvocation("/anyurl", "GET"));
- def attrsPost = fids.getAttributes(createFilterinvocation("/anyurl", "POST"));
+ def fids = getFilter(ChannelProcessingFilter).getSecurityMetadataSource();
+ def attrs = fids.getAttributes(createFilterinvocation("/anyurl", "GET"));
+ def attrsPost = fids.getAttributes(createFilterinvocation("/anyurl", "POST"));
- expect:
- attrs.size() == 1
- attrs.contains(new SecurityConfig("REQUIRES_SECURE_CHANNEL"))
- attrsPost == null
+ expect:
+ attrs.size() == 1
+ attrs.contains(new SecurityConfig("REQUIRES_SECURE_CHANNEL"))
+ attrsPost == null
}
- def oncePerRequestAttributeIsSupported() {
- xml.http('once-per-request': 'false') {
- 'http-basic'()
- }
- createAppContext()
-
- expect:
- !getFilter(FilterSecurityInterceptor).isObserveOncePerRequest()
- }
-
- def httpBasicSupportsSeparateEntryPoint() {
- xml.http() {
- 'http-basic'('entry-point-ref': 'ep')
- }
- bean('ep', BasicAuthenticationEntryPoint.class.name, ['realmName':'whocares'],[:])
- createAppContext();
-
- def baf = getFilter(BasicAuthenticationFilter)
- def etf = getFilter(ExceptionTranslationFilter)
- def ep = appContext.getBean("ep")
-
- expect:
- baf.authenticationEntryPoint == ep
- // Since no other authentication system is in use, this should also end up on the ETF
- etf.authenticationEntryPoint == ep
- }
-
- def interceptUrlWithRequiresChannelAddsChannelFilterToStack() {
- httpAutoConfig {
- 'intercept-url'(pattern: '/**', 'requires-channel': 'https')
- }
- createAppContext();
- List filters = getFilters("/someurl");
-
- expect:
- filters.size() == AUTO_CONFIG_FILTERS + 1
- filters[0] instanceof ChannelProcessingFilter
- }
-
- def portMappingsAreParsedCorrectly() {
- httpAutoConfig {
- 'port-mappings'() {
- 'port-mapping'(http: '9080', https: '9443')
- }
- }
- createAppContext();
-
- def pm = (appContext.getBeansOfType(PortMapperImpl).values() as List)[0];
-
- expect:
- pm.getTranslatedPortMappings().size() == 1
- pm.lookupHttpPort(9443) == 9080
- pm.lookupHttpsPort(9080) == 9443
- }
-
- def externalFiltersAreTreatedCorrectly() {
- httpAutoConfig {
- 'custom-filter'(position: 'FIRST', ref: '${customFilterRef}')
- 'custom-filter'(after: 'LOGOUT_FILTER', ref: 'userFilter')
- 'custom-filter'(before: 'SECURITY_CONTEXT_FILTER', ref: 'userFilter1')
- }
- bean('phc', PropertyPlaceholderConfigurer)
- bean('userFilter', SecurityContextHolderAwareRequestFilter)
- bean('userFilter1', SecurityContextPersistenceFilter)
-
- System.setProperty('customFilterRef', 'userFilter')
- createAppContext();
-
- def filters = getFilters("/someurl");
-
- expect:
- AUTO_CONFIG_FILTERS + 3 == filters.size();
- filters[0] instanceof SecurityContextHolderAwareRequestFilter
- filters[1] instanceof SecurityContextPersistenceFilter
- filters[7] instanceof SecurityContextHolderAwareRequestFilter
- filters[1] instanceof SecurityContextPersistenceFilter
- }
-
- def twoFiltersWithSameOrderAreRejected() {
- when:
- httpAutoConfig {
- 'custom-filter'(position: 'LOGOUT_FILTER', ref: 'userFilter')
- }
- bean('userFilter', SecurityContextHolderAwareRequestFilter)
- createAppContext();
-
- then:
- thrown(BeanDefinitionParsingException)
- }
-
- def x509SupportAddsFilterAtExpectedPosition() {
- httpAutoConfig {
- x509()
- }
- createAppContext()
-
- expect:
- getFilters("/someurl")[5] instanceof X509AuthenticationFilter
- }
-
- def x509SubjectPrincipalRegexCanBeSetUsingPropertyPlaceholder() {
- httpAutoConfig {
- x509('subject-principal-regex':'${subject-principal-regex}')
- }
- bean('phc', PropertyPlaceholderConfigurer.class.name)
- System.setProperty("subject-principal-regex", "uid=(.*),");
- createAppContext()
- def filter = getFilter(X509AuthenticationFilter)
-
- expect:
- filter.principalExtractor.subjectDnPattern.pattern() == "uid=(.*),"
- }
-
- def invalidLogoutSuccessUrlIsDetected() {
- when:
- xml.http {
- 'form-login'()
- 'logout'('logout-success-url': 'noLeadingSlash')
- }
- createAppContext()
-
- then:
- BeanCreationException e = thrown()
- }
-
- def cookiesToDeleteOnLogoutUrlAddsCorrectLogoutHandler() {
- xml.http {
- 'logout'('delete-cookies': 'JSESSIONID, mycookie')
- 'form-login'()
- }
- createAppContext()
- def handlers = getFilter(LogoutFilter).handlers
-
- expect:
- handlers[2] instanceof CookieClearingLogoutHandler
- handlers[2].cookiesToClear[0] == 'JSESSIONID'
- handlers[2].cookiesToClear[1] == 'mycookie'
- }
-
- def logoutSuccessHandlerIsSetCorrectly() {
- xml.http {
- 'form-login'()
- 'logout'('success-handler-ref': 'logoutHandler')
- }
- bean('logoutHandler', SimpleUrlLogoutSuccessHandler)
- createAppContext()
-
- LogoutFilter filter = getFilter(LogoutFilter);
-
- expect:
- FieldUtils.getFieldValue(filter, "logoutSuccessHandler") == appContext.getBean("logoutHandler")
- }
-
- def externalRequestCacheIsConfiguredCorrectly() {
- httpAutoConfig {
- 'request-cache'(ref: 'cache')
- }
- bean('cache', HttpSessionRequestCache.class.name)
- createAppContext()
-
- expect:
- appContext.getBean("cache") == getFilter(ExceptionTranslationFilter.class).requestCache
- }
-
- def customEntryPointIsSupported() {
- xml.http('auto-config': 'true', 'entry-point-ref': 'entryPoint') {}
- bean('entryPoint', MockEntryPoint.class.name)
- createAppContext()
-
- expect:
- getFilter(ExceptionTranslationFilter).getAuthenticationEntryPoint() instanceof MockEntryPoint
- }
-
- /**
- * See SEC-750. If the http security post processor causes beans to be instantiated too eagerly, they way miss
- * additional processing. In this method we have a UserDetailsService which is referenced from the namespace
- * and also has a post processor registered which will modify it.
- */
- def httpElementDoesntInterfereWithBeanPostProcessing() {
- xml.http('auto-config': 'true', 'entry-point-ref': 'entryPoint') {}
- xml.'authentication-manager'() {
- 'authentication-provider'('user-service-ref': 'myUserService')
- 'authentication-provider'('ref': 'authProvider')
- }
- bean('authProvider', DaoAuthenticationProvider.class.name, [:], [userDetailsService: 'myUserService'])
- bean('entryPoint', MockEntryPoint.class.name)
- bean('myUserService', PostProcessedMockUserDetailsService)
- bean('userServicePostProcessor', MockUserServiceBeanPostProcessor)
- bean('nameCollectingPostProcessor', BeanNameCollectingPostProcessor)
- createAppContext("")
- def beanPP = appContext.getBean("nameCollectingPostProcessor")
- Set preInitPPBeans = beanPP.beforeInitPostProcessedBeans
- Set postInitPPBeans = beanPP.afterInitPostProcessedBeans
- Set expectedBeans = ['authProvider', 'entryPoint', 'myUserService'] as Set
-
- expect:
- appContext.getBean("myUserService").getPostProcessorWasHere() == "Hello from the post processor!"
- preInitPPBeans.containsAll(expectedBeans)
- postInitPPBeans.containsAll(expectedBeans)
- }
-
- /* SEC-934 */
- def supportsTwoIdenticalInterceptUrls() {
- httpAutoConfig {
- interceptUrl ('/someUrl', 'ROLE_A')
- interceptUrl ('/someUrl', 'ROLE_B')
- }
- createAppContext()
- def fis = getFilter(FilterSecurityInterceptor)
- def fids = fis.securityMetadataSource
- Collection attrs = fids.getAttributes(createFilterinvocation("/someurl", null));
-
- expect:
- attrs.size() == 1
- attrs.contains(new SecurityConfig("ROLE_B"))
- }
-
- def supportsExternallyDefinedSecurityContextRepository() {
- xml.http('create-session': 'always', 'security-context-repository-ref': 'repo') {
- 'http-basic'()
- }
- bean('repo', HttpSessionSecurityContextRepository)
- createAppContext()
-
- def filter = getFilter(SecurityContextPersistenceFilter)
-
- expect:
- filter.repo == appContext.getBean('repo')
- filter.forceEagerSessionCreation
- }
-
- def expressionBasedAccessAllowsAndDeniesAccessAsExpected() {
- setup:
- xml.http('auto-config': 'true', 'use-expressions': 'true') {
- interceptUrl('/secure*', "hasAnyRole('ROLE_A','ROLE_C')")
- interceptUrl('/**', 'permitAll')
- }
- createAppContext()
-
- def fis = getFilter(FilterSecurityInterceptor)
- def fids = fis.getSecurityMetadataSource()
- Collection attrs = fids.getAttributes(createFilterinvocation("/secure", null));
- assert 1 == attrs.size()
-
- when: "Unprotected URL"
- SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("joe", "", "ROLE_A"));
- fis.invoke(createFilterinvocation("/permitallurl", null));
- then:
- notThrown(AccessDeniedException)
-
- when: "Invoking secure Url as a valid user"
- fis.invoke(createFilterinvocation("/secure", null));
- then:
- notThrown(AccessDeniedException)
-
- when: "User does not have the required role"
- SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("joe", "", "ROLE_B"));
- fis.invoke(createFilterinvocation("/secure", null));
- then:
- thrown(AccessDeniedException)
- }
-
- def expressionBasedAccessSupportsExternalExpressionHandler() {
- setup:
- xml.http('auto-config': 'true', 'use-expressions': 'true') {
- interceptUrl('/**', "hasPermission('AnyObject','R')")
- 'expression-handler'(ref: 'expressionHandler')
- }
- bean('expressionHandler', DefaultWebSecurityExpressionHandler.class.name, [:], [permissionEvaluator: 'pe'])
- bean('pe', MockPermissionEvaluator)
- createAppContext()
-
- def fis = getFilter(FilterSecurityInterceptor)
-
- when: "Invoking allowed URL protected by hasPermission() expression succeeds"
- SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("joe", "", "ANY"));
- fis.invoke(createFilterinvocation("/secure", null));
- then:
- notThrown(AccessDeniedException)
- }
-
- def protectedLoginPageReportsWarning() {
- when:
- xml.http('use-expressions': 'true') {
- 'form-login'('login-page': '/login')
- interceptUrl('/login*', "hasRole('ROLE_A')")
- }
- createAppContext()
- then:
- notThrown(BeansException)
- }
-
- def disablingUrlRewritingThroughTheNamespaceSetsCorrectPropertyOnContextRepo() {
- xml.http('auto-config': 'true', 'disable-url-rewriting': 'true')
- createAppContext()
-
- expect:
- getFilter(SecurityContextPersistenceFilter).repo.disableUrlRewriting
- }
-
- def userDetailsServiceInParentContextIsLocatedSuccessfully() {
- when:
- createAppContext()
- httpAutoConfig {
- 'remember-me'
- }
- appContext = new InMemoryXmlApplicationContext(writer.toString(), appContext)
-
- then:
- notThrown(BeansException)
- }
-
- def httpConfigWithNoAuthProvidersWorksOk() {
- when: "Http config has no internal authentication providers"
- xml.debug()
- xml.http() {
- 'form-login'()
- csrf(disabled:true)
- anonymous(enabled: 'false')
- }
- createAppContext()
- MockHttpServletRequest request = new MockHttpServletRequest("POST", "/login");
- request.setServletPath("/login");
- request.addParameter("username", "bob");
- request.addParameter("password", "bobspassword");
- then: "App context creation and login request succeed"
- DebugFilter debugFilter = appContext.getBean(BeanIds.SPRING_SECURITY_FILTER_CHAIN);
- debugFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
- appListener.events.size() == 2
- appListener.authenticationEvents.size() == 2
- }
-
- def eraseCredentialsDefaultsToTrue() {
- xml.http() {
- 'form-login'()
- }
- createAppContext()
- expect:
- getFilter(UsernamePasswordAuthenticationFilter).authenticationManager.eraseCredentialsAfterAuthentication
- }
-
- def eraseCredentialsIsSetFromParentAuthenticationManager() {
- xml.http() {
- 'form-login'()
- }
- createAppContext("");
- expect:
- !getFilter(UsernamePasswordAuthenticationFilter).authenticationManager.eraseCredentialsAfterAuthentication
- }
-
- def 'SEC-2020 authentication-manager@erase-credentials with http@authentication-manager-ref'() {
- xml.http('authentication-manager-ref':'authMgr') {
- 'form-login'()
- }
- createAppContext("");
- expect:
- def authManager = getFilter(UsernamePasswordAuthenticationFilter).authenticationManager
- !authManager.eraseCredentialsAfterAuthentication
- !authManager.parent.eraseCredentialsAfterAuthentication
- }
-
- def 'authentication-manager@erase-credentials with http@authentication-manager-ref not ProviderManager'() {
- xml.http('authentication-manager-ref':'authMgr') {
- 'form-login'()
- }
- xml.'b:bean'(id: 'authMgr', 'class': MockAuthenticationManager.class.name)
- createAppContext()
- expect:
- def authManager = getFilter(UsernamePasswordAuthenticationFilter).authenticationManager
- !authManager.eraseCredentialsAfterAuthentication
- authManager.parent instanceof MockAuthenticationManager
- }
-
- def jeeFilterExtractsExpectedRoles() {
- xml.http() {
- jee('mappable-roles': 'admin,user,a,b,c')
- }
- createAppContext()
- FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY)
- Principal p = Mock(Principal)
- p.getName() >> 'joe'
-
- when:
-
- MockHttpServletRequest request = new MockHttpServletRequest("GET","/something")
- request.setUserPrincipal(p)
- request.addUserRole('admin')
- request.addUserRole('user')
- request.addUserRole('c')
- request.addUserRole('notmapped')
- fcp.doFilter(request, new MockHttpServletResponse(), new MockFilterChain())
- SecurityContext ctx = request.getSession().getAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY);
- Set roles = AuthorityUtils.authorityListToSet(ctx.getAuthentication().getAuthorities());
-
- then:
- roles.size() == 3
- roles.contains 'ROLE_admin'
- roles.contains 'ROLE_user'
- roles.contains 'ROLE_c'
- }
-
- def authenticationDetailsSourceInjectionSucceeds() {
- xml.http() {
- 'form-login'('authentication-details-source-ref' : 'adsr')
- 'openid-login' ('authentication-details-source-ref' : 'adsr')
- 'http-basic' ('authentication-details-source-ref' : 'adsr')
- 'x509' ('authentication-details-source-ref' : 'adsr')
- }
- bean('adsr', 'org.springframework.security.web.authentication.WebAuthenticationDetailsSource')
- createAppContext()
- def adsr = appContext.getBean('adsr')
- expect:
- getFilter(UsernamePasswordAuthenticationFilter).authenticationDetailsSource == adsr
- getFilter(OpenIDAuthenticationFilter).authenticationDetailsSource == adsr
- getFilter(BasicAuthenticationFilter).authenticationDetailsSource == adsr
- getFilter(X509AuthenticationFilter).authenticationDetailsSource == adsr
- }
-
- def includeJaasApiIntegrationFilter() {
- xml.http(['auto-config':'true','jaas-api-provision':'true'])
- createAppContext()
- expect:
- getFilter(JaasApiIntegrationFilter.class) != null
- }
-
- def httpFirewallInjectionIsSupported() {
- xml.'http-firewall'(ref: 'fw')
- xml.http() {
- 'form-login'()
- }
- bean('fw', DefaultHttpFirewall)
- createAppContext()
- FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY)
- expect:
- fcp.firewall == appContext.getBean('fw')
- }
-
- def customAccessDecisionManagerIsSupported() {
- xml.http('auto-config': 'true', 'access-decision-manager-ref': 'adm')
- xml.'b:bean'(id: 'adm', 'class': AffirmativeBased.class.name) {
- 'b:constructor-arg' {
- 'b:list'() {
- 'b:bean'('class': RoleVoter.class.name)
- 'b:bean'('class': RoleVoter.class.name)
- 'b:bean'('class': RoleVoter.class.name)
- 'b:bean'('class': WebExpressionVoter.class.name)
- }
- }
- }
- createAppContext()
- expect:
- getFilter(FilterSecurityInterceptor.class).accessDecisionManager.decisionVoters[3] instanceof WebExpressionVoter
- }
-
- def customAuthenticationManagerIsSupported() {
- xml.http('auto-config': 'true', 'authentication-manager-ref': 'am')
- xml.'b:bean'(id: 'am', 'class': MockAuthenticationManager.class.name)
- createAppContext("")
- expect:
- getFilter(UsernamePasswordAuthenticationFilter.class).authenticationManager.parent instanceof MockAuthenticationManager
- }
-
- // SEC-1893
- def customPortMappings() {
- when: 'A custom port-mappings is registered'
- def expectedHttpsPortMappings = [8443:8080]
- xml.http('auto-config': 'true') {
- 'intercept-url'('pattern':'/**','requires-channel':'https')
- 'port-mappings' {
- 'port-mapping'(http:'8443',https:'8080')
- }
- }
- createAppContext()
-
- then: 'All the components created by the namespace use that port mapping'
- getFilter(RequestCacheAwareFilter.class).requestCache.portResolver.portMapper.httpsPortMappings == expectedHttpsPortMappings
-
- def channelProcessors = getFilter(ChannelProcessingFilter.class).channelDecisionManager.channelProcessors
- channelProcessors.size() == 2
- channelProcessors.each { cp->
- cp.entryPoint.portMapper.httpsPortMappings == expectedHttpsPortMappings
- cp.entryPoint.portResolver.portMapper.httpsPortMappings == expectedHttpsPortMappings
- }
-
- def authEntryPoint = getFilter(ExceptionTranslationFilter.class).authenticationEntryPoint
- authEntryPoint.portMapper.httpsPortMappings == expectedHttpsPortMappings
- authEntryPoint.portResolver.portMapper.httpsPortMappings == expectedHttpsPortMappings
- }
+ def oncePerRequestAttributeIsSupported() {
+ xml.http('once-per-request': 'false') {
+ 'http-basic'()
+ }
+ createAppContext()
+
+ expect:
+ !getFilter(FilterSecurityInterceptor).isObserveOncePerRequest()
+ }
+
+ def httpBasicSupportsSeparateEntryPoint() {
+ xml.http() {
+ 'http-basic'('entry-point-ref': 'ep')
+ }
+ bean('ep', BasicAuthenticationEntryPoint.class.name, ['realmName':'whocares'],[:])
+ createAppContext();
+
+ def baf = getFilter(BasicAuthenticationFilter)
+ def etf = getFilter(ExceptionTranslationFilter)
+ def ep = appContext.getBean("ep")
+
+ expect:
+ baf.authenticationEntryPoint == ep
+ // Since no other authentication system is in use, this should also end up on the ETF
+ etf.authenticationEntryPoint == ep
+ }
+
+ def interceptUrlWithRequiresChannelAddsChannelFilterToStack() {
+ httpAutoConfig {
+ 'intercept-url'(pattern: '/**', 'requires-channel': 'https')
+ }
+ createAppContext();
+ List filters = getFilters("/someurl");
+
+ expect:
+ filters.size() == AUTO_CONFIG_FILTERS + 1
+ filters[0] instanceof ChannelProcessingFilter
+ }
+
+ def portMappingsAreParsedCorrectly() {
+ httpAutoConfig {
+ 'port-mappings'() {
+ 'port-mapping'(http: '9080', https: '9443')
+ }
+ }
+ createAppContext();
+
+ def pm = (appContext.getBeansOfType(PortMapperImpl).values() as List)[0];
+
+ expect:
+ pm.getTranslatedPortMappings().size() == 1
+ pm.lookupHttpPort(9443) == 9080
+ pm.lookupHttpsPort(9080) == 9443
+ }
+
+ def externalFiltersAreTreatedCorrectly() {
+ httpAutoConfig {
+ 'custom-filter'(position: 'FIRST', ref: '${customFilterRef}')
+ 'custom-filter'(after: 'LOGOUT_FILTER', ref: 'userFilter')
+ 'custom-filter'(before: 'SECURITY_CONTEXT_FILTER', ref: 'userFilter1')
+ }
+ bean('phc', PropertyPlaceholderConfigurer)
+ bean('userFilter', SecurityContextHolderAwareRequestFilter)
+ bean('userFilter1', SecurityContextPersistenceFilter)
+
+ System.setProperty('customFilterRef', 'userFilter')
+ createAppContext();
+
+ def filters = getFilters("/someurl");
+
+ expect:
+ AUTO_CONFIG_FILTERS + 3 == filters.size();
+ filters[0] instanceof SecurityContextHolderAwareRequestFilter
+ filters[1] instanceof SecurityContextPersistenceFilter
+ filters[7] instanceof SecurityContextHolderAwareRequestFilter
+ filters[1] instanceof SecurityContextPersistenceFilter
+ }
+
+ def twoFiltersWithSameOrderAreRejected() {
+ when:
+ httpAutoConfig {
+ 'custom-filter'(position: 'LOGOUT_FILTER', ref: 'userFilter')
+ }
+ bean('userFilter', SecurityContextHolderAwareRequestFilter)
+ createAppContext();
+
+ then:
+ thrown(BeanDefinitionParsingException)
+ }
+
+ def x509SupportAddsFilterAtExpectedPosition() {
+ httpAutoConfig {
+ x509()
+ }
+ createAppContext()
+
+ expect:
+ getFilters("/someurl")[5] instanceof X509AuthenticationFilter
+ }
+
+ def x509SubjectPrincipalRegexCanBeSetUsingPropertyPlaceholder() {
+ httpAutoConfig {
+ x509('subject-principal-regex':'${subject-principal-regex}')
+ }
+ bean('phc', PropertyPlaceholderConfigurer.class.name)
+ System.setProperty("subject-principal-regex", "uid=(.*),");
+ createAppContext()
+ def filter = getFilter(X509AuthenticationFilter)
+
+ expect:
+ filter.principalExtractor.subjectDnPattern.pattern() == "uid=(.*),"
+ }
+
+ def invalidLogoutSuccessUrlIsDetected() {
+ when:
+ xml.http {
+ 'form-login'()
+ 'logout'('logout-success-url': 'noLeadingSlash')
+ }
+ createAppContext()
+
+ then:
+ BeanCreationException e = thrown()
+ }
+
+ def cookiesToDeleteOnLogoutUrlAddsCorrectLogoutHandler() {
+ xml.http {
+ 'logout'('delete-cookies': 'JSESSIONID, mycookie')
+ 'form-login'()
+ }
+ createAppContext()
+ def handlers = getFilter(LogoutFilter).handlers
+
+ expect:
+ handlers[2] instanceof CookieClearingLogoutHandler
+ handlers[2].cookiesToClear[0] == 'JSESSIONID'
+ handlers[2].cookiesToClear[1] == 'mycookie'
+ }
+
+ def logoutSuccessHandlerIsSetCorrectly() {
+ xml.http {
+ 'form-login'()
+ 'logout'('success-handler-ref': 'logoutHandler')
+ }
+ bean('logoutHandler', SimpleUrlLogoutSuccessHandler)
+ createAppContext()
+
+ LogoutFilter filter = getFilter(LogoutFilter);
+
+ expect:
+ FieldUtils.getFieldValue(filter, "logoutSuccessHandler") == appContext.getBean("logoutHandler")
+ }
+
+ def externalRequestCacheIsConfiguredCorrectly() {
+ httpAutoConfig {
+ 'request-cache'(ref: 'cache')
+ }
+ bean('cache', HttpSessionRequestCache.class.name)
+ createAppContext()
+
+ expect:
+ appContext.getBean("cache") == getFilter(ExceptionTranslationFilter.class).requestCache
+ }
+
+ def customEntryPointIsSupported() {
+ xml.http('auto-config': 'true', 'entry-point-ref': 'entryPoint') {}
+ bean('entryPoint', MockEntryPoint.class.name)
+ createAppContext()
+
+ expect:
+ getFilter(ExceptionTranslationFilter).getAuthenticationEntryPoint() instanceof MockEntryPoint
+ }
+
+ /**
+ * See SEC-750. If the http security post processor causes beans to be instantiated too eagerly, they way miss
+ * additional processing. In this method we have a UserDetailsService which is referenced from the namespace
+ * and also has a post processor registered which will modify it.
+ */
+ def httpElementDoesntInterfereWithBeanPostProcessing() {
+ xml.http('auto-config': 'true', 'entry-point-ref': 'entryPoint') {}
+ xml.'authentication-manager'() {
+ 'authentication-provider'('user-service-ref': 'myUserService')
+ 'authentication-provider'('ref': 'authProvider')
+ }
+ bean('authProvider', DaoAuthenticationProvider.class.name, [:], [userDetailsService: 'myUserService'])
+ bean('entryPoint', MockEntryPoint.class.name)
+ bean('myUserService', PostProcessedMockUserDetailsService)
+ bean('userServicePostProcessor', MockUserServiceBeanPostProcessor)
+ bean('nameCollectingPostProcessor', BeanNameCollectingPostProcessor)
+ createAppContext("")
+ def beanPP = appContext.getBean("nameCollectingPostProcessor")
+ Set preInitPPBeans = beanPP.beforeInitPostProcessedBeans
+ Set postInitPPBeans = beanPP.afterInitPostProcessedBeans
+ Set expectedBeans = ['authProvider', 'entryPoint', 'myUserService'] as Set
+
+ expect:
+ appContext.getBean("myUserService").getPostProcessorWasHere() == "Hello from the post processor!"
