From 0a2e496a8481ba5a06ed41b58c953708d2f131a1 Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Mon, 23 Mar 2015 11:14:26 -0500 Subject: [PATCH] SEC-2915: groovy/gradle spaces->tabs --- acl/acl.gradle | 24 +- aspects/aspects.gradle | 12 +- bom/build.gradle | 2 +- build.gradle | 208 +-- buildSrc/build.gradle | 32 +- buildSrc/src/main/groovy/MavenBomTask.groovy | 80 +- .../main/groovy/aspectj/AspectJPlugin.groovy | 164 +- .../src/main/groovy/emma/EmmaPlugin.groovy | 152 +- buildSrc/src/main/groovy/gae/GaePlugin.groovy | 30 +- .../src/main/groovy/trang/TrangPlugin.groovy | 60 +- cas/cas.gradle | 18 +- config/config.gradle | 108 +- .../config/AbstractXmlConfigTests.groovy | 104 +- .../config/annotation/BaseSpringSpec.groovy | 192 +-- .../SecurityConfigurerAdapterTests.groovy | 30 +- .../annotation/issue50/Issue50Tests.groovy | 104 +- .../annotation/sec2758/Sec2758Tests.groovy | 160 +- .../web/RequestMatchersTests.groovy | 50 +- .../web/builders/NamespaceHttpTests.groovy | 758 +++++----- .../web/configuration/BaseWebConfig.groovy | 24 +- .../web/configuration/Sec2515Tests.groovy | 144 +- .../web/configurers/Issue55Tests.groovy | 150 +- .../debug/AuthProviderDependency.groovy | 2 +- .../debug/TestAuthenticationProvider.groovy | 20 +- .../security/config/doc/Attribute.groovy | 12 +- .../security/config/doc/Element.groovy | 120 +- .../config/doc/SpringSecurityXsdParser.groovy | 278 ++-- .../config/doc/XsdDocumentedTests.groovy | 300 ++-- .../http/AbstractHttpConfigTests.groovy | 78 +- .../http/AccessDeniedConfigTests.groovy | 60 +- .../config/http/CsrfConfigTests.groovy | 564 +++---- .../FormLoginBeanDefinitionParserTests.groovy | 150 +- .../config/http/FormLoginConfigTests.groovy | 150 +- .../config/http/HttpConfigTests.groovy | 30 +- .../config/http/HttpHeadersConfigTests.groovy | 1232 +++++++-------- .../config/http/HttpOpenIDConfigTests.groovy | 226 +-- .../http/InterceptUrlConfigTests.groovy | 136 +- .../config/http/MiscHttpConfigTests.groovy | 1336 ++++++++--------- .../http/MultiHttpBlockConfigTests.groovy | 188 +-- .../http/PlaceHolderAndELConfigTests.groovy | 224 +-- .../config/http/RememberMeConfigTests.groovy | 434 +++--- .../http/SessionManagementConfigTests.groovy | 638 ++++---- core/core.gradle | 52 +- crypto/crypto.gradle | 8 +- data/data.gradle | 6 +- docs/docs.gradle | 208 +-- docs/guides/build.gradle | 64 +- gradle/javaprojects.gradle | 248 +-- gradle/maven-deployment.gradle | 202 +-- gradle/release-checks.gradle | 28 +- gradle/tomcat.gradle | 98 +- gradle/war-sample.gradle | 4 +- itest/context/itest-context.gradle | 24 +- itest/web/itest-web.gradle | 58 +- ldap/ldap.gradle | 52 +- messaging/messaging.gradle | 34 +- openid/openid.gradle | 34 +- remoting/remoting.gradle | 14 +- samples/aspectj-jc/build.gradle | 8 +- samples/aspectj-xml/aspectj.gradle | 8 +- samples/cas/sample-xml/cassample.gradle | 164 +- samples/cas/server/casserver.gradle | 76 +- samples/chat-jc/build.gradle | 60 +- samples/concurrency-jc/build.gradle | 36 +- samples/contacts-xml/contacts.gradle | 40 +- .../security/samples/ContactsTests.groovy | 106 +- .../security/samples/pages/AddPage.groovy | 24 +- .../security/samples/pages/HomePage.groovy | 16 +- .../security/samples/pages/LoginPage.groovy | 24 +- samples/data-jc/build.gradle | 16 +- samples/dms-xml/dms.gradle | 20 +- samples/form-jc/build.gradle | 38 +- .../security/samples/FormJcTests.groovy | 50 +- .../security/samples/pages/HomePage.groovy | 14 +- .../security/samples/pages/LoginPage.groovy | 24 +- samples/gae-xml/gae.gradle | 58 +- samples/hellojs-jc/build.gradle | 38 +- samples/hellomvc-jc/build.gradle | 38 +- samples/helloworld-jc/build.gradle | 16 +- .../security/samples/pages/HomePage.groovy | 14 +- samples/helloworld-xml/build.gradle | 16 +- samples/inmemory-jc/build.gradle | 38 +- samples/insecure/build.gradle | 12 +- .../samples/HelloInsecureTests.groovy | 18 +- .../security/samples/pages/HomePage.groovy | 12 +- samples/insecuremvc/build.gradle | 30 +- samples/jaas-xml/jaas.gradle | 34 +- .../security/samples/JaasXmlTests.groovy | 58 +- .../security/samples/pages/HomePage.groovy | 12 +- .../security/samples/pages/LoginPage.groovy | 24 +- .../security/samples/pages/LogoutPage.groovy | 6 +- .../security/samples/pages/SecurePage.groovy | 14 +- samples/jdbc-jc/build.gradle | 38 +- .../security/samples/JdbcJcTests.groovy | 50 +- .../security/samples/pages/HomePage.groovy | 14 +- .../security/samples/pages/LoginPage.groovy | 24 +- samples/ldap-jc/build.gradle | 42 +- .../security/samples/LdapJcTests.groovy | 50 +- .../security/samples/pages/HomePage.groovy | 14 +- .../security/samples/pages/LoginPage.groovy | 24 +- samples/ldap-xml/ldap.gradle | 26 +- .../security/samples/LdapXmlTests.groovy | 58 +- .../security/samples/pages/HomePage.groovy | 12 +- .../security/samples/pages/LoginPage.groovy | 24 +- .../security/samples/pages/LogoutPage.groovy | 6 +- .../security/samples/pages/SecurePage.groovy | 12 +- samples/messages-jc/build.gradle | 48 +- samples/openid-jc/build.gradle | 40 +- samples/openid-xml/openid.gradle | 16 +- samples/preauth-jc/build.gradle | 36 +- samples/preauth-xml/preauth.gradle | 18 +- samples/rememberme-jc/build.gradle | 36 +- samples/servletapi-xml/servletapi.gradle | 36 +- samples/tutorial-xml/tutorial.gradle | 50 +- samples/x509-jc/build.gradle | 36 +- sandbox/heavyduty/build.gradle | 54 +- settings.gradle | 128 +- .../security/taglibs/TldTests.groovy | 12 +- taglibs/taglibs.gradle | 30 +- test/test.gradle | 16 +- web/web.gradle | 36 +- 121 files changed, 6033 insertions(+), 6033 deletions(-) diff --git a/acl/acl.gradle b/acl/acl.gradle index 084fe4895e..eacbc7f825 100644 --- a/acl/acl.gradle +++ b/acl/acl.gradle @@ -1,19 +1,19 @@ // Acl Module build file dependencies { - compile project(':spring-security-core'), - springCoreDependency, - 'aopalliance:aopalliance:1.0', - "org.springframework:spring-aop:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-tx:$springVersion", - "org.springframework:spring-jdbc:$springVersion" + compile project(':spring-security-core'), + springCoreDependency, + 'aopalliance:aopalliance:1.0', + "org.springframework:spring-aop:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-tx:$springVersion", + "org.springframework:spring-jdbc:$springVersion" - optional "net.sf.ehcache:ehcache:$ehcacheVersion" + optional "net.sf.ehcache:ehcache:$ehcacheVersion" - testCompile "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-context-support:$springVersion", - "org.springframework:spring-test:$springVersion" + testCompile "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-context-support:$springVersion", + "org.springframework:spring-test:$springVersion" - testRuntime "org.hsqldb:hsqldb:$hsqlVersion" + testRuntime "org.hsqldb:hsqldb:$hsqlVersion" } \ No newline at end of file diff --git a/aspects/aspects.gradle b/aspects/aspects.gradle index 865d2415ef..d1fdc61ca9 100644 --- a/aspects/aspects.gradle +++ b/aspects/aspects.gradle @@ -1,10 +1,10 @@ dependencies { - compile project(':spring-security-core'), - springCoreDependency, - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-context:$springVersion" + compile project(':spring-security-core'), + springCoreDependency, + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-context:$springVersion" - testCompile 'aopalliance:aopalliance:1.0', - "org.springframework:spring-aop:$springVersion" + testCompile 'aopalliance:aopalliance:1.0', + "org.springframework:spring-aop:$springVersion" } \ No newline at end of file diff --git a/bom/build.gradle b/bom/build.gradle index 41c4a9b0c3..3f1d9b5875 100644 --- a/bom/build.gradle +++ b/bom/build.gradle @@ -5,5 +5,5 @@ generatePom.enabled = false sonarRunner.skipProject = true mavenBom { - projects = coreModuleProjects + projects = coreModuleProjects } \ No newline at end of