+ preInitPPBeans.containsAll(expectedBeans)
+ postInitPPBeans.containsAll(expectedBeans)
+ }
+
+ /* SEC-934 */
+ def supportsTwoIdenticalInterceptUrls() {
+ httpAutoConfig {
+ interceptUrl ('/someUrl', 'ROLE_A')
+ interceptUrl ('/someUrl', 'ROLE_B')
+ }
+ createAppContext()
+ def fis = getFilter(FilterSecurityInterceptor)
+ def fids = fis.securityMetadataSource
+ Collection attrs = fids.getAttributes(createFilterinvocation("/someurl", null));
+
+ expect:
+ attrs.size() == 1
+ attrs.contains(new SecurityConfig("ROLE_B"))
+ }
+
+ def supportsExternallyDefinedSecurityContextRepository() {
+ xml.http('create-session': 'always', 'security-context-repository-ref': 'repo') {
+ 'http-basic'()
+ }
+ bean('repo', HttpSessionSecurityContextRepository)
+ createAppContext()
+
+ def filter = getFilter(SecurityContextPersistenceFilter)
+
+ expect:
+ filter.repo == appContext.getBean('repo')
+ filter.forceEagerSessionCreation
+ }
+
+ def expressionBasedAccessAllowsAndDeniesAccessAsExpected() {
+ setup:
+ xml.http('auto-config': 'true', 'use-expressions': 'true') {
+ interceptUrl('/secure*', "hasAnyRole('ROLE_A','ROLE_C')")
+ interceptUrl('/**', 'permitAll')
+ }
+ createAppContext()
+
+ def fis = getFilter(FilterSecurityInterceptor)
+ def fids = fis.getSecurityMetadataSource()
+ Collection attrs = fids.getAttributes(createFilterinvocation("/secure", null));
+ assert 1 == attrs.size()
+
+ when: "Unprotected URL"
+ SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("joe", "", "ROLE_A"));
+ fis.invoke(createFilterinvocation("/permitallurl", null));
+ then:
+ notThrown(AccessDeniedException)
+
+ when: "Invoking secure Url as a valid user"
+ fis.invoke(createFilterinvocation("/secure", null));
+ then:
+ notThrown(AccessDeniedException)
+
+ when: "User does not have the required role"
+ SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("joe", "", "ROLE_B"));
+ fis.invoke(createFilterinvocation("/secure", null));
+ then:
+ thrown(AccessDeniedException)
+ }
+
+ def expressionBasedAccessSupportsExternalExpressionHandler() {
+ setup:
+ xml.http('auto-config': 'true', 'use-expressions': 'true') {
+ interceptUrl('/**', "hasPermission('AnyObject','R')")
+ 'expression-handler'(ref: 'expressionHandler')
+ }
+ bean('expressionHandler', DefaultWebSecurityExpressionHandler.class.name, [:], [permissionEvaluator: 'pe'])
+ bean('pe', MockPermissionEvaluator)
+ createAppContext()
+
+ def fis = getFilter(FilterSecurityInterceptor)
+
+ when: "Invoking allowed URL protected by hasPermission() expression succeeds"
+ SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("joe", "", "ANY"));
+ fis.invoke(createFilterinvocation("/secure", null));
+ then:
+ notThrown(AccessDeniedException)
+ }
+
+ def protectedLoginPageReportsWarning() {
+ when:
+ xml.http('use-expressions': 'true') {
+ 'form-login'('login-page': '/login')
+ interceptUrl('/login*', "hasRole('ROLE_A')")
+ }
+ createAppContext()
+ then:
+ notThrown(BeansException)
+ }
+
+ def disablingUrlRewritingThroughTheNamespaceSetsCorrectPropertyOnContextRepo() {
+ xml.http('auto-config': 'true', 'disable-url-rewriting': 'true')
+ createAppContext()
+
+ expect:
+ getFilter(SecurityContextPersistenceFilter).repo.disableUrlRewriting
+ }
+
+ def userDetailsServiceInParentContextIsLocatedSuccessfully() {
+ when:
+ createAppContext()
+ httpAutoConfig {
+ 'remember-me'
+ }
+ appContext = new InMemoryXmlApplicationContext(writer.toString(), appContext)
+
+ then:
+ notThrown(BeansException)
+ }
+
+ def httpConfigWithNoAuthProvidersWorksOk() {
+ when: "Http config has no internal authentication providers"
+ xml.debug()
+ xml.http() {
+ 'form-login'()
+ csrf(disabled:true)
+ anonymous(enabled: 'false')
+ }
+ createAppContext()
+ MockHttpServletRequest request = new MockHttpServletRequest("POST", "/login");
+ request.setServletPath("/login");
+ request.addParameter("username", "bob");
+ request.addParameter("password", "bobspassword");
+ then: "App context creation and login request succeed"
+ DebugFilter debugFilter = appContext.getBean(BeanIds.SPRING_SECURITY_FILTER_CHAIN);
+ debugFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
+ appListener.events.size() == 2
+ appListener.authenticationEvents.size() == 2
+ }
+
+ def eraseCredentialsDefaultsToTrue() {
+ xml.http() {
+ 'form-login'()
+ }
+ createAppContext()
+ expect:
+ getFilter(UsernamePasswordAuthenticationFilter).authenticationManager.eraseCredentialsAfterAuthentication
+ }
+
+ def eraseCredentialsIsSetFromParentAuthenticationManager() {
+ xml.http() {
+ 'form-login'()
+ }
+ createAppContext("");
+ expect:
+ !getFilter(UsernamePasswordAuthenticationFilter).authenticationManager.eraseCredentialsAfterAuthentication
+ }
+
+ def 'SEC-2020 authentication-manager@erase-credentials with http@authentication-manager-ref'() {
+ xml.http('authentication-manager-ref':'authMgr') {
+ 'form-login'()
+ }
+ createAppContext("");
+ expect:
+ def authManager = getFilter(UsernamePasswordAuthenticationFilter).authenticationManager
+ !authManager.eraseCredentialsAfterAuthentication
+ !authManager.parent.eraseCredentialsAfterAuthentication
+ }
+
+ def 'authentication-manager@erase-credentials with http@authentication-manager-ref not ProviderManager'() {
+ xml.http('authentication-manager-ref':'authMgr') {
+ 'form-login'()
+ }
+ xml.'b:bean'(id: 'authMgr', 'class': MockAuthenticationManager.class.name)
+ createAppContext()
+ expect:
+ def authManager = getFilter(UsernamePasswordAuthenticationFilter).authenticationManager
+ !authManager.eraseCredentialsAfterAuthentication
+ authManager.parent instanceof MockAuthenticationManager
+ }
+
+ def jeeFilterExtractsExpectedRoles() {
+ xml.http() {
+ jee('mappable-roles': 'admin,user,a,b,c')
+ }
+ createAppContext()
+ FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY)
+ Principal p = Mock(Principal)
+ p.getName() >> 'joe'
+
+ when:
+
+ MockHttpServletRequest request = new MockHttpServletRequest("GET","/something")
+ request.setUserPrincipal(p)
+ request.addUserRole('admin')
+ request.addUserRole('user')
+ request.addUserRole('c')
+ request.addUserRole('notmapped')
+ fcp.doFilter(request, new MockHttpServletResponse(), new MockFilterChain())
+ SecurityContext ctx = request.getSession().getAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY);
+ Set roles = AuthorityUtils.authorityListToSet(ctx.getAuthentication().getAuthorities());
+
+ then:
+ roles.size() == 3
+ roles.contains 'ROLE_admin'
+ roles.contains 'ROLE_user'
+ roles.contains 'ROLE_c'
+ }
+
+ def authenticationDetailsSourceInjectionSucceeds() {
+ xml.http() {
+ 'form-login'('authentication-details-source-ref' : 'adsr')
+ 'openid-login' ('authentication-details-source-ref' : 'adsr')
+ 'http-basic' ('authentication-details-source-ref' : 'adsr')
+ 'x509' ('authentication-details-source-ref' : 'adsr')
+ }
+ bean('adsr', 'org.springframework.security.web.authentication.WebAuthenticationDetailsSource')
+ createAppContext()
+ def adsr = appContext.getBean('adsr')
+ expect:
+ getFilter(UsernamePasswordAuthenticationFilter).authenticationDetailsSource == adsr
+ getFilter(OpenIDAuthenticationFilter).authenticationDetailsSource == adsr
+ getFilter(BasicAuthenticationFilter).authenticationDetailsSource == adsr
+ getFilter(X509AuthenticationFilter).authenticationDetailsSource == adsr
+ }
+
+ def includeJaasApiIntegrationFilter() {
+ xml.http(['auto-config':'true','jaas-api-provision':'true'])
+ createAppContext()
+ expect:
+ getFilter(JaasApiIntegrationFilter.class) != null
+ }
+
+ def httpFirewallInjectionIsSupported() {
+ xml.'http-firewall'(ref: 'fw')
+ xml.http() {
+ 'form-login'()
+ }
+ bean('fw', DefaultHttpFirewall)
+ createAppContext()
+ FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY)
+ expect:
+ fcp.firewall == appContext.getBean('fw')
+ }
+
+ def customAccessDecisionManagerIsSupported() {
+ xml.http('auto-config': 'true', 'access-decision-manager-ref': 'adm')
+ xml.'b:bean'(id: 'adm', 'class': AffirmativeBased.class.name) {
+ 'b:constructor-arg' {
+ 'b:list'() {
+ 'b:bean'('class': RoleVoter.class.name)
+ 'b:bean'('class': RoleVoter.class.name)
+ 'b:bean'('class': RoleVoter.class.name)
+ 'b:bean'('class': WebExpressionVoter.class.name)
+ }
+ }
+ }
+ createAppContext()
+ expect:
+ getFilter(FilterSecurityInterceptor.class).accessDecisionManager.decisionVoters[3] instanceof WebExpressionVoter
+ }
+
+ def customAuthenticationManagerIsSupported() {
+ xml.http('auto-config': 'true', 'authentication-manager-ref': 'am')
+ xml.'b:bean'(id: 'am', 'class': MockAuthenticationManager.class.name)
+ createAppContext("")
+ expect:
+ getFilter(UsernamePasswordAuthenticationFilter.class).authenticationManager.parent instanceof MockAuthenticationManager
+ }
+
+ // SEC-1893
+ def customPortMappings() {
+ when: 'A custom port-mappings is registered'
+ def expectedHttpsPortMappings = [8443:8080]
+ xml.http('auto-config': 'true') {
+ 'intercept-url'('pattern':'/**','requires-channel':'https')
+ 'port-mappings' {
+ 'port-mapping'(http:'8443',https:'8080')
+ }
+ }
+ createAppContext()
+
+ then: 'All the components created by the namespace use that port mapping'
+ getFilter(RequestCacheAwareFilter.class).requestCache.portResolver.portMapper.httpsPortMappings == expectedHttpsPortMappings
+
+ def channelProcessors = getFilter(ChannelProcessingFilter.class).channelDecisionManager.channelProcessors
+ channelProcessors.size() == 2
+ channelProcessors.each { cp->
+ cp.entryPoint.portMapper.httpsPortMappings == expectedHttpsPortMappings
+ cp.entryPoint.portResolver.portMapper.httpsPortMappings == expectedHttpsPortMappings
+ }
+
+ def authEntryPoint = getFilter(ExceptionTranslationFilter.class).authenticationEntryPoint
+ authEntryPoint.portMapper.httpsPortMappings == expectedHttpsPortMappings
+ authEntryPoint.portResolver.portMapper.httpsPortMappings == expectedHttpsPortMappings
+ }
}
class MockAuthenticationManager implements AuthenticationManager {
- Authentication authenticate(Authentication authentication) {
- return null
- }
+ Authentication authenticate(Authentication authentication) {
+ return null
+ }
}
class MockPermissionEvaluator implements PermissionEvaluator {
- boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission) {
- return true
- }
+ boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission) {
+ return true
+ }
- boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission) {
- return true
- }
+ boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission) {
+ return true
+ }
}
class MockEntryPoint extends LoginUrlAuthenticationEntryPoint {
- public MockEntryPoint() {
- super("/notused");
- }
+ public MockEntryPoint() {
+ super("/notused");
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy
index a70aa68c43..6f06c39411 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy
@@ -24,110 +24,110 @@ import org.springframework.security.web.SecurityFilterChain
*/
class MultiHttpBlockConfigTests extends AbstractHttpConfigTests {
- def multipleHttpElementsAreSupported () {
- when: "Two elements are used"
- xml.http(pattern: '/stateless/**', 'create-session': 'stateless') {
- 'http-basic'()
- }
- xml.http(pattern: '/stateful/**') {
- 'form-login'()
- }
- createAppContext()
- FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY)
- def filterChains = fcp.getFilterChains();
+ def multipleHttpElementsAreSupported () {
+ when: "Two elements are used"
+ xml.http(pattern: '/stateless/**', 'create-session': 'stateless') {
+ 'http-basic'()
+ }
+ xml.http(pattern: '/stateful/**') {
+ 'form-login'()
+ }
+ createAppContext()
+ FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY)
+ def filterChains = fcp.getFilterChains();
- then:
- filterChains.size() == 2
- filterChains[0].requestMatcher.pattern == '/stateless/**'
- }
+ then:
+ filterChains.size() == 2
+ filterChains[0].requestMatcher.pattern == '/stateless/**'
+ }
- def duplicateHttpElementsAreRejected () {
- when: "Two elements are used"
- xml.http('create-session': 'stateless') {
- 'http-basic'()
- }
- xml.http() {
- 'form-login'()
- }
- createAppContext()
- then:
- BeanCreationException e = thrown()
- e.cause instanceof IllegalArgumentException
- }
+ def duplicateHttpElementsAreRejected () {
+ when: "Two elements are used"
+ xml.http('create-session': 'stateless') {
+ 'http-basic'()
+ }
+ xml.http() {
+ 'form-login'()
+ }
+ createAppContext()
+ then:
+ BeanCreationException e = thrown()
+ e.cause instanceof IllegalArgumentException
+ }
- def duplicatePatternsAreRejected () {
- when: "Two elements with the same pattern are used"
- xml.http(pattern: '/stateless/**', 'create-session': 'stateless') {
- 'http-basic'()
- }
- xml.http(pattern: '/stateless/**') {
- 'form-login'()
- }
- createAppContext()
- then:
- BeanCreationException e = thrown()
- e.cause instanceof IllegalArgumentException
- }
+ def duplicatePatternsAreRejected () {
+ when: "Two elements with the same pattern are used"
+ xml.http(pattern: '/stateless/**', 'create-session': 'stateless') {
+ 'http-basic'()
+ }
+ xml.http(pattern: '/stateless/**') {
+ 'form-login'()
+ }
+ createAppContext()
+ then:
+ BeanCreationException e = thrown()
+ e.cause instanceof IllegalArgumentException
+ }
- def 'SEC-1937: http@authentication-manager-ref and multi authentication-mananager'() {
- setup:
- xml.http('authentication-manager-ref' : 'authManager', 'pattern' : '/first/**') {
- 'form-login'('login-processing-url': '/first/login')
- csrf(disabled:true)
- }
- xml.http('authentication-manager-ref' : 'authManager2') {
- 'form-login'()
- csrf(disabled:true)
- }
- mockBean(UserDetailsService,'uds')
- mockBean(UserDetailsService,'uds2')
- createAppContext("""
+ def 'SEC-1937: http@authentication-manager-ref and multi authentication-mananager'() {
+ setup:
+ xml.http('authentication-manager-ref' : 'authManager', 'pattern' : '/first/**') {
+ 'form-login'('login-processing-url': '/first/login')
+ csrf(disabled:true)
+ }
+ xml.http('authentication-manager-ref' : 'authManager2') {
+ 'form-login'()
+ csrf(disabled:true)
+ }
+ mockBean(UserDetailsService,'uds')
+ mockBean(UserDetailsService,'uds2')
+ createAppContext("""
-
+
-
+
""")
- UserDetailsService uds = appContext.getBean('uds')
- UserDetailsService uds2 = appContext.getBean('uds2')
- when:
- MockHttpServletRequest request = new MockHttpServletRequest()
- MockHttpServletResponse response = new MockHttpServletResponse()
- MockFilterChain chain = new MockFilterChain()
- request.servletPath = "/first/login"
- request.requestURI = "/first/login"
- request.method = 'POST'
- springSecurityFilterChain.doFilter(request,response,chain)
- then:
- verify(uds).loadUserByUsername(anyString()) || true
- verifyZeroInteractions(uds2) || true
- when:
- MockHttpServletRequest request2 = new MockHttpServletRequest()
- MockHttpServletResponse response2 = new MockHttpServletResponse()
- MockFilterChain chain2 = new MockFilterChain()
- request2.servletPath = "/login"
- request2.requestURI = "/login"
- request2.method = 'POST'
- springSecurityFilterChain.doFilter(request2,response2,chain2)
- then:
- verify(uds2).loadUserByUsername(anyString()) || true
- verifyNoMoreInteractions(uds) || true
- }
+ UserDetailsService uds = appContext.getBean('uds')
+ UserDetailsService uds2 = appContext.getBean('uds2')
+ when:
+ MockHttpServletRequest request = new MockHttpServletRequest()
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ MockFilterChain chain = new MockFilterChain()
+ request.servletPath = "/first/login"
+ request.requestURI = "/first/login"
+ request.method = 'POST'
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ verify(uds).loadUserByUsername(anyString()) || true
+ verifyZeroInteractions(uds2) || true
+ when:
+ MockHttpServletRequest request2 = new MockHttpServletRequest()
+ MockHttpServletResponse response2 = new MockHttpServletResponse()
+ MockFilterChain chain2 = new MockFilterChain()
+ request2.servletPath = "/login"
+ request2.requestURI = "/login"
+ request2.method = 'POST'
+ springSecurityFilterChain.doFilter(request2,response2,chain2)
+ then:
+ verify(uds2).loadUserByUsername(anyString()) || true
+ verifyNoMoreInteractions(uds) || true
+ }
- def multipleAuthenticationManagersWorks () {
- xml.http(name: 'basic', pattern: '/basic/**', ) {
- 'http-basic'()
- }
- xml.http(pattern: '/form/**') {
- 'form-login'()
- }
- createAppContext()
- FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY)
- SecurityFilterChain basicChain = fcp.filterChains[0];
+ def multipleAuthenticationManagersWorks () {
+ xml.http(name: 'basic', pattern: '/basic/**', ) {
+ 'http-basic'()
+ }
+ xml.http(pattern: '/form/**') {
+ 'form-login'()
+ }
+ createAppContext()
+ FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY)
+ SecurityFilterChain basicChain = fcp.filterChains[0];
- expect:
- Assert.assertSame (basicChain, appContext.getBean('basic'))
- }
+ expect:
+ Assert.assertSame (basicChain, appContext.getBean('basic'))
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/http/PlaceHolderAndELConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/PlaceHolderAndELConfigTests.groovy
index 18feac728a..b7e3f92319 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/PlaceHolderAndELConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/PlaceHolderAndELConfigTests.groovy
@@ -17,140 +17,140 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
class PlaceHolderAndELConfigTests extends AbstractHttpConfigTests {
- def setup() {
- // Add a PropertyPlaceholderConfigurer to the context for all the tests
- bean(PropertyPlaceholderConfigurer.class.name, PropertyPlaceholderConfigurer.class)
- }
+ def setup() {
+ // Add a PropertyPlaceholderConfigurer to the context for all the tests
+ bean(PropertyPlaceholderConfigurer.class.name, PropertyPlaceholderConfigurer.class)
+ }
- def unsecuredPatternSupportsPlaceholderForPattern() {
- System.setProperty("pattern.nofilters", "/unprotected");
+ def unsecuredPatternSupportsPlaceholderForPattern() {
+ System.setProperty("pattern.nofilters", "/unprotected");
- xml.http(pattern: '${pattern.nofilters}', security: 'none')
- httpAutoConfig() {
- interceptUrl('/**', 'ROLE_A')
- }
- createAppContext()
+ xml.http(pattern: '${pattern.nofilters}', security: 'none')
+ httpAutoConfig() {
+ interceptUrl('/**', 'ROLE_A')
+ }
+ createAppContext()
- List filters = getFilters("/unprotected");
+ List filters = getFilters("/unprotected");
- expect:
- filters.size() == 0
- }
+ expect:
+ filters.size() == 0
+ }
- // SEC-1201
- def interceptUrlsAndFormLoginSupportPropertyPlaceholders() {
- System.setProperty("secure.Url", "/Secure");
- System.setProperty("secure.role", "ROLE_A");
- System.setProperty("login.page", "/loginPage");
- System.setProperty("default.target", "/defaultTarget");
- System.setProperty("auth.failure", "/authFailure");
+ // SEC-1201
+ def interceptUrlsAndFormLoginSupportPropertyPlaceholders() {
+ System.setProperty("secure.Url", "/Secure");
+ System.setProperty("secure.role", "ROLE_A");
+ System.setProperty("login.page", "/loginPage");
+ System.setProperty("default.target", "/defaultTarget");
+ System.setProperty("auth.failure", "/authFailure");
- xml.http(pattern: '${login.page}', security: 'none')
- xml.http('use-expressions':false) {
- interceptUrl('${secure.Url}', '${secure.role}')
- 'form-login'('login-page':'${login.page}', 'default-target-url': '${default.target}',
- 'authentication-failure-url':'${auth.failure}');
- }
- createAppContext();
+ xml.http(pattern: '${login.page}', security: 'none')
+ xml.http('use-expressions':false) {
+ interceptUrl('${secure.Url}', '${secure.role}')
+ 'form-login'('login-page':'${login.page}', 'default-target-url': '${default.target}',
+ 'authentication-failure-url':'${auth.failure}');
+ }
+ createAppContext();
- expect:
- propertyValuesMatchPlaceholders()
- getFilters("/loginPage").size() == 0
- }
+ expect:
+ propertyValuesMatchPlaceholders()
+ getFilters("/loginPage").size() == 0
+ }
- // SEC-1309
- def interceptUrlsAndFormLoginSupportEL() {
- System.setProperty("secure.url", "/Secure");
- System.setProperty("secure.role", "ROLE_A");
- System.setProperty("login.page", "/loginPage");
- System.setProperty("default.target", "/defaultTarget");
- System.setProperty("auth.failure", "/authFailure");
+ // SEC-1309
+ def interceptUrlsAndFormLoginSupportEL() {
+ System.setProperty("secure.url", "/Secure");
+ System.setProperty("secure.role", "ROLE_A");
+ System.setProperty("login.page", "/loginPage");
+ System.setProperty("default.target", "/defaultTarget");
+ System.setProperty("auth.failure", "/authFailure");
- xml.http('use-expressions':false) {
- interceptUrl("#{systemProperties['secure.url']}", "#{systemProperties['secure.role']}")
- 'form-login'('login-page':"#{systemProperties['login.page']}", 'default-target-url': "#{systemProperties['default.target']}",
- 'authentication-failure-url':"#{systemProperties['auth.failure']}");
- }
- createAppContext()
+ xml.http('use-expressions':false) {
+ interceptUrl("#{systemProperties['secure.url']}", "#{systemProperties['secure.role']}")
+ 'form-login'('login-page':"#{systemProperties['login.page']}", 'default-target-url': "#{systemProperties['default.target']}",
+ 'authentication-failure-url':"#{systemProperties['auth.failure']}");
+ }
+ createAppContext()
- expect:
- propertyValuesMatchPlaceholders()
- }
+ expect:
+ propertyValuesMatchPlaceholders()
+ }
- private void propertyValuesMatchPlaceholders() {
- // Check the security attribute
- def fis = getFilter(FilterSecurityInterceptor);
- def fids = fis.getSecurityMetadataSource();
- Collection attrs = fids.getAttributes(createFilterinvocation("/secure", null));
- assert attrs.size() == 1
- assert attrs.contains(new SecurityConfig("ROLE_A"))
+ private void propertyValuesMatchPlaceholders() {
+ // Check the security attribute
+ def fis = getFilter(FilterSecurityInterceptor);
+ def fids = fis.getSecurityMetadataSource();
+ Collection attrs = fids.getAttributes(createFilterinvocation("/secure", null));
+ assert attrs.size() == 1
+ assert attrs.contains(new SecurityConfig("ROLE_A"))
- // Check the form login properties are set
- def apf = getFilter(UsernamePasswordAuthenticationFilter)
- assert FieldUtils.getFieldValue(apf, "successHandler.defaultTargetUrl") == '/defaultTarget'
- assert "/authFailure" == FieldUtils.getFieldValue(apf, "failureHandler.defaultFailureUrl")
+ // Check the form login properties are set
+ def apf = getFilter(UsernamePasswordAuthenticationFilter)
+ assert FieldUtils.getFieldValue(apf, "successHandler.defaultTargetUrl") == '/defaultTarget'
+ assert "/authFailure" == FieldUtils.getFieldValue(apf, "failureHandler.defaultFailureUrl")
- def etf = getFilter(ExceptionTranslationFilter)
- assert "/loginPage"== etf.authenticationEntryPoint.loginFormUrl
- }
+ def etf = getFilter(ExceptionTranslationFilter)
+ assert "/loginPage"== etf.authenticationEntryPoint.loginFormUrl
+ }
- def portMappingsWorkWithPlaceholdersAndEL() {
- System.setProperty("http", "9080");
- System.setProperty("https", "9443");
+ def portMappingsWorkWithPlaceholdersAndEL() {
+ System.setProperty("http", "9080");
+ System.setProperty("https", "9443");
- httpAutoConfig {
- 'port-mappings'() {
- 'port-mapping'(http: '#{systemProperties.http}', https: '${https}')
- }
- }
- createAppContext();
+ httpAutoConfig {
+ 'port-mappings'() {
+ 'port-mapping'(http: '#{systemProperties.http}', https: '${https}')
+ }
+ }
+ createAppContext();
- def pm = (appContext.getBeansOfType(PortMapperImpl).values() as List)[0];
+ def pm = (appContext.getBeansOfType(PortMapperImpl).values() as List)[0];
- expect:
- pm.getTranslatedPortMappings().size() == 1
- pm.lookupHttpPort(9443) == 9080
- pm.lookupHttpsPort(9080) == 9443
- }
+ expect:
+ pm.getTranslatedPortMappings().size() == 1
+ pm.lookupHttpPort(9443) == 9080
+ pm.lookupHttpsPort(9080) == 9443
+ }
- def requiresChannelSupportsPlaceholder() {
- System.setProperty("secure.url", "/secure");
- System.setProperty("required.channel", "https");
+ def requiresChannelSupportsPlaceholder() {
+ System.setProperty("secure.url", "/secure");
+ System.setProperty("required.channel", "https");
- httpAutoConfig {
- 'intercept-url'(pattern: '${secure.url}', 'requires-channel': '${required.channel}')
- }
- createAppContext();
- List filters = getFilters("/secure");
+ httpAutoConfig {
+ 'intercept-url'(pattern: '${secure.url}', 'requires-channel': '${required.channel}')
+ }
+ createAppContext();
+ List filters = getFilters("/secure");
- expect:
- filters.size() == AUTO_CONFIG_FILTERS + 1
- filters[0] instanceof ChannelProcessingFilter
- MockHttpServletRequest request = new MockHttpServletRequest();
- request.setServletPath("/secure");
- MockHttpServletResponse response = new MockHttpServletResponse();
- filters[0].doFilter(request, response, new MockFilterChain());
- response.getRedirectedUrl().startsWith("https")
- }
+ expect:
+ filters.size() == AUTO_CONFIG_FILTERS + 1
+ filters[0] instanceof ChannelProcessingFilter
+ MockHttpServletRequest request = new MockHttpServletRequest();
+ request.setServletPath("/secure");
+ MockHttpServletResponse response = new MockHttpServletResponse();
+ filters[0].doFilter(request, response, new MockFilterChain());
+ response.getRedirectedUrl().startsWith("https")
+ }
- def accessDeniedPageWorksWithPlaceholders() {
- System.setProperty("accessDenied", "/go-away");
- xml.http('auto-config': 'true') {
- 'access-denied-handler'('error-page' : '${accessDenied}') {}
- }
- createAppContext();
+ def accessDeniedPageWorksWithPlaceholders() {
+ System.setProperty("accessDenied", "/go-away");
+ xml.http('auto-config': 'true') {
+ 'access-denied-handler'('error-page' : '${accessDenied}') {}
+ }
+ createAppContext();
- expect:
- FieldUtils.getFieldValue(getFilter(ExceptionTranslationFilter.class), "accessDeniedHandler.errorPage") == '/go-away'
- }
+ expect:
+ FieldUtils.getFieldValue(getFilter(ExceptionTranslationFilter.class), "accessDeniedHandler.errorPage") == '/go-away'
+ }
- def accessDeniedHandlerPageWorksWithEL() {
- httpAutoConfig {
- 'access-denied-handler'('error-page': "#{'/go' + '-away'}")
- }
- createAppContext()
+ def accessDeniedHandlerPageWorksWithEL() {
+ httpAutoConfig {
+ 'access-denied-handler'('error-page': "#{'/go' + '-away'}")
+ }
+ createAppContext()
- expect:
- getFilter(ExceptionTranslationFilter).accessDeniedHandler.errorPage == '/go-away'
- }
+ expect:
+ getFilter(ExceptionTranslationFilter).accessDeniedHandler.errorPage == '/go-away'
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/http/RememberMeConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/RememberMeConfigTests.groovy
index 5f29b6c301..77a8b782ea 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/RememberMeConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/RememberMeConfigTests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -45,268 +45,268 @@ import org.springframework.security.web.authentication.rememberme.TokenBasedReme
*/
class RememberMeConfigTests extends AbstractHttpConfigTests {
- def rememberMeServiceWorksWithTokenRepoRef() {
- httpAutoConfig () {
- 'remember-me'('token-repository-ref': 'tokenRepo')
- }
- bean('tokenRepo', CustomTokenRepository.class.name)
+ def rememberMeServiceWorksWithTokenRepoRef() {
+ httpAutoConfig () {
+ 'remember-me'('token-repository-ref': 'tokenRepo')
+ }
+ bean('tokenRepo', CustomTokenRepository.class.name)
- createAppContext(AUTH_PROVIDER_XML)
+ createAppContext(AUTH_PROVIDER_XML)
- def rememberMeServices = rememberMeServices()
+ def rememberMeServices = rememberMeServices()
- expect:
- rememberMeServices instanceof PersistentTokenBasedRememberMeServices
- rememberMeServices.tokenRepository instanceof CustomTokenRepository
- FieldUtils.getFieldValue(rememberMeServices, "useSecureCookie") == null
- }
+ expect:
+ rememberMeServices instanceof PersistentTokenBasedRememberMeServices
+ rememberMeServices.tokenRepository instanceof CustomTokenRepository
+ FieldUtils.getFieldValue(rememberMeServices, "useSecureCookie") == null
+ }
- def rememberMeServiceWorksWithDataSourceRef() {
- httpAutoConfig () {
- 'remember-me'('data-source-ref': 'ds')
- }
- bean('ds', TestDataSource.class.name, ['tokendb'])
+ def rememberMeServiceWorksWithDataSourceRef() {
+ httpAutoConfig () {
+ 'remember-me'('data-source-ref': 'ds')
+ }
+ bean('ds', TestDataSource.class.name, ['tokendb'])
- createAppContext(AUTH_PROVIDER_XML)
+ createAppContext(AUTH_PROVIDER_XML)
- def rememberMeServices = rememberMeServices()
+ def rememberMeServices = rememberMeServices()
- expect:
- rememberMeServices instanceof PersistentTokenBasedRememberMeServices
- rememberMeServices.tokenRepository instanceof JdbcTokenRepositoryImpl
- }
+ expect:
+ rememberMeServices instanceof PersistentTokenBasedRememberMeServices
+ rememberMeServices.tokenRepository instanceof JdbcTokenRepositoryImpl
+ }
- def rememberMeServiceWorksWithAuthenticationSuccessHandlerRef() {
- httpAutoConfig () {
- 'remember-me'('authentication-success-handler-ref': 'sh')
- }
- bean('sh', SimpleUrlAuthenticationSuccessHandler.class.name, ['/target'])
+ def rememberMeServiceWorksWithAuthenticationSuccessHandlerRef() {
+ httpAutoConfig () {
+ 'remember-me'('authentication-success-handler-ref': 'sh')
+ }
+ bean('sh', SimpleUrlAuthenticationSuccessHandler.class.name, ['/target'])
- createAppContext(AUTH_PROVIDER_XML)
+ createAppContext(AUTH_PROVIDER_XML)
- expect:
- getFilter(RememberMeAuthenticationFilter.class).successHandler instanceof SimpleUrlAuthenticationSuccessHandler
- }
+ expect:
+ getFilter(RememberMeAuthenticationFilter.class).successHandler instanceof SimpleUrlAuthenticationSuccessHandler
+ }
- def rememberMeServiceWorksWithExternalServicesImpl() {
- httpAutoConfig () {
- 'remember-me'('key': "#{'our' + 'key'}", 'services-ref': 'rms')
- csrf(disabled:true)
- }
- xml.'b:bean'(id: 'rms', 'class': TokenBasedRememberMeServices.class.name) {
- 'b:constructor-arg'(value: 'ourKey')
- 'b:constructor-arg'(ref: 'us')
- 'b:property'(name: 'tokenValiditySeconds', value: '5000')
- }
+ def rememberMeServiceWorksWithExternalServicesImpl() {
+ httpAutoConfig () {
+ 'remember-me'('key': "#{'our' + 'key'}", 'services-ref': 'rms')
+ csrf(disabled:true)
+ }
+ xml.'b:bean'(id: 'rms', 'class': TokenBasedRememberMeServices.class.name) {
+ 'b:constructor-arg'(value: 'ourKey')
+ 'b:constructor-arg'(ref: 'us')
+ 'b:property'(name: 'tokenValiditySeconds', value: '5000')
+ }
- createAppContext(AUTH_PROVIDER_XML)
+ createAppContext(AUTH_PROVIDER_XML)
- List logoutHandlers = FieldUtils.getFieldValue(getFilter(LogoutFilter.class), "handlers");
- Map ams = appContext.getBeansOfType(ProviderManager.class);
- ProviderManager am = (ams.values() as List).find { it instanceof ProviderManager && it.providers.size() == 2}
- RememberMeAuthenticationProvider rmp = am.providers.find { it instanceof RememberMeAuthenticationProvider}
+ List logoutHandlers = FieldUtils.getFieldValue(getFilter(LogoutFilter.class), "handlers");
+ Map ams = appContext.getBeansOfType(ProviderManager.class);
+ ProviderManager am = (ams.values() as List).find { it instanceof ProviderManager && it.providers.size() == 2}
+ RememberMeAuthenticationProvider rmp = am.providers.find { it instanceof RememberMeAuthenticationProvider}
- expect:
- rmp != null
- 5000 == FieldUtils.getFieldValue(rememberMeServices(), "tokenValiditySeconds")
- // SEC-909
- logoutHandlers.size() == 2
- logoutHandlers.get(1) == rememberMeServices()
- // SEC-1281
- rmp.key == "ourkey"
- }
+ expect:
+ rmp != null
+ 5000 == FieldUtils.getFieldValue(rememberMeServices(), "tokenValiditySeconds")
+ // SEC-909
+ logoutHandlers.size() == 2
+ logoutHandlers.get(1) == rememberMeServices()
+ // SEC-1281
+ rmp.key == "ourkey"
+ }
- def rememberMeAddsLogoutHandlerToLogoutFilter() {
- httpAutoConfig () {
- 'remember-me'()
- csrf(disabled:true)
- }
- createAppContext(AUTH_PROVIDER_XML)
+ def rememberMeAddsLogoutHandlerToLogoutFilter() {
+ httpAutoConfig () {
+ 'remember-me'()
+ csrf(disabled:true)
+ }
+ createAppContext(AUTH_PROVIDER_XML)
- def rememberMeServices = rememberMeServices()
- List logoutHandlers = getFilter(LogoutFilter.class).handlers
+ def rememberMeServices = rememberMeServices()
+ List logoutHandlers = getFilter(LogoutFilter.class).handlers
- expect:
- rememberMeServices
- logoutHandlers.size() == 2
- logoutHandlers.get(0) instanceof SecurityContextLogoutHandler
- logoutHandlers.get(1) == rememberMeServices
- }
+ expect:
+ rememberMeServices
+ logoutHandlers.size() == 2
+ logoutHandlers.get(0) instanceof SecurityContextLogoutHandler
+ logoutHandlers.get(1) == rememberMeServices
+ }
- def rememberMeTokenValidityIsParsedCorrectly() {
- httpAutoConfig () {
- 'remember-me'('key': 'ourkey', 'token-validity-seconds':'10000')
- }
+ def rememberMeTokenValidityIsParsedCorrectly() {
+ httpAutoConfig () {
+ 'remember-me'('key': 'ourkey', 'token-validity-seconds':'10000')
+ }
- createAppContext(AUTH_PROVIDER_XML)
+ createAppContext(AUTH_PROVIDER_XML)
- def rememberMeServices = rememberMeServices()
- def rememberMeFilter = getFilter(RememberMeAuthenticationFilter.class)
+ def rememberMeServices = rememberMeServices()
+ def rememberMeFilter = getFilter(RememberMeAuthenticationFilter.class)
- expect:
- rememberMeFilter.authenticationManager
- rememberMeServices.key == 'ourkey'
- rememberMeServices.tokenValiditySeconds == 10000
- rememberMeServices.userDetailsService
- }
+ expect:
+ rememberMeFilter.authenticationManager
+ rememberMeServices.key == 'ourkey'
+ rememberMeServices.tokenValiditySeconds == 10000
+ rememberMeServices.userDetailsService
+ }
- def 'Remember-me token validity allows negative value for non-persistent implementation'() {
- httpAutoConfig () {
- 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1')
- }
+ def 'Remember-me token validity allows negative value for non-persistent implementation'() {
+ httpAutoConfig () {
+ 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1')
+ }
- createAppContext(AUTH_PROVIDER_XML)
- expect:
- rememberMeServices().tokenValiditySeconds == -1
- }
+ createAppContext(AUTH_PROVIDER_XML)
+ expect:
+ rememberMeServices().tokenValiditySeconds == -1
+ }
- def 'remember-me@token-validity-seconds denies for persistent implementation'() {
- setup:
- httpAutoConfig () {
- 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1', 'dataSource' : 'dataSource')
- }
- mockBean(DataSource)
- when:
- createAppContext(AUTH_PROVIDER_XML)
- then:
- thrown(FatalBeanException)
- }
+ def 'remember-me@token-validity-seconds denies for persistent implementation'() {
+ setup:
+ httpAutoConfig () {
+ 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1', 'dataSource' : 'dataSource')
+ }
+ mockBean(DataSource)
+ when:
+ createAppContext(AUTH_PROVIDER_XML)
+ then:
+ thrown(FatalBeanException)
+ }
- def 'SEC-2165: remember-me@token-validity-seconds allows property placeholders'() {
- when:
- httpAutoConfig () {
- 'remember-me'('key': 'ourkey', 'token-validity-seconds':'${security.rememberme.ttl}')
- }
- xml.'b:bean'(class: PropertyPlaceholderConfigurer.name) {
- 'b:property'(name:'properties', value:'security.rememberme.ttl=30')
- }
+ def 'SEC-2165: remember-me@token-validity-seconds allows property placeholders'() {
+ when:
+ httpAutoConfig () {
+ 'remember-me'('key': 'ourkey', 'token-validity-seconds':'${security.rememberme.ttl}')
+ }
+ xml.'b:bean'(class: PropertyPlaceholderConfigurer.name) {
+ 'b:property'(name:'properties', value:'security.rememberme.ttl=30')
+ }
- createAppContext(AUTH_PROVIDER_XML)
- then:
- rememberMeServices().tokenValiditySeconds == 30
- }
+ createAppContext(AUTH_PROVIDER_XML)
+ then:
+ rememberMeServices().tokenValiditySeconds == 30
+ }
- def rememberMeSecureCookieAttributeIsSetCorrectly() {
- httpAutoConfig () {
- 'remember-me'('key': 'ourkey', 'use-secure-cookie':'true')
- }
+ def rememberMeSecureCookieAttributeIsSetCorrectly() {
+ httpAutoConfig () {
+ 'remember-me'('key': 'ourkey', 'use-secure-cookie':'true')
+ }
- createAppContext(AUTH_PROVIDER_XML)
- expect:
- FieldUtils.getFieldValue(rememberMeServices(), "useSecureCookie")
- }
+ createAppContext(AUTH_PROVIDER_XML)
+ expect:
+ FieldUtils.getFieldValue(rememberMeServices(), "useSecureCookie")
+ }
- // SEC-1827
- def rememberMeSecureCookieAttributeFalse() {
- httpAutoConfig () {
- 'remember-me'('key': 'ourkey', 'use-secure-cookie':'false')
- }
+ // SEC-1827
+ def rememberMeSecureCookieAttributeFalse() {
+ httpAutoConfig () {
+ 'remember-me'('key': 'ourkey', 'use-secure-cookie':'false')
+ }
- createAppContext(AUTH_PROVIDER_XML)
- expect: 'useSecureCookie is false'
- FieldUtils.getFieldValue(rememberMeServices(), "useSecureCookie") == Boolean.FALSE
- }
+ createAppContext(AUTH_PROVIDER_XML)
+ expect: 'useSecureCookie is false'
+ FieldUtils.getFieldValue(rememberMeServices(), "useSecureCookie") == Boolean.FALSE
+ }
- def 'Negative token-validity is rejected with persistent implementation'() {
- when:
- httpAutoConfig () {
- 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1', 'token-repository-ref': 'tokenRepo')
- }
- bean('tokenRepo', InMemoryTokenRepositoryImpl.class.name)
- createAppContext(AUTH_PROVIDER_XML)
+ def 'Negative token-validity is rejected with persistent implementation'() {
+ when:
+ httpAutoConfig () {
+ 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1', 'token-repository-ref': 'tokenRepo')
+ }
+ bean('tokenRepo', InMemoryTokenRepositoryImpl.class.name)
+ createAppContext(AUTH_PROVIDER_XML)
- then:
- BeanDefinitionParsingException e = thrown()
- }
+ then:
+ BeanDefinitionParsingException e = thrown()
+ }
- def 'Custom user service is supported'() {
- when:
- httpAutoConfig () {
- 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1', 'user-service-ref': 'userService')
- }
- bean('userService', MockUserDetailsService.class.name)
- createAppContext(AUTH_PROVIDER_XML)
+ def 'Custom user service is supported'() {
+ when:
+ httpAutoConfig () {
+ 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1', 'user-service-ref': 'userService')
+ }
+ bean('userService', MockUserDetailsService.class.name)
+ createAppContext(AUTH_PROVIDER_XML)
- then: "Parses OK"
- notThrown BeanDefinitionParsingException
- }
+ then: "Parses OK"
+ notThrown BeanDefinitionParsingException
+ }
- // SEC-742
- def rememberMeWorksWithoutBasicProcessingFilter() {
- when:
- xml.http () {
- 'form-login'('login-page': '/login.jsp', 'default-target-url': '/messageList.html' )
- logout('logout-success-url': '/login.jsp')
- anonymous(username: 'guest', 'granted-authority': 'guest')
- 'remember-me'()
- }
- createAppContext(AUTH_PROVIDER_XML)
+ // SEC-742
+ def rememberMeWorksWithoutBasicProcessingFilter() {
+ when:
+ xml.http () {
+ 'form-login'('login-page': '/login.jsp', 'default-target-url': '/messageList.html' )
+ logout('logout-success-url': '/login.jsp')
+ anonymous(username: 'guest', 'granted-authority': 'guest')
+ 'remember-me'()
+ }
+ createAppContext(AUTH_PROVIDER_XML)
- then: "Parses OK"
- notThrown BeanDefinitionParsingException
- }
+ then: "Parses OK"
+ notThrown BeanDefinitionParsingException
+ }
- def 'Default remember-me-parameter is correct'() {
- httpAutoConfig () {
- 'remember-me'()
- }
+ def 'Default remember-me-parameter is correct'() {
+ httpAutoConfig () {
+ 'remember-me'()
+ }
- createAppContext(AUTH_PROVIDER_XML)
- expect:
- rememberMeServices().parameter == AbstractRememberMeServices.DEFAULT_PARAMETER
- }
+ createAppContext(AUTH_PROVIDER_XML)
+ expect:
+ rememberMeServices().parameter == AbstractRememberMeServices.DEFAULT_PARAMETER
+ }
- // SEC-2119
- def 'Custom remember-me-parameter is supported'() {
- httpAutoConfig () {
- 'remember-me'('remember-me-parameter': 'ourParam')
- }
+ // SEC-2119
+ def 'Custom remember-me-parameter is supported'() {
+ httpAutoConfig () {
+ 'remember-me'('remember-me-parameter': 'ourParam')
+ }
- createAppContext(AUTH_PROVIDER_XML)
- expect:
- rememberMeServices().parameter == 'ourParam'
- }
+ createAppContext(AUTH_PROVIDER_XML)
+ expect:
+ rememberMeServices().parameter == 'ourParam'
+ }
- def 'remember-me-parameter cannot be used together with services-ref'() {
- when:
- httpAutoConfig () {
- 'remember-me'('remember-me-parameter': 'ourParam', 'services-ref': 'ourService')
- }
- createAppContext(AUTH_PROVIDER_XML)
- then:
- BeanDefinitionParsingException e = thrown()
- }
+ def 'remember-me-parameter cannot be used together with services-ref'() {
+ when:
+ httpAutoConfig () {
+ 'remember-me'('remember-me-parameter': 'ourParam', 'services-ref': 'ourService')
+ }
+ createAppContext(AUTH_PROVIDER_XML)
+ then:
+ BeanDefinitionParsingException e = thrown()
+ }
- // SEC-2826
- def 'Custom remember-me-cookie is supported'() {
- httpAutoConfig () {
- 'remember-me'('remember-me-cookie': 'ourCookie')
- }
+ // SEC-2826
+ def 'Custom remember-me-cookie is supported'() {
+ httpAutoConfig () {
+ 'remember-me'('remember-me-cookie': 'ourCookie')
+ }
- createAppContext(AUTH_PROVIDER_XML)
- expect:
- rememberMeServices().cookieName == 'ourCookie'
- }
+ createAppContext(AUTH_PROVIDER_XML)
+ expect:
+ rememberMeServices().cookieName == 'ourCookie'
+ }
- // SEC-2826
- def 'remember-me-cookie cannot be used together with services-ref'() {
- when:
- httpAutoConfig () {
- 'remember-me'('remember-me-cookie': 'ourCookie', 'services-ref': 'ourService')
- }
+ // SEC-2826
+ def 'remember-me-cookie cannot be used together with services-ref'() {
+ when:
+ httpAutoConfig () {
+ 'remember-me'('remember-me-cookie': 'ourCookie', 'services-ref': 'ourService')
+ }
- createAppContext(AUTH_PROVIDER_XML)
- then:
- BeanDefinitionParsingException e = thrown()
- expect:
- e.message == 'Configuration problem: services-ref can\'t be used in combination with attributes token-repository-ref,data-source-ref, user-service-ref, token-validity-seconds, use-secure-cookie, remember-me-parameter or remember-me-cookie\nOffending resource: null'
- }
+ createAppContext(AUTH_PROVIDER_XML)
+ then:
+ BeanDefinitionParsingException e = thrown()
+ expect:
+ e.message == 'Configuration problem: services-ref can\'t be used in combination with attributes token-repository-ref,data-source-ref, user-service-ref, token-validity-seconds, use-secure-cookie, remember-me-parameter or remember-me-cookie\nOffending resource: null'
+ }
- def rememberMeServices() {
- getFilter(RememberMeAuthenticationFilter.class).getRememberMeServices()
- }
+ def rememberMeServices() {
+ getFilter(RememberMeAuthenticationFilter.class).getRememberMeServices()
+ }
- static class CustomTokenRepository extends InMemoryTokenRepositoryImpl {
+ static class CustomTokenRepository extends InMemoryTokenRepositoryImpl {
- }
+ }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/http/SessionManagementConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/SessionManagementConfigTests.groovy
index e5653ae023..865321b0b1 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/SessionManagementConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/SessionManagementConfigTests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -58,375 +58,375 @@ import org.springframework.security.web.session.SessionManagementFilter
*/
class SessionManagementConfigTests extends AbstractHttpConfigTests {
- def settingCreateSessionToAlwaysSetsFilterPropertiesCorrectly() {
- httpCreateSession('always') { }
- createAppContext();
+ def settingCreateSessionToAlwaysSetsFilterPropertiesCorrectly() {
+ httpCreateSession('always') { }
+ createAppContext();
- def filter = getFilter(SecurityContextPersistenceFilter.class);
+ def filter = getFilter(SecurityContextPersistenceFilter.class);
- expect:
- filter.forceEagerSessionCreation
- filter.repo.allowSessionCreation
- !filter.repo.disableUrlRewriting
- }
+ expect:
+ filter.forceEagerSessionCreation
+ filter.repo.allowSessionCreation
+ !filter.repo.disableUrlRewriting
+ }
- def settingCreateSessionToNeverSetsFilterPropertiesCorrectly() {
- httpCreateSession('never') { }
- createAppContext();
+ def settingCreateSessionToNeverSetsFilterPropertiesCorrectly() {
+ httpCreateSession('never') { }
+ createAppContext();
- def filter = getFilter(SecurityContextPersistenceFilter.class);
+ def filter = getFilter(SecurityContextPersistenceFilter.class);
- expect:
- !filter.forceEagerSessionCreation
- !filter.repo.allowSessionCreation
- }
+ expect:
+ !filter.forceEagerSessionCreation
+ !filter.repo.allowSessionCreation
+ }
- def settingCreateSessionToStatelessSetsFilterPropertiesCorrectly() {
- httpCreateSession('stateless') { }
- createAppContext();
+ def settingCreateSessionToStatelessSetsFilterPropertiesCorrectly() {
+ httpCreateSession('stateless') { }
+ createAppContext();
- def filter = getFilter(SecurityContextPersistenceFilter.class);
+ def filter = getFilter(SecurityContextPersistenceFilter.class);
- expect:
- !filter.forceEagerSessionCreation
- filter.repo instanceof NullSecurityContextRepository
- getFilter(SessionManagementFilter.class) == null
- getFilter(RequestCacheAwareFilter.class) == null
- }
+ expect:
+ !filter.forceEagerSessionCreation
+ filter.repo instanceof NullSecurityContextRepository
+ getFilter(SessionManagementFilter.class) == null
+ getFilter(RequestCacheAwareFilter.class) == null
+ }
- def settingCreateSessionToIfRequiredDoesntCreateASessionForPublicInvocation() {
- httpCreateSession('ifRequired') { }
- createAppContext();
+ def settingCreateSessionToIfRequiredDoesntCreateASessionForPublicInvocation() {
+ httpCreateSession('ifRequired') { }
+ createAppContext();
- def filter = getFilter(SecurityContextPersistenceFilter.class);
+ def filter = getFilter(SecurityContextPersistenceFilter.class);
- expect:
- !filter.forceEagerSessionCreation
- filter.repo.allowSessionCreation
- }
+ expect:
+ !filter.forceEagerSessionCreation
+ filter.repo.allowSessionCreation
+ }
- def 'SEC-1208: Session is not created when rejecting user due to max sessions exceeded'() {
- setup:
- httpCreateSession('never') {
- 'session-management'() {
- 'concurrency-control'('max-sessions':1,'error-if-maximum-exceeded':'true')
- }
- csrf(disabled:true)
- }
- createAppContext()
- SessionRegistry registry = appContext.getBean(SessionRegistry)
- registry.registerNewSession("1", new User("user","password",AuthorityUtils.createAuthorityList("ROLE_USER")))
- MockHttpServletRequest request = new MockHttpServletRequest()
- MockHttpServletResponse response = new MockHttpServletResponse()
- String credentials = "user:password"
- request.addHeader("Authorization", "Basic " + credentials.bytes.encodeBase64())
- when: "exceed max authentication attempts"
- appContext.getBean(FilterChainProxy).doFilter(request, response, new MockFilterChain())
- then: "no new session is created"
- request.getSession(false) == null
- response.status == HttpServletResponse.SC_UNAUTHORIZED
- }
+ def 'SEC-1208: Session is not created when rejecting user due to max sessions exceeded'() {
+ setup:
+ httpCreateSession('never') {
+ 'session-management'() {
+ 'concurrency-control'('max-sessions':1,'error-if-maximum-exceeded':'true')
+ }
+ csrf(disabled:true)
+ }
+ createAppContext()
+ SessionRegistry registry = appContext.getBean(SessionRegistry)
+ registry.registerNewSession("1", new User("user","password",AuthorityUtils.createAuthorityList("ROLE_USER")))
+ MockHttpServletRequest request = new MockHttpServletRequest()
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ String credentials = "user:password"
+ request.addHeader("Authorization", "Basic " + credentials.bytes.encodeBase64())
+ when: "exceed max authentication attempts"
+ appContext.getBean(FilterChainProxy).doFilter(request, response, new MockFilterChain())
+ then: "no new session is created"
+ request.getSession(false) == null
+ response.status == HttpServletResponse.SC_UNAUTHORIZED
+ }
- def 'SEC-2137: disable session fixation and enable concurrency control'() {
- setup: "context where session fixation is disabled and concurrency control is enabled"
- httpAutoConfig {
- 'session-management'('session-fixation-protection':'none') {
- 'concurrency-control'('max-sessions':'1','error-if-maximum-exceeded':'true')
- }
- }
- createAppContext()
- MockHttpServletRequest request = new MockHttpServletRequest()
- MockHttpServletResponse response = new MockHttpServletResponse()
- String originalSessionId = request.session.id
- String credentials = "user:password"
- request.addHeader("Authorization", "Basic " + credentials.bytes.encodeBase64())
- when: "authenticate"
- appContext.getBean(FilterChainProxy).doFilter(request, response, new MockFilterChain())
- then: "session invalidate is not called"
- request.session.id == originalSessionId
- }
+ def 'SEC-2137: disable session fixation and enable concurrency control'() {
+ setup: "context where session fixation is disabled and concurrency control is enabled"
+ httpAutoConfig {
+ 'session-management'('session-fixation-protection':'none') {
+ 'concurrency-control'('max-sessions':'1','error-if-maximum-exceeded':'true')
+ }
+ }
+ createAppContext()
+ MockHttpServletRequest request = new MockHttpServletRequest()
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ String originalSessionId = request.session.id
+ String credentials = "user:password"
+ request.addHeader("Authorization", "Basic " + credentials.bytes.encodeBase64())
+ when: "authenticate"
+ appContext.getBean(FilterChainProxy).doFilter(request, response, new MockFilterChain())
+ then: "session invalidate is not called"
+ request.session.id == originalSessionId
+ }
- def httpCreateSession(String create, Closure c) {
- xml.http(['auto-config': 'true', 'create-session': create], c)
- }
+ def httpCreateSession(String create, Closure c) {
+ xml.http(['auto-config': 'true', 'create-session': create], c)
+ }
- def concurrentSessionSupportAddsFilterAndExpectedBeans() {
- when:
- httpAutoConfig {
- 'session-management'() {
- 'concurrency-control'('session-registry-alias':'sr', 'expired-url': '/expired')
- }
- csrf(disabled:true)
- }
- createAppContext();
- List filters = getFilters("/someurl");
- def concurrentSessionFilter = filters.get(1)
+ def concurrentSessionSupportAddsFilterAndExpectedBeans() {
+ when:
+ httpAutoConfig {
+ 'session-management'() {
+ 'concurrency-control'('session-registry-alias':'sr', 'expired-url': '/expired')
+ }
+ csrf(disabled:true)
+ }
+ createAppContext();
+ List filters = getFilters("/someurl");
+ def concurrentSessionFilter = filters.get(1)
- then:
- concurrentSessionFilter instanceof ConcurrentSessionFilter
- concurrentSessionFilter.expiredUrl == '/expired'
- appContext.getBean("sr") != null
- getFilter(SessionManagementFilter.class) != null
- sessionRegistryIsValid();
+ then:
+ concurrentSessionFilter instanceof ConcurrentSessionFilter
+ concurrentSessionFilter.expiredUrl == '/expired'
+ appContext.getBean("sr") != null
+ getFilter(SessionManagementFilter.class) != null
+ sessionRegistryIsValid();
- concurrentSessionFilter.handlers.size() == 1
- def logoutHandler = concurrentSessionFilter.handlers[0]
- logoutHandler instanceof SecurityContextLogoutHandler
- logoutHandler.invalidateHttpSession
+ concurrentSessionFilter.handlers.size() == 1
+ def logoutHandler = concurrentSessionFilter.handlers[0]
+ logoutHandler instanceof SecurityContextLogoutHandler
+ logoutHandler.invalidateHttpSession
- }
+ }
- def 'concurrency-control adds custom logout handlers'() {
- when: 'Custom logout and remember-me'
- httpAutoConfig {
- 'session-management'() {
- 'concurrency-control'()
- }
- 'logout'('invalidate-session': false, 'delete-cookies': 'testCookie')
- 'remember-me'()
- csrf(disabled:true)
- }
- createAppContext()
+ def 'concurrency-control adds custom logout handlers'() {
+ when: 'Custom logout and remember-me'
+ httpAutoConfig {
+ 'session-management'() {
+ 'concurrency-control'()
+ }
+ 'logout'('invalidate-session': false, 'delete-cookies': 'testCookie')
+ 'remember-me'()
+ csrf(disabled:true)
+ }
+ createAppContext()
- List filters = getFilters("/someurl")
- ConcurrentSessionFilter concurrentSessionFilter = filters.get(1)
- def logoutHandlers = concurrentSessionFilter.handlers
+ List filters = getFilters("/someurl")
+ ConcurrentSessionFilter concurrentSessionFilter = filters.get(1)
+ def logoutHandlers = concurrentSessionFilter.handlers
- then: 'ConcurrentSessionFilter contains the customized LogoutHandlers'
- logoutHandlers.size() == 3
- def securityCtxlogoutHandler = logoutHandlers.find { it instanceof SecurityContextLogoutHandler }
- securityCtxlogoutHandler.invalidateHttpSession == false
- def cookieClearingLogoutHandler = logoutHandlers.find { it instanceof CookieClearingLogoutHandler }
- cookieClearingLogoutHandler.cookiesToClear == ['testCookie']
- def remembermeLogoutHandler = logoutHandlers.find { it instanceof RememberMeServices }
- remembermeLogoutHandler == getFilter(RememberMeAuthenticationFilter.class).rememberMeServices
- }
+ then: 'ConcurrentSessionFilter contains the customized LogoutHandlers'
+ logoutHandlers.size() == 3
+ def securityCtxlogoutHandler = logoutHandlers.find { it instanceof SecurityContextLogoutHandler }
+ securityCtxlogoutHandler.invalidateHttpSession == false
+ def cookieClearingLogoutHandler = logoutHandlers.find { it instanceof CookieClearingLogoutHandler }
+ cookieClearingLogoutHandler.cookiesToClear == ['testCookie']
+ def remembermeLogoutHandler = logoutHandlers.find { it instanceof RememberMeServices }
+ remembermeLogoutHandler == getFilter(RememberMeAuthenticationFilter.class).rememberMeServices
+ }
- def 'concurrency-control with remember-me and no LogoutFilter contains SecurityContextLogoutHandler and RememberMeServices as LogoutHandlers'() {
- when: 'RememberMe and No LogoutFilter'
- xml.http(['entry-point-ref': 'entryPoint'], {
- 'session-management'() {
- 'concurrency-control'()
- }
- 'remember-me'()
- csrf(disabled:true)
- })
- bean('entryPoint', 'org.springframework.security.web.authentication.Http403ForbiddenEntryPoint')
- createAppContext()
+ def 'concurrency-control with remember-me and no LogoutFilter contains SecurityContextLogoutHandler and RememberMeServices as LogoutHandlers'() {
+ when: 'RememberMe and No LogoutFilter'
+ xml.http(['entry-point-ref': 'entryPoint'], {
+ 'session-management'() {
+ 'concurrency-control'()
+ }
+ 'remember-me'()
+ csrf(disabled:true)
+ })
+ bean('entryPoint', 'org.springframework.security.web.authentication.Http403ForbiddenEntryPoint')
+ createAppContext()
- List filters = getFilters("/someurl")
- ConcurrentSessionFilter concurrentSessionFilter = filters.get(1)
- def logoutHandlers = concurrentSessionFilter.handlers
+ List filters = getFilters("/someurl")
+ ConcurrentSessionFilter concurrentSessionFilter = filters.get(1)
+ def logoutHandlers = concurrentSessionFilter.handlers
- then: 'SecurityContextLogoutHandler and RememberMeServices are in ConcurrentSessionFilter logoutHandlers'
- !filters.find { it instanceof LogoutFilter }
- logoutHandlers.size() == 2
- def securityCtxlogoutHandler = logoutHandlers.find { it instanceof SecurityContextLogoutHandler }
- securityCtxlogoutHandler.invalidateHttpSession == true
- logoutHandlers.find { it instanceof RememberMeServices } == getFilter(RememberMeAuthenticationFilter).rememberMeServices
- }
+ then: 'SecurityContextLogoutHandler and RememberMeServices are in ConcurrentSessionFilter logoutHandlers'
+ !filters.find { it instanceof LogoutFilter }
+ logoutHandlers.size() == 2
+ def securityCtxlogoutHandler = logoutHandlers.find { it instanceof SecurityContextLogoutHandler }
+ securityCtxlogoutHandler.invalidateHttpSession == true
+ logoutHandlers.find { it instanceof RememberMeServices } == getFilter(RememberMeAuthenticationFilter).rememberMeServices
+ }
- def 'concurrency-control with no remember-me or LogoutFilter contains SecurityContextLogoutHandler as LogoutHandlers'() {
- when: 'No Logout Filter or RememberMe'
- xml.http(['entry-point-ref': 'entryPoint'], {
- 'session-management'() {
- 'concurrency-control'()
- }
- })
- bean('entryPoint', 'org.springframework.security.web.authentication.Http403ForbiddenEntryPoint')
- createAppContext()
+ def 'concurrency-control with no remember-me or LogoutFilter contains SecurityContextLogoutHandler as LogoutHandlers'() {
+ when: 'No Logout Filter or RememberMe'
+ xml.http(['entry-point-ref': 'entryPoint'], {
+ 'session-management'() {
+ 'concurrency-control'()
+ }
+ })
+ bean('entryPoint', 'org.springframework.security.web.authentication.Http403ForbiddenEntryPoint')
+ createAppContext()
- List filters = getFilters("/someurl")
- ConcurrentSessionFilter concurrentSessionFilter = filters.get(1)
- def logoutHandlers = concurrentSessionFilter.handlers
+ List filters = getFilters("/someurl")
+ ConcurrentSessionFilter concurrentSessionFilter = filters.get(1)
+ def logoutHandlers = concurrentSessionFilter.handlers
- then: 'Only SecurityContextLogoutHandler is found in ConcurrentSessionFilter logoutHandlers'
- !filters.find { it instanceof LogoutFilter }
- logoutHandlers.size() == 1
- def securityCtxlogoutHandler = logoutHandlers.find { it instanceof SecurityContextLogoutHandler }
- securityCtxlogoutHandler.invalidateHttpSession == true
- }
+ then: 'Only SecurityContextLogoutHandler is found in ConcurrentSessionFilter logoutHandlers'
+ !filters.find { it instanceof LogoutFilter }
+ logoutHandlers.size() == 1
+ def securityCtxlogoutHandler = logoutHandlers.find { it instanceof SecurityContextLogoutHandler }
+ securityCtxlogoutHandler.invalidateHttpSession == true
+ }
- def 'SEC-2057: ConcurrentSessionFilter is after SecurityContextPersistenceFilter'() {
- httpAutoConfig {
- 'session-management'() {
- 'concurrency-control'()
- }
- }
- createAppContext()
- List filters = getFilters("/someurl")
+ def 'SEC-2057: ConcurrentSessionFilter is after SecurityContextPersistenceFilter'() {
+ httpAutoConfig {
+ 'session-management'() {
+ 'concurrency-control'()
+ }
+ }
+ createAppContext()
+ List filters = getFilters("/someurl")
- expect:
- filters.get(0) instanceof SecurityContextPersistenceFilter
- filters.get(1) instanceof ConcurrentSessionFilter
- }
+ expect:
+ filters.get(0) instanceof SecurityContextPersistenceFilter
+ filters.get(1) instanceof ConcurrentSessionFilter
+ }
- def 'concurrency-control handles default expired-url as null'() {
- httpAutoConfig {
- 'session-management'() {
- 'concurrency-control'('session-registry-alias':'sr')
- }
- }
- createAppContext();
- List filters = getFilters("/someurl");
+ def 'concurrency-control handles default expired-url as null'() {
+ httpAutoConfig {
+ 'session-management'() {
+ 'concurrency-control'('session-registry-alias':'sr')
+ }
+ }
+ createAppContext();
+ List filters = getFilters("/someurl");
- expect:
- filters.get(1).expiredUrl == null
- }
+ expect:
+ filters.get(1).expiredUrl == null
+ }
- def externalSessionStrategyIsSupported() {
- setup:
- httpAutoConfig {
- 'session-management'('session-authentication-strategy-ref':'ss')
- csrf(disabled:true)
- }
- mockBean(SessionAuthenticationStrategy,'ss')
- createAppContext()
+ def externalSessionStrategyIsSupported() {
+ setup:
+ httpAutoConfig {
+ 'session-management'('session-authentication-strategy-ref':'ss')
+ csrf(disabled:true)
+ }