file diff --git a/build.gradle b/build.gradle index 1314ed3453..8f9e2041ab 100644 --- a/build.gradle +++ b/build.gradle @@ -1,17 +1,17 @@ import groovy.text.SimpleTemplateEngine buildscript { - repositories { - maven { url "https://repo.spring.io/plugins-release" } - } - dependencies { - classpath("org.springframework.build.gradle:propdeps-plugin:0.0.7") - classpath("org.springframework.build.gradle:spring-io-plugin:0.0.3.RELEASE") - classpath("org.gradle.api.plugins:gradle-tomcat-plugin:1.2.5") - classpath('me.champeau.gradle:gradle-javadoc-hotfix-plugin:0.1') - classpath('org.asciidoctor:asciidoctor-gradle-plugin:1.5.1') - classpath("io.spring.gradle:docbook-reference-plugin:0.3.0") - } + repositories { + maven { url "https://repo.spring.io/plugins-release" } + } + dependencies { + classpath("org.springframework.build.gradle:propdeps-plugin:0.0.7") + classpath("org.springframework.build.gradle:spring-io-plugin:0.0.3.RELEASE") + classpath("org.gradle.api.plugins:gradle-tomcat-plugin:1.2.5") + classpath('me.champeau.gradle:gradle-javadoc-hotfix-plugin:0.1') + classpath('org.asciidoctor:asciidoctor-gradle-plugin:1.5.1') + classpath("io.spring.gradle:docbook-reference-plugin:0.3.0") + } } apply plugin: 'sonar-runner' @@ -20,38 +20,38 @@ apply plugin: 'base' description = 'Spring Security' allprojects { - apply plugin: 'idea' - apply plugin: 'eclipse' + apply plugin: 'idea' + apply plugin: 'eclipse' - ext.releaseBuild = version.endsWith('RELEASE') - ext.snapshotBuild = version.endsWith('SNAPSHOT') - ext.springVersion = '4.1.5.RELEASE' - ext.springLdapVersion = '2.0.2.RELEASE' + ext.releaseBuild = version.endsWith('RELEASE') + ext.snapshotBuild = version.endsWith('SNAPSHOT') + ext.springVersion = '4.1.5.RELEASE' + ext.springLdapVersion = '2.0.2.RELEASE' - group = 'org.springframework.security' + group = 'org.springframework.security' - repositories { - mavenCentral() - maven { url "https://repo.spring.io/libs-snapshot" } - maven { url "https://repo.spring.io/plugins-release" } - maven { url "http://repo.terracotta.org/maven2/" } - } + repositories { + mavenCentral() + maven { url "https://repo.spring.io/libs-snapshot" } + maven { url "https://repo.spring.io/plugins-release" } + maven { url "http://repo.terracotta.org/maven2/" } + } - eclipse.project.name = "${project.name}-4.0.x" + eclipse.project.name = "${project.name}-4.0.x" } sonarRunner { - sonarProperties { - property "sonar.java.coveragePlugin", "jacoco" - property "sonar.projectName", "Spring Security" - property "sonar.jacoco.reportPath", "${buildDir.name}/jacoco.exec" - property "sonar.links.homepage", 'https://www.springsource.org/spring-security' - property "sonar.links.ci", 'https://build.springsource.org/browse/SEC-B32X' - property "sonar.links.issue", 'https://jira.springsource.org/browse/SEC' - property "sonar.links.scm", 'https://github.com/SpringSource/spring-security' - property "sonar.links.scm_dev", 'https://github.com/SpringSource/spring-security.git' - property "sonar.java.coveragePlugin", "jacoco" - } + sonarProperties { + property "sonar.java.coveragePlugin", "jacoco" + property "sonar.projectName", "Spring Security" + property "sonar.jacoco.reportPath", "${buildDir.name}/jacoco.exec" + property "sonar.links.homepage", 'https://www.springsource.org/spring-security' + property "sonar.links.ci", 'https://build.springsource.org/browse/SEC-B32X' + property "sonar.links.issue", 'https://jira.springsource.org/browse/SEC' + property "sonar.links.scm", 'https://github.com/SpringSource/spring-security' + property "sonar.links.scm_dev", 'https://github.com/SpringSource/spring-security.git' + property "sonar.java.coveragePlugin", "jacoco" + } } // Set up different subproject lists for individual configuration @@ -62,105 +62,105 @@ ext.coreModuleProjects = javaProjects - sampleProjects - itestProjects ext.aspectjProjects = [project(':spring-security-aspects'), project(':spring-security-samples-aspectj-xml'), project(':spring-security-samples-aspectj-jc')] configure(allprojects - javaProjects) { - task afterEclipseImport { - ext.srcFile = file('.classpath') - inputs.file srcFile - outputs.dir srcFile + task afterEclipseImport { + ext.srcFile = file('.classpath') + inputs.file srcFile + outputs.dir srcFile - onlyIf { !srcFile.exists() } + onlyIf { !srcFile.exists() } - doLast { - srcFile << """ + doLast { + srcFile << """ - - + + """ - } - } + } + } } configure(subprojects - coreModuleProjects - project(':spring-security-samples-messages-jc') - project(':spring-security-bom')) { - tasks.findByPath("artifactoryPublish")?.enabled = false - sonarRunner { - skipProject = true - } + tasks.findByPath("artifactoryPublish")?.enabled = false + sonarRunner { + skipProject = true + } } configure(javaProjects) { - ext.TOMCAT_GRADLE = "$rootDir/gradle/tomcat.gradle" - ext.WAR_SAMPLE_GRADLE = "$rootDir/gradle/war-sample.gradle" - apply from: "$rootDir/gradle/javaprojects.gradle" - apply from: "$rootDir/gradle/release-checks.gradle" - apply from: "$rootDir/gradle/maven-deployment.gradle" + ext.TOMCAT_GRADLE = "$rootDir/gradle/tomcat.gradle" + ext.WAR_SAMPLE_GRADLE = "$rootDir/gradle/war-sample.gradle" + apply from: "$rootDir/gradle/javaprojects.gradle" + apply from: "$rootDir/gradle/release-checks.gradle" + apply from: "$rootDir/gradle/maven-deployment.gradle" } configure(coreModuleProjects) { - apply plugin: 'emma' - apply plugin: 'spring-io' + apply plugin: 'emma' + apply plugin: 'spring-io' - ext.springIoVersion = project.hasProperty('platformVersion') ? platformVersion : '1.1.0.BUILD-SNAPSHOT' + ext.springIoVersion = project.hasProperty('platformVersion') ? platformVersion : '1.1.0.BUILD-SNAPSHOT' - configurations { - jacoco //Configuration Group used by Sonar to provide Code Coverage using JaCoCo - } + configurations { + jacoco //Configuration Group used by Sonar to provide Code Coverage using JaCoCo + } - dependencies { - springIoVersions "io.spring.platform:platform-versions:${springIoVersion}@properties" - jacoco "org.jacoco:org.jacoco.agent:0.6.2.201302030002:runtime" - } - test { - jvmArgs "-javaagent:${configurations.jacoco.asPath}=destfile=${buildDir}/jacoco.exec,includes=${project.group}.*" - } - integrationTest { - jvmArgs "-javaagent:${configurations.jacoco.asPath}=destfile=${buildDir}/jacoco.exec,includes=${project.group}.*" - } + dependencies { + springIoVersions "io.spring.platform:platform-versions:${springIoVersion}@properties" + jacoco "org.jacoco:org.jacoco.agent:0.6.2.201302030002:runtime" + } + test { + jvmArgs "-javaagent:${configurations.jacoco.asPath}=destfile=${buildDir}/jacoco.exec,includes=${project.group}.*" + } + integrationTest { + jvmArgs "-javaagent:${configurations.jacoco.asPath}=destfile=${buildDir}/jacoco.exec,includes=${project.group}.