+ mockBean(SessionAuthenticationStrategy,'ss')
+ createAppContext()
- MockHttpServletRequest request = new MockHttpServletRequest();
- request.getSession();
- request.servletPath = "/login"
- request.setMethod("POST");
- request.setParameter("username", "user");
- request.setParameter("password", "password");
+ MockHttpServletRequest request = new MockHttpServletRequest();
+ request.getSession();
+ request.servletPath = "/login"
+ request.setMethod("POST");
+ request.setParameter("username", "user");
+ request.setParameter("password", "password");
- SessionAuthenticationStrategy sessionAuthStrategy = appContext.getBean('ss',SessionAuthenticationStrategy)
- FilterChainProxy springSecurityFilterChain = appContext.getBean(FilterChainProxy)
- when:
- springSecurityFilterChain.doFilter(request,new MockHttpServletResponse(), new MockFilterChain())
- then: "CustomSessionAuthenticationStrategy has seen the request (although REQUEST is a wrapped request)"
- verify(sessionAuthStrategy).onAuthentication(any(Authentication), any(HttpServletRequest), any(HttpServletResponse))
- }
+ SessionAuthenticationStrategy sessionAuthStrategy = appContext.getBean('ss',SessionAuthenticationStrategy)
+ FilterChainProxy springSecurityFilterChain = appContext.getBean(FilterChainProxy)
+ when:
+ springSecurityFilterChain.doFilter(request,new MockHttpServletResponse(), new MockFilterChain())
+ then: "CustomSessionAuthenticationStrategy has seen the request (although REQUEST is a wrapped request)"
+ verify(sessionAuthStrategy).onAuthentication(any(Authentication), any(HttpServletRequest), any(HttpServletResponse))
+ }
- def externalSessionRegistryBeanIsConfiguredCorrectly() {
- httpAutoConfig {
- 'session-management'() {
- 'concurrency-control'('session-registry-ref':'sr')
- }
- csrf(disabled:true)
- }
- bean('sr', SessionRegistryImpl.class.name)
- createAppContext();
+ def externalSessionRegistryBeanIsConfiguredCorrectly() {
+ httpAutoConfig {
+ 'session-management'() {
+ 'concurrency-control'('session-registry-ref':'sr')
+ }
+ csrf(disabled:true)
+ }
+ bean('sr', SessionRegistryImpl.class.name)
+ createAppContext();
- expect:
- sessionRegistryIsValid();
- }
+ expect:
+ sessionRegistryIsValid();
+ }
- def sessionRegistryIsValid() {
- Object sessionRegistry = appContext.getBean("sr");
- Object sessionRegistryFromConcurrencyFilter = FieldUtils.getFieldValue(
- getFilter(ConcurrentSessionFilter.class), "sessionRegistry");
- Object sessionRegistryFromFormLoginFilter = FieldUtils.getFieldValue(getFilter(UsernamePasswordAuthenticationFilter),"sessionStrategy").delegateStrategies[0].sessionRegistry
- Object sessionRegistryFromMgmtFilter = FieldUtils.getFieldValue(getFilter(SessionManagementFilter),"sessionAuthenticationStrategy").delegateStrategies[0].sessionRegistry
+ def sessionRegistryIsValid() {
+ Object sessionRegistry = appContext.getBean("sr");
+ Object sessionRegistryFromConcurrencyFilter = FieldUtils.getFieldValue(
+ getFilter(ConcurrentSessionFilter.class), "sessionRegistry");
+ Object sessionRegistryFromFormLoginFilter = FieldUtils.getFieldValue(getFilter(UsernamePasswordAuthenticationFilter),"sessionStrategy").delegateStrategies[0].sessionRegistry
+ Object sessionRegistryFromMgmtFilter = FieldUtils.getFieldValue(getFilter(SessionManagementFilter),"sessionAuthenticationStrategy").delegateStrategies[0].sessionRegistry
- assertSame(sessionRegistry, sessionRegistryFromConcurrencyFilter);
- assertSame(sessionRegistry, sessionRegistryFromMgmtFilter);
- // SEC-1143
- assertSame(sessionRegistry, sessionRegistryFromFormLoginFilter);
- true;
- }
+ assertSame(sessionRegistry, sessionRegistryFromConcurrencyFilter);
+ assertSame(sessionRegistry, sessionRegistryFromMgmtFilter);
+ // SEC-1143
+ assertSame(sessionRegistry, sessionRegistryFromFormLoginFilter);
+ true;
+ }
- def concurrentSessionMaxSessionsIsCorrectlyConfigured() {
- setup:
- httpAutoConfig {
- 'session-management'('session-authentication-error-url':'/max-exceeded') {
- 'concurrency-control'('max-sessions': '2', 'error-if-maximum-exceeded':'true')
- }
- }
- createAppContext();
+ def concurrentSessionMaxSessionsIsCorrectlyConfigured() {
+ setup:
+ httpAutoConfig {
+ 'session-management'('session-authentication-error-url':'/max-exceeded') {
+ 'concurrency-control'('max-sessions': '2', 'error-if-maximum-exceeded':'true')
+ }
+ }
+ createAppContext();
- def seshFilter = getFilter(SessionManagementFilter.class);
- def auth = new UsernamePasswordAuthenticationToken("bob", "pass");
- SecurityContextHolder.getContext().setAuthentication(auth);
- MockHttpServletResponse mockResponse = new MockHttpServletResponse();
- def response = new SaveContextOnUpdateOrErrorResponseWrapper(mockResponse, false) {
- protected void saveContext(SecurityContext context) {
- }
- };
- when: "First session is established"
- seshFilter.doFilter(new MockHttpServletRequest(), response, new MockFilterChain());
- then: "ok"
- mockResponse.redirectedUrl == null
- when: "Second session is established"
- seshFilter.doFilter(new MockHttpServletRequest(), response, new MockFilterChain());
- then: "ok"
- mockResponse.redirectedUrl == null
- when: "Third session is established"
- seshFilter.doFilter(new MockHttpServletRequest(), response, new MockFilterChain());
- then: "Rejected"
- mockResponse.redirectedUrl == "/max-exceeded";
- }
+ def seshFilter = getFilter(SessionManagementFilter.class);
+ def auth = new UsernamePasswordAuthenticationToken("bob", "pass");
+ SecurityContextHolder.getContext().setAuthentication(auth);
+ MockHttpServletResponse mockResponse = new MockHttpServletResponse();
+ def response = new SaveContextOnUpdateOrErrorResponseWrapper(mockResponse, false) {
+ protected void saveContext(SecurityContext context) {
+ }
+ };
+ when: "First session is established"
+ seshFilter.doFilter(new MockHttpServletRequest(), response, new MockFilterChain());
+ then: "ok"
+ mockResponse.redirectedUrl == null
+ when: "Second session is established"
+ seshFilter.doFilter(new MockHttpServletRequest(), response, new MockFilterChain());
+ then: "ok"
+ mockResponse.redirectedUrl == null
+ when: "Third session is established"
+ seshFilter.doFilter(new MockHttpServletRequest(), response, new MockFilterChain());
+ then: "Rejected"
+ mockResponse.redirectedUrl == "/max-exceeded";
+ }
- def disablingSessionProtectionRemovesSessionManagementFilterIfNoInvalidSessionUrlSet() {
- httpAutoConfig {
- 'session-management'('session-fixation-protection': 'none')
- csrf(disabled:true)
- }
- createAppContext()
+ def disablingSessionProtectionRemovesSessionManagementFilterIfNoInvalidSessionUrlSet() {
+ httpAutoConfig {
+ 'session-management'('session-fixation-protection': 'none')
+ csrf(disabled:true)
+ }
+ createAppContext()
- expect:
- !(getFilters("/someurl").find { it instanceof SessionManagementFilter})
- }
+ expect:
+ !(getFilters("/someurl").find { it instanceof SessionManagementFilter})
+ }
- def 'session-fixation-protection=none'() {
- setup:
- MockHttpServletRequest request = new MockHttpServletRequest(method:'POST')
- request.session.id = '123'
- request.setParameter('username', 'user')
- request.setParameter('password', 'password')
- request.servletPath = '/login'
+ def 'session-fixation-protection=none'() {
+ setup:
+ MockHttpServletRequest request = new MockHttpServletRequest(method:'POST')
+ request.session.id = '123'
+ request.setParameter('username', 'user')
+ request.setParameter('password', 'password')
+ request.servletPath = '/login'
- MockHttpServletResponse response = new MockHttpServletResponse()
- MockFilterChain chain = new MockFilterChain()
- httpAutoConfig {
- 'session-management'('session-fixation-protection': 'none')
- csrf(disabled:true)
- }
- createAppContext()
- request.session.id = '123'
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ MockFilterChain chain = new MockFilterChain()
+ httpAutoConfig {
+ 'session-management'('session-fixation-protection': 'none')
+ csrf(disabled:true)
+ }
+ createAppContext()
+ request.session.id = '123'
- when:
- springSecurityFilterChain.doFilter(request,response, chain)
+ when:
+ springSecurityFilterChain.doFilter(request,response, chain)
- then:
- request.session.id == '123'
- }
+ then:
+ request.session.id == '123'
+ }
- def 'session-fixation-protection=migrateSession'() {
- setup:
- MockHttpServletRequest request = new MockHttpServletRequest(method:'POST')
- request.session.id = '123'
- request.setParameter('username', 'user')
- request.setParameter('password', 'password')
- request.servletPath = '/login'
+ def 'session-fixation-protection=migrateSession'() {
+ setup:
+ MockHttpServletRequest request = new MockHttpServletRequest(method:'POST')
+ request.session.id = '123'
+ request.setParameter('username', 'user')
+ request.setParameter('password', 'password')
+ request.servletPath = '/login'
- MockHttpServletResponse response = new MockHttpServletResponse()
- MockFilterChain chain = new MockFilterChain()
- httpAutoConfig {
- 'session-management'('session-fixation-protection': 'migrateSession')
- csrf(disabled:true)
- }
- createAppContext()
- request.session.id = '123'
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ MockFilterChain chain = new MockFilterChain()
+ httpAutoConfig {
+ 'session-management'('session-fixation-protection': 'migrateSession')
+ csrf(disabled:true)
+ }
+ createAppContext()
+ request.session.id = '123'
- when:
- springSecurityFilterChain.doFilter(request,response, chain)
+ when:
+ springSecurityFilterChain.doFilter(request,response, chain)
- then:
- request.session.id != '123'
- }
+ then:
+ request.session.id != '123'
+ }
- def disablingSessionProtectionRetainsSessionManagementFilterInvalidSessionUrlSet() {
- httpAutoConfig {
- 'session-management'('session-fixation-protection': 'none', 'invalid-session-url': '/timeoutUrl')
- csrf(disabled:true)
- }
- createAppContext()
- def filter = getFilters("/someurl")[10]
+ def disablingSessionProtectionRetainsSessionManagementFilterInvalidSessionUrlSet() {
+ httpAutoConfig {
+ 'session-management'('session-fixation-protection': 'none', 'invalid-session-url': '/timeoutUrl')
+ csrf(disabled:true)
+ }
+ createAppContext()
+ def filter = getFilters("/someurl")[10]
- expect:
- filter instanceof SessionManagementFilter
- filter.invalidSessionStrategy.destinationUrl == '/timeoutUrl'
- }
+ expect:
+ filter instanceof SessionManagementFilter
+ filter.invalidSessionStrategy.destinationUrl == '/timeoutUrl'
+ }
}
diff --git a/core/core.gradle b/core/core.gradle
index d44ddc1636..c2866496a0 100644
--- a/core/core.gradle
+++ b/core/core.gradle
@@ -5,47 +5,47 @@ def cryptoProject = project(':spring-security-crypto')
def cryptoClasses = cryptoProject.sourceSets.main.output
configurations {
- included
+ included
- compile.extendsFrom included
+ compile.extendsFrom included
- testCompile.exclude group: 'org.mockito', module: 'mockito-all'
+ testCompile.exclude group: 'org.mockito', module: 'mockito-all'
}
dependencies {
- compile springCoreDependency,
- 'aopalliance:aopalliance:1.0',
- "org.springframework:spring-aop:$springVersion",
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-expression:$springVersion"
+ compile springCoreDependency,
+ 'aopalliance:aopalliance:1.0',
+ "org.springframework:spring-aop:$springVersion",
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-expression:$springVersion"
- optional "net.sf.ehcache:ehcache:$ehcacheVersion",
- 'javax.annotation:jsr250-api:1.0',
- "org.aspectj:aspectjrt:$aspectjVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.springframework:spring-tx:$springVersion"
+ optional "net.sf.ehcache:ehcache:$ehcacheVersion",
+ 'javax.annotation:jsr250-api:1.0',
+ "org.aspectj:aspectjrt:$aspectjVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.springframework:spring-tx:$springVersion"
- included cryptoProject
+ included cryptoProject
- testCompile "commons-collections:commons-collections:$commonsCollectionsVersion",
- "org.springframework:spring-test:$springVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- powerMockDependencies
+ testCompile "commons-collections:commons-collections:$commonsCollectionsVersion",
+ "org.springframework:spring-test:$springVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ powerMockDependencies
- testRuntime "org.hsqldb:hsqldb:$hsqlVersion"
+ testRuntime "org.hsqldb:hsqldb:$hsqlVersion"
}
classes.doLast {
- copy {
- from cryptoClasses
- into sourceSets.main.output.classesDir
- }
+ copy {
+ from cryptoClasses
+ into sourceSets.main.output.classesDir
+ }
}
sourceJar.from cryptoProject.sourceSets.main.java
configure(project.tasks.withType(Test)) {
- systemProperties['springSecurityVersion'] = version
- systemProperties['springVersion'] = springVersion
+ systemProperties['springSecurityVersion'] = version
+ systemProperties['springVersion'] = springVersion
}
\ No newline at end of file
diff --git a/crypto/crypto.gradle b/crypto/crypto.gradle
index 619e9b4c02..9690c4ff14 100644
--- a/crypto/crypto.gradle
+++ b/crypto/crypto.gradle
@@ -5,8 +5,8 @@
int maxAESKeySize = javax.crypto.Cipher.getMaxAllowedKeyLength('AES')
configure(project.tasks.withType(Test)) {
- if (maxAESKeySize < 256) {
- println "AES keysize limited to $maxAESKeySize, skipping EncryptorsTests"
- exclude '**/EncryptorsTests.class'
- }
+ if (maxAESKeySize < 256) {
+ println "AES keysize limited to $maxAESKeySize, skipping EncryptorsTests"
+ exclude '**/EncryptorsTests.class'
+ }
}
diff --git a/data/data.gradle b/data/data.gradle
index cc96350d29..9de1fe8d2d 100644
--- a/data/data.gradle
+++ b/data/data.gradle
@@ -1,6 +1,6 @@
dependencies {
- compile project(':spring-security-core'),
- springCoreDependency,
- "org.springframework.data:spring-data-commons:$springDataCommonsVersion"
+ compile project(':spring-security-core'),
+ springCoreDependency,
+ "org.springframework.data:spring-data-commons:$springDataCommonsVersion"
}
\ No newline at end of file
diff --git a/docs/docs.gradle b/docs/docs.gradle
index 7701905dcb..6837b0e840 100644
--- a/docs/docs.gradle
+++ b/docs/docs.gradle
@@ -1,147 +1,147 @@
- // Docbook and Javadoc building and uploading tasks
+ // Docbook and Javadoc building and uploading tasks
apply plugin: 'base'
task docs {
- dependsOn 'manual:reference', 'apidocs', 'guides:asciidoctor'
+ dependsOn 'manual:reference', 'apidocs', 'guides:asciidoctor'
}
project('manual') {
- apply plugin: 'base'
- apply plugin: 'org.asciidoctor.gradle.asciidoctor'
- apply plugin: 'docbook-reference'
+ apply plugin: 'base'
+ apply plugin: 'org.asciidoctor.gradle.asciidoctor'
+ apply plugin: 'docbook-reference'
- ext.expandPlaceholders = ""
+ ext.expandPlaceholders = ""
- asciidoctorj {
- version = '1.5.2'
- }
+ asciidoctorj {
+ version = '1.5.2'
+ }
- asciidoctor {
- backends = ['docbook5']
- options = [
- eruby: 'erubis',
- attributes: [
- copycss : '',
- icons : 'font',
- 'source-highlighter': 'prettify',
- sectanchors : '',
- toc2: '',
- idprefix: '',
- idseparator: '-',
- doctype: 'book',
- numbered: '',
- 'spring-security-version' : project.version,
- 'spring-version' : springVersion,
- revnumber : project.version
- ]
- ]
- }
+ asciidoctor {
+ backends = ['docbook5']
+ options = [
+ eruby: 'erubis',
+ attributes: [
+ copycss : '',
+ icons : 'font',
+ 'source-highlighter': 'prettify',
+ sectanchors : '',
+ toc2: '',
+ idprefix: '',
+ idseparator: '-',
+ doctype: 'book',
+ numbered: '',
+ 'spring-security-version' : project.version,
+ 'spring-version' : springVersion,
+ revnumber : project.version
+ ]
+ ]
+ }
- reference {
- sourceDir = new File(asciidoctor.outputDir , 'docbook5')
- pdfFilename = "spring-security-reference.pdf"
- epubFilename = "spring-security-reference.epub"
- expandPlaceholders = ""
- }
+ reference {
+ sourceDir = new File(asciidoctor.outputDir , 'docbook5')
+ pdfFilename = "spring-security-reference.pdf"
+ epubFilename = "spring-security-reference.epub"
+ expandPlaceholders = ""
+ }
- afterEvaluate {
- tasks.findAll { it.name.startsWith("reference") }.each{ it.dependsOn.add("asciidoctor") }
- }
+ afterEvaluate {
+ tasks.findAll { it.name.startsWith("reference") }.each{ it.dependsOn.add("asciidoctor") }
+ }
- ext.spec = copySpec {
- from (reference) {
- into 'reference'
- }
- }
+ ext.spec = copySpec {
+ from (reference) {
+ into 'reference'
+ }
+ }
}
task apidocs(type: Javadoc) {
- destinationDir = new File(buildDir, 'apidocs')
- title = "Spring Security $version API"
+ destinationDir = new File(buildDir, 'apidocs')
+ title = "Spring Security $version API"
- source coreModuleProjects.collect { project ->
- project.sourceSets.main.allJava
- }
+ source coreModuleProjects.collect { project ->
+ project.sourceSets.main.allJava
+ }
- classpath = files(coreModuleProjects.collect { project ->
- project.sourceSets.main.compileClasspath
- })
+ classpath = files(coreModuleProjects.collect { project ->
+ project.sourceSets.main.compileClasspath
+ })
}
apidocs.options.outputLevel = org.gradle.external.javadoc.JavadocOutputLevel.QUIET
apidocs.options.links = [
- "http://static.springframework.org/spring/docs/3.2.x/javadoc-api",
- "http://static.springsource.org/spring-ldap/docs/1.3.x/apidocs/",
- "http://download.oracle.com/javase/6/docs/api/"
+ "http://static.springframework.org/spring/docs/3.2.x/javadoc-api",
+ "http://static.springsource.org/spring-ldap/docs/1.3.x/apidocs/",
+ "http://download.oracle.com/javase/6/docs/api/"
]
apidocs.options.groups = [
- 'Spring Security Core':[
- 'org.springframework.security.core*',
- 'org.springframework.security.authentication*',
- 'org.springframework.security.access*',
- 'org.springframework.security.remoting*',
- 'org.springframework.security.provisioning*',
- 'org.springframework.security.util*'],
- 'Spring Security Web':['org.springframework.security.web*'],
- 'Spring Security LDAP':['org.springframework.security.ldap*'],
- 'Spring Security Crypto':['org.springframework.security.crypto*'],
- 'Spring Security OpenID':['org.springframework.security.openid*'],
- 'Spring Security CAS':['org.springframework.security.cas*'],
- 'Spring Security ACL':['org.springframework.security.acls*'],
- 'Spring Security Config':['org.springframework.security.config*'],
- 'Spring Security Taglibs':['org.springframework.security.taglibs*'],
+ 'Spring Security Core':[
+ 'org.springframework.security.core*',
+ 'org.springframework.security.authentication*',
+ 'org.springframework.security.access*',
+ 'org.springframework.security.remoting*',
+ 'org.springframework.security.provisioning*',
+ 'org.springframework.security.util*'],
+ 'Spring Security Web':['org.springframework.security.web*'],
+ 'Spring Security LDAP':['org.springframework.security.ldap*'],
+ 'Spring Security Crypto':['org.springframework.security.crypto*'],
+ 'Spring Security OpenID':['org.springframework.security.openid*'],
+ 'Spring Security CAS':['org.springframework.security.cas*'],
+ 'Spring Security ACL':['org.springframework.security.acls*'],
+ 'Spring Security Config':['org.springframework.security.config*'],
+ 'Spring Security Taglibs':['org.springframework.security.taglibs*'],
]
ext.apiSpec = copySpec {
- into('apidocs') {
- from(apidocs.destinationDir)
- }
+ into('apidocs') {
+ from(apidocs.destinationDir)
+ }
}
assemble.dependsOn = [apidocs, 'manual:asciidoctor']
task docsZip(type: Zip) {
- dependsOn docs
- evaluationDependsOn('guides')
- group = 'Distribution'
- baseName = rootProject.name
- classifier = 'docs'
- description = "Builds -${classifier} archive containing api and reference " +
- "for deployment at static.springframework.org/spring-security/site/docs."
+ dependsOn docs
+ evaluationDependsOn('guides')
+ group = 'Distribution'
+ baseName = rootProject.name
+ classifier = 'docs'
+ description = "Builds -${classifier} archive containing api and reference " +
+ "for deployment at static.springframework.org/spring-security/site/docs."
- with(project(':docs').apiSpec)
- with(project(':docs:manual').spec)
- with(project(':docs:guides').spec)
+ with(project(':docs').apiSpec)
+ with(project(':docs:manual').spec)
+ with(project(':docs:guides').spec)
}
task schemaZip(type: Zip) {
- group = 'Distribution'
- baseName = rootProject.name
- classifier = 'schema'
- description = "Builds -${classifier} archive containing all " +
- "XSDs for deployment at static.springframework.org/schema."
+ group = 'Distribution'
+ baseName = rootProject.name
+ classifier = 'schema'
+ description = "Builds -${classifier} archive containing all " +
+ "XSDs for deployment at static.springframework.org/schema."
- coreModuleProjects.each { module ->
- def Properties schemas = new Properties();
+ coreModuleProjects.each { module ->
+ def Properties schemas = new Properties();
- module.sourceSets.main.resources.find {
- it.path.endsWith('META-INF/spring.schemas')
- }?.withInputStream { schemas.load(it) }
+ module.sourceSets.main.resources.find {
+ it.path.endsWith('META-INF/spring.schemas')
+ }?.withInputStream { schemas.load(it) }
- for (def key : schemas.keySet()) {
- def shortName = key.replaceAll(/http.*schema.(.*).spring-.*/, '$1')
- assert shortName != key
- File xsdFile = module.sourceSets.main.resources.find {
- it.path.endsWith(schemas.get(key))
- }
- assert xsdFile != null
- into (shortName) {
- from xsdFile.path
- }
- }
- }
+ for (def key : schemas.keySet()) {
+ def shortName = key.replaceAll(/http.*schema.(.*).spring-.*/, '$1')
+ assert shortName != key
+ File xsdFile = module.sourceSets.main.resources.find {
+ it.path.endsWith(schemas.get(key))
+ }
+ assert xsdFile != null
+ into (shortName) {
+ from xsdFile.path
+ }
+ }
+ }
}
diff --git a/docs/guides/build.gradle b/docs/guides/build.gradle
index ba44c86009..8d2e03e636 100644
--- a/docs/guides/build.gradle
+++ b/docs/guides/build.gradle
@@ -1,46 +1,46 @@
apply plugin: 'org.asciidoctor.gradle.asciidoctor'
asciidoctor {
- baseDir = file('src/docs/asciidoc')
- options = [
- eruby: 'erubis',
- eruby: 'erubis',
- attributes: [
- copycss : '',
- icons : 'font',
- 'source-highlighter': 'prettify',
- sectanchors : '',
- toc: '',
- 'toc-placement' : 'preamble',
- idprefix: '',
- idseparator: '-',
- doctype: 'book',
- 'spring-security-version' : project.version,
- 'download-url' : getDownloadUrl(),
- 'include-maven-repository' : getMavenRepositoryInclude(),
- revnumber : project.version
- ]
- ]
+ baseDir = file('src/docs/asciidoc')
+ options = [
+ eruby: 'erubis',
+ eruby: 'erubis',
+ attributes: [
+ copycss : '',
+ icons : 'font',
+ 'source-highlighter': 'prettify',
+ sectanchors : '',
+ toc: '',
+ 'toc-placement' : 'preamble',
+ idprefix: '',
+ idseparator: '-',
+ doctype: 'book',
+ 'spring-security-version' : project.version,
+ 'download-url' : getDownloadUrl(),
+ 'include-maven-repository' : getMavenRepositoryInclude(),
+ revnumber : project.version
+ ]
+ ]
}
ext.spec = copySpec {
- into ('guides') {
- from(asciidoctor.outputDir)
- exclude 'build', 'Guardfile'
- }
+ into ('guides') {
+ from(asciidoctor.outputDir)
+ exclude 'build', 'Guardfile'
+ }
}
def getDownloadUrl() {
- snapshotBuild ? "https://github.com/SpringSource/spring-security/archive/master.zip" : "https://github.com/spring-projects/spring-security/archive/${project.version}.zip"
+ snapshotBuild ? "https://github.com/SpringSource/spring-security/archive/master.zip" : "https://github.com/spring-projects/spring-security/archive/${project.version}.zip"
}
def getMavenRepositoryInclude() {
- if(snapshotBuild) {
- return "_includes/maven-repository-snapshot.asc"
- } else if(releaseBuild) {
- return "_includes/maven-repository-release.asc"
- } else {
- return "_includes/maven-repository-milestone.asc"
- }
+ if(snapshotBuild) {
+ return "_includes/maven-repository-snapshot.asc"
+ } else if(releaseBuild) {
+ return "_includes/maven-repository-release.asc"
+ } else {
+ return "_includes/maven-repository-milestone.asc"
+ }
}
\ No newline at end of file
diff --git a/gradle/javaprojects.gradle b/gradle/javaprojects.gradle
index 5d4241c5d9..c7b272ba42 100644
--- a/gradle/javaprojects.gradle
+++ b/gradle/javaprojects.gradle
@@ -41,206 +41,206 @@ ext.thymeleafVersion = '2.1.3.RELEASE'
ext.thymeleafVersion = '1.2.7.RELEASE'
ext.spockDependencies = [
- dependencies.create("org.spockframework:spock-spring:$spockVersion") {
- exclude group: 'junit', module: 'junit-dep'
- },
- dependencies.create("org.spockframework:spock-core:$spockVersion") {
- exclude group: 'junit', module: 'junit-dep'
- }
+ dependencies.create("org.spockframework:spock-spring:$spockVersion") {
+ exclude group: 'junit', module: 'junit-dep'
+ },
+ dependencies.create("org.spockframework:spock-core:$spockVersion") {
+ exclude group: 'junit', module: 'junit-dep'
+ }
]
ext.gebDependencies = spockDependencies + [
- "org.seleniumhq.selenium:selenium-htmlunit-driver:$seleniumVersion",
- "org.gebish:geb-spock:$gebVersion",
- 'commons-httpclient:commons-httpclient:3.1',
- "org.codehaus.groovy:groovy:$groovyVersion"
+ "org.seleniumhq.selenium:selenium-htmlunit-driver:$seleniumVersion",
+ "org.gebish:geb-spock:$gebVersion",
+ 'commons-httpclient:commons-httpclient:3.1',
+ "org.codehaus.groovy:groovy:$groovyVersion"
]
ext.powerMockDependencies = [
- "org.powermock:powermock-core:$powerMockVersion",
- "org.powermock:powermock-api-support:$powerMockVersion",
- "org.powermock:powermock-module-junit4-common:$powerMockVersion",
- "org.powermock:powermock-module-junit4:$powerMockVersion",
- dependencies.create("org.powermock:powermock-api-mockito:$powerMockVersion") {
- exclude group: 'org.mockito', module: 'mockito-all'
- },
- "org.powermock:powermock-reflect:$powerMockVersion"
+ "org.powermock:powermock-core:$powerMockVersion",
+ "org.powermock:powermock-api-support:$powerMockVersion",
+ "org.powermock:powermock-module-junit4-common:$powerMockVersion",
+ "org.powermock:powermock-module-junit4:$powerMockVersion",
+ dependencies.create("org.powermock:powermock-api-mockito:$powerMockVersion") {
+ exclude group: 'org.mockito', module: 'mockito-all'
+ },
+ "org.powermock:powermock-reflect:$powerMockVersion"
]
ext.springCoreDependency = [
- dependencies.create("org.springframework:spring-core:$springVersion") {
- exclude(group: 'commons-logging', module: 'commons-logging')
- }
+ dependencies.create("org.springframework:spring-core:$springVersion") {
+ exclude(group: 'commons-logging', module: 'commons-logging')
+ }
]
ext.jstlDependencies = [
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "org.apache.taglibs:taglibs-standard-jstlel:1.2.1"
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "org.apache.taglibs:taglibs-standard-jstlel:1.2.1"
]
ext.apachedsDependencies = [
- "org.apache.directory.server:apacheds-core:$apacheDsVersion",
- "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion",
- "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion",
- "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion",
- "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion",
- 'org.apache.directory.shared:shared-ldap:0.9.15'
+ "org.apache.directory.server:apacheds-core:$apacheDsVersion",
+ "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion",
+ "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion",
+ "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion",
+ "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion",
+ 'org.apache.directory.shared:shared-ldap:0.9.15'
]
// Integration test setup
configurations {
- integrationTestCompile {
- extendsFrom testCompile, optional, provided
- }
- integrationTestRuntime {
- extendsFrom integrationTestCompile, testRuntime
- }
+ integrationTestCompile {
+ extendsFrom testCompile, optional, provided
+ }
+ integrationTestRuntime {
+ extendsFrom integrationTestCompile, testRuntime
+ }
}
sourceSets {
- integrationTest {
- java.srcDir file('src/integration-test/java')
- groovy.srcDirs file('src/integration-test/groovy')
- resources.srcDir file('src/integration-test/resources')
- compileClasspath = sourceSets.main.output + sourceSets.test.output + configurations.integrationTestCompile
- runtimeClasspath = output + compileClasspath + configurations.integrationTestRuntime
- }
+ integrationTest {
+ java.srcDir file('src/integration-test/java')
+ groovy.srcDirs file('src/integration-test/groovy')
+ resources.srcDir file('src/integration-test/resources')
+ compileClasspath = sourceSets.main.output + sourceSets.test.output + configurations.integrationTestCompile
+ runtimeClasspath = output + compileClasspath + configurations.integrationTestRuntime
+ }
}
task integrationTest(type: Test, dependsOn: jar) {
- testClassesDir = sourceSets.integrationTest.output.classesDir
- logging.captureStandardOutput(LogLevel.INFO)
- classpath = sourceSets.integrationTest.runtimeClasspath
- maxParallelForks = 1
- reports {
- html.destination = project.file("$project.buildDir/reports/integration-tests/")
- junitXml.destination = project.file("$project.buildDir/integration-test-results/")
- }
+ testClassesDir = sourceSets.integrationTest.output.classesDir
+ logging.captureStandardOutput(LogLevel.INFO)
+ classpath = sourceSets.integrationTest.runtimeClasspath
+ maxParallelForks = 1
+ reports {
+ html.destination = project.file("$project.buildDir/reports/integration-tests/")
+ junitXml.destination = project.file("$project.buildDir/integration-test-results/")
+ }
}
eclipse {
- classpath {
- plusConfigurations += [ configurations.integrationTestCompile ]
- }
+ classpath {
+ plusConfigurations += [ configurations.integrationTestCompile ]
+ }
}
project.conf2ScopeMappings.addMapping(MavenPlugin.TEST_COMPILE_PRIORITY + 1, project.configurations.getByName("integrationTestCompile"), Conf2ScopeMappingContainer.TEST)
project.conf2ScopeMappings.addMapping(MavenPlugin.TEST_COMPILE_PRIORITY + 2, project.configurations.getByName("integrationTestRuntime"), Conf2ScopeMappingContainer.TEST)
check.dependsOn integrationTest
dependencies {
- optional "commons-logging:commons-logging:$commonsLoggingVersion"
+ optional "commons-logging:commons-logging:$commonsLoggingVersion"
- testCompile "junit:junit:$junitVersion",
- 'org.mockito:mockito-core:1.9.5',
- "org.springframework:spring-test:$springVersion",
- 'org.easytesting:fest-assert:1.4'
+ testCompile "junit:junit:$junitVersion",
+ 'org.mockito:mockito-core:1.9.5',
+ "org.springframework:spring-test:$springVersion",
+ 'org.easytesting:fest-assert:1.4'
- // Use slf4j/logback for logging
- testRuntime "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "ch.qos.logback:logback-classic:$logbackVersion"
+ // Use slf4j/logback for logging
+ testRuntime "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "ch.qos.logback:logback-classic:$logbackVersion"
}
[configurations.runtime, configurations.default, configurations.testCompile]*.exclude(module: 'commons-logging')
configurations.all {
- resolutionStrategy.eachDependency { DependencyResolveDetails details ->
- if (details.requested.group == 'org.slf4j') {
- details.useVersion slf4jVersion
- }
- }
+ resolutionStrategy.eachDependency { DependencyResolveDetails details ->
+ if (details.requested.group == 'org.slf4j') {
+ details.useVersion slf4jVersion
+ }
+ }
}
[compileJava, compileTestJava]*.options*.encoding = 'UTF-8'
project.tasks.matching { it instanceof Test && it.name != 'integrationTest' }.all {
- jvmArgs = ['-ea', '-Xmx500m', '-XX:MaxPermSize=256M']
- maxParallelForks = guessMaxForks()
- logging.captureStandardOutput(LogLevel.INFO)
+ jvmArgs = ['-ea', '-Xmx500m', '-XX:MaxPermSize=256M']
+ maxParallelForks = guessMaxForks()
+ logging.captureStandardOutput(LogLevel.INFO)
}
def guessMaxForks() {
- int processors = Runtime.runtime.availableProcessors()
- return Math.max(2, (int) (processors / 2))
+ int processors = Runtime.runtime.availableProcessors()
+ return Math.max(2, (int) (processors / 2))
}
javadoc {
- title = "Spring Security $version API"
- source = sourceSets.main.allJava
- options {
- memberLevel = org.gradle.external.javadoc.JavadocMemberLevel.PROTECTED
- author = true
- header = project.name
- outputLevel = org.gradle.external.javadoc.JavadocOutputLevel.QUIET
- links = [
- "http://static.springsource.org/spring/docs/3.2.x/javadoc-api/",
- "http://static.springsource.org/spring-ldap/docs/1.3.x/apidocs/",
- "http://download.oracle.com/javase/6/docs/api/"
- ]
- groups = [
- 'Spring Security Core':[
- 'org.springframework.security.core*',
- 'org.springframework.security.authentication*',
- 'org.springframework.security.access*',
- 'org.springframework.security.remoting*',
- 'org.springframework.security.provisioning*',
- 'org.springframework.security.util*'],
- 'Spring Security Web':['org.springframework.security.web*'],
- 'Spring Security LDAP':['org.springframework.security.ldap*'],
- 'Spring Security Crypto':['org.springframework.security.crypto*'],
- 'Spring Security OpenID':['org.springframework.security.openid*'],
- 'Spring Security CAS':['org.springframework.security.cas*'],
- 'Spring Security ACL':['org.springframework.security.acls*'],
- 'Spring Security Config':['org.springframework.security.config*'],
- 'Spring Security Taglibs':['org.springframework.security.taglibs*'],
- ]
- }
+ title = "Spring Security $version API"
+ source = sourceSets.main.allJava
+ options {
+ memberLevel = org.gradle.external.javadoc.JavadocMemberLevel.PROTECTED
+ author = true
+ header = project.name
+ outputLevel = org.gradle.external.javadoc.JavadocOutputLevel.QUIET
+ links = [
+ "http://static.springsource.org/spring/docs/3.2.x/javadoc-api/",
+ "http://static.springsource.org/spring-ldap/docs/1.3.x/apidocs/",
+ "http://download.oracle.com/javase/6/docs/api/"
+ ]
+ groups = [
+ 'Spring Security Core':[
+ 'org.springframework.security.core*',
+ 'org.springframework.security.authentication*',
+ 'org.springframework.security.access*',
+ 'org.springframework.security.remoting*',
+ 'org.springframework.security.provisioning*',
+ 'org.springframework.security.util*'],
+ 'Spring Security Web':['org.springframework.security.web*'],
+ 'Spring Security LDAP':['org.springframework.security.ldap*'],
+ 'Spring Security Crypto':['org.springframework.security.crypto*'],
+ 'Spring Security OpenID':['org.springframework.security.openid*'],
+ 'Spring Security CAS':['org.springframework.security.cas*'],
+ 'Spring Security ACL':['org.springframework.security.acls*'],
+ 'Spring Security Config':['org.springframework.security.config*'],
+ 'Spring Security Taglibs':['org.springframework.security.taglibs*'],
+ ]
+ }
}
eclipse.classpath.downloadSources = true
// http://forums.gradle.org/gradle/topics/eclipse_wtp_deploys_testcode_to_server_example_provided
eclipse.classpath {
- defaultOutputDir = file('bin/main')
- file.whenMerged { cp ->
- cp.entries.findAll { it instanceof SourceFolder && (it.path.contains("test") || it.path.contains("Test")) }*.output = "bin/test"
- }
+ defaultOutputDir = file('bin/main')
+ file.whenMerged { cp ->
+ cp.entries.findAll { it instanceof SourceFolder && (it.path.contains("test") || it.path.contains("Test")) }*.output = "bin/test"
+ }
}
// GRADLE-1116
project.eclipse.classpath.file.whenMerged { classpath ->
- classpath.entries.removeAll { entry -> entry.path.endsWith('/build/resources/test') }
- classpath.entries.removeAll { entry -> entry.path.endsWith('/build/classes/test') }
- classpath.entries.removeAll { entry -> entry.path.endsWith('/build/resources/main') }
- classpath.entries.removeAll { entry -> entry.path.endsWith('/build/classes/main') }
+ classpath.entries.removeAll { entry -> entry.path.endsWith('/build/resources/test') }
+ classpath.entries.removeAll { entry -> entry.path.endsWith('/build/classes/test') }
+ classpath.entries.removeAll { entry -> entry.path.endsWith('/build/resources/main') }
+ classpath.entries.removeAll { entry -> entry.path.endsWith('/build/classes/main') }
}
// GRADLE-1422
project.eclipseClasspath.doFirst {
// delay adding whenMerged till the entryAttributes are added (must be the last whenMerged)
project.eclipse.classpath.file.whenMerged { classpath ->
- def includeDeps = project.configurations.getByName('runtime').collect {f -> f.absolutePath } as Set
- classpath.entries.each { cp ->
- if(cp instanceof org.gradle.plugins.ide.eclipse.model.Library) {
- def include = includeDeps.contains(cp.path)
- def attr = 'org.eclipse.jst.component.dependency'
- if(!include) {
- cp.entryAttributes.remove(attr)
- }
- }
- }
+ def includeDeps = project.configurations.getByName('runtime').collect {f -> f.absolutePath } as Set
+ classpath.entries.each { cp ->
+ if(cp instanceof org.gradle.plugins.ide.eclipse.model.Library) {
+ def include = includeDeps.contains(cp.path)
+ def attr = 'org.eclipse.jst.component.dependency'
+ if(!include) {
+ cp.entryAttributes.remove(attr)
+ }
+ }
+ }
}
}
project.idea.module {
- scopes.TEST.plus += [project.configurations.integrationTestRuntime]
- testSourceDirs += sourceSets.integrationTest.resources.srcDirs
+ scopes.TEST.plus += [project.configurations.integrationTestRuntime]
+ testSourceDirs += sourceSets.integrationTest.resources.srcDirs
}
task javadocJar(type: Jar) {
- classifier = 'javadoc'
- from javadoc
+ classifier = 'javadoc'
+ from javadoc
}
artifacts {
- archives javadocJar
+ archives javadocJar
}
diff --git a/gradle/maven-deployment.gradle b/gradle/maven-deployment.gradle
index e66962a4f0..e4018e58ce 100644
--- a/gradle/maven-deployment.gradle
+++ b/gradle/maven-deployment.gradle
@@ -2,129 +2,129 @@ apply plugin: 'maven'
// Create a source jar for uploading
task sourceJar(type: Jar) {
- classifier = 'sources'
- from sourceSets.main.java.srcDirs
- include '**/*.java', '**/*.aj'
+ classifier = 'sources'
+ from sourceSets.main.java.srcDirs
+ include '**/*.java', '**/*.aj'
}
artifacts {
- archives sourceJar
+ archives sourceJar
}
// Configuration for SpringSource s3 maven deployer
configurations {
- deployerJars
+ deployerJars
}
dependencies {
- deployerJars "org.springframework.build.aws:org.springframework.build.aws.maven:3.0.0.RELEASE"
+ deployerJars "org.springframework.build.aws:org.springframework.build.aws.maven:3.0.0.RELEASE"
}
install {
- repositories.mavenInstaller {
- customizePom(pom, project)
- }
+ repositories.mavenInstaller {
+ customizePom(pom, project)
+ }
}
def customizePom(pom, gradleProject) {
- pom.whenConfigured { p ->
- p.dependencies.findAll{ it.scope == "optional" }.each {
- it.scope = "compile"
- it.optional = true
- }
- // sort to make pom dependencies order consistent to ease comparison of older poms
- p.dependencies = p.dependencies.sort { dep ->
- "$dep.scope:$dep.optional:$dep.groupId:$dep.artifactId"
- }
- }
- def isWar = project.hasProperty('war')
- pom.project {
- name = gradleProject.name
- if(isWar) {
- packaging = "war"
- }
- description = gradleProject.name
- url = 'http://spring.io/spring-security'
- organization {
- name = 'spring.io'
- url = 'http://spring.io/'
- }
- licenses {
- license {
- name 'The Apache Software License, Version 2.0'
- url 'http://www.apache.org/licenses/LICENSE-2.0.txt'
- distribution 'repo'
- }
- }
- scm {
- url = 'https://github.com/spring-projects/spring-security'
- connection = 'scm:git:git://github.com/spring-projects/spring-security'
- developerConnection = 'scm:git:git://github.com/spring-projects/spring-security'
- }
- developers {
- developer {
- id = 'rwinch'
- name = 'Rob Winch'
- email = 'rwinch@gopivotal.com'
- }
- }
- if(isWar) {
- properties {
- 'm2eclipse.wtp.contextRoot' '/' + project.war.baseName
- }
- }
- if(project.snapshotBuild) {
- repositories {
- repository {
- id 'spring-snasphot'
- url 'https://repo.spring.io/snapshot'
- }
- }
- } else if(!project.releaseBuild) {
- repositories {
- repository {
- id 'spring-milestone'
- url 'https://repo.spring.io/milestone'
- }
- }
- }
- }
+ pom.whenConfigured { p ->
+ p.dependencies.findAll{ it.scope == "optional" }.each {
+ it.scope = "compile"
+ it.optional = true
+ }
+ // sort to make pom dependencies order consistent to ease comparison of older poms
+ p.dependencies = p.dependencies.sort { dep ->
+ "$dep.scope:$dep.optional:$dep.groupId:$dep.artifactId"
+ }
+ }
+ def isWar = project.hasProperty('war')
+ pom.project {
+ name = gradleProject.name
+ if(isWar) {
+ packaging = "war"
+ }
+ description = gradleProject.name
+ url = 'http://spring.io/spring-security'
+ organization {
+ name = 'spring.io'
+ url = 'http://spring.io/'
+ }
+ licenses {
+ license {
+ name 'The Apache Software License, Version 2.0'
+ url 'http://www.apache.org/licenses/LICENSE-2.0.txt'
+ distribution 'repo'
+ }
+ }
+ scm {
+ url = 'https://github.com/spring-projects/spring-security'
+ connection = 'scm:git:git://github.com/spring-projects/spring-security'
+ developerConnection = 'scm:git:git://github.com/spring-projects/spring-security'
+ }
+ developers {
+ developer {
+ id = 'rwinch'
+ name = 'Rob Winch'
+ email = 'rwinch@gopivotal.com'
+ }
+ }
+ if(isWar) {
+ properties {
+ 'm2eclipse.wtp.contextRoot' '/' + project.war.baseName
+ }
+ }
+ if(project.snapshotBuild) {
+ repositories {
+ repository {
+ id 'spring-snasphot'
+ url 'https://repo.spring.io/snapshot'
+ }
+ }
+ } else if(!project.releaseBuild) {
+ repositories {
+ repository {
+ id 'spring-milestone'
+ url 'https://repo.spring.io/milestone'
+ }
+ }
+ }
+ }
- // http://forums.gradle.org/gradle/topics/after_upgrade_gradle_to_2_0_version_the_maven_pom_not_support_build_property
- pom.withXml {
- def plugins = asNode().appendNode('build').appendNode('plugins')
- plugins
- .appendNode('plugin')
- .appendNode('artifactId','maven-compiler-plugin').parent()
- .appendNode('configuration')
- .appendNode('source','1.7').parent()
- .appendNode('target','1.7')
- if(isWar) {
- plugins
- .appendNode('plugin')
- .appendNode('artifactId','maven-war-plugin').parent()
- .appendNode('version','2.3').parent()
- .appendNode('configuration')
- .appendNode('failOnMissingWebXml','false')
- }
- }
+ // http://forums.gradle.org/gradle/topics/after_upgrade_gradle_to_2_0_version_the_maven_pom_not_support_build_property
+ pom.withXml {
+ def plugins = asNode().appendNode('build').appendNode('plugins')
+ plugins
+ .appendNode('plugin')
+ .appendNode('artifactId','maven-compiler-plugin').parent()
+ .appendNode('configuration')
+ .appendNode('source','1.7').parent()
+ .appendNode('target','1.7')
+ if(isWar) {
+ plugins
+ .appendNode('plugin')
+ .appendNode('artifactId','maven-war-plugin').parent()
+ .appendNode('version','2.3').parent()
+ .appendNode('configuration')
+ .appendNode('failOnMissingWebXml','false')
+ }
+ }
}
task generatePom {
- group = 'Build'
- description = 'Generates a Maven pom.xml'
+ group = 'Build'
+ description = 'Generates a Maven pom.xml'
- ext.generatedPomFileName = "pom.xml"
- onlyIf { install.enabled }
+ ext.generatedPomFileName = "pom.xml"
+ onlyIf { install.enabled }
- inputs.files(fileTree(project.rootProject.rootDir).include("**/*.gradle").files)
- inputs.files(new File(project.rootProject.rootDir, Project.GRADLE_PROPERTIES))
- outputs.files(generatedPomFileName)
+ inputs.files(fileTree(project.rootProject.rootDir).include("**/*.gradle").files)
+ inputs.files(new File(project.rootProject.rootDir, Project.GRADLE_PROPERTIES))
+ outputs.files(generatedPomFileName)
- doLast() {
- def p = pom {}
- customizePom(p, project)
- p.writeTo(generatedPomFileName)
- }
+ doLast() {
+ def p = pom {}
+ customizePom(p, project)
+ p.writeTo(generatedPomFileName)
+ }
}
build.dependsOn generatePom
diff --git a/gradle/release-checks.gradle b/gradle/release-checks.gradle
index 78294a81bf..4cf510694e 100644
--- a/gradle/release-checks.gradle
+++ b/gradle/release-checks.gradle
@@ -1,22 +1,22 @@
task checkDependencies << {
- verifyNoDependenciesMatchingVersion(".*-SNAPSHOT")
- if(releaseBuild) {
- verifyNoDependenciesMatchingVersion(".*M.*")
- verifyNoDependenciesMatchingVersion(".*RC.*")
- }
+ verifyNoDependenciesMatchingVersion(".*-SNAPSHOT")
+ if(releaseBuild) {
+ verifyNoDependenciesMatchingVersion(".*M.*")
+ verifyNoDependenciesMatchingVersion(".*RC.*")
+ }
}
if(!snapshotBuild) {
- tasks.findByPath('check')?.dependsOn checkDependencies
+ tasks.findByPath('check')?.dependsOn checkDependencies
}
def verifyNoDependenciesMatchingVersion(def pattern) {
- def dependencies = configurations.all*.allDependencies*.findAll { d ->
- def ignored = 'io.spring.platform:platform-versions'
- def groupAndName = "$d.group:$d.name".toString()
- ignored != groupAndName && d.version?.matches(pattern)
- }.flatten().toSet().join("\n ")
- if(dependencies) {
- throw new GradleException("${project.name} cannot have dependencies with a version that matches $pattern when its version is ${project.version}. Got\n $dependencies")
- }
+ def dependencies = configurations.all*.allDependencies*.findAll { d ->
+ def ignored = 'io.spring.platform:platform-versions'
+ def groupAndName = "$d.group:$d.name".toString()
+ ignored != groupAndName && d.version?.matches(pattern)
+ }.flatten().toSet().join("\n ")
+ if(dependencies) {
+ throw new GradleException("${project.name} cannot have dependencies with a version that matches $pattern when its version is ${project.version}. Got\n $dependencies")
+ }
}
\ No newline at end of file
diff --git a/gradle/tomcat.gradle b/gradle/tomcat.gradle
index d1ed9b604e..0ad83472b6 100644
--- a/gradle/tomcat.gradle
+++ b/gradle/tomcat.gradle
@@ -1,68 +1,68 @@
buildscript {
- repositories {
- maven { url "https://repo.spring.io/plugins-release" }
- }
- dependencies {
- classpath("org.gradle.api.plugins:gradle-tomcat-plugin:1.2.5")
- }
+ repositories {
+ maven { url "https://repo.spring.io/plugins-release" }
+ }
+ dependencies {
+ classpath("org.gradle.api.plugins:gradle-tomcat-plugin:1.2.5")
+ }
}
apply plugin: 'tomcat'
dependencies {
- def tomcatVersion = '7.0.54'
- tomcat "org.apache.tomcat.embed:tomcat-embed-core:${tomcatVersion}",
- "org.apache.tomcat.embed:tomcat-embed-logging-juli:${tomcatVersion}",
- "org.apache.tomcat.embed:tomcat-embed-websocket:${tomcatVersion}"
- tomcat("org.apache.tomcat.embed:tomcat-embed-jasper:${tomcatVersion}") {
- exclude group: 'org.eclipse.jdt.core.compiler', module: 'ecj'
- }
+ def tomcatVersion = '7.0.54'
+ tomcat "org.apache.tomcat.embed:tomcat-embed-core:${tomcatVersion}",
+ "org.apache.tomcat.embed:tomcat-embed-logging-juli:${tomcatVersion}",
+ "org.apache.tomcat.embed:tomcat-embed-websocket:${tomcatVersion}"
+ tomcat("org.apache.tomcat.embed:tomcat-embed-jasper:${tomcatVersion}") {
+ exclude group: 'org.eclipse.jdt.core.compiler', module: 'ecj'
+ }
}
task integrationTomcatRun(type: org.gradle.api.plugins.tomcat.tasks.TomcatRun) {
- onlyIf { !sourceSets.integrationTest.allSource.empty }
- buildscriptClasspath = tomcatRun.buildscriptClasspath
- contextPath = tomcatRun.contextPath
- daemon = true
- tomcatClasspath = tomcatRun.tomcatClasspath
- webAppClasspath = tomcatRun.webAppClasspath
- webAppSourceDirectory = tomcatRun.webAppSourceDirectory
- doFirst {
- def mainOutputDir = project.sourceSets.main.output.classesDir
- if(mainOutputDir) {
- classesDirectory = mainOutputDir
- }
- // delay reserving ports to ensure they are still available
- def ports = reservePorts(3)
- httpPort = ports[0]
- ajpPort = ports[1]
- stopPort = ports[2]
- }
+ onlyIf { !sourceSets.integrationTest.allSource.empty }
+ buildscriptClasspath = tomcatRun.buildscriptClasspath
+ contextPath = tomcatRun.contextPath
+ daemon = true
+ tomcatClasspath = tomcatRun.tomcatClasspath
+ webAppClasspath = tomcatRun.webAppClasspath
+ webAppSourceDirectory = tomcatRun.webAppSourceDirectory
+ doFirst {
+ def mainOutputDir = project.sourceSets.main.output.classesDir
+ if(mainOutputDir) {
+ classesDirectory = mainOutputDir
+ }
+ // delay reserving ports to ensure they are still available
+ def ports = reservePorts(3)
+ httpPort = ports[0]
+ ajpPort = ports[1]
+ stopPort = ports[2]
+ }
}
task integrationTomcatStop(type: org.gradle.api.plugins.tomcat.tasks.TomcatStop) {
- onlyIf { !sourceSets.integrationTest.allSource.empty }
- doFirst {
- stopPort = integrationTomcatRun.stopPort
- }
+ onlyIf { !sourceSets.integrationTest.allSource.empty }
+ doFirst {
+ stopPort = integrationTomcatRun.stopPort
+ }
}
integrationTest {
- dependsOn integrationTomcatRun
- doFirst {
- def host = 'localhost:' + integrationTomcatRun.httpPort
- systemProperties['geb.build.baseUrl'] = 'http://'+host+'/' + integrationTomcatRun.contextPath + '/'
- systemProperties['geb.build.reportsDir'] = 'build/geb-reports'
- }
- finalizedBy integrationTomcatStop
+ dependsOn integrationTomcatRun
+ doFirst {
+ def host = 'localhost:' + integrationTomcatRun.httpPort
+ systemProperties['geb.build.baseUrl'] = 'http://'+host+'/' + integrationTomcatRun.contextPath + '/'
+ systemProperties['geb.build.reportsDir'] = 'build/geb-reports'
+ }
+ finalizedBy integrationTomcatStop
}
def reservePorts(int count) {
- def sockets = []
- for(int i in 1..count) {
- sockets << new ServerSocket(0)
- }
- def result = sockets*.localPort
- sockets*.close()
- result
+ def sockets = []
+ for(int i in 1..count) {
+ sockets << new ServerSocket(0)
+ }
+ def result = sockets*.localPort
+ sockets*.close()
+ result
}
\ No newline at end of file
diff --git a/gradle/war-sample.gradle b/gradle/war-sample.gradle
index 99199e2619..8decfb919b 100644
--- a/gradle/war-sample.gradle
+++ b/gradle/war-sample.gradle
@@ -2,9 +2,9 @@ apply plugin: 'war'
apply from: TOMCAT_GRADLE
war {
- baseName = "sample"
+ baseName = "sample"
}
sonarRunner {
- skipProject = true
+ skipProject = true
}
\ No newline at end of file
diff --git a/itest/context/itest-context.gradle b/itest/context/itest-context.gradle
index c61cd812b0..b6986dc182 100644
--- a/itest/context/itest-context.gradle
+++ b/itest/context/itest-context.gradle
@@ -1,17 +1,17 @@
System.setProperty('python.cachedir.skip', 'true')
dependencies {
- compile project(':spring-security-core'),
- 'aopalliance:aopalliance:1.0',
- 'org.python:jython:2.5.0',
- "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-aop:$springVersion",
- "org.springframework:spring-tx:$springVersion",
- "org.springframework:spring-beans:$springVersion"
+ compile project(':spring-security-core'),
+ 'aopalliance:aopalliance:1.0',
+ 'org.python:jython:2.5.0',
+ "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-aop:$springVersion",
+ "org.springframework:spring-tx:$springVersion",
+ "org.springframework:spring-beans:$springVersion"
- testCompile project(':spring-security-web'),
- "javax.servlet:javax.servlet-api:$servletApiVersion",
- "org.springframework:spring-web:$springVersion"
- testRuntime project(':spring-security-config'),
- "org.aspectj:aspectjweaver:$aspectjVersion"
+ testCompile project(':spring-security-web'),
+ "javax.servlet:javax.servlet-api:$servletApiVersion",
+ "org.springframework:spring-web:$springVersion"
+ testRuntime project(':spring-security-config'),
+ "org.aspectj:aspectjweaver:$aspectjVersion"
}
\ No newline at end of file
diff --git a/itest/web/itest-web.gradle b/itest/web/itest-web.gradle
index 995c470b2f..d7b3de0a93 100644
--- a/itest/web/itest-web.gradle
+++ b/itest/web/itest-web.gradle
@@ -1,38 +1,38 @@
dependencies {
- compile "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-web:$springVersion"
+ compile "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-web:$springVersion"
- provided "javax.servlet:javax.servlet-api:$servletApiVersion"
+ provided "javax.servlet:javax.servlet-api:$servletApiVersion"
- testCompile project(':spring-security-core'),
- project(':spring-security-web'),
- project(':spring-security-taglibs'),
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-webmvc:$springVersion",
- "org.mortbay.jetty:jetty-util:$jettyVersion",
- "org.testng:testng:5.11:jdk15"
- testCompile ("org.mortbay.jetty:jetty:$jettyVersion") {
- exclude group: 'org.mortbay.jetty', module: 'servlet-api'
- }
- testCompile ('net.sourceforge.jwebunit:jwebunit-core:2.2') {
- exclude group: 'javax.servlet', module: 'servlet-api'
- exclude group: 'regexp', module: 'regexp'
- }
+ testCompile project(':spring-security-core'),
+ project(':spring-security-web'),
+ project(':spring-security-taglibs'),
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.mortbay.jetty:jetty-util:$jettyVersion",
+ "org.testng:testng:5.11:jdk15"
+ testCompile ("org.mortbay.jetty:jetty:$jettyVersion") {
+ exclude group: 'org.mortbay.jetty', module: 'servlet-api'
+ }
+ testCompile ('net.sourceforge.jwebunit:jwebunit-core:2.2') {
+ exclude group: 'javax.servlet', module: 'servlet-api'
+ exclude group: 'regexp', module: 'regexp'
+ }
- testRuntime project(':spring-security-config'),
- project(':spring-security-ldap'),
- "org.mortbay.jetty:jsp-2.1-jetty:$jettyVersion",
- testRuntime ('net.sourceforge.jwebunit:jwebunit-htmlunit-plugin:2.2') {
- exclude group: 'javax.servlet', module: 'servlet-api'
- }
+ testRuntime project(':spring-security-config'),
+ project(':spring-security-ldap'),
+ "org.mortbay.jetty:jsp-2.1-jetty:$jettyVersion",
+ testRuntime ('net.sourceforge.jwebunit:jwebunit-htmlunit-plugin:2.2') {
+ exclude group: 'javax.servlet', module: 'servlet-api'
+ }
}
integrationTest {
- useTestNG();
- options {
- jvmArgs = ["-ea", '-Xms128m', '-Xmx500m']
- systemProperties = ['webapp.dir': "$projectDir/src/main/webapp"]
- }
- maxParallelForks = 1
+ useTestNG();
+ options {
+ jvmArgs = ["-ea", '-Xms128m', '-Xmx500m']
+ systemProperties = ['webapp.dir': "$projectDir/src/main/webapp"]
+ }
+ maxParallelForks = 1
}
diff --git a/ldap/ldap.gradle b/ldap/ldap.gradle
index 403e03b25f..af38b874db 100644
--- a/ldap/ldap.gradle
+++ b/ldap/ldap.gradle
@@ -1,41 +1,41 @@
// Ldap build file
dependencies {
- compile project(':spring-security-core'),
- springCoreDependency,
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-tx:$springVersion"
+ compile project(':spring-security-core'),
+ springCoreDependency,
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-tx:$springVersion"
- optional "org.apache.directory.server:apacheds-core:$apacheDsVersion",
- "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion",
- "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion",
- "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion",
- "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion",
- 'org.apache.directory.shared:shared-ldap:0.9.15',
- 'ldapsdk:ldapsdk:4.1'
+ optional "org.apache.directory.server:apacheds-core:$apacheDsVersion",
+ "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion",
+ "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion",
+ "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion",
+ "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion",
+ 'org.apache.directory.shared:shared-ldap:0.9.15',
+ 'ldapsdk:ldapsdk:4.1'
- compile ("org.springframework.ldap:spring-ldap-core:$springLdapVersion") {
- exclude(group: 'commons-logging', module: 'commons-logging')
- exclude(group: 'org.springframework', module: 'spring-core')
- exclude(group: 'org.springframework', module: 'spring-tx')
- exclude(group: 'org.springframework', module: 'spring-beans')
- exclude(group: 'org.springframework.data', module: 'spring-data-commons')
- }
+ compile ("org.springframework.ldap:spring-ldap-core:$springLdapVersion") {
+ exclude(group: 'commons-logging', module: 'commons-logging')
+ exclude(group: 'org.springframework', module: 'spring-core')
+ exclude(group: 'org.springframework', module: 'spring-tx')
+ exclude(group: 'org.springframework', module: 'spring-beans')
+ exclude(group: 'org.springframework.data', module: 'spring-data-commons')
+ }
- testCompile "org.slf4j:slf4j-api:$slf4jVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion"
+ testCompile "org.slf4j:slf4j-api:$slf4jVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion"
}
integrationTest {
- include('**/ApacheDSServerIntegrationTests.class')
-// exclude('**/OpenLDAPIntegrationTestSuite.class')
- maxParallelForks = 1
+ include('**/ApacheDSServerIntegrationTests.class')
+// exclude('**/OpenLDAPIntegrationTestSuite.class')
+ maxParallelForks = 1
}
// Runs a server for running the integration tests against (from an IDE, for example)
task(ldapServer, dependsOn: 'integrationTestClasses', type: JavaExec) {
- classpath = sourceSets.integrationTest.runtimeClasspath
- main = 'org.springframework.security.ldap.ApacheDSServerIntegrationTests'
+ classpath = sourceSets.integrationTest.runtimeClasspath
+ main = 'org.springframework.security.ldap.ApacheDSServerIntegrationTests'
}
diff --git a/messaging/messaging.gradle b/messaging/messaging.gradle
index cc07363e13..beb3eab4b0 100644
--- a/messaging/messaging.gradle
+++ b/messaging/messaging.gradle
@@ -1,24 +1,24 @@
apply plugin: 'groovy'
dependencies {
- compile project(':spring-security-core'),
- springCoreDependency,
- 'aopalliance:aopalliance:1.0',
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-expression:$springVersion",
- "org.springframework:spring-messaging:$springVersion"
+ compile project(':spring-security-core'),
+ springCoreDependency,
+ 'aopalliance:aopalliance:1.0',
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-expression:$springVersion",
+ "org.springframework:spring-messaging:$springVersion"
- optional project(':spring-security-web'),
- "org.springframework:spring-websocket:$springVersion",
- "javax.servlet:javax.servlet-api:$servletApiVersion"
+ optional project(':spring-security-web'),
+ "org.springframework:spring-websocket:$springVersion",
+ "javax.servlet:javax.servlet-api:$servletApiVersion"
- testCompile project(':spring-security-core').sourceSets.test.output,
- "commons-codec:commons-codec:$commonsCodecVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "org.codehaus.groovy:groovy-all:$groovyVersion",
- powerMockDependencies,
- spockDependencies
+ testCompile project(':spring-security-core').sourceSets.test.output,
+ "commons-codec:commons-codec:$commonsCodecVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "org.codehaus.groovy:groovy-all:$groovyVersion",
+ powerMockDependencies,
+ spockDependencies
- testRuntime "org.hsqldb:hsqldb:$hsqlVersion"
+ testRuntime "org.hsqldb:hsqldb:$hsqlVersion"
}
\ No newline at end of file
diff --git a/openid/openid.gradle b/openid/openid.gradle
index 64e51e9a4b..e383326d24 100644
--- a/openid/openid.gradle
+++ b/openid/openid.gradle
@@ -1,24 +1,24 @@
// OpenID Module build file
dependencies {
- compile project(':spring-security-core'),
- project(':spring-security-web'),
- springCoreDependency,
- "org.springframework:spring-aop:$springVersion",
- "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-web:$springVersion"
+ compile project(':spring-security-core'),
+ project(':spring-security-web'),
+ springCoreDependency,
+ "org.springframework:spring-aop:$springVersion",
+ "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-web:$springVersion"
- // openid4java has a compile time dep on guice with a group
- // name which is different from the maven central one.
- // We use the maven central version here instead.
- compile('org.openid4java:openid4java-nodeps:0.9.6') {
- exclude group: 'com.google.code.guice', module: 'guice'
- }
- compile 'com.google.inject:guice:2.0'
+ // openid4java has a compile time dep on guice with a group
+ // name which is different from the maven central one.
+ // We use the maven central version here instead.