*" + } } configure (aspectjProjects) { - apply plugin: 'java' - apply plugin: 'aspectj' + apply plugin: 'java' + apply plugin: 'aspectj' } task coreBuild { - dependsOn coreModuleProjects*.tasks*.matching { task -> task.name == 'build' } + dependsOn coreModuleProjects*.tasks*.matching { task -> task.name == 'build' } } // Task for creating the distro zip task dist(type: Zip) { - dependsOn subprojects*.tasks*.matching { task -> task.name == 'assemble' || task.name.endsWith('Zip') || task.name.endsWith('generatePom') } - classifier = 'dist' + dependsOn subprojects*.tasks*.matching { task -> task.name == 'assemble' || task.name.endsWith('Zip') || task.name.endsWith('generatePom') } + classifier = 'dist' - evaluationDependsOn(':docs') - evaluationDependsOn(':docs:manual') + evaluationDependsOn(':docs') + evaluationDependsOn(':docs:manual') - def zipRootDir = "${project.name}-$version" - into(zipRootDir) { - from(rootDir) { - include '*.adoc' - } - into('docs') { - with(project(':docs').apiSpec) - with(project(':docs:manual').spec) - with(project(':docs:guides').spec) - } - into('dist') { - from coreModuleProjects.collect {project -> project.libsDir } - } - sampleProjects.each { project-> - into("$zipRootDir/samples/$project.name") { - from(project.projectDir) { - include "src/main/**" - include "pom.xml" - } - } - } - } + def zipRootDir = "${project.name}-$version" + into(zipRootDir) { + from(rootDir) { + include '*.adoc' + } + into('docs') { + with(project(':docs').apiSpec) + with(project(':docs:manual').spec) + with(project(':docs:guides').spec) + } + into('dist') { + from coreModuleProjects.collect {project -> project.libsDir } + } + sampleProjects.each { project-> + into("$zipRootDir/samples/$project.name") { + from(project.projectDir) { + include "src/main/**" + include "pom.xml" + } + } + } + } } artifacts { - archives dist - archives project(':docs').docsZip - archives project(':docs').schemaZip + archives dist + archives project(':docs').docsZip + archives project(':docs').schemaZip } diff --git a/buildSrc/build.gradle b/buildSrc/build.gradle index 9dae29df88..a2ee283109 100644 --- a/buildSrc/build.gradle +++ b/buildSrc/build.gradle @@ -1,37 +1,37 @@ apply plugin: 'groovy' repositories { - mavenCentral() - maven { - name = 'SpringSource Enterprise Release' - url = 'http://repository.springsource.com/maven/bundles/release' - } - maven { - name = 'SpringSource Enterprise External' - url = 'http://repository.springsource.com/maven/bundles/external' - } + mavenCentral() + maven { + name = 'SpringSource Enterprise Release' + url = 'http://repository.springsource.com/maven/bundles/release' + } + maven { + name = 'SpringSource Enterprise External' + url = 'http://repository.springsource.com/maven/bundles/external' + } } dependencies { - compile gradleApi() + compile gradleApi() } // GAE dependencies { - compile 'com.google.appengine:appengine-tools-sdk:1.4.2' + compile 'com.google.appengine:appengine-tools-sdk:1.4.2' } dependencies{ - compile "emma:emma:2.0.5312" + compile "emma:emma:2.0.5312" } // Trang dependencies { - compile 'com.thaiopensource:trang:20091111', - 'net.sourceforge.saxon:saxon:9.1.0.8' + compile 'com.thaiopensource:trang:20091111', + 'net.sourceforge.saxon:saxon:9.1.0.8' } task ide(type: Copy) { - from configurations.runtime - into 'ide' + from configurations.runtime + into 'ide' } diff --git a/buildSrc/src/main/groovy/MavenBomTask.groovy b/buildSrc/src/main/groovy/MavenBomTask.groovy index a18312f6c9..171dd77892 100644 --- a/buildSrc/src/main/groovy/MavenBomTask.groovy +++ b/buildSrc/src/main/groovy/MavenBomTask.groovy @@ -6,50 +6,50 @@ import org.gradle.api.tasks.* public class MavenBomTask extends DefaultTask { - Set projects + Set projects - File bomFile + File bomFile - public MavenBomTask() { - this.group = "Generate" - this.description = "Generates a Maven Build of Materials (BOM). See http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html#Importing_Dependencies" - this.projects = project.subprojects - this.bomFile = project.file("${->project.buildDir}/maven-bom/${->project.name}-${->project.version}.txt") - } + public MavenBomTask() { + this.group = "Generate" + this.description = "Generates a Maven Build of Materials (BOM). See http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html#Importing_Dependencies" + this.projects = project.subprojects + this.bomFile = project.file("${->project.buildDir}/maven-bom/${->project.name}-${->project.version}.txt") + } - @TaskAction - public void configureBom() { - project.configurations.archives.artifacts.clear() + @TaskAction + public void configureBom() { + project.configurations.archives.artifacts.clear() - bomFile.parentFile.mkdirs() - bomFile.write("Maven Build of Materials (BOM). See http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html#Importing_Dependencies") - project.artifacts { - // work around GRADLE-2406 by attaching text artifact - archives(bomFile) - } - project.install { - repositories.mavenInstaller { - pom.whenConfigured { - packaging = "pom" - withXml { - asNode().children().last() + { - delegate.dependencyManagement { - delegate.dependencies { - projects.sort { dep -> "$dep.group:$dep.name" }.each { p -> + bomFile.parentFile.mkdirs() + bomFile.write("Maven Build of Materials (BOM). See http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html#Importing_Dependencies") + project.artifacts { + // work around GRADLE-2406 by attaching text artifact + archives(bomFile) + } + project.install { + repositories.mavenInstaller { + pom.whenConfigured { + packaging = "pom" + withXml { + asNode().children().last() + { + delegate.dependencyManagement { + delegate.dependencies { + projects.sort { dep -> "$dep.group:$dep.name" }.each { p -> - delegate.dependency { - delegate.groupId(p.group) - delegate.artifactId(p.name) - delegate.version(p.version) - } - } - } - } - } - } - } - } - } - } + delegate.dependency { + delegate.groupId(p.group) + delegate.artifactId(p.name) + delegate.version(p.version) + } + } + } + } + } + } + } + } + } + } } \ No newline at end of file diff --git a/buildSrc/src/main/groovy/aspectj/AspectJPlugin.groovy b/buildSrc/src/main/groovy/aspectj/AspectJPlugin.groovy index 5be354aed3..18f7d0071d 100644 --- a/buildSrc/src/main/groovy/aspectj/AspectJPlugin.groovy +++ b/buildSrc/src/main/groovy/aspectj/AspectJPlugin.groovy @@ -22,100 +22,100 @@ import org.gradle.plugins.ide.eclipse.model.ProjectDependency */ class AspectJPlugin implements Plugin { - void apply(Project project) { - project.plugins.apply(JavaPlugin) + void apply(Project project) { + project.plugins.apply(JavaPlugin) - if (!project.hasProperty('aspectjVersion')) { - throw new GradleException("You must set the property 'aspectjVersion' before applying the aspectj plugin") - } + if (!project.hasProperty('aspectjVersion')) { + throw new GradleException("You must set the property 'aspectjVersion' before applying the aspectj plugin") + } - if (project.configurations.findByName('ajtools') == null) { - project.configurations.create('ajtools') - project.dependencies { - ajtools "org.aspectj:aspectjtools:${project.aspectjVersion}" - optional "org.aspectj:aspectjrt:${project.aspectjVersion}" - } - } + if (project.configurations.findByName('ajtools') == null) { + project.configurations.create('ajtools') + project.dependencies { + ajtools "org.aspectj:aspectjtools:${project.aspectjVersion}" + optional "org.aspectj:aspectjrt:${project.aspectjVersion}" + } + } - if (project.configurations.findByName('aspectpath') == null) { - project.configurations.create('aspectpath') - } + if (project.configurations.findByName('aspectpath') == null) { + project.configurations.create('aspectpath') + } - project.tasks.create(name: 'compileAspect', overwrite: true, description: 'Compiles AspectJ Source', type: Ajc) { - dependsOn project.configurations*.getTaskDependencyFromProjectDependency(true, "compileJava") + project.tasks.create(name: 'compileAspect', overwrite: true, description: 'Compiles AspectJ Source', type: Ajc) { + dependsOn project.configurations*.getTaskDependencyFromProjectDependency(true, "compileJava") - dependsOn project.processResources - sourceSet = project.sourceSets.main - inputs.files(sourceSet.allSource) - outputs.dir(sourceSet.output.classesDir) - aspectPath = project.configurations.aspectpath - } - project.tasks.compileJava.deleteAllActions() - project.tasks.compileJava.dependsOn project.tasks.compileAspect + dependsOn project.processResources + sourceSet = project.sourceSets.main + inputs.files(sourceSet.allSource) + outputs.dir(sourceSet.output.classesDir) + aspectPath = project.configurations.aspectpath + } + project.tasks.compileJava.deleteAllActions() + project.tasks.compileJava.dependsOn project.tasks.compileAspect - project.tasks.create(name: 'compileTestAspect', overwrite: true, description: 'Compiles AspectJ Test Source', type: Ajc) { - dependsOn project.processTestResources, project.compileJava, project.jar - sourceSet = project.sourceSets.test - inputs.files(sourceSet.allSource) - outputs.dir(sourceSet.output.classesDir) - aspectPath = project.files(project.configurations.aspectpath, project.jar.archivePath) - } - project.tasks.compileTestJava.deleteAllActions() - project.tasks.compileTestJava.dependsOn project.tasks.compileTestAspect + project.tasks.create(name: 'compileTestAspect', overwrite: true, description: 'Compiles AspectJ Test Source', type: Ajc) { + dependsOn project.processTestResources, project.compileJava, project.jar + sourceSet = project.sourceSets.test + inputs.files(sourceSet.allSource) + outputs.dir(sourceSet.output.classesDir) + aspectPath = project.files(project.configurations.aspectpath, project.jar.archivePath) + } + project.tasks.compileTestJava.deleteAllActions() + project.tasks.compileTestJava.dependsOn project.tasks.compileTestAspect - project.tasks.withType(GenerateEclipseProject) { - project.eclipse.project.file.whenMerged { p -> - p.natures.add(0, 'org.eclipse.ajdt.ui.ajnature') - p.buildCommands = [new BuildCommand('org.eclipse.ajdt.core.ajbuilder')] - } - } + project.tasks.withType(GenerateEclipseProject) { + project.eclipse.project.file.whenMerged { p -> + p.natures.add(0, 'org.eclipse.ajdt.ui.ajnature') + p.buildCommands = [new BuildCommand('org.eclipse.ajdt.core.ajbuilder')] + } + } - project.tasks.withType(GenerateEclipseClasspath) { - project.eclipse.classpath.file.whenMerged { classpath -> - def entries = classpath.entries.findAll { it instanceof ProjectDependency}.findAll { entry -> - def projectPath = entry.path.replaceAll('/','') - project.rootProject.allprojects.find{ p-> - if(p.plugins.findPlugin(EclipsePlugin)) { - return p.eclipse.project.name == projectPath && p.plugins.findPlugin(AspectJPlugin) - } - false - } - } - entries.each { entry-> - entry.entryAttributes.put('org.eclipse.ajdt.aspectpath','org.eclipse.ajdt.aspectpath') - } - } - } - } + project.tasks.withType(GenerateEclipseClasspath) { + project.eclipse.classpath.file.whenMerged { classpath -> + def entries = classpath.entries.findAll { it instanceof ProjectDependency}.findAll { entry -> + def projectPath = entry.path.replaceAll('/','') + project.rootProject.allprojects.find{ p-> + if(p.plugins.findPlugin(EclipsePlugin)) { + return p.eclipse.project.name == projectPath && p.plugins.findPlugin(AspectJPlugin) + } + false + } + } + entries.each { entry-> + entry.entryAttributes.put('org.eclipse.ajdt.aspectpath','org.eclipse.ajdt.aspectpath') + } + } + } + } } class Ajc extends DefaultTask { - SourceSet sourceSet - FileCollection aspectPath + SourceSet sourceSet + FileCollection aspectPath - Ajc() { - logging.captureStandardOutput(LogLevel.INFO) - } + Ajc() { + logging.captureStandardOutput(LogLevel.INFO) + } - @TaskAction - def compile() { - logger.info("="*30) - logger.info("="*30) - logger.info("Running ajc ...") - logger.info("classpath: ${sourceSet.compileClasspath.asPath}") - logger.info("srcDirs $sourceSet.java.srcDirs") - ant.taskdef(resource: "org/aspectj/tools/ant/taskdefs/aspectjTaskdefs.properties", classpath: project.configurations.ajtools.asPath) - ant.iajc(classpath: sourceSet.compileClasspath.asPath, fork: 'true', destDir: sourceSet.output.classesDir.absolutePath, - source: project.convention.plugins.java.sourceCompatibility, - target: project.convention.plugins.java.targetCompatibility, - aspectPath: aspectPath.asPath, sourceRootCopyFilter: '**/*.java', showWeaveInfo: 'true') { - sourceroots { - sourceSet.java.srcDirs.each { - logger.info(" sourceRoot $it") - pathelement(location: it.absolutePath) - } - } - } - } + @TaskAction + def compile() { + logger.info("="*30) + logger.info("="*30) + logger.info("Running ajc ...") + logger.info("classpath: ${sourceSet.compileClasspath.asPath}") + logger.info("srcDirs $sourceSet.java.srcDirs") + ant.taskdef(resource: "org/aspectj/tools/ant/taskdefs/aspectjTaskdefs.properties", classpath: project.configurations.ajtools.asPath) + ant.iajc(classpath: sourceSet.compileClasspath.asPath, fork: 'true', destDir: sourceSet.output.classesDir.absolutePath, + source: project.convention.plugins.java.sourceCompatibility, + target: project.convention.plugins.java.targetCompatibility, + aspectPath: aspectPath.asPath, sourceRootCopyFilter: '**/*.java', showWeaveInfo: 'true') { + sourceroots { + sourceSet.java.srcDirs.each { + logger.info(" sourceRoot $it") + pathelement(location: it.absolutePath) + } + } + } + } } diff --git a/buildSrc/src/main/groovy/emma/EmmaPlugin.groovy b/buildSrc/src/main/groovy/emma/EmmaPlugin.groovy index e79202efee..d366d843a4 100644 --- a/buildSrc/src/main/groovy/emma/EmmaPlugin.groovy +++ b/buildSrc/src/main/groovy/emma/EmmaPlugin.groovy @@ -15,100 +15,100 @@ import com.vladium.util.XProperties; */ class EmmaPlugin implements Plugin { - void apply(Project project) { - Project rootProject = project.rootProject - def emmaMetaDataFile = "${rootProject.buildDir}/emma/emma.em" - def emmaCoverageFile = "${rootProject.buildDir}/emma/emma.ec" + void apply(Project project) { + Project rootProject = project.rootProject + def emmaMetaDataFile = "${rootProject.buildDir}/emma/emma.em" + def emmaCoverageFile = "${rootProject.buildDir}/emma/emma.ec" - if (project.configurations.findByName('emma_rt') == null) { - project.configurations.create('emma_rt') - project.dependencies { - emma_rt 'emma:emma:2.0.5312' - } - } + if (project.configurations.findByName('emma_rt') == null) { + project.configurations.create('emma_rt') + project.dependencies { + emma_rt 'emma:emma:2.0.5312' + } + } - project.task('emmaInstrument') { - dependsOn project.classes + project.task('emmaInstrument') { + dependsOn project.classes - doFirst { - InstrProcessor processor = InstrProcessor.create (); - String[] classesDirPath = [project.sourceSets.main.output.classesDir.absolutePath] + doFirst { + InstrProcessor processor = InstrProcessor.create (); + String[] classesDirPath = [project.sourceSets.main.output.classesDir.absolutePath] - processor.setInstrPath(classesDirPath, false); - processor.setOutMode(InstrProcessor.OutMode.OUT_MODE_COPY); - processor.setInstrOutDir("${project.buildDir}/emma/classes"); - processor.setMetaOutFile(emmaMetaDataFile); - processor.setMetaOutMerge(true); - //processor.setInclExclFilter (null); - processor.run(); - } - } + processor.setInstrPath(classesDirPath, false); + processor.setOutMode(InstrProcessor.OutMode.OUT_MODE_COPY); + processor.setInstrOutDir("${project.buildDir}/emma/classes"); + processor.setMetaOutFile(emmaMetaDataFile); + processor.setMetaOutMerge(true); + //processor.setInclExclFilter (null); + processor.run(); + } + } - // Modify test tasks in the project to generate coverage data - project.afterEvaluate { - if (project.hasProperty('coverage') && ['on','true'].contains(project.properties.coverage)) { - project.tasks.withType(Test.class).each { task -> - task.dependsOn project.emmaInstrument - task.configure() { - jvmArgs '-Dsec.log.level=DEBUG', "-Demma.coverage.out.file=$emmaCoverageFile" - jvmArgs '-Demma.verbosity.level=quiet' - } - task.doFirst { - classpath = project.files("${project.buildDir}/emma/classes") + project.configurations.emma_rt + classpath - } - } - } - } + // Modify test tasks in the project to generate coverage data + project.afterEvaluate { + if (project.hasProperty('coverage') && ['on','true'].contains(project.properties.coverage)) { + project.tasks.withType(Test.class).each { task -> + task.dependsOn project.emmaInstrument + task.configure() { + jvmArgs '-Dsec.log.level=DEBUG', "-Demma.coverage.out.file=$emmaCoverageFile" + jvmArgs '-Demma.verbosity.level=quiet' + } + task.doFirst { + classpath = project.files("${project.buildDir}/emma/classes") + project.configurations.emma_rt + classpath + } + } + } + } - List reportTasks = rootProject.getTasksByName('coverageReport', false) as List; - CoverageReport task; + List reportTasks = rootProject.getTasksByName('coverageReport', false) as List; + CoverageReport task; - if (reportTasks.isEmpty()) { - task = rootProject.tasks.create('coverageReport', CoverageReport.class); - task.dataPath = [emmaMetaDataFile, emmaCoverageFile]; - } else { - task = reportTasks[0]; - } + if (reportTasks.isEmpty()) { + task = rootProject.tasks.create('coverageReport', CoverageReport.class); + task.dataPath = [emmaMetaDataFile, emmaCoverageFile]; + } else { + task = reportTasks[0]; + } - task.modules.add(project); - } + task.modules.add(project); + } } class CoverageReport extends DefaultTask { - @Input - List modules = []; + @Input + List modules = []; - @Input - String[] dataPath; + @Input + String[] dataPath; - @TaskAction - void generateReport() { - def buildDir = project.rootProject.buildDir + @TaskAction + void generateReport() { + def buildDir = project.rootProject.buildDir - if (!buildDir.exists()) { - throw new GradleException("No coverage data. Run gradle with -Pcoverage=on if using coverageReport"); - } + if (!buildDir.exists()) { + throw new GradleException("No coverage data. Run gradle with -Pcoverage=on if using coverageReport"); + } - ReportProcessor processor = ReportProcessor.create (); - processor.setDataPath(dataPath) + ReportProcessor processor = ReportProcessor.create (); + processor.setDataPath(dataPath) - def srcPath = [] - modules.each {module-> - module.sourceSets.main.java.srcDirs.each { - srcPath.add(it.absolutePath) - } - } + def srcPath = [] + modules.each {module-> + module.sourceSets.main.java.srcDirs.each { + srcPath.add(it.absolutePath) + } + } - processor.setSourcePath(srcPath as String[]); + processor.setSourcePath(srcPath as String[]); - def types = ['txt', 'html'] - processor.setReportTypes(types as String[]); - XProperties properties = new XProperties(); - properties.setProperty('report.html.out.file', "$buildDir/emma/coverage.html"); - properties.setProperty('report.txt.out.file', "$buildDir/emma/coverage.txt"); - processor.setPropertyOverrides(properties) + def types = ['txt', 'html'] + processor.setReportTypes(types as String[]); + XProperties properties = new XProperties(); + properties.setProperty('report.html.out.file', "$buildDir/emma/coverage.html"); + properties.setProperty('report.txt.out.file', "$buildDir/emma/coverage.txt"); + processor.setPropertyOverrides(properties) - processor.run() - } + processor.run() + } } diff --git a/buildSrc/src/main/groovy/gae/GaePlugin.groovy b/buildSrc/src/main/groovy/gae/GaePlugin.groovy index b131c8c316..b87151603a 100644 --- a/buildSrc/src/main/groovy/gae/GaePlugin.groovy +++ b/buildSrc/src/main/groovy/gae/GaePlugin.groovy @@ -4,23 +4,23 @@ import com.google.appengine.tools.admin.AppCfg import org.gradle.api.*; class GaePlugin implements Plugin { - public void apply(Project project) { - if (!project.hasProperty('appEngineSdkRoot')) { - println "'appEngineSdkRoot' must be set in gradle.properties" - } else { - System.setProperty('appengine.sdk.root', project.property('appEngineSdkRoot')) - } + public void apply(Project project) { + if (!project.hasProperty('appEngineSdkRoot')) { + println "'appEngineSdkRoot' must be set in gradle.properties" + } else { + System.setProperty('appengine.sdk.root', project.property('appEngineSdkRoot')) + } - File explodedWar = new File(project.buildDir, "gae-exploded") + File explodedWar = new File(project.buildDir, "gae-exploded") - project.task('gaeDeploy') << { - AppCfg.main("update", explodedWar.toString()) - } + project.task('gaeDeploy') << { + AppCfg.main("update", explodedWar.toString()) + } - project.gaeDeploy.dependsOn project.war + project.gaeDeploy.dependsOn project.war - project.war.doLast { - ant.unzip(src: project.war.archivePath, dest: explodedWar) - } - } + project.war.doLast { + ant.unzip(src: project.war.archivePath, dest: explodedWar) + } + } } diff --git a/buildSrc/src/main/groovy/trang/TrangPlugin.groovy b/buildSrc/src/main/groovy/trang/TrangPlugin.groovy index 198630f9cd..e8bb3d8077 100644 --- a/buildSrc/src/main/groovy/trang/TrangPlugin.groovy +++ b/buildSrc/src/main/groovy/trang/TrangPlugin.groovy @@ -16,44 +16,44 @@ import org.gradle.api.file.FileCollection * @author Rob Winch */ class TrangPlugin implements Plugin { - public void apply(Project project) { - Task rncToXsd = project.tasks.create('rncToXsd', RncToXsd.class) - rncToXsd.description = 'Converts .rnc to .xsd' - rncToXsd.group = 'Build' - } + public void apply(Project project) { + Task rncToXsd = project.tasks.create('rncToXsd', RncToXsd.class) + rncToXsd.description = 'Converts .rnc to .xsd' + rncToXsd.group = 'Build' + } } /** * Converts .rnc files to .xsd files using trang and then applies an xsl file to cleanup the results. */ public class RncToXsd extends DefaultTask { - @InputDirectory - File rncDir + @InputDirectory + File rncDir - @InputFile - File xslFile + @InputFile + File xslFile - @OutputDirectory - File xsdDir + @OutputDirectory + File xsdDir - @TaskAction - public final void transform() { - String xslPath = xslFile.absolutePath - rncDir.listFiles( { dir, file -> file.endsWith('.rnc')} as FilenameFilter).each { rncFile -> - File xsdFile = new File(xsdDir, rncFile.name.replace('.rnc', '.xsd')) - String xsdOutputPath = xsdFile.absolutePath - new Driver().run([rncFile.absolutePath, xsdOutputPath] as String[]); + @TaskAction + public final void transform() { + String xslPath = xslFile.absolutePath + rncDir.listFiles( { dir, file -> file.endsWith('.rnc')} as FilenameFilter).each { rncFile -> + File xsdFile = new File(xsdDir, rncFile.name.replace('.rnc', '.xsd')) + String xsdOutputPath = xsdFile.absolutePath + new Driver().run([rncFile.absolutePath, xsdOutputPath] as String[]); - TransformerFactory tFactory = new net.sf.saxon.TransformerFactoryImpl() - Transformer transformer = - tFactory.newTransformer(new StreamSource(xslPath)) - File temp = File.createTempFile("gradle-trang-" + xsdFile.name, ".xsd") - xsdFile.withInputStream { is -> - temp << is - } - StreamSource xmlSource = new StreamSource(temp) - transformer.transform(xmlSource, new StreamResult(xsdFile)) - temp.delete() - } - } + TransformerFactory tFactory = new net.sf.saxon.TransformerFactoryImpl() + Transformer transformer = + tFactory.newTransformer(new StreamSource(xslPath)) + File temp = File.createTempFile("gradle-trang-" + xsdFile.name, ".xsd") + xsdFile.withInputStream { is -> + temp << is + } + StreamSource xmlSource = new StreamSource(temp) + transformer.transform(xmlSource, new StreamResult(xsdFile)) + temp.delete() + } + } } \ No newline at end of file diff --git a/cas/cas.gradle b/cas/cas.gradle index d7f2727615..9149d79483 100644 --- a/cas/cas.gradle +++ b/cas/cas.gradle @@ -1,14 +1,14 @@ dependencies { - compile project(':spring-security-core'), - project(':spring-security-web'), - springCoreDependency, - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-web:$springVersion", - "org.jasig.cas.client:cas-client-core:$casClientVersion" + compile project(':spring-security-core'), + project(':spring-security-web'), + springCoreDependency, + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-web:$springVersion", + "org.jasig.cas.client:cas-client-core:$casClientVersion" - optional "net.sf.ehcache:ehcache:$ehcacheVersion" + optional "net.sf.ehcache:ehcache:$ehcacheVersion" - provided "javax.servlet:javax.servlet-api:$servletApiVersion" + provided "javax.servlet:javax.servlet-api:$servletApiVersion" } diff --git a/config/config.gradle b/config/config.gradle index 221dbbe152..f43d595e10 100644 --- a/config/config.gradle +++ b/config/config.gradle @@ -8,71 +8,71 @@ apply plugin: 'trang' compileTestJava.dependsOn(':spring-security-core:compileTestJava') dependencies { - // NB: Don't add other compile time dependencies to the config module as this breaks tooling - compile project(':spring-security-core'), - springCoreDependency, - 'aopalliance:aopalliance:1.0', - "org.springframework:spring-aop:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-beans:$springVersion" + // NB: Don't add other compile time dependencies to the config module as this breaks tooling + compile project(':spring-security-core'), + springCoreDependency, + 'aopalliance:aopalliance:1.0', + "org.springframework:spring-aop:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-beans:$springVersion" - optional project(':spring-security-web'), - project(':spring-security-ldap'), - project(':spring-security-openid'), - project(':spring-security-messaging'), - "org.springframework:spring-web:$springVersion", - "org.springframework:spring-websocket:$springVersion", - "org.springframework:spring-webmvc:$springVersion", - "org.aspectj:aspectjweaver:$aspectjVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.springframework:spring-tx:$springVersion" + optional project(':spring-security-web'), + project(':spring-security-ldap'), + project(':spring-security-openid'), + project(':spring-security-messaging'), + "org.springframework:spring-web:$springVersion", + "org.springframework:spring-websocket:$springVersion", + "org.springframework:spring-webmvc:$springVersion", + "org.aspectj:aspectjweaver:$aspectjVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.springframework:spring-tx:$springVersion" - provided "javax.servlet:javax.servlet-api:$servletApiVersion" + provided "javax.servlet:javax.servlet-api:$servletApiVersion" - testCompile project(':spring-security-cas'), - project(':spring-security-core').sourceSets.test.output, - project(':spring-security-aspects'), - 'javax.annotation:jsr250-api:1.0', - "org.springframework.ldap:spring-ldap-core:$springLdapVersion", - "org.springframework:spring-expression:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.springframework:spring-orm:$springVersion", - "org.springframework:spring-tx:$springVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "org.eclipse.persistence:javax.persistence:2.0.5", - "org.hibernate:hibernate-entitymanager:4.1.0.Final", - "org.codehaus.groovy:groovy-all:$groovyVersion", - "org.apache.directory.server:apacheds-core:$apacheDsVersion", - "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion", - "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion", - "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion", - "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion", - 'org.apache.directory.shared:shared-ldap:0.9.15', - 'ldapsdk:ldapsdk:4.1', - powerMockDependencies, - "org.hibernate:hibernate-entitymanager:3.6.10.Final", - "org.hsqldb:hsqldb:$hsqlVersion", - spockDependencies + testCompile project(':spring-security-cas'), + project(':spring-security-core').sourceSets.test.output, + project(':spring-security-aspects'), + 'javax.annotation:jsr250-api:1.0', + "org.springframework.ldap:spring-ldap-core:$springLdapVersion", + "org.springframework:spring-expression:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.springframework:spring-orm:$springVersion", + "org.springframework:spring-tx:$springVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "org.eclipse.persistence:javax.persistence:2.0.5", + "org.hibernate:hibernate-entitymanager:4.1.0.Final", + "org.codehaus.groovy:groovy-all:$groovyVersion", + "org.apache.directory.server:apacheds-core:$apacheDsVersion", + "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion", + "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion", + "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion", + "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion", + 'org.apache.directory.shared:shared-ldap:0.9.15', + 'ldapsdk:ldapsdk:4.1', + powerMockDependencies, + "org.hibernate:hibernate-entitymanager:3.6.10.Final", + "org.hsqldb:hsqldb:$hsqlVersion", + spockDependencies - testCompile('org.openid4java:openid4java-nodeps:0.9.6') { - exclude group: 'com.google.code.guice', module: 'guice' - } - testCompile("org.springframework.data:spring-data-jpa:$springDataJpaVersion") { - exclude group: 'org.aspectj', module: 'aspectjrt' - } + testCompile('org.openid4java:openid4java-nodeps:0.9.6') { + exclude group: 'com.google.code.guice', module: 'guice' + } + testCompile("org.springframework.data:spring-data-jpa:$springDataJpaVersion") { + exclude group: 'org.aspectj', module: 'aspectjrt' + } - testRuntime "org.hsqldb:hsqldb:$hsqlVersion", - "cglib:cglib-nodep:$cglibVersion" + testRuntime "org.hsqldb:hsqldb:$hsqlVersion", + "cglib:cglib-nodep:$cglibVersion" } test { - inputs.file file("$rootDir/docs/manual/src/docbook/appendix-namespace.xml") + inputs.file file("$rootDir/docs/manual/src/docbook/appendix-namespace.xml") } rncToXsd { - rncDir = file('src/main/resources/org/springframework/security/config/') - xsdDir = rncDir - xslFile = new File(rncDir, 'spring-security.xsl') + rncDir = file('src/main/resources/org/springframework/security/config/') + xsdDir = rncDir + xslFile = new File(rncDir, 'spring-security.xsl') } build.dependsOn rncToXsd \ No newline at end of file diff --git a/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy index 291d79646d..fddaa1da15 100644 --- a/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy @@ -20,65 +20,65 @@ import org.springframework.security.CollectingAppListener * @author Luke Taylor */ abstract class AbstractXmlConfigTests extends Specification { - AbstractXmlApplicationContext appContext; - Writer writer; - MarkupBuilder xml; - ApplicationListener appListener; + AbstractXmlApplicationContext appContext; + Writer writer; + MarkupBuilder xml; + ApplicationListener appListener; - def setup() { - writer = new StringWriter() - xml = new MarkupBuilder(writer) - appListener = new CollectingAppListener() - } + def setup() { + writer = new StringWriter() + xml = new MarkupBuilder(writer) + appListener = new CollectingAppListener() + } - def cleanup() { - if (appContext != null) { - appContext.close(); - appContext = null; - } - SecurityContextHolder.clearContext(); - } + def cleanup() { + if (appContext != null) { + appContext.close(); + appContext = null; + } + SecurityContextHolder.clearContext(); + } - def mockBean(Class clazz, String id = clazz.simpleName) { - xml.'b:bean'(id: id, 'class': Mockito.class.name, 'factory-method':'mock') { - 'b:constructor-arg'(value : clazz.name) - 'b:constructor-arg'(value : id) - } - } + def mockBean(Class clazz, String id = clazz.simpleName) { + xml.'b:bean'(id: id, 'class': Mockito.class.name, 'factory-method':'mock') { + 'b:constructor-arg'(value : clazz.name) + 'b:constructor-arg'(value : id) + } + } - def bean(String name, Class clazz) { - xml.'b:bean'(id: name, 'class': clazz.name) - } + def bean(String name, Class clazz) { + xml.'b:bean'(id: name, 'class': clazz.name) + } - def bean(String name, String clazz) { - xml.'b:bean'(id: name, 'class': clazz) - } + def bean(String name, String clazz) { + xml.'b:bean'(id: name, 'class': clazz) + } - def bean(String name, String clazz, List constructorArgs) { - xml.'b:bean'(id: name, 'class': clazz) { - constructorArgs.each { val -> - 'b:constructor-arg'(value: val) - } - } - } + def bean(String name, String clazz, List constructorArgs) { + xml.'b:bean'(id: name, 'class': clazz) { + constructorArgs.each { val -> + 'b:constructor-arg'(value: val) + } + } + } - def bean(String name, String clazz, Map properties, Map refs) { - xml.'b:bean'(id: name, 'class': clazz) { - properties.each {key, val -> - 'b:property'(name: key, value: val) - } - refs.each {key, val -> - 'b:property'(name: key, ref: val) - } - } - } + def bean(String name, String clazz, Map properties, Map refs) { + xml.'b:bean'(id: name, 'class': clazz) { + properties.each {key, val -> + 'b:property'(name: key, value: val) + } + refs.each {key, val -> + 'b:property'(name: key, ref: val) + } + } + } - def createAppContext() { - createAppContext(AUTH_PROVIDER_XML) - } + def createAppContext() { + createAppContext(AUTH_PROVIDER_XML) + } - def createAppContext(String extraXml) { - appContext = new InMemoryXmlApplicationContext(writer.toString() + extraXml); - appContext.addApplicationListener(appListener); - } + def createAppContext(String extraXml) { + appContext = new InMemoryXmlApplicationContext(writer.toString() + extraXml); + appContext.addApplicationListener(appListener); + } } diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/BaseSpringSpec.