+ compile('org.openid4java:openid4java-nodeps:0.9.6') {
+ exclude group: 'com.google.code.guice', module: 'guice'
+ }
+ compile 'com.google.inject:guice:2.0'
- provided "javax.servlet:javax.servlet-api:$servletApiVersion"
+ provided "javax.servlet:javax.servlet-api:$servletApiVersion"
- runtime 'org.apache.httpcomponents:httpclient:4.2.3',
- 'net.sourceforge.nekohtml:nekohtml:1.9.20'
+ runtime 'org.apache.httpcomponents:httpclient:4.2.3',
+ 'net.sourceforge.nekohtml:nekohtml:1.9.20'
}
diff --git a/remoting/remoting.gradle b/remoting/remoting.gradle
index 63e12dfd89..30f9b134b8 100644
--- a/remoting/remoting.gradle
+++ b/remoting/remoting.gradle
@@ -1,12 +1,12 @@
// Remoting module build file
dependencies {
- compile project(':spring-security-core'),
- 'aopalliance:aopalliance:1.0',
- springCoreDependency,
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-web:$springVersion"
+ compile project(':spring-security-core'),
+ 'aopalliance:aopalliance:1.0',
+ springCoreDependency,
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-web:$springVersion"
- testCompile project(':spring-security-core').sourceSets.test.output
+ testCompile project(':spring-security-core').sourceSets.test.output
}
diff --git a/samples/aspectj-jc/build.gradle b/samples/aspectj-jc/build.gradle
index 2c8a490f90..029e55272d 100644
--- a/samples/aspectj-jc/build.gradle
+++ b/samples/aspectj-jc/build.gradle
@@ -1,9 +1,9 @@
dependencies {
- compile project(':spring-security-core'),
- project(':spring-security-config')
+ compile project(':spring-security-core'),
+ project(':spring-security-config')
- aspectpath project(':spring-security-aspects')
+ aspectpath project(':spring-security-aspects')
- runtime project(':spring-security-aspects')
+ runtime project(':spring-security-aspects')
}
diff --git a/samples/aspectj-xml/aspectj.gradle b/samples/aspectj-xml/aspectj.gradle
index b3c512ce37..470b537601 100644
--- a/samples/aspectj-xml/aspectj.gradle
+++ b/samples/aspectj-xml/aspectj.gradle
@@ -1,9 +1,9 @@
dependencies {
- compile project(':spring-security-core')
+ compile project(':spring-security-core')
- aspectpath project(':spring-security-aspects')
+ aspectpath project(':spring-security-aspects')
- runtime project(':spring-security-config'),
- project(':spring-security-aspects')
+ runtime project(':spring-security-config'),
+ project(':spring-security-aspects')
}
diff --git a/samples/cas/sample-xml/cassample.gradle b/samples/cas/sample-xml/cassample.gradle
index c31cae6658..951ec2b800 100644
--- a/samples/cas/sample-xml/cassample.gradle
+++ b/samples/cas/sample-xml/cassample.gradle
@@ -10,65 +10,65 @@ def keystore = "$rootDir/samples/certificates/server.jks"
def password = 'password'
configurations {
- casServer
- excludeModules.each {name ->
- runtime.exclude module: name
- }
+ casServer
+ excludeModules.each {name ->
+ runtime.exclude module: name
+ }
- runtime.exclude group: 'org.aspectj'
+ runtime.exclude group: 'org.aspectj'
}
sourceSets {
- test.resources.exclude 'GebConfig.groovy'
- integrationTest.groovy.srcDir file('src/integration-test/groovy')
+ test.resources.exclude 'GebConfig.groovy'
+ integrationTest.groovy.srcDir file('src/integration-test/groovy')
}
eclipse.classpath.plusConfigurations += [configurations.integrationTestRuntime]
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
+ providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
- compile project(':spring-security-core'),
- project(':spring-security-cas'),
- "org.jasig.cas.client:cas-client-core:$casClientVersion"
+ compile project(':spring-security-core'),
+ project(':spring-security-cas'),
+ "org.jasig.cas.client:cas-client-core:$casClientVersion"
- runtime project(':spring-security-web'),
- project(':spring-security-config'),
- "org.springframework:spring-context-support:$springVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "ch.qos.logback:logback-classic:$logbackVersion",
- "net.sf.ehcache:ehcache:$ehcacheVersion"
+ runtime project(':spring-security-web'),
+ project(':spring-security-config'),
+ "org.springframework:spring-context-support:$springVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "ch.qos.logback:logback-classic:$logbackVersion",
+ "net.sf.ehcache:ehcache:$ehcacheVersion"
- integrationTestCompile project(':spring-security-cas'),
- "org.seleniumhq.selenium:selenium-htmlunit-driver:$seleniumVersion",
- "org.gebish:geb-spock:$gebVersion",
- 'commons-httpclient:commons-httpclient:3.1',
- "org.eclipse.jetty:jetty-server:$jettyVersion",
- "org.eclipse.jetty:jetty-servlet:$jettyVersion",
- "org.codehaus.groovy:groovy:$groovyVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- spockDependencies
+ integrationTestCompile project(':spring-security-cas'),
+ "org.seleniumhq.selenium:selenium-htmlunit-driver:$seleniumVersion",
+ "org.gebish:geb-spock:$gebVersion",
+ 'commons-httpclient:commons-httpclient:3.1',
+ "org.eclipse.jetty:jetty-server:$jettyVersion",
+ "org.eclipse.jetty:jetty-servlet:$jettyVersion",
+ "org.codehaus.groovy:groovy:$groovyVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ spockDependencies
}
[jettyRun, jettyRunWar]*.configure {
- contextPath = "/cas-sample"
- def httpConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.nio.SelectChannelConnector').newInstance()
- httpConnector.port = 8080
- httpConnector.confidentialPort = 8443
- def httpsConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector').newInstance()
- httpsConnector.port = 8443
- httpsConnector.keystore = httpsConnector.truststore = keystore
- httpsConnector.keyPassword = httpsConnector.trustPassword = password
+ contextPath = "/cas-sample"
+ def httpConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.nio.SelectChannelConnector').newInstance()
+ httpConnector.port = 8080
+ httpConnector.confidentialPort = 8443
+ def httpsConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector').newInstance()
+ httpsConnector.port = 8443
+ httpsConnector.keystore = httpsConnector.truststore = keystore
+ httpsConnector.keyPassword = httpsConnector.trustPassword = password
- connectors = [httpConnector, httpsConnector]
- doFirst() {
- System.setProperty('cas.server.host', casServer().httpsHost)
- System.setProperty('cas.service.host', jettyRunWar.httpsHost)
- }
+ connectors = [httpConnector, httpsConnector]
+ doFirst() {
+ System.setProperty('cas.server.host', casServer().httpsHost)
+ System.setProperty('cas.service.host', jettyRunWar.httpsHost)
+ }
}
task cas (dependsOn: [jettyRunWar]) {
- jettyRunWar.dependsOn(':spring-security-samples-casserver:casServer')
+ jettyRunWar.dependsOn(':spring-security-samples-casserver:casServer')
}
task casServer(dependsOn: ':spring-security-samples-casserver:casServer') {
@@ -76,54 +76,54 @@ task casServer(dependsOn: ':spring-security-samples-casserver:casServer') {
integrationTest.dependsOn cas
integrationTest.doFirst {
- def casServiceHost = jettyRunWar.httpsHost
- systemProperties['cas.server.host'] = casServer().httpsHost
- systemProperties['cas.service.host'] = casServiceHost
- systemProperties['geb.build.baseUrl'] = 'https://'+casServiceHost+'/cas-sample/'
- systemProperties['geb.build.reportsDir'] = 'build/geb-reports'
- systemProperties['jar.path'] = jar.archivePath
- systemProperties['javax.net.ssl.trustStore'] = keystore
- systemProperties['javax.net.ssl.trustStorePassword'] = password
+ def casServiceHost = jettyRunWar.httpsHost
+ systemProperties['cas.server.host'] = casServer().httpsHost
+ systemProperties['cas.service.host'] = casServiceHost
+ systemProperties['geb.build.baseUrl'] = 'https://'+casServiceHost+'/cas-sample/'
+ systemProperties['geb.build.reportsDir'] = 'build/geb-reports'
+ systemProperties['jar.path'] = jar.archivePath
+ systemProperties['javax.net.ssl.trustStore'] = keystore
+ systemProperties['javax.net.ssl.trustStorePassword'] = password
}
gradle.taskGraph.whenReady {graph ->
- def casServer = casServer()
- [casServer,jettyRunWar]*.metaClass*.getHttpsConnector {->
- def sslSocketConnClass = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector')
- delegate.connectors.find { it in sslSocketConnClass }
- }
- [casServer,jettyRunWar]*.metaClass*.getHttpsHost {->
- "localhost:"+delegate.httpsConnector.port
- }
- jettyRunWar.metaClass.getHttpConnector {->
- def channelConnClass = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.nio.SelectChannelConnector')
- delegate.connectors.find { it in channelConnClass }
- }
- if (graph.hasTask(cas)) {
- casServer.daemon = true
- }
- if(graph.hasTask(integrationTest)) {
- tasks.getByPath(':spring-security-samples-casserver:casServerOverlay').logLevel = 'ERROR'
- jettyRunWar {
- additionalRuntimeJars += file("src/integration-test/resources")
- daemon = true
- }
+ def casServer = casServer()
+ [casServer,jettyRunWar]*.metaClass*.getHttpsConnector {->
+ def sslSocketConnClass = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector')
+ delegate.connectors.find { it in sslSocketConnClass }
+ }
+ [casServer,jettyRunWar]*.metaClass*.getHttpsHost {->
+ "localhost:"+delegate.httpsConnector.port
+ }
+ jettyRunWar.metaClass.getHttpConnector {->
+ def channelConnClass = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.nio.SelectChannelConnector')
+ delegate.connectors.find { it in channelConnClass }
+ }
+ if (graph.hasTask(cas)) {
+ casServer.daemon = true
+ }
+ if(graph.hasTask(integrationTest)) {
+ tasks.getByPath(':spring-security-samples-casserver:casServerOverlay').logLevel = 'ERROR'
+ jettyRunWar {
+ additionalRuntimeJars += file("src/integration-test/resources")
+ daemon = true
+ }
- [jettyRunWar.httpConnector,jettyRunWar.httpsConnector,casServer.httpsConnector]*.metaClass*.reservePort { taskToCloseSocket ->
- def serverSocket = new ServerSocket(0)
- delegate.metaClass.serverSocket = serverSocket
- delegate.port = serverSocket.localPort
- taskToCloseSocket.doFirst {
- serverSocket.close()
- }
- }
+ [jettyRunWar.httpConnector,jettyRunWar.httpsConnector,casServer.httpsConnector]*.metaClass*.reservePort { taskToCloseSocket ->
+ def serverSocket = new ServerSocket(0)
+ delegate.metaClass.serverSocket = serverSocket
+ delegate.port = serverSocket.localPort
+ taskToCloseSocket.doFirst {
+ serverSocket.close()
+ }
+ }
- [jettyRunWar.httpConnector,jettyRunWar.httpsConnector]*.reservePort(jettyRunWar)
- jettyRunWar.httpConnector.confidentialPort = jettyRunWar.httpsConnector.port
- casServer.httpsConnector.reservePort(casServer)
- }
+ [jettyRunWar.httpConnector,jettyRunWar.httpsConnector]*.reservePort(jettyRunWar)
+ jettyRunWar.httpConnector.confidentialPort = jettyRunWar.httpsConnector.port
+ casServer.httpsConnector.reservePort(casServer)
+ }
}
def casServer() {
- tasks.getByPath(':spring-security-samples-casserver:casServer')
+ tasks.getByPath(':spring-security-samples-casserver:casServer')
}
diff --git a/samples/cas/server/casserver.gradle b/samples/cas/server/casserver.gradle
index bdae92743e..1316212e7f 100644
--- a/samples/cas/server/casserver.gradle
+++ b/samples/cas/server/casserver.gradle
@@ -6,58 +6,58 @@ def keystore = "$rootDir/samples/certificates/server.jks"
def password = 'password'
configurations {
- casServer
+ casServer
}
dependencies {
- casServer "org.jasig.cas:cas-server-webapp:4.0.0@war"
+ casServer "org.jasig.cas:cas-server-webapp:4.0.0@war"
}
task casServerOverlay(type: Sync) {
- def war = configurations.casServer.resolve().toArray()[0]
- def warName = war.name.replace('.war','-custom')
- def overlayDir = file('src/main/webapp')
- def explodedWar = file("$buildDir/tmp/${warName}")
- ext.customWar = file("$buildDir/tmp/${warName}.war")
- ext.tokens = [logLevel: 'INFO']
+ def war = configurations.casServer.resolve().toArray()[0]
+ def warName = war.name.replace('.war','-custom')
+ def overlayDir = file('src/main/webapp')
+ def explodedWar = file("$buildDir/tmp/${warName}")
+ ext.customWar = file("$buildDir/tmp/${warName}.war")
+ ext.tokens = [logLevel: 'INFO']
- inputs.files(war, overlayDir)
- inputs.property('tokens',{tokens})
- outputs.files (customWar,explodedWar,file("$buildDir/tmp/expandedArchives"))
+ inputs.files(war, overlayDir)
+ inputs.property('tokens',{tokens})
+ outputs.files (customWar,explodedWar,file("$buildDir/tmp/expandedArchives"))
- from zipTree(war)
- from (overlayDir) {
- filter(ReplaceTokens,tokens: tokens)
- }
- into explodedWar
+ from zipTree(war)
+ from (overlayDir) {
+ filter(ReplaceTokens,tokens: tokens)
+ }
+ into explodedWar
- doLast {
- if(customWar.exists()) {
- customWar.delete()
- }
- ant.zip(destfile: customWar, baseDir: explodedWar)
- }
+ doLast {
+ if(customWar.exists()) {
+ customWar.delete()
+ }
+ ant.zip(destfile: customWar, baseDir: explodedWar)
+ }
}
casServerOverlay.metaClass.setLogLevel { level ->
- tokens['logLevel'] = level
+ tokens['logLevel'] = level
}
task casServer (type: org.gradle.api.plugins.jetty.JettyRunWar, dependsOn: 'casServerOverlay') {
- contextPath = "/cas"
- connectors = [casServer.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector').newInstance()]
- connectors[0].port = 9443
- connectors[0].keystore = connectors[0].truststore = keystore
- connectors[0].keyPassword = connectors[0].trustPassword = password
- connectors[0].wantClientAuth = true
- connectors[0].needClientAuth = false
- webApp = casServerOverlay.customWar
+ contextPath = "/cas"
+ connectors = [casServer.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector').newInstance()]
+ connectors[0].port = 9443
+ connectors[0].keystore = connectors[0].truststore = keystore
+ connectors[0].keyPassword = connectors[0].trustPassword = password
+ connectors[0].wantClientAuth = true
+ connectors[0].needClientAuth = false
+ webApp = casServerOverlay.customWar
- inputs.file casServerOverlay.customWar
+ inputs.file casServerOverlay.customWar
- doFirst() {
- System.setProperty('javax.net.ssl.trustStore', keystore)
- System.setProperty('javax.net.ssl.trustStorePassword', password)
- System.setProperty('java.naming.factory.url.pkgs','org.mortbay.naming')
- System.setProperty('java.naming.factory.initial','org.mortbay.naming.InitialContextFactory')
- }
+ doFirst() {
+ System.setProperty('javax.net.ssl.trustStore', keystore)
+ System.setProperty('javax.net.ssl.trustStorePassword', password)
+ System.setProperty('java.naming.factory.url.pkgs','org.mortbay.naming')
+ System.setProperty('java.naming.factory.initial','org.mortbay.naming.InitialContextFactory')
+ }
}
diff --git a/samples/chat-jc/build.gradle b/samples/chat-jc/build.gradle
index 25d2b3954e..e125d8295a 100644
--- a/samples/chat-jc/build.gradle
+++ b/samples/chat-jc/build.gradle
@@ -1,40 +1,40 @@
apply from: WAR_SAMPLE_GRADLE
repositories {
- maven { url 'http://clojars.org/repo' }
+ maven { url 'http://clojars.org/repo' }
}
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
+ providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
- compile project(":spring-security-web"),
- project(":spring-security-config"),
- project(":spring-security-messaging"),
- project(":spring-security-data"),
- "org.springframework:spring-webmvc:${springVersion}",
- "org.springframework:spring-websocket:${springVersion}",
- "org.springframework:spring-messaging:${springVersion}",
- "org.springframework.session:spring-session:${springSessionVersion}",
- "org.springframework.data:spring-data-redis:${springDataRedisVersion}",
- "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.0.Final",
- "org.hsqldb:hsqldb:$hsqlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final",
- "redis.clients:jedis:2.4.2",
- "redis.embedded:embedded-redis:0.2",
- "org.apache.commons:commons-pool2:2.2",
- "org.thymeleaf:thymeleaf-spring4:$thymeleafVersion",
- "org.thymeleaf.extras:thymeleaf-extras-tiles2-spring4:2.1.1.RELEASE",
- "org.slf4j:slf4j-api:$slf4jVersion",
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "com.fasterxml.jackson.core:jackson-databind:$jacksonDatavindVersion"
- compile('org.hibernate:hibernate-entitymanager:3.6.10.Final') {
- exclude group:'javassist', module: 'javassist'
- }
- compile("org.springframework.data:spring-data-jpa:$springDataJpaVersion") {
- exclude group:'org.aspectj', module:'aspectjrt'
- }
+ compile project(":spring-security-web"),
+ project(":spring-security-config"),
+ project(":spring-security-messaging"),
+ project(":spring-security-data"),
+ "org.springframework:spring-webmvc:${springVersion}",
+ "org.springframework:spring-websocket:${springVersion}",
+ "org.springframework:spring-messaging:${springVersion}",
+ "org.springframework.session:spring-session:${springSessionVersion}",
+ "org.springframework.data:spring-data-redis:${springDataRedisVersion}",
+ "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.0.Final",
+ "org.hsqldb:hsqldb:$hsqlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final",
+ "redis.clients:jedis:2.4.2",
+ "redis.embedded:embedded-redis:0.2",
+ "org.apache.commons:commons-pool2:2.2",
+ "org.thymeleaf:thymeleaf-spring4:$thymeleafVersion",
+ "org.thymeleaf.extras:thymeleaf-extras-tiles2-spring4:2.1.1.RELEASE",
+ "org.slf4j:slf4j-api:$slf4jVersion",
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "com.fasterxml.jackson.core:jackson-databind:$jacksonDatavindVersion"
+ compile('org.hibernate:hibernate-entitymanager:3.6.10.Final') {
+ exclude group:'javassist', module: 'javassist'
+ }
+ compile("org.springframework.data:spring-data-jpa:$springDataJpaVersion") {
+ exclude group:'org.aspectj', module:'aspectjrt'
+ }
- runtime "ch.qos.logback:logback-classic:$logbackVersion"
+ runtime "ch.qos.logback:logback-classic:$logbackVersion"
}
\ No newline at end of file
diff --git a/samples/concurrency-jc/build.gradle b/samples/concurrency-jc/build.gradle
index 70e3f866d1..1e203e783e 100644
--- a/samples/concurrency-jc/build.gradle
+++ b/samples/concurrency-jc/build.gradle
@@ -2,24 +2,24 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile project(":spring-security-config"),
- project(":spring-security-samples-messages-jc"),
- project(":spring-security-core"),
- project(":spring-security-web"),
- "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.slf4j:slf4j-api:$slf4jVersion",
- "org.slf4j:log4j-over-slf4j:$slf4jVersion",
- "org.slf4j:jul-to-slf4j:$slf4jVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final"
+ compile project(":spring-security-config"),
+ project(":spring-security-samples-messages-jc"),
+ project(":spring-security-core"),
+ project(":spring-security-web"),
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.slf4j:slf4j-api:$slf4jVersion",
+ "org.slf4j:log4j-over-slf4j:$slf4jVersion",
+ "org.slf4j:jul-to-slf4j:$slf4jVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final"
- runtime "opensymphony:sitemesh:2.4.2",
- "cglib:cglib-nodep:$cglibVersion",
- 'ch.qos.logback:logback-classic:0.9.30'
+ runtime "opensymphony:sitemesh:2.4.2",
+ "cglib:cglib-nodep:$cglibVersion",
+ 'ch.qos.logback:logback-classic:0.9.30'
}
\ No newline at end of file
diff --git a/samples/contacts-xml/contacts.gradle b/samples/contacts-xml/contacts.gradle
index a1ae36981c..57aeb01ee6 100644
--- a/samples/contacts-xml/contacts.gradle
+++ b/samples/contacts-xml/contacts.gradle
@@ -3,27 +3,27 @@
apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
+ providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
- compile project(':spring-security-core'),
- project(':spring-security-acl'),
- "org.springframework:spring-aop:$springVersion",
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.springframework:spring-tx:$springVersion",
- "org.springframework:spring-web:$springVersion",
- "org.springframework:spring-webmvc:$springVersion"
+ compile project(':spring-security-core'),
+ project(':spring-security-acl'),
+ "org.springframework:spring-aop:$springVersion",
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.springframework:spring-tx:$springVersion",
+ "org.springframework:spring-web:$springVersion",
+ "org.springframework:spring-webmvc:$springVersion"
- runtime project(':spring-security-web'),
- project(':spring-security-config'),
- project(':spring-security-taglibs'),
- "org.springframework:spring-context-support:$springVersion",
- jstlDependencies,
- "org.hsqldb:hsqldb:$hsqlVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "ch.qos.logback:logback-classic:$logbackVersion",
- "net.sf.ehcache:ehcache:$ehcacheVersion"
+ runtime project(':spring-security-web'),
+ project(':spring-security-config'),
+ project(':spring-security-taglibs'),
+ "org.springframework:spring-context-support:$springVersion",
+ jstlDependencies,
+ "org.hsqldb:hsqldb:$hsqlVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "ch.qos.logback:logback-classic:$logbackVersion",
+ "net.sf.ehcache:ehcache:$ehcacheVersion"
- integrationTestCompile gebDependencies
+ integrationTestCompile gebDependencies
}
\ No newline at end of file
diff --git a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/ContactsTests.groovy b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/ContactsTests.groovy
index 18dd2abb2a..42779a79c8 100644
--- a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/ContactsTests.groovy
+++ b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/ContactsTests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -26,62 +26,62 @@ import org.springframework.security.samples.pages.*
*/
@Stepwise
class ContactsTests extends GebReportingSpec {
- def 'access home page with unauthenticated user success'() {
- when: 'Unauthenticated user accesses the Home Page'
- to HomePage
- then: 'The page is displayed'
- at HomePage
- }
+ def 'access home page with unauthenticated user success'() {
+ when: 'Unauthenticated user accesses the Home Page'
+ to HomePage
+ then: 'The page is displayed'
+ at HomePage
+ }
- def 'access manage page with unauthenticated user sends to login page'() {
- when: 'Unauthenticated user accesses the Manage Page'
- manage.click(LoginPage)
- then: 'The login page is displayed'
- at LoginPage
- }
+ def 'access manage page with unauthenticated user sends to login page'() {
+ when: 'Unauthenticated user accesses the Manage Page'
+ manage.click(LoginPage)
+ then: 'The login page is displayed'
+ at LoginPage
+ }
- def 'authenticated user is sent to original page'() {
- when: 'user authenticates'
- login()
- then: 'The manage page is displayed'
- at ContactsPage
- }
+ def 'authenticated user is sent to original page'() {
+ when: 'user authenticates'
+ login()
+ then: 'The manage page is displayed'
+ at ContactsPage
+ }
- def 'add contact link works'() {
- when: 'user clicks add link'
- addContact.click(AddPage)
- then: 'The add page is displayed'
- at AddPage
- }
+ def 'add contact link works'() {
+ when: 'user clicks add link'
+ addContact.click(AddPage)
+ then: 'The add page is displayed'
+ at AddPage
+ }
- def 'add contact'() {
- when: 'add a contact'
- addContact
- then: 'The add page is displayed'
- at ContactsPage
- and: 'The new contact is displayed'
- contacts.find { it.email == 'rob@example.com' }?.name == 'Rob Winch'
- }
+ def 'add contact'() {
+ when: 'add a contact'
+ addContact
+ then: 'The add page is displayed'
+ at ContactsPage
+ and: 'The new contact is displayed'
+ contacts.find { it.email == 'rob@example.com' }?.name == 'Rob Winch'
+ }
- def 'delete contact'() {
- when: 'delete a contact'
- contacts.find { it.email == 'rob@example.com' }.delete()
- then: 'Delete confirmation displayed'
- at DeleteConfirmPage
- when: 'View Manage Page'
- manage.click()
- then: 'New contact has been removed'
- !contacts.find { it.email == 'rob@example.com' }
- }
+ def 'delete contact'() {
+ when: 'delete a contact'
+ contacts.find { it.email == 'rob@example.com' }.delete()
+ then: 'Delete confirmation displayed'
+ at DeleteConfirmPage
+ when: 'View Manage Page'
+ manage.click()
+ then: 'New contact has been removed'
+ !contacts.find { it.email == 'rob@example.com' }
+ }
- def 'authenticated user logs out'() {
- when: 'user logs out'
- logout.click()
- then: 'the default logout success page is displayed'
- at HomePage
- when: 'Unauthenticated user accesses the Manage Page'
- via ContactsPage
- then: 'The login page is displayed'
- at LoginPage
- }
+ def 'authenticated user logs out'() {
+ when: 'user logs out'
+ logout.click()
+ then: 'the default logout success page is displayed'
+ at HomePage
+ when: 'Unauthenticated user accesses the Manage Page'
+ via ContactsPage
+ then: 'The login page is displayed'
+ at LoginPage
+ }
}
\ No newline at end of file
diff --git a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/AddPage.groovy b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/AddPage.groovy
index 50a3571135..735f4bdfdc 100644
--- a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/AddPage.groovy
+++ b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/AddPage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,15 +23,15 @@ import geb.Page
* @author Rob Winch
*/
class AddPage extends Page {
- static url = 'add'
- static at = { assert driver.title == 'Add New Contact'; true}
- static content = {
- addContact(required:false) { name = 'Rob Winch', email = 'rob@example.com'->
- addForm.name = name
- addForm.email = email
- submit.click()
- }
- addForm { $('form') }
- submit { $('input', type: 'submit') }
- }
+ static url = 'add'
+ static at = { assert driver.title == 'Add New Contact'; true}
+ static content = {
+ addContact(required:false) { name = 'Rob Winch', email = 'rob@example.com'->
+ addForm.name = name
+ addForm.email = email
+ submit.click()
+ }
+ addForm { $('form') }
+ submit { $('input', type: 'submit') }
+ }
}
\ No newline at end of file
diff --git a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
index 42e3bae6d1..76cb9699fc 100644
--- a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
+++ b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,11 +23,11 @@ import geb.*
* @author Rob Winch
*/
class HomePage extends Page {
- static url = ''
- static at = { assert driver.title == 'Contacts Security Demo'; true}
- static content = {
- manage(to: [ContactsPage,LoginPage]) { $('a', text: 'Manage') }
- debug { $('a', text: 'Debug').click() }
- frames { $('a', text: 'Frames').click() }
- }
+ static url = ''
+ static at = { assert driver.title == 'Contacts Security Demo'; true}
+ static content = {
+ manage(to: [ContactsPage,LoginPage]) { $('a', text: 'Manage') }
+ debug { $('a', text: 'Debug').click() }
+ frames { $('a', text: 'Frames').click() }
+ }
}
\ No newline at end of file
diff --git a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
index ea1d48a695..55c1e69340 100644
--- a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
+++ b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,15 +23,15 @@ import geb.*
* @author Rob Winch
*/
class LoginPage extends Page {
- static url = 'login'
- static at = { assert driver.title == 'Login'; true}
- static content = {
- login(required:false) { user='rod', password='koala' ->
- loginForm.username = user
- loginForm.password = password
- submit.click()
- }
- loginForm { $('form') }
- submit { $('input', type: 'submit') }
- }
+ static url = 'login'
+ static at = { assert driver.title == 'Login'; true}
+ static content = {
+ login(required:false) { user='rod', password='koala' ->
+ loginForm.username = user
+ loginForm.password = password
+ submit.click()
+ }
+ loginForm { $('form') }
+ submit { $('input', type: 'submit') }
+ }
}
\ No newline at end of file
diff --git a/samples/data-jc/build.gradle b/samples/data-jc/build.gradle
index 5cc491faab..2d4609c873 100644
--- a/samples/data-jc/build.gradle
+++ b/samples/data-jc/build.gradle
@@ -1,10 +1,10 @@
dependencies {
- compile project(':spring-security-data'),
- project(':spring-security-config'),
- "org.springframework.data:spring-data-jpa:$springDataJpaVersion",
- "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.0.Final",
- 'org.hibernate:hibernate-entitymanager:3.6.10.Final',
- "org.hsqldb:hsqldb:$hsqlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final"
+ compile project(':spring-security-data'),
+ project(':spring-security-config'),
+ "org.springframework.data:spring-data-jpa:$springDataJpaVersion",
+ "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.0.Final",
+ 'org.hibernate:hibernate-entitymanager:3.6.10.Final',
+ "org.hsqldb:hsqldb:$hsqlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final"
}
\ No newline at end of file
diff --git a/samples/dms-xml/dms.gradle b/samples/dms-xml/dms.gradle
index fa332974f9..df1a81e69d 100644
--- a/samples/dms-xml/dms.gradle
+++ b/samples/dms-xml/dms.gradle
@@ -1,16 +1,16 @@
dependencies {
- compile project(':spring-security-core'),
- project(':spring-security-acl'),
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-tx:$springVersion",
- "org.springframework:spring-jdbc:$springVersion"
+ compile project(':spring-security-core'),
+ project(':spring-security-acl'),
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-tx:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion"
- testCompile "org.springframework:spring-context:$springVersion"
+ testCompile "org.springframework:spring-context:$springVersion"
- runtime project(':spring-security-config'),
- "org.hsqldb:hsqldb:$hsqlVersion",
- "org.springframework:spring-context-support:$springVersion"
+ runtime project(':spring-security-config'),
+ "org.hsqldb:hsqldb:$hsqlVersion",
+ "org.springframework:spring-context-support:$springVersion"
- optional "net.sf.ehcache:ehcache:$ehcacheVersion"
+ optional "net.sf.ehcache:ehcache:$ehcacheVersion"
}
diff --git a/samples/form-jc/build.gradle b/samples/form-jc/build.gradle
index 61f4dc3573..d9fa6c6010 100644
--- a/samples/form-jc/build.gradle
+++ b/samples/form-jc/build.gradle
@@ -2,26 +2,26 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile project(":spring-security-config"),
- project(":spring-security-samples-messages-jc"),
- project(":spring-security-core"),
- project(":spring-security-web"),
- "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.slf4j:slf4j-api:$slf4jVersion",
- "org.slf4j:log4j-over-slf4j:$slf4jVersion",
- "org.slf4j:jul-to-slf4j:$slf4jVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final"
+ compile project(":spring-security-config"),
+ project(":spring-security-samples-messages-jc"),
+ project(":spring-security-core"),
+ project(":spring-security-web"),
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.slf4j:slf4j-api:$slf4jVersion",
+ "org.slf4j:log4j-over-slf4j:$slf4jVersion",
+ "org.slf4j:jul-to-slf4j:$slf4jVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final"
- runtime "opensymphony:sitemesh:2.4.2",
- "cglib:cglib-nodep:$cglibVersion",
- 'ch.qos.logback:logback-classic:0.9.30'
+ runtime "opensymphony:sitemesh:2.4.2",
+ "cglib:cglib-nodep:$cglibVersion",
+ 'ch.qos.logback:logback-classic:0.9.30'
- integrationTestCompile gebDependencies
+ integrationTestCompile gebDependencies
}
\ No newline at end of file
diff --git a/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/FormJcTests.groovy b/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/FormJcTests.groovy
index 85bc256e72..7ba86e8dff 100644
--- a/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/FormJcTests.groovy
+++ b/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/FormJcTests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -27,30 +27,30 @@ import org.springframework.security.samples.pages.*
*/
@Stepwise
class FormJcTests extends GebReportingSpec {
- def 'access home page with unauthenticated user sends to login page'() {
- when: 'Unauthenticated user accesses the Home Page'
- via HomePage
- then: 'The login page is displayed'
- at LoginPage
- }
+ def 'access home page with unauthenticated user sends to login page'() {
+ when: 'Unauthenticated user accesses the Home Page'
+ via HomePage
+ then: 'The login page is displayed'
+ at LoginPage
+ }
- def 'authenticated user is sent to original page'() {
- when: 'user authenticates'
- login()
- then: 'The home page is displayed'
- at HomePage
- and: 'The username is displayed'
- user == 'user'
- }
+ def 'authenticated user is sent to original page'() {
+ when: 'user authenticates'
+ login()
+ then: 'The home page is displayed'
+ at HomePage
+ and: 'The username is displayed'
+ user == 'user'
+ }
- def 'authenticated user logs out'() {
- when: 'user logs out'
- logout()
- then: 'the login page is displayed'
- at LoginPage
- when: 'Unauthenticated user accesses the Home Page'
- via HomePage
- then: 'The login page is displayed'
- at LoginPage
- }
+ def 'authenticated user logs out'() {
+ when: 'user logs out'
+ logout()
+ then: 'the login page is displayed'
+ at LoginPage
+ when: 'Unauthenticated user accesses the Home Page'
+ via HomePage
+ then: 'The login page is displayed'
+ at LoginPage
+ }
}
\ No newline at end of file
diff --git a/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
index 25ce258a34..da92e8020e 100644
--- a/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
+++ b/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,10 +23,10 @@ import geb.*
* @author Rob Winch
*/
class HomePage extends Page {
- static url = ''
- static at = { assert driver.title == 'Messages : View All'; true}
- static content = {
- user { $('p.navbar-text').text() }
- logout { $('input', type: 'submit').click() }
- }
+ static url = ''
+ static at = { assert driver.title == 'Messages : View All'; true}
+ static content = {
+ user { $('p.navbar-text').text() }
+ logout { $('input', type: 'submit').click() }
+ }
}
\ No newline at end of file
diff --git a/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy b/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
index 2c23499763..4cb8562b31 100644
--- a/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
+++ b/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,15 +23,15 @@ import geb.*
* @author Rob Winch
*/
class LoginPage extends Page {
- static url = 'login'
- static at = { assert driver.title == 'Please Login'; true}
- static content = {
- login(required:false) { user='user', password='password' ->
- loginForm.username = user
- loginForm.password = password
- submit.click()
- }
- loginForm { $('form') }
- submit { $('button', type: 'submit') }
- }
+ static url = 'login'
+ static at = { assert driver.title == 'Please Login'; true}
+ static content = {
+ login(required:false) { user='user', password='password' ->
+ loginForm.username = user
+ loginForm.password = password
+ submit.click()
+ }
+ loginForm { $('form') }
+ submit { $('button', type: 'submit') }
+ }
}
\ No newline at end of file
diff --git a/samples/gae-xml/gae.gradle b/samples/gae-xml/gae.gradle
index e2d80eb3a3..2f078b06fc 100644
--- a/samples/gae-xml/gae.gradle
+++ b/samples/gae-xml/gae.gradle
@@ -5,43 +5,43 @@ apply plugin: 'gae'
def gaeVersion="1.4.2"
repositories {
- maven {
- // Hibernate Validator
- name = 'JBoss'
- url = 'https://repository.jboss.org/nexus/content/repositories/releases'
- }
- maven {
- // GAE Jars
- name = 'GAE'
- url = 'http://maven-gae-plugin.googlecode.com/svn/repository'
- }
+ maven {
+ // Hibernate Validator
+ name = 'JBoss'
+ url = 'https://repository.jboss.org/nexus/content/repositories/releases'
+ }
+ maven {
+ // GAE Jars
+ name = 'GAE'
+ url = 'http://maven-gae-plugin.googlecode.com/svn/repository'
+ }
}
// Remove logback as it causes security issues with GAE.
configurations.runtime.exclude(group: 'ch.qos.logback')
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
+ providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
- compile project(':spring-security-core'),
- project(':spring-security-web'),
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-web:$springVersion",
- "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-context-support:$springVersion",
- "com.google.appengine:appengine-api-1.0-sdk:$gaeVersion",
- 'javax.validation:validation-api:1.0.0.GA',
- 'org.hibernate:hibernate-validator:4.2.0.Final',
- "org.slf4j:slf4j-api:$slf4jVersion"
+ compile project(':spring-security-core'),
+ project(':spring-security-web'),
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-web:$springVersion",
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-context-support:$springVersion",
+ "com.google.appengine:appengine-api-1.0-sdk:$gaeVersion",
+ 'javax.validation:validation-api:1.0.0.GA',
+ 'org.hibernate:hibernate-validator:4.2.0.Final',
+ "org.slf4j:slf4j-api:$slf4jVersion"
- runtime project(':spring-security-config'),
- project(':spring-security-taglibs'),
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "org.slf4j:slf4j-jdk14:$slf4jVersion"
- testCompile "com.google.appengine:appengine-testing:$gaeVersion"
+ runtime project(':spring-security-config'),
+ project(':spring-security-taglibs'),
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "org.slf4j:slf4j-jdk14:$slf4jVersion"
+ testCompile "com.google.appengine:appengine-testing:$gaeVersion"
- testRuntime "com.google.appengine:appengine-api-labs:$gaeVersion",
- "com.google.appengine:appengine-api-stubs:$gaeVersion"
+ testRuntime "com.google.appengine:appengine-api-labs:$gaeVersion",
+ "com.google.appengine:appengine-api-stubs:$gaeVersion"
}
diff --git a/samples/hellojs-jc/build.gradle b/samples/hellojs-jc/build.gradle
index 29b08fd927..d5d69a2134 100644
--- a/samples/hellojs-jc/build.gradle
+++ b/samples/hellojs-jc/build.gradle
@@ -2,25 +2,25 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile project(":spring-security-config"),
- project(":spring-security-samples-messages-jc"),
- project(":spring-security-core"),
- project(":spring-security-web"),
- "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.slf4j:slf4j-api:$slf4jVersion",
- "org.slf4j:log4j-over-slf4j:$slf4jVersion",
- "org.slf4j:jul-to-slf4j:$slf4jVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final",
- "com.fasterxml.jackson.core:jackson-databind:2.2.1"
+ compile project(":spring-security-config"),
+ project(":spring-security-samples-messages-jc"),
+ project(":spring-security-core"),
+ project(":spring-security-web"),
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.slf4j:slf4j-api:$slf4jVersion",
+ "org.slf4j:log4j-over-slf4j:$slf4jVersion",
+ "org.slf4j:jul-to-slf4j:$slf4jVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final",
+ "com.fasterxml.jackson.core:jackson-databind:2.2.1"
- runtime "opensymphony:sitemesh:2.4.2",
- "cglib:cglib-nodep:$cglibVersion",
- 'ch.qos.logback:logback-classic:0.9.30'
+ runtime "opensymphony:sitemesh:2.4.2",
+ "cglib:cglib-nodep:$cglibVersion",
+ 'ch.qos.logback:logback-classic:0.9.30'
}
\ No newline at end of file
diff --git a/samples/hellomvc-jc/build.gradle b/samples/hellomvc-jc/build.gradle
index dc56895165..915d79260b 100644
--- a/samples/hellomvc-jc/build.gradle
+++ b/samples/hellomvc-jc/build.gradle
@@ -2,26 +2,26 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile project(":spring-security-config"),
- project(":spring-security-samples-messages-jc"),
- project(":spring-security-core"),
- project(":spring-security-web"),
- "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.slf4j:slf4j-api:$slf4jVersion",
- "org.slf4j:log4j-over-slf4j:$slf4jVersion",
- "org.slf4j:jul-to-slf4j:$slf4jVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final"
+ compile project(":spring-security-config"),
+ project(":spring-security-samples-messages-jc"),
+ project(":spring-security-core"),
+ project(":spring-security-web"),
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.slf4j:slf4j-api:$slf4jVersion",
+ "org.slf4j:log4j-over-slf4j:$slf4jVersion",
+ "org.slf4j:jul-to-slf4j:$slf4jVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final"
- runtime "opensymphony:sitemesh:2.4.2",
- "cglib:cglib-nodep:$cglibVersion",
- 'ch.qos.logback:logback-classic:0.9.30'
+ runtime "opensymphony:sitemesh:2.4.2",
+ "cglib:cglib-nodep:$cglibVersion",
+ 'ch.qos.logback:logback-classic:0.9.30'
- testCompile project(":spring-security-test")
+ testCompile project(":spring-security-test")
}
\ No newline at end of file
diff --git a/samples/helloworld-jc/build.gradle b/samples/helloworld-jc/build.gradle
index 0efd980377..8b401bbd5c 100644
--- a/samples/helloworld-jc/build.gradle
+++ b/samples/helloworld-jc/build.gradle
@@ -2,15 +2,15 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile project(":spring-security-config"),
- project(":spring-security-web"),
- jstlDependencies,
- "org.slf4j:jcl-over-slf4j:$slf4jVersion"
+ compile project(":spring-security-config"),
+ project(":spring-security-web"),
+ jstlDependencies,
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion"
- runtime "ch.qos.logback:logback-classic:$logbackVersion"
+ runtime "ch.qos.logback:logback-classic:$logbackVersion"
- integrationTestCompile gebDependencies
+ integrationTestCompile gebDependencies
}
\ No newline at end of file
diff --git a/samples/helloworld-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/helloworld-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
index 83e1128cfd..9168ceb0e0 100644
--- a/samples/helloworld-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
+++ b/samples/helloworld-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,10 +23,10 @@ import geb.*
* @author Rob Winch
*/
class HomePage extends Page {
- static url = ''
- static at = { assert driver.title == 'Hello Security'; true}
- static content = {
- message { $('p').text() }
- logout { $('input', type: 'submit').click() }
- }
+ static url = ''
+ static at = { assert driver.title == 'Hello Security'; true}
+ static content = {
+ message { $('p').text() }
+ logout { $('input', type: 'submit').click() }
+ }
}
\ No newline at end of file
diff --git a/samples/helloworld-xml/build.gradle b/samples/helloworld-xml/build.gradle
index 0efd980377..8b401bbd5c 100644
--- a/samples/helloworld-xml/build.gradle
+++ b/samples/helloworld-xml/build.gradle
@@ -2,15 +2,15 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile project(":spring-security-config"),
- project(":spring-security-web"),
- jstlDependencies,
- "org.slf4j:jcl-over-slf4j:$slf4jVersion"
+ compile project(":spring-security-config"),
+ project(":spring-security-web"),
+ jstlDependencies,
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion"
- runtime "ch.qos.logback:logback-classic:$logbackVersion"
+ runtime "ch.qos.logback:logback-classic:$logbackVersion"
- integrationTestCompile gebDependencies
+ integrationTestCompile gebDependencies
}
\ No newline at end of file
diff --git a/samples/inmemory-jc/build.gradle b/samples/inmemory-jc/build.gradle
index dc56895165..915d79260b 100644
--- a/samples/inmemory-jc/build.gradle
+++ b/samples/inmemory-jc/build.gradle
@@ -2,26 +2,26 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile project(":spring-security-config"),
- project(":spring-security-samples-messages-jc"),
- project(":spring-security-core"),
- project(":spring-security-web"),
- "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.slf4j:slf4j-api:$slf4jVersion",
- "org.slf4j:log4j-over-slf4j:$slf4jVersion",
- "org.slf4j:jul-to-slf4j:$slf4jVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final"
+ compile project(":spring-security-config"),
+ project(":spring-security-samples-messages-jc"),
+ project(":spring-security-core"),
+ project(":spring-security-web"),
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.slf4j:slf4j-api:$slf4jVersion",
+ "org.slf4j:log4j-over-slf4j:$slf4jVersion",
+ "org.slf4j:jul-to-slf4j:$slf4jVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final"
- runtime "opensymphony:sitemesh:2.4.2",
- "cglib:cglib-nodep:$cglibVersion",
- 'ch.qos.logback:logback-classic:0.9.30'
+ runtime "opensymphony:sitemesh:2.4.2",
+ "cglib:cglib-nodep:$cglibVersion",
+ 'ch.qos.logback:logback-classic:0.9.30'
- testCompile project(":spring-security-test")
+ testCompile project(":spring-security-test")
}
\ No newline at end of file
diff --git a/samples/insecure/build.gradle b/samples/insecure/build.gradle
index 7205393555..073d7aabb2 100644
--- a/samples/insecure/build.gradle
+++ b/samples/insecure/build.gradle
@@ -2,13 +2,13 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile jstlDependencies,
- "org.slf4j:jcl-over-slf4j:$slf4jVersion"
+ compile jstlDependencies,
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion"
- runtime "ch.qos.logback:logback-classic:$logbackVersion"
+ runtime "ch.qos.logback:logback-classic:$logbackVersion"
- integrationTestCompile gebDependencies
+ integrationTestCompile gebDependencies
}
\ No newline at end of file
diff --git a/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/HelloInsecureTests.groovy b/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/HelloInsecureTests.groovy
index b7d8537e97..27ed3a9105 100644
--- a/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/HelloInsecureTests.groovy
+++ b/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/HelloInsecureTests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -26,12 +26,12 @@ import org.springframework.security.samples.pages.*
*/
@Stepwise
class HelloInsecureTests extends GebReportingSpec {
- def 'The HomePage is accessible'() {
- when: 'Unauthenticated user accesses the Home Page'
- to HomePage
- then: 'The HomePage is displayed'
- at HomePage
- and: 'We can see the message'
- message == 'We would like to secure this page'
- }
+ def 'The HomePage is accessible'() {
+ when: 'Unauthenticated user accesses the Home Page'
+ to HomePage
+ then: 'The HomePage is displayed'
+ at HomePage
+ and: 'We can see the message'
+ message == 'We would like to secure this page'
+ }
}
\ No newline at end of file
diff --git a/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
index 345fe74e1e..5f034d1319 100644
--- a/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
+++ b/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,9 +23,9 @@ import geb.*
* @author Rob Winch
*/
class HomePage extends Page {
- static url = ''
- static at = { assert driver.title == 'Hello World'; true}
- static content = {
- message { $('p').text() }
- }
+ static url = ''
+ static at = { assert driver.title == 'Hello World'; true}
+ static content = {
+ message { $('p').text() }
+ }
}
\ No newline at end of file
diff --git a/samples/insecuremvc/build.gradle b/samples/insecuremvc/build.gradle
index 61ce64787c..668b1502aa 100644
--- a/samples/insecuremvc/build.gradle
+++ b/samples/insecuremvc/build.gradle
@@ -2,21 +2,21 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile project(":spring-security-samples-messages-jc"),
- "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.slf4j:slf4j-api:$slf4jVersion",
- "org.slf4j:log4j-over-slf4j:$slf4jVersion",
- "org.slf4j:jul-to-slf4j:$slf4jVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final"
+ compile project(":spring-security-samples-messages-jc"),
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.slf4j:slf4j-api:$slf4jVersion",
+ "org.slf4j:log4j-over-slf4j:$slf4jVersion",
+ "org.slf4j:jul-to-slf4j:$slf4jVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final"
- runtime "opensymphony:sitemesh:2.4.2",
- "cglib:cglib-nodep:$cglibVersion",
- 'ch.qos.logback:logback-classic:0.9.30'
+ runtime "opensymphony:sitemesh:2.4.2",
+ "cglib:cglib-nodep:$cglibVersion",
+ 'ch.qos.logback:logback-classic:0.9.30'
}
\ No newline at end of file
diff --git a/samples/jaas-xml/jaas.gradle b/samples/jaas-xml/jaas.gradle
index f51474c6a2..d786a22779 100644
--- a/samples/jaas-xml/jaas.gradle
+++ b/samples/jaas-xml/jaas.gradle
@@ -4,28 +4,28 @@ apply from: WAR_SAMPLE_GRADLE
def excludeModules = ['spring-security-acl', 'jsr250-api', 'ehcache', 'spring-jdbc', 'spring-tx']
configurations {
- excludeModules.each {name ->
- runtime.exclude module: name
- }
+ excludeModules.each {name ->
+ runtime.exclude module: name
+ }
- runtime.exclude group: 'org.aspectj'
+ runtime.exclude group: 'org.aspectj'
}
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
+ providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
- compile project(':spring-security-core'),
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-web:$springVersion"
+ compile project(':spring-security-core'),
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-web:$springVersion"
- runtime project(':spring-security-web'),
- project(':spring-security-config'),
- project(':spring-security-taglibs'),
- "org.springframework:spring-context-support:$springVersion",
- jstlDependencies,
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "ch.qos.logback:logback-classic:$logbackVersion"
+ runtime project(':spring-security-web'),
+ project(':spring-security-config'),
+ project(':spring-security-taglibs'),
+ "org.springframework:spring-context-support:$springVersion",
+ jstlDependencies,
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "ch.qos.logback:logback-classic:$logbackVersion"
- integrationTestCompile gebDependencies
+ integrationTestCompile gebDependencies
}
\ No newline at end of file
diff --git a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/JaasXmlTests.groovy b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/JaasXmlTests.groovy
index 50f34f5d71..1b92a7bbf8 100644
--- a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/JaasXmlTests.groovy
+++ b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/JaasXmlTests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -27,35 +27,35 @@ import org.springframework.security.samples.pages.*
*/
@Stepwise
class JaasXmlTests extends GebReportingSpec {
- def 'access home page with unauthenticated works'() {
- when: 'Unauthenticated user accesses the Home Page'
- to HomePage
- then: 'The home page is displayed'
- at HomePage
- }
+ def 'access home page with unauthenticated works'() {
+ when: 'Unauthenticated user accesses the Home Page'
+ to HomePage
+ then: 'The home page is displayed'
+ at HomePage
+ }
- def 'access secure page with unauthenticated requires login'() {
- when: 'Unauthenticated user accesses the Secure Page'
- securePage LoginPage
- then: 'The login page is displayed'
- at LoginPage
- }
+ def 'access secure page with unauthenticated requires login'() {
+ when: 'Unauthenticated user accesses the Secure Page'
+ securePage LoginPage
+ then: 'The login page is displayed'
+ at LoginPage
+ }
- def 'authenticated user is sent to original page'() {
- when: 'user authenticates'
- login()
- then: 'The secure page is displayed'
- at SecurePage
- }
+ def 'authenticated user is sent to original page'() {
+ when: 'user authenticates'
+ login()
+ then: 'The secure page is displayed'
+ at SecurePage
+ }
- def 'authenticated user logs out'() {
- when: 'user logs out'
- logout()
- then: 'the default logout success page is displayed'
- at LogoutPage
- when: 'Unauthenticated user accesses the Secure Page'
- via SecurePage
- then: 'The login page is displayed'
- at LoginPage
- }
+ def 'authenticated user logs out'() {
+ when: 'user logs out'
+ logout()
+ then: 'the default logout success page is displayed'
+ at LogoutPage
+ when: 'Unauthenticated user accesses the Secure Page'
+ via SecurePage
+ then: 'The login page is displayed'
+ at LoginPage
+ }
}
\ No newline at end of file
diff --git a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
index 6d238ed69f..a6411d6fb8 100644
--- a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
+++ b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,9 +23,9 @@ import geb.*
* @author Rob Winch
*/
class HomePage extends Page {
- static url = ''
- static at = { assert driver.title == 'Home Page'; true}
- static content = {
- securePage(to: [SecurePage,LoginPage]) { $('a').click() }
- }
+ static url = ''
+ static at = { assert driver.title == 'Home Page'; true}
+ static content = {
+ securePage(to: [SecurePage,LoginPage]) { $('a').click() }
+ }
}
\ No newline at end of file
diff --git a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
index 82f146b3fe..a448b34ddd 100644
--- a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
+++ b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,15 +23,15 @@ import geb.*
* @author Rob Winch
*/
class LoginPage extends Page {
- static url = 'login'
- static at = { assert driver.title == 'Login Page'; true}
- static content = {
- login(required:false) { user='user', password='user' ->
- loginForm.username = user
- loginForm.password = password
- submit.click()
- }
- loginForm { $('form') }
- submit { $('input', type: 'submit') }
- }
+ static url = 'login'
+ static at = { assert driver.title == 'Login Page'; true}
+ static content = {
+ login(required:false) { user='user', password='user' ->
+ loginForm.username = user
+ loginForm.password = password
+ submit.click()
+ }
+ loginForm { $('form') }
+ submit { $('input', type: 'submit') }
+ }
}
\ No newline at end of file
diff --git a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy
index 81b6264824..eb15b51d11 100644
--- a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy
+++ b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,6 +23,6 @@ import geb.Page
* @author Rob Winch
*/
class LogoutPage extends LoginPage {
- static url = 'login'
- static at = { assert driver.title == 'Login Page' && $('p').text() == 'You have been logged out'; true}
+ static url = 'login'
+ static at = { assert driver.title == 'Login Page' && $('p').text() == 'You have been logged out'; true}
}
\ No newline at end of file
diff --git a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy
index 30d4b358e6..fdab6febc6 100644
--- a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy
+++ b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,10 +23,10 @@ import geb.Page
* @author Rob Winch
*/
class SecurePage extends Page {
- static url = 'secure/'
- static at = { assert driver.title == 'Security Debug Information'; true}
- static content = {
- message { $('p').text() }
- logout { $('input', type: 'submit').click() }
- }
+ static url = 'secure/'
+ static at = { assert driver.title == 'Security Debug Information'; true}
+ static content = {
+ message { $('p').text() }
+ logout { $('input', type: 'submit').click() }
+ }
}
\ No newline at end of file
diff --git a/samples/jdbc-jc/build.gradle b/samples/jdbc-jc/build.gradle
index 61f4dc3573..d9fa6c6010 100644
--- a/samples/jdbc-jc/build.gradle
+++ b/samples/jdbc-jc/build.gradle
@@ -2,26 +2,26 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile project(":spring-security-config"),
- project(":spring-security-samples-messages-jc"),
- project(":spring-security-core"),
- project(":spring-security-web"),
- "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.slf4j:slf4j-api:$slf4jVersion",
- "org.slf4j:log4j-over-slf4j:$slf4jVersion",
- "org.slf4j:jul-to-slf4j:$slf4jVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final"
+ compile project(":spring-security-config"),
+ project(":spring-security-samples-messages-jc"),
+ project(":spring-security-core"),
+ project(":spring-security-web"),
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.slf4j:slf4j-api:$slf4jVersion",
+ "org.slf4j:log4j-over-slf4j:$slf4jVersion",
+ "org.slf4j:jul-to-slf4j:$slf4jVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final"
- runtime "opensymphony:sitemesh:2.4.2",
- "cglib:cglib-nodep:$cglibVersion",
- 'ch.qos.logback:logback-classic:0.9.30'
+ runtime "opensymphony:sitemesh:2.4.2",
+ "cglib:cglib-nodep:$cglibVersion",
+ 'ch.qos.logback:logback-classic:0.9.30'
- integrationTestCompile gebDependencies
+ integrationTestCompile gebDependencies
}
\ No newline at end of file
diff --git a/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/JdbcJcTests.groovy b/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/JdbcJcTests.groovy
index eb5cf0e0fb..02269b00ee 100644
--- a/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/JdbcJcTests.groovy
+++ b/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/JdbcJcTests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -27,30 +27,30 @@ import org.springframework.security.samples.pages.*
*/
@Stepwise
class JdbcJcTests extends GebReportingSpec {
- def 'access home page with unauthenticated user sends to login page'() {
- when: 'Unauthenticated user accesses the Home Page'
- via HomePage
- then: 'The login page is displayed'
- at LoginPage
- }
+ def 'access home page with unauthenticated user sends to login page'() {
+ when: 'Unauthenticated user accesses the Home Page'
+ via HomePage
+ then: 'The login page is displayed'
+ at LoginPage
+ }
- def 'authenticated user is sent to original page'() {
- when: 'user authenticates'
- login()
- then: 'The home page is displayed'
- at HomePage
- and: 'The username is displayed'
- user == 'user'
- }
+ def 'authenticated user is sent to original page'() {
+ when: 'user authenticates'
+ login()
+ then: 'The home page is displayed'
+ at HomePage
+ and: 'The username is displayed'
+ user == 'user'
+ }
- def 'authenticated user logs out'() {
- when: 'user logs out'
- logout()
- then: 'the login page is displayed'
- at LoginPage
- when: 'Unauthenticated user accesses the Home Page'
- via HomePage
- then: 'The login page is displayed'
- at LoginPage
- }
+ def 'authenticated user logs out'() {
+ when: 'user logs out'
+ logout()
+ then: 'the login page is displayed'
+ at LoginPage
+ when: 'Unauthenticated user accesses the Home Page'
+ via HomePage
+ then: 'The login page is displayed'
+ at LoginPage
+ }
}
\ No newline at end of file
diff --git a/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
index 25ce258a34..da92e8020e 100644
--- a/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
+++ b/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,10 +23,10 @@ import geb.*
* @author Rob Winch
*/
class HomePage extends Page {
- static url = ''
- static at = { assert driver.title == 'Messages : View All'; true}
- static content = {
- user { $('p.navbar-text').text() }
- logout { $('input', type: 'submit').click() }
- }
+ static url = ''
+ static at = { assert driver.title == 'Messages : View All'; true}
+ static content = {
+ user { $('p.navbar-text').text() }
+ logout { $('input', type: 'submit').click() }
+ }
}
\ No newline at end of file
diff --git a/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy b/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
index b2a553064b..41486d5085 100644
--- a/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
+++ b/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,15 +23,15 @@ import geb.*
* @author Rob Winch
*/
class LoginPage extends Page {
- static url = 'login'
- static at = { assert driver.title == 'Login Page'; true}
- static content = {
- login(required:false) { user='user', password='password' ->
- loginForm.username = user
- loginForm.password = password
- submit.click()
- }
- loginForm { $('form') }
- submit { $('input', type: 'submit') }
- }
+ static url = 'login'
+ static at = { assert driver.title == 'Login Page'; true}
+ static content = {
+ login(required:false) { user='user', password='password' ->
+ loginForm.username = user
+ loginForm.password = password
+ submit.click()
+ }
+ loginForm { $('form') }
+ submit { $('input', type: 'submit') }
+ }
}
\ No newline at end of file
diff --git a/samples/ldap-jc/build.gradle b/samples/ldap-jc/build.gradle
index 2e2880a9b8..fd696eb600 100644
--- a/samples/ldap-jc/build.gradle
+++ b/samples/ldap-jc/build.gradle
@@ -2,28 +2,28 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile project(":spring-security-ldap"),
- apachedsDependencies,
- project(":spring-security-config"),
- project(":spring-security-samples-messages-jc"),
- project(":spring-security-core"),
- project(":spring-security-web"),
- "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.slf4j:slf4j-api:$slf4jVersion",
- "org.slf4j:log4j-over-slf4j:$slf4jVersion",
- "org.slf4j:jul-to-slf4j:$slf4jVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final"
+ compile project(":spring-security-ldap"),
+ apachedsDependencies,
+ project(":spring-security-config"),
+ project(":spring-security-samples-messages-jc"),
+ project(":spring-security-core"),
+ project(":spring-security-web"),
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.slf4j:slf4j-api:$slf4jVersion",
+ "org.slf4j:log4j-over-slf4j:$slf4jVersion",
+ "org.slf4j:jul-to-slf4j:$slf4jVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final"
- runtime "opensymphony:sitemesh:2.4.2",
- "cglib:cglib-nodep:$cglibVersion",
- 'ch.qos.logback:logback-classic:0.9.30'
+ runtime "opensymphony:sitemesh:2.4.2",
+ "cglib:cglib-nodep:$cglibVersion",
+ 'ch.qos.logback:logback-classic:0.9.30'
- integrationTestCompile gebDependencies
+ integrationTestCompile gebDependencies
}
\ No newline at end of file
diff --git a/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/LdapJcTests.groovy b/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/LdapJcTests.groovy
index 09b8907923..ca868df254 100644
--- a/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/LdapJcTests.groovy
+++ b/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/LdapJcTests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -27,30 +27,30 @@ import org.springframework.security.samples.pages.*
*/
@Stepwise
class LdapJcTests extends GebReportingSpec {
- def 'access home page with unauthenticated user sends to login page'() {
- when: 'Unauthenticated user accesses the Home Page'
- via HomePage
- then: 'The login page is displayed'
- at LoginPage
- }
+ def 'access home page with unauthenticated user sends to login page'() {
+ when: 'Unauthenticated user accesses the Home Page'
+ via HomePage
+ then: 'The login page is displayed'
+ at LoginPage
+ }
- def 'authenticated user is sent to original page'() {
- when: 'user authenticates'
- login()
- then: 'The home page is displayed'
- at HomePage
- and: 'The username is displayed'
- user == 'user'
- }
+ def 'authenticated user is sent to original page'() {
+ when: 'user authenticates'
+ login()
+ then: 'The home page is displayed'
+ at HomePage
+ and: 'The username is displayed'
+ user == 'user'
+ }
- def 'authenticated user logs out'() {
- when: 'user logs out'
- logout()
- then: 'the login page is displayed'
- at LoginPage
- when: 'Unauthenticated user accesses the Home Page'
- via HomePage
- then: 'The login page is displayed'
- at LoginPage
- }
+ def 'authenticated user logs out'() {
+ when: 'user logs out'
+ logout()
+ then: 'the login page is displayed'
+ at LoginPage
+ when: 'Unauthenticated user accesses the Home Page'
+ via HomePage
+ then: 'The login page is displayed'
+ at LoginPage
+ }
}
\ No newline at end of file
diff --git a/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
index 25ce258a34..da92e8020e 100644
--- a/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
+++ b/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,10 +23,10 @@ import geb.*
* @author Rob Winch
*/
class HomePage extends Page {
- static url = ''
- static at = { assert driver.title == 'Messages : View All'; true}
- static content = {
- user { $('p.navbar-text').text() }
- logout { $('input', type: 'submit').click() }
- }
+ static url = ''
+ static at = { assert driver.title == 'Messages : View All'; true}
+ static content = {
+ user { $('p.navbar-text').text() }
+ logout { $('input', type: 'submit').click() }
+ }
}
\ No newline at end of file
diff --git a/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy b/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
index b2a553064b..41486d5085 100644
--- a/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
+++ b/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,15 +23,15 @@ import geb.*
* @author Rob Winch
*/
class LoginPage extends Page {
- static url = 'login'
- static at = { assert driver.title == 'Login Page'; true}
- static content = {
- login(required:false) { user='user', password='password' ->
- loginForm.username = user
- loginForm.password = password
- submit.click()
- }
- loginForm { $('form') }
- submit { $('input', type: 'submit') }
- }
+ static url = 'login'
+ static at = { assert driver.title == 'Login Page'; true}
+ static content = {
+ login(required:false) { user='user', password='password' ->
+ loginForm.username = user
+ loginForm.password = password
+ submit.click()
+ }
+ loginForm { $('form') }
+ submit { $('input', type: 'submit') }
+ }
}
\ No newline at end of file
diff --git a/samples/ldap-xml/ldap.gradle b/samples/ldap-xml/ldap.gradle
index ac62c14041..9c3bd22576 100644
--- a/samples/ldap-xml/ldap.gradle
+++ b/samples/ldap-xml/ldap.gradle
@@ -4,23 +4,23 @@ apply from: WAR_SAMPLE_GRADLE
def excludeModules = ['spring-security-acl', 'jsr250-api', 'ehcache', 'spring-jdbc', 'ldapsdk']
configurations {
- excludeModules.each {name ->
- runtime.exclude module: name
- }
+ excludeModules.each {name ->
+ runtime.exclude module: name
+ }
- runtime.exclude group: 'org.aspectj'
+ runtime.exclude group: 'org.aspectj'
}
dependencies {
- compile project(':spring-security-taglibs'),
- jstlDependencies
+ compile project(':spring-security-taglibs'),
+ jstlDependencies
- runtime project(':spring-security-web'),
- project(':spring-security-config'),
- project(':spring-security-ldap'),
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "ch.qos.logback:logback-classic:$logbackVersion",
- apachedsDependencies
+ runtime project(':spring-security-web'),
+ project(':spring-security-config'),
+ project(':spring-security-ldap'),
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "ch.qos.logback:logback-classic:$logbackVersion",
+ apachedsDependencies
- integrationTestCompile gebDependencies
+ integrationTestCompile gebDependencies
}
\ No newline at end of file
diff --git a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/LdapXmlTests.groovy b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/LdapXmlTests.groovy
index dfe51b9e94..80bee7f293 100644
--- a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/LdapXmlTests.groovy
+++ b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/LdapXmlTests.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -26,35 +26,35 @@ import org.springframework.security.samples.pages.*
*/
@Stepwise
class LdapXmlTests extends GebReportingSpec {
- def 'access home page with unauthenticated user success'() {
- when: 'Unauthenticated user accesses the Home Page'
- to HomePage
- then: 'The page is displayed'
- at HomePage
- }
+ def 'access home page with unauthenticated user success'() {
+ when: 'Unauthenticated user accesses the Home Page'