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/BaseSpringSpec.groovy index c6942fae14..82bef5eb5e 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/BaseSpringSpec.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/BaseSpringSpec.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -51,119 +51,119 @@ import spock.lang.Specification * @author Rob Winch */ abstract class BaseSpringSpec extends Specification { - @AutoCleanup - ConfigurableApplicationContext context - @AutoCleanup - ConfigurableApplicationContext oppContext + @AutoCleanup + ConfigurableApplicationContext context + @AutoCleanup + ConfigurableApplicationContext oppContext - MockHttpServletRequest request - MockHttpServletResponse response - MockFilterChain chain - CsrfToken csrfToken - AuthenticationManagerBuilder authenticationBldr + MockHttpServletRequest request + MockHttpServletResponse response + MockFilterChain chain + CsrfToken csrfToken + AuthenticationManagerBuilder authenticationBldr - def setup() { - authenticationBldr = createAuthenticationManagerBuilder() - setupWeb(null) - } + def setup() { + authenticationBldr = createAuthenticationManagerBuilder() + setupWeb(null) + } - def setupWeb(httpSession = null) { - request = new MockHttpServletRequest(method:"GET") - if(httpSession) { - request.session = httpSession - } - response = new MockHttpServletResponse() - chain = new MockFilterChain() - setupCsrf() - } + def setupWeb(httpSession = null) { + request = new MockHttpServletRequest(method:"GET") + if(httpSession) { + request.session = httpSession + } + response = new MockHttpServletResponse() + chain = new MockFilterChain() + setupCsrf() + } - def setupCsrf(csrfTokenValue="BaseSpringSpec_CSRFTOKEN",req=request,resp=response) { - csrfToken = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf",csrfTokenValue) - new HttpSessionCsrfTokenRepository().saveToken(csrfToken, req, resp) - req.setParameter(csrfToken.parameterName, csrfToken.token) - } + def setupCsrf(csrfTokenValue="BaseSpringSpec_CSRFTOKEN",req=request,resp=response) { + csrfToken = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf",csrfTokenValue) + new HttpSessionCsrfTokenRepository().saveToken(csrfToken, req, resp) + req.setParameter(csrfToken.parameterName, csrfToken.token) + } - def cleanup() { - SecurityContextHolder.clearContext() - } + def cleanup() { + SecurityContextHolder.clearContext() + } - def loadConfig(Class... configs) { - context = new AnnotationConfigApplicationContext(configs) - context - } + def loadConfig(Class... configs) { + context = new AnnotationConfigApplicationContext(configs) + context + } - def findFilter(Class filter, int index = 0) { - filterChain(index).filters.find { filter.isAssignableFrom(it.class)} - } + def findFilter(Class filter, int index = 0) { + filterChain(index).filters.find { filter.isAssignableFrom(it.class)} + } - def filterChain(int index=0) { - filterChains()[index] - } + def filterChain(int index=0) { + filterChains()[index] + } - def filterChains() { - context.getBean(FilterChainProxy).filterChains - } + def filterChains() { + context.getBean(FilterChainProxy).filterChains + } - Filter getSpringSecurityFilterChain() { - context.getBean("springSecurityFilterChain",Filter.class) - } + Filter getSpringSecurityFilterChain() { + context.getBean("springSecurityFilterChain",Filter.class) + } - def getResponseHeaders() { - def headers = [:] - response.headerNames.each { name -> - headers.put(name, response.getHeaderValues(name).join(',')) - } - return headers - } + def getResponseHeaders() { + def headers = [:] + response.headerNames.each { name -> + headers.put(name, response.getHeaderValues(name).join(',')) + } + return headers + } - AuthenticationManager authenticationManager() { - context.getBean(AuthenticationManager) - } + AuthenticationManager authenticationManager() { + context.getBean(AuthenticationManager) + } - AuthenticationManager getAuthenticationManager() { - try { - authenticationManager().delegateBuilder.getObject() - } catch(NoSuchBeanDefinitionException e) { - } catch(MissingPropertyException e) {} - findFilter(FilterSecurityInterceptor).authenticationManager - } + AuthenticationManager getAuthenticationManager() { + try { + authenticationManager().delegateBuilder.getObject() + } catch(NoSuchBeanDefinitionException e) { + } catch(MissingPropertyException e) {} + findFilter(FilterSecurityInterceptor).authenticationManager + } - List authenticationProviders() { - List providers = new ArrayList() - AuthenticationManager authenticationManager = getAuthenticationManager() - while(authenticationManager?.providers) { - providers.addAll(authenticationManager.providers) - authenticationManager = authenticationManager.parent - } - providers - } + List authenticationProviders() { + List providers = new ArrayList() + AuthenticationManager authenticationManager = getAuthenticationManager() + while(authenticationManager?.providers) { + providers.addAll(authenticationManager.providers) + authenticationManager = authenticationManager.parent + } + providers + } - AuthenticationProvider findAuthenticationProvider(Class provider) { - authenticationProviders().find { provider.isAssignableFrom(it.class) } - } + AuthenticationProvider findAuthenticationProvider(Class provider) { + authenticationProviders().find { provider.isAssignableFrom(it.class) } + } - def getCurrentAuthentication() { - new HttpSessionSecurityContextRepository().loadContext(new HttpRequestResponseHolder(request, response)).authentication - } + def getCurrentAuthentication() { + new HttpSessionSecurityContextRepository().loadContext(new HttpRequestResponseHolder(request, response)).authentication + } - def login(String username="user", String role="ROLE_USER") { - login(new UsernamePasswordAuthenticationToken(username, null, AuthorityUtils.createAuthorityList(role))) - } + def login(String username="user", String role="ROLE_USER") { + login(new UsernamePasswordAuthenticationToken(username, null, AuthorityUtils.createAuthorityList(role))) + } - def login(Authentication auth) { - HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository() - HttpRequestResponseHolder requestResponseHolder = new HttpRequestResponseHolder(request, response) - repo.loadContext(requestResponseHolder) - repo.saveContext(new SecurityContextImpl(authentication:auth), requestResponseHolder.request, requestResponseHolder.response) - } + def login(Authentication auth) { + HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository() + HttpRequestResponseHolder requestResponseHolder = new HttpRequestResponseHolder(request, response) + repo.loadContext(requestResponseHolder) + repo.saveContext(new SecurityContextImpl(authentication:auth), requestResponseHolder.request, requestResponseHolder.response) + } - def createAuthenticationManagerBuilder() { - oppContext = new AnnotationConfigApplicationContext(ObjectPostProcessorConfiguration, AuthenticationConfiguration) - AuthenticationManagerBuilder auth = new AuthenticationManagerBuilder(objectPostProcessor) - auth.inMemoryAuthentication().and() - } + def