+ to HomePage
+ then: 'The page is displayed'
+ at HomePage
+ }
- def 'access manage page with unauthenticated user sends to login page'() {
- when: 'Unauthenticated user accesses the Manage Page'
- secure.click(LoginPage)
- then: 'The login page is displayed'
- at LoginPage
- }
+ def 'access manage page with unauthenticated user sends to login page'() {
+ when: 'Unauthenticated user accesses the Manage Page'
+ secure.click(LoginPage)
+ then: 'The login page is displayed'
+ at LoginPage
+ }
- def 'authenticated user is sent to original page'() {
- when: 'user authenticates'
- login()
- then: 'The secure page is displayed'
- at SecurePage
- }
+ def 'authenticated user is sent to original page'() {
+ when: 'user authenticates'
+ login()
+ then: 'The secure page is displayed'
+ at SecurePage
+ }
- def 'authenticated user logs out'() {
- when: 'user logs out'
- logout.click()
- then: 'the default logout success page is displayed'
- at LogoutPage
- when: 'Unauthenticated user accesses the Manage Page'
- via SecurePage
- then: 'The login page is displayed'
- at LoginPage
- }
+ def 'authenticated user logs out'() {
+ when: 'user logs out'
+ logout.click()
+ then: 'the default logout success page is displayed'
+ at LogoutPage
+ when: 'Unauthenticated user accesses the Manage Page'
+ via SecurePage
+ then: 'The login page is displayed'
+ at LoginPage
+ }
}
\ No newline at end of file
diff --git a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
index 622b83af25..0f2be21ffc 100644
--- a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
+++ b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,9 +23,9 @@ import geb.*
* @author Rob Winch
*/
class HomePage extends Page {
- static url = ''
- static at = { assert driver.title == 'Home Page'; true}
- static content = {
- secure(to: [SecurePage,LoginPage]) { $('a', text: 'Secure page') }
- }
+ static url = ''
+ static at = { assert driver.title == 'Home Page'; true}
+ static content = {
+ secure(to: [SecurePage,LoginPage]) { $('a', text: 'Secure page') }
+ }
}
\ No newline at end of file
diff --git a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
index 72a3e8dedb..7223c3a221 100644
--- a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
+++ b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,15 +23,15 @@ import geb.*
* @author Rob Winch
*/
class LoginPage extends Page {
- static url = 'login'
- static at = { assert driver.title == 'Login Page'; true}
- static content = {
- login(required:false) { user='rod', password='koala' ->
- loginForm.username = user
- loginForm.password = password
- submit.click()
- }
- loginForm { $('form') }
- submit { $('input', type: 'submit') }
- }
+ static url = 'login'
+ static at = { assert driver.title == 'Login Page'; true}
+ static content = {
+ login(required:false) { user='rod', password='koala' ->
+ loginForm.username = user
+ loginForm.password = password
+ submit.click()
+ }
+ loginForm { $('form') }
+ submit { $('input', type: 'submit') }
+ }
}
\ No newline at end of file
diff --git a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy
index 10246e55d3..593a6abef7 100644
--- a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy
+++ b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -20,6 +20,6 @@ package org.springframework.security.samples.pages
* @author Rob Winch
*/
class LogoutPage extends LoginPage {
- static url = 'login'
- static at = { assert driver.title == 'Login Page' && $('p').text() == 'You have been logged out'; true}
+ static url = 'login'
+ static at = { assert driver.title == 'Login Page' && $('p').text() == 'You have been logged out'; true}
}
\ No newline at end of file
diff --git a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy
index 315176bf17..17a1aee7d8 100644
--- a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy
+++ b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy
@@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -23,9 +23,9 @@ import geb.*
* @author Rob Winch
*/
class SecurePage extends Page {
- static url = 'secure/'
- static at = { assert driver.title == 'Secure Page'; true}
- static content = {
- logout { $("input[type=submit]", value: "Logoff") }
- }
+ static url = 'secure/'
+ static at = { assert driver.title == 'Secure Page'; true}
+ static content = {
+ logout { $("input[type=submit]", value: "Logoff") }
+ }
}
\ No newline at end of file
diff --git a/samples/messages-jc/build.gradle b/samples/messages-jc/build.gradle
index d8bdd49736..b565eee840 100644
--- a/samples/messages-jc/build.gradle
+++ b/samples/messages-jc/build.gradle
@@ -1,30 +1,30 @@
sonarRunner.skipProject = true
dependencies {
- provided "javax.servlet:javax.servlet-api:3.0.1"
+ provided "javax.servlet:javax.servlet-api:3.0.1"
- compile project(":spring-security-web"),
- project(":spring-security-config"),
- "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.0.Final",
- "org.hsqldb:hsqldb:$hsqlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final",
- "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-orm:$springVersion",
- "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-aop:$springVersion",
- "org.springframework:spring-tx:$springVersion",
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-instrument:$springVersion",
- "org.springframework:spring-core:$springVersion",
- "org.springframework:spring-aspects:$springVersion",
- "org.thymeleaf:thymeleaf-spring4:$thymeleafVersion",
- "org.thymeleaf.extras:thymeleaf-extras-tiles2-spring4:2.1.1.RELEASE"
- compile('org.hibernate:hibernate-entitymanager:3.6.10.Final') {
- exclude group:'javassist', module: 'javassist'
- }
- compile("org.springframework.data:spring-data-jpa:$springDataJpaVersion") {
- exclude group:'org.aspectj', module:'aspectjrt'
- }
+ compile project(":spring-security-web"),
+ project(":spring-security-config"),
+ "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.0.Final",
+ "org.hsqldb:hsqldb:$hsqlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final",
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-orm:$springVersion",
+ "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-aop:$springVersion",
+ "org.springframework:spring-tx:$springVersion",
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-instrument:$springVersion",
+ "org.springframework:spring-core:$springVersion",
+ "org.springframework:spring-aspects:$springVersion",
+ "org.thymeleaf:thymeleaf-spring4:$thymeleafVersion",
+ "org.thymeleaf.extras:thymeleaf-extras-tiles2-spring4:2.1.1.RELEASE"
+ compile('org.hibernate:hibernate-entitymanager:3.6.10.Final') {
+ exclude group:'javassist', module: 'javassist'
+ }
+ compile("org.springframework.data:spring-data-jpa:$springDataJpaVersion") {
+ exclude group:'org.aspectj', module:'aspectjrt'
+ }
}
diff --git a/samples/openid-jc/build.gradle b/samples/openid-jc/build.gradle
index ca297eb37f..a9f84d4d39 100644
--- a/samples/openid-jc/build.gradle
+++ b/samples/openid-jc/build.gradle
@@ -2,26 +2,26 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile project(":spring-security-config"),
- project(":spring-security-openid"),
- project(":spring-security-samples-messages-jc"),
- project(":spring-security-core"),
- project(":spring-security-web"),
- "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.slf4j:slf4j-api:$slf4jVersion",
- "org.slf4j:log4j-over-slf4j:$slf4jVersion",
- "org.slf4j:jul-to-slf4j:$slf4jVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final"
+ compile project(":spring-security-config"),
+ project(":spring-security-openid"),
+ project(":spring-security-samples-messages-jc"),
+ project(":spring-security-core"),
+ project(":spring-security-web"),
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.slf4j:slf4j-api:$slf4jVersion",
+ "org.slf4j:log4j-over-slf4j:$slf4jVersion",
+ "org.slf4j:jul-to-slf4j:$slf4jVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final"
- runtime "opensymphony:sitemesh:2.4.2",
- "cglib:cglib-nodep:$cglibVersion",
- 'ch.qos.logback:logback-classic:0.9.30',
- "net.sourceforge.nekohtml:nekohtml:1.9.10"
+ runtime "opensymphony:sitemesh:2.4.2",
+ "cglib:cglib-nodep:$cglibVersion",
+ 'ch.qos.logback:logback-classic:0.9.30',
+ "net.sourceforge.nekohtml:nekohtml:1.9.10"
}
\ No newline at end of file
diff --git a/samples/openid-xml/openid.gradle b/samples/openid-xml/openid.gradle
index 75073847cf..c924e66edf 100644
--- a/samples/openid-xml/openid.gradle
+++ b/samples/openid-xml/openid.gradle
@@ -4,16 +4,16 @@ apply plugin: 'war'
apply plugin: 'jetty'
dependencies {
- compile project(':spring-security-core'),
- project(':spring-security-openid')
+ compile project(':spring-security-core'),
+ project(':spring-security-openid')
- providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
+ providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
- runtime project(':spring-security-config'),
- project(':spring-security-taglibs'),
- jstlDependencies,
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "ch.qos.logback:logback-classic:$logbackVersion"
+ runtime project(':spring-security-config'),
+ project(':spring-security-taglibs'),
+ jstlDependencies,
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "ch.qos.logback:logback-classic:$logbackVersion"
}
[jettyRun, jettyRunWar]*.contextPath = "/openid"
diff --git a/samples/preauth-jc/build.gradle b/samples/preauth-jc/build.gradle
index 70e3f866d1..1e203e783e 100644
--- a/samples/preauth-jc/build.gradle
+++ b/samples/preauth-jc/build.gradle
@@ -2,24 +2,24 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile project(":spring-security-config"),
- project(":spring-security-samples-messages-jc"),
- project(":spring-security-core"),
- project(":spring-security-web"),
- "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.slf4j:slf4j-api:$slf4jVersion",
- "org.slf4j:log4j-over-slf4j:$slf4jVersion",
- "org.slf4j:jul-to-slf4j:$slf4jVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final"
+ compile project(":spring-security-config"),
+ project(":spring-security-samples-messages-jc"),
+ project(":spring-security-core"),
+ project(":spring-security-web"),
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.slf4j:slf4j-api:$slf4jVersion",
+ "org.slf4j:log4j-over-slf4j:$slf4jVersion",
+ "org.slf4j:jul-to-slf4j:$slf4jVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final"
- runtime "opensymphony:sitemesh:2.4.2",
- "cglib:cglib-nodep:$cglibVersion",
- 'ch.qos.logback:logback-classic:0.9.30'
+ runtime "opensymphony:sitemesh:2.4.2",
+ "cglib:cglib-nodep:$cglibVersion",
+ 'ch.qos.logback:logback-classic:0.9.30'
}
\ No newline at end of file
diff --git a/samples/preauth-xml/preauth.gradle b/samples/preauth-xml/preauth.gradle
index 4f197d2d43..24dcd70dd5 100644
--- a/samples/preauth-xml/preauth.gradle
+++ b/samples/preauth-xml/preauth.gradle
@@ -8,21 +8,21 @@ war.baseName = "sample"
def excludeModules = ['jsr250-api', 'ehcache', 'spring-jdbc', 'spring-tx']
configurations {
- excludeModules.each {name ->
- runtime.exclude module: name
- }
+ excludeModules.each {name ->
+ runtime.exclude module: name
+ }
- runtime.exclude group: 'org.aspectj'
+ runtime.exclude group: 'org.aspectj'
}
dependencies {
- runtime project(':spring-security-web'),
- project(':spring-security-config'),
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "ch.qos.logback:logback-classic:$logbackVersion"
+ runtime project(':spring-security-web'),
+ project(':spring-security-config'),
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "ch.qos.logback:logback-classic:$logbackVersion"
}
jettyRun {
- userRealms = [jettyRun.class.classLoader.loadClass('org.mortbay.jetty.security.HashUserRealm').newInstance('Preauth Realm', "$projectDir/realm.properties")]
+ userRealms = [jettyRun.class.classLoader.loadClass('org.mortbay.jetty.security.HashUserRealm').newInstance('Preauth Realm', "$projectDir/realm.properties")]
}
diff --git a/samples/rememberme-jc/build.gradle b/samples/rememberme-jc/build.gradle
index 70e3f866d1..1e203e783e 100644
--- a/samples/rememberme-jc/build.gradle
+++ b/samples/rememberme-jc/build.gradle
@@ -2,24 +2,24 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile project(":spring-security-config"),
- project(":spring-security-samples-messages-jc"),
- project(":spring-security-core"),
- project(":spring-security-web"),
- "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.slf4j:slf4j-api:$slf4jVersion",
- "org.slf4j:log4j-over-slf4j:$slf4jVersion",
- "org.slf4j:jul-to-slf4j:$slf4jVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final"
+ compile project(":spring-security-config"),
+ project(":spring-security-samples-messages-jc"),
+ project(":spring-security-core"),
+ project(":spring-security-web"),
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.slf4j:slf4j-api:$slf4jVersion",
+ "org.slf4j:log4j-over-slf4j:$slf4jVersion",
+ "org.slf4j:jul-to-slf4j:$slf4jVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final"
- runtime "opensymphony:sitemesh:2.4.2",
- "cglib:cglib-nodep:$cglibVersion",
- 'ch.qos.logback:logback-classic:0.9.30'
+ runtime "opensymphony:sitemesh:2.4.2",
+ "cglib:cglib-nodep:$cglibVersion",
+ 'ch.qos.logback:logback-classic:0.9.30'
}
\ No newline at end of file
diff --git a/samples/servletapi-xml/servletapi.gradle b/samples/servletapi-xml/servletapi.gradle
index d371ae9825..e86f96ac1e 100644
--- a/samples/servletapi-xml/servletapi.gradle
+++ b/samples/servletapi-xml/servletapi.gradle
@@ -5,30 +5,30 @@ apply plugin: 'war'
def excludeModules = ['spring-security-acl', 'jsr250-api', 'ehcache', 'spring-jdbc', 'spring-tx']
configurations {
- excludeModules.each {name ->
- runtime.exclude module: name
- }
+ excludeModules.each {name ->
+ runtime.exclude module: name
+ }
- runtime.exclude group: 'org.aspectj'
+ runtime.exclude group: 'org.aspectj'
}
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
+ providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
- compile project(':spring-security-core'),
- project(':spring-security-web'),
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-web:$springVersion",
- "org.springframework:spring-webmvc:$springVersion"
+ compile project(':spring-security-core'),
+ project(':spring-security-web'),
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-web:$springVersion",
+ "org.springframework:spring-webmvc:$springVersion"
- runtime project(':spring-security-config'),
- project(':spring-security-taglibs'),
- "org.springframework:spring-context-support:$springVersion",
- jstlDependencies,
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "ch.qos.logback:logback-classic:$logbackVersion"
+ runtime project(':spring-security-config'),
+ project(':spring-security-taglibs'),
+ "org.springframework:spring-context-support:$springVersion",
+ jstlDependencies,
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "ch.qos.logback:logback-classic:$logbackVersion"
}
eclipse.wtp.component.contextPath = "servletapi"
diff --git a/samples/tutorial-xml/tutorial.gradle b/samples/tutorial-xml/tutorial.gradle
index ae330b9c79..8f3c64db62 100644
--- a/samples/tutorial-xml/tutorial.gradle
+++ b/samples/tutorial-xml/tutorial.gradle
@@ -8,39 +8,39 @@ war.baseName = "sample"
def excludeModules = ['spring-security-acl', 'jsr250-api', 'ehcache', 'spring-jdbc', 'spring-tx']
configurations {
- excludeModules.each {name ->
- runtime.exclude module: name
- }
+ excludeModules.each {name ->
+ runtime.exclude module: name
+ }
- runtime.exclude group: 'org.aspectj'
+ runtime.exclude group: 'org.aspectj'
}
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
+ providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
- compile project(':spring-security-core'),
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-web:$springVersion",
- "org.springframework:spring-webmvc:$springVersion",
- "org.slf4j:slf4j-api:$slf4jVersion"
+ compile project(':spring-security-core'),
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-web:$springVersion",
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.slf4j:slf4j-api:$slf4jVersion"
- runtime project(':spring-security-web'),
- project(':spring-security-config'),
- project(':spring-security-taglibs'),
- jstlDependencies,
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "ch.qos.logback:logback-core:$logbackVersion",
- "ch.qos.logback:logback-classic:$logbackVersion"
+ runtime project(':spring-security-web'),
+ project(':spring-security-config'),
+ project(':spring-security-taglibs'),
+ jstlDependencies,
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "ch.qos.logback:logback-core:$logbackVersion",
+ "ch.qos.logback:logback-classic:$logbackVersion"
}
jettyRun {
- def httpConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.nio.SelectChannelConnector').newInstance()
- httpConnector.port = 8080
- httpConnector.confidentialPort = 8443
- def httpsConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector').newInstance()
- httpsConnector.port = 8443
- httpsConnector.keystore = "$rootDir/samples/certificates/server.jks"
- httpsConnector.keyPassword = 'password'
+ def httpConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.nio.SelectChannelConnector').newInstance()
+ httpConnector.port = 8080
+ httpConnector.confidentialPort = 8443
+ def httpsConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector').newInstance()
+ httpsConnector.port = 8443
+ httpsConnector.keystore = "$rootDir/samples/certificates/server.jks"
+ httpsConnector.keyPassword = 'password'
- connectors = [httpConnector, httpsConnector]
+ connectors = [httpConnector, httpsConnector]
}
diff --git a/samples/x509-jc/build.gradle b/samples/x509-jc/build.gradle
index 685ac71f0d..75ee07cdf7 100644
--- a/samples/x509-jc/build.gradle
+++ b/samples/x509-jc/build.gradle
@@ -3,24 +3,24 @@ apply from: WAR_SAMPLE_GRADLE
dependencies {
- providedCompile "javax.servlet:javax.servlet-api:3.0.1",
- 'javax.servlet.jsp:jsp-api:2.1'
+ providedCompile "javax.servlet:javax.servlet-api:3.0.1",
+ 'javax.servlet.jsp:jsp-api:2.1'
- compile project(":spring-security-config"),
- project(":spring-security-samples-messages-jc"),
- project(":spring-security-core"),
- project(":spring-security-web"),
- "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.slf4j:slf4j-api:$slf4jVersion",
- "org.slf4j:log4j-over-slf4j:$slf4jVersion",
- "org.slf4j:jul-to-slf4j:$slf4jVersion",
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
- "javax.validation:validation-api:1.0.0.GA",
- "org.hibernate:hibernate-validator:4.2.0.Final"
+ compile project(":spring-security-config"),
+ project(":spring-security-samples-messages-jc"),
+ project(":spring-security-core"),
+ project(":spring-security-web"),
+ "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.slf4j:slf4j-api:$slf4jVersion",
+ "org.slf4j:log4j-over-slf4j:$slf4jVersion",
+ "org.slf4j:jul-to-slf4j:$slf4jVersion",
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion",
+ "javax.validation:validation-api:1.0.0.GA",
+ "org.hibernate:hibernate-validator:4.2.0.Final"
- runtime "opensymphony:sitemesh:2.4.2",
- "cglib:cglib-nodep:$cglibVersion",
- 'ch.qos.logback:logback-classic:0.9.30'
+ runtime "opensymphony:sitemesh:2.4.2",
+ "cglib:cglib-nodep:$cglibVersion",
+ 'ch.qos.logback:logback-classic:0.9.30'
}
\ No newline at end of file
diff --git a/sandbox/heavyduty/build.gradle b/sandbox/heavyduty/build.gradle
index da92fbfa51..502a1b0b5d 100644
--- a/sandbox/heavyduty/build.gradle
+++ b/sandbox/heavyduty/build.gradle
@@ -8,36 +8,36 @@ targetCompatibility = '1.5'
sourceCompatibility = '1.5'
repositories {
- mavenRepo name:'Local', urls: "file://" + System.properties['user.home'] + "/.m2/repository"
+ mavenRepo name:'Local', urls: "file://" + System.properties['user.home'] + "/.m2/repository"
}
dependencies {
- compile 'aopalliance:aopalliance:1.0',
- "org.springframework.security:spring-security-core:$version",
- "org.springframework.security:spring-security-web:$version",
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-core:$springVersion",
- "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-tx:$springVersion",
- "org.springframework:spring-web:$springVersion",
- "org.springframework:spring-webmvc:$springVersion",
- 'org.aspectj:aspectjrt:1.6.8',
- 'org.hibernate:ejb3-persistence:1.0.2.GA',
- 'javax.persistence:persistence-api:1.0',
- 'org.slf4j:jcl-over-slf4j:1.5.11'
+ compile 'aopalliance:aopalliance:1.0',
+ "org.springframework.security:spring-security-core:$version",
+ "org.springframework.security:spring-security-web:$version",
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-core:$springVersion",
+ "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-tx:$springVersion",
+ "org.springframework:spring-web:$springVersion",
+ "org.springframework:spring-webmvc:$springVersion",
+ 'org.aspectj:aspectjrt:1.6.8',
+ 'org.hibernate:ejb3-persistence:1.0.2.GA',
+ 'javax.persistence:persistence-api:1.0',
+ 'org.slf4j:jcl-over-slf4j:1.5.11'
- providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
+ providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
- runtime 'org.hibernate:hibernate-entitymanager:3.4.0.GA',
- "org.springframework:spring-context-support:$springVersion",
- "org.springframework.security:spring-security-ldap:$version",
- "org.springframework.security:spring-security-config:$version",
- "org.springframework.security:spring-security-taglibs:$version",
- "org.springframework:spring-orm:$springVersion",
- 'org.apache.directory.server:apacheds-core:1.5.5',
- 'org.apache.directory.server:apacheds-server-jndi:1.5.5',
- 'org.freemarker:freemarker:2.3.16',
- "org.hsqldb:hsqldb:$hsqlVersion",
- 'org.slf4j:slf4j-log4j12:1.5.11',
- 'log4j:log4j:1.2.14'
+ runtime 'org.hibernate:hibernate-entitymanager:3.4.0.GA',
+ "org.springframework:spring-context-support:$springVersion",
+ "org.springframework.security:spring-security-ldap:$version",
+ "org.springframework.security:spring-security-config:$version",
+ "org.springframework.security:spring-security-taglibs:$version",
+ "org.springframework:spring-orm:$springVersion",
+ 'org.apache.directory.server:apacheds-core:1.5.5',
+ 'org.apache.directory.server:apacheds-server-jndi:1.5.5',
+ 'org.freemarker:freemarker:2.3.16',
+ "org.hsqldb:hsqldb:$hsqlVersion",
+ 'org.slf4j:slf4j-log4j12:1.5.11',
+ 'log4j:log4j:1.2.14'
}
diff --git a/settings.gradle b/settings.gradle
index a5f27c3a86..c6b38d2a55 100644
--- a/settings.gradle
+++ b/settings.gradle
@@ -1,87 +1,87 @@
def String[] modules = [
- 'core',
- 'data',
- 'remoting',
- 'web',
- 'ldap',
- 'acl',
- 'config',
- 'cas',
- 'openid',
- 'taglibs',
- 'aspects',
- 'crypto',
- 'messaging',
- 'test'
+ 'core',
+ 'data',
+ 'remoting',
+ 'web',
+ 'ldap',
+ 'acl',
+ 'config',
+ 'cas',
+ 'openid',
+ 'taglibs',
+ 'aspects',
+ 'crypto',
+ 'messaging',
+ 'test'
]
def String[] samples = [
- 'tutorial-xml',
- 'contacts-xml',
- 'chat-jc',
- 'openid-xml',
- 'aspectj-xml',
- 'aspectj-jc',
- 'data-jc',
- 'gae-xml',
- 'dms-xml',
- 'preauth-xml',
- 'cas/server',
- 'cas/sample-xml',
- 'ldap-xml',
- 'jaas-xml',
- 'servletapi-xml',
- 'concurrency-jc',
- 'form-jc',
- 'helloworld-jc',
- 'helloworld-xml',
- 'hellomvc-jc',
- 'hellojs-jc',
- 'insecure',
- 'insecuremvc',
- 'inmemory-jc',
- 'jdbc-jc',
- 'ldap-jc',
- 'messages-jc',
- 'openid-jc',
- 'preauth-jc',
- 'rememberme-jc',
- 'x509-jc'
+ 'tutorial-xml',
+ 'contacts-xml',
+ 'chat-jc',
+ 'openid-xml',
+ 'aspectj-xml',
+ 'aspectj-jc',
+ 'data-jc',
+ 'gae-xml',
+ 'dms-xml',
+ 'preauth-xml',
+ 'cas/server',
+ 'cas/sample-xml',
+ 'ldap-xml',
+ 'jaas-xml',
+ 'servletapi-xml',
+ 'concurrency-jc',
+ 'form-jc',
+ 'helloworld-jc',
+ 'helloworld-xml',
+ 'hellomvc-jc',
+ 'hellojs-jc',
+ 'insecure',
+ 'insecuremvc',
+ 'inmemory-jc',
+ 'jdbc-jc',
+ 'ldap-jc',
+ 'messages-jc',
+ 'openid-jc',
+ 'preauth-jc',
+ 'rememberme-jc',
+ 'x509-jc'
]
def String[] itest = [
- 'web',
- 'context'
+ 'web',
+ 'context'
]
include modules
modules.each {name ->
- def p = findProject(":${name}")
- p.name = "spring-security-${name}"
- p.buildFileName = "${name}.gradle"
+ def p = findProject(":${name}")
+ p.name = "spring-security-${name}"
+ p.buildFileName = "${name}.gradle"
}
include samples
samples.each {name ->
- def p = findProject(":${name}")
- def fullName = name.replaceAll('/','')
- p.name = "spring-security-samples-${fullName}"
- p.projectDir = new File(settingsDir, "samples/${name}");
- if(!p.buildFile.exists()) {
- def buildFile = fullName.replaceFirst("-xml","")
- p.buildFileName = "${buildFile}.gradle"
- }
+ def p = findProject(":${name}")
+ def fullName = name.replaceAll('/','')
+ p.name = "spring-security-samples-${fullName}"
+ p.projectDir = new File(settingsDir, "samples/${name}");
+ if(!p.buildFile.exists()) {
+ def buildFile = fullName.replaceFirst("-xml","")
+ p.buildFileName = "${buildFile}.gradle"
+ }
}
include itest
itest.each { name ->
- def p = findProject(":${name}")
- p.name = "itest-${name}"
- p.buildFileName = "itest-${name}.gradle"
- p.projectDir = new File(settingsDir, "itest/${name}");
+ def p = findProject(":${name}")
+ p.name = "itest-${name}"
+ p.buildFileName = "itest-${name}.gradle"
+ p.projectDir = new File(settingsDir, "itest/${name}");
}
include 'docs', 'docs:manual', 'docs:guides'
@@ -92,8 +92,8 @@ docs.buildFileName = 'docs.gradle'
rootProject.name = 'spring-security'
rootProject.children.each {project ->
- //assert project.projectDir.isDirectory()
- //assert project.buildFile.isFile()
+ //assert project.projectDir.isDirectory()
+ //assert project.buildFile.isFile()
}
include 'bom'
diff --git a/taglibs/src/test/groovy/org/springframework/security/taglibs/TldTests.groovy b/taglibs/src/test/groovy/org/springframework/security/taglibs/TldTests.groovy
index bc20a94e40..9f717b5866 100644
--- a/taglibs/src/test/groovy/org/springframework/security/taglibs/TldTests.groovy
+++ b/taglibs/src/test/groovy/org/springframework/security/taglibs/TldTests.groovy
@@ -7,11 +7,11 @@ import spock.lang.Specification
class TldTests extends Specification {
def "SEC-2324: tld version is correct"() {
- when:
- File securityTld = new File('src/main/resources/META-INF/security.tld')
- GPathResult tldRoot = new XmlSlurper().parse(securityTld)
- then:
- String version = System.getProperty('springSecurityVersion');
- version.startsWith(tldRoot.'tlib-version'.text())
+ when:
+ File securityTld = new File('src/main/resources/META-INF/security.tld')
+ GPathResult tldRoot = new XmlSlurper().parse(securityTld)
+ then:
+ String version = System.getProperty('springSecurityVersion');
+ version.startsWith(tldRoot.'tlib-version'.text())
}
}
diff --git a/taglibs/taglibs.gradle b/taglibs/taglibs.gradle
index 0909732bbc..0b36ab17d2 100644
--- a/taglibs/taglibs.gradle
+++ b/taglibs/taglibs.gradle
@@ -2,25 +2,25 @@
apply plugin: 'groovy'
dependencies {
- compile project(':spring-security-core'),
- project(':spring-security-web'),
- project(':spring-security-acl'),
- springCoreDependency,
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-aop:$springVersion",
- "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-expression:$springVersion",
- "org.springframework:spring-web:$springVersion"
+ compile project(':spring-security-core'),
+ project(':spring-security-web'),
+ project(':spring-security-acl'),
+ springCoreDependency,
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-aop:$springVersion",
+ "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-expression:$springVersion",
+ "org.springframework:spring-web:$springVersion"
- provided 'javax.servlet.jsp:javax.servlet.jsp-api:2.2.1',
- "javax.servlet:javax.servlet-api:$servletApiVersion"
+ provided 'javax.servlet.jsp:javax.servlet.jsp-api:2.2.1',
+ "javax.servlet:javax.servlet-api:$servletApiVersion"
- testCompile "org.codehaus.groovy:groovy-all:$groovyVersion",
- spockDependencies
+ testCompile "org.codehaus.groovy:groovy-all:$groovyVersion",
+ spockDependencies
- testRuntime "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion"
+ testRuntime "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion"
}
configure(project.tasks.withType(Test)) {
- systemProperties['springSecurityVersion'] = version
+ systemProperties['springSecurityVersion'] = version
}
\ No newline at end of file
diff --git a/test/test.gradle b/test/test.gradle
index b3406e3c90..69eaa2c640 100644
--- a/test/test.gradle
+++ b/test/test.gradle
@@ -1,15 +1,15 @@
// OpenID Module build file
dependencies {
- compile project(':spring-security-core'),
- project(':spring-security-web'),
- springCoreDependency,
- "org.springframework:spring-test:$springVersion"
+ compile project(':spring-security-core'),
+ project(':spring-security-web'),
+ springCoreDependency,
+ "org.springframework:spring-test:$springVersion"
- optional project(':spring-security-config')
+ optional project(':spring-security-config')
- provided "javax.servlet:javax.servlet-api:$servletApiVersion"
+ provided "javax.servlet:javax.servlet-api:$servletApiVersion"
- testCompile "org.springframework:spring-webmvc:$springVersion",
- powerMockDependencies
+ testCompile "org.springframework:spring-webmvc:$springVersion",
+ powerMockDependencies
}
diff --git a/web/web.gradle b/web/web.gradle
index 666dc6fae4..a525bfef8c 100644
--- a/web/web.gradle
+++ b/web/web.gradle
@@ -1,26 +1,26 @@
apply plugin: 'groovy'
dependencies {
- compile project(':spring-security-core'),
- springCoreDependency,
- 'aopalliance:aopalliance:1.0',
- "org.springframework:spring-beans:$springVersion",
- "org.springframework:spring-context:$springVersion",
- "org.springframework:spring-expression:$springVersion",
- "org.springframework:spring-web:$springVersion"
+ compile project(':spring-security-core'),
+ springCoreDependency,
+ 'aopalliance:aopalliance:1.0',
+ "org.springframework:spring-beans:$springVersion",
+ "org.springframework:spring-context:$springVersion",
+ "org.springframework:spring-expression:$springVersion",
+ "org.springframework:spring-web:$springVersion"
- optional "org.springframework:spring-webmvc:$springVersion",
- "org.springframework:spring-jdbc:$springVersion",
- "org.springframework:spring-tx:$springVersion"
+ optional "org.springframework:spring-webmvc:$springVersion",
+ "org.springframework:spring-jdbc:$springVersion",
+ "org.springframework:spring-tx:$springVersion"
- provided "javax.servlet:javax.servlet-api:$servletApiVersion"
+ provided "javax.servlet:javax.servlet-api:$servletApiVersion"
- testCompile project(':spring-security-core').sourceSets.test.output,
- 'commons-codec:commons-codec:1.3',
- "org.slf4j:jcl-over-slf4j:$slf4jVersion",
- "org.codehaus.groovy:groovy-all:$groovyVersion",
- powerMockDependencies,
- spockDependencies
+ testCompile project(':spring-security-core').sourceSets.test.output,
+ 'commons-codec:commons-codec:1.3',
+ "org.slf4j:jcl-over-slf4j:$slf4jVersion",
+ "org.codehaus.groovy:groovy-all:$groovyVersion",
+ powerMockDependencies,
+ spockDependencies
- testRuntime "org.hsqldb:hsqldb:$hsqlVersion"
+ testRuntime "org.hsqldb:hsqldb:$hsqlVersion"
}
\ No newline at end of file