createAuthenticationManagerBuilder() { + oppContext = new AnnotationConfigApplicationContext(ObjectPostProcessorConfiguration, AuthenticationConfiguration) + AuthenticationManagerBuilder auth = new AuthenticationManagerBuilder(objectPostProcessor) + auth.inMemoryAuthentication().and() + } - def getObjectPostProcessor() { - oppContext.getBean(ObjectPostProcessor) - } + def getObjectPostProcessor() { + oppContext.getBean(ObjectPostProcessor) + } } \ No newline at end of file diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/SecurityConfigurerAdapterTests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/SecurityConfigurerAdapterTests.groovy index cf988f4f65..903f2b3e89 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/SecurityConfigurerAdapterTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/SecurityConfigurerAdapterTests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -22,19 +22,19 @@ import spock.lang.Specification * */ class SecurityConfigurerAdapterTests extends Specification { - ConcereteSecurityConfigurerAdapter conf = new ConcereteSecurityConfigurerAdapter() + ConcereteSecurityConfigurerAdapter conf = new ConcereteSecurityConfigurerAdapter() - def "addPostProcessor closure"() { - setup: - SecurityBuilder builder = Mock() - conf.addObjectPostProcessor({ List l -> - l.add("a") - l - } as ObjectPostProcessor) - when: - conf.init(builder) - conf.configure(builder) - then: - conf.list.contains("a") - } + def "addPostProcessor closure"() { + setup: + SecurityBuilder builder = Mock() + conf.addObjectPostProcessor({ List l -> + l.add("a") + l + } as ObjectPostProcessor) + when: + conf.init(builder) + conf.configure(builder) + then: + conf.list.contains("a") + } } diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/issue50/Issue50Tests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/issue50/Issue50Tests.groovy index dc17ca99e3..2449a46f2a 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/issue50/Issue50Tests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/issue50/Issue50Tests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -39,62 +39,62 @@ import spock.lang.Specification @ContextConfiguration(classes=[ApplicationConfig,SecurityConfig]) @Transactional class Issue50Tests extends Specification { - @Autowired - private FilterChainProxy springSecurityFilterChain - @Autowired - private AuthenticationManager authenticationManager - @Autowired - private UserRepository userRepo + @Autowired + private FilterChainProxy springSecurityFilterChain + @Autowired + private AuthenticationManager authenticationManager + @Autowired + private UserRepository userRepo - def setup() { - SecurityContextHolder.context.authentication = new TestingAuthenticationToken("test",null,"ROLE_ADMIN") - } + def setup() { + SecurityContextHolder.context.authentication = new TestingAuthenticationToken("test",null,"ROLE_ADMIN") + } - def cleanup() { - SecurityContextHolder.clearContext() - } + def cleanup() { + SecurityContextHolder.clearContext() + } - // https://github.com/SpringSource/spring-security-javaconfig/issues/50 - def "#50 - GlobalMethodSecurityConfiguration should load AuthenticationManager lazily"() { - when: - "Configuration Loads" - then: "GlobalMethodSecurityConfiguration loads AuthenticationManager lazily" - noExceptionThrown() - } + // https://github.com/SpringSource/spring-security-javaconfig/issues/50 + def "#50 - GlobalMethodSecurityConfiguration should load AuthenticationManager lazily"() { + when: + "Configuration Loads" + then: "GlobalMethodSecurityConfiguration loads AuthenticationManager lazily" + noExceptionThrown() + } - def "AuthenticationManager will not authenticate missing user"() { - when: - authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("test", "password")) - then: - thrown(UsernameNotFoundException) - } + def "AuthenticationManager will not authenticate missing user"() { + when: + authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("test", "password")) + then: + thrown(UsernameNotFoundException) + } - def "AuthenticationManager will not authenticate with invalid password"() { - when: - User user = new User(username:"test",password:"password") - userRepo.save(user) - authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.username , "invalid")) - then: - thrown(BadCredentialsException) - } + def "AuthenticationManager will not authenticate with invalid password"() { + when: + User user = new User(username:"test",password:"password") + userRepo.save(user) + authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.username , "invalid")) + then: + thrown(BadCredentialsException) + } - def "AuthenticationManager can be used to authenticate a user"() { - when: - User user = new User(username:"test",password:"password") - userRepo.save(user) - Authentication result = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.username , user.password)) - then: - result.principal == user.username - } + def "AuthenticationManager can be used to authenticate a user"() { + when: + User user = new User(username:"test",password:"password") + userRepo.save(user) + Authentication result = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.username , user.password)) + then: + result.principal == user.username + } - def "Global Method Security is enabled and works"() { - setup: - SecurityContextHolder.context.authentication = new TestingAuthenticationToken("test",null,"ROLE_USER") - when: - User user = new User(username:"denied",password:"password") - userRepo.save(user) - Authentication result = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.username , user.password)) - then: - thrown(AccessDeniedException) - } + def "Global Method Security is enabled and works"() { + setup: + SecurityContextHolder.context.authentication = new TestingAuthenticationToken("test",null,"ROLE_USER") + when: + User user = new User(username:"denied",password:"password") + userRepo.save(user) + Authentication result = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.username , user.password)) + then: + thrown(AccessDeniedException) + } } diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/sec2758/Sec2758Tests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/sec2758/Sec2758Tests.groovy index 9327e55717..e65b091ae5 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/sec2758/Sec2758Tests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/sec2758/Sec2758Tests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -44,100 +44,100 @@ import org.springframework.web.context.support.AnnotationConfigWebApplicationCon public class Sec2758Tests extends BaseSpringSpec { - def cleanup() { - SecurityContextHolder.clearContext() - } + def cleanup() { + SecurityContextHolder.clearContext() + } - def "SEC-2758: Verify Passivity Restored with Advice from JIRA"() { - setup: - SecurityContextHolder.context.authentication = new TestingAuthenticationToken("user", "pass", "USER") - loadConfig(SecurityConfig) - Service service = context.getBean(Service) + def "SEC-2758: Verify Passivity Restored with Advice from JIRA"() { + setup: + SecurityContextHolder.context.authentication = new TestingAuthenticationToken("user", "pass", "USER") + loadConfig(SecurityConfig) + Service service = context.getBean(Service) - when: - findFilter(FilterSecurityInterceptor).doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), new MockFilterChain()) - then: - noExceptionThrown() + when: + findFilter(FilterSecurityInterceptor).doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), new MockFilterChain()) + then: + noExceptionThrown() - when: - service.doPreAuthorize() - then: - noExceptionThrown() + when: + service.doPreAuthorize() + then: + noExceptionThrown() - when: - service.doJsr250() - then: - noExceptionThrown() - } + when: + service.doJsr250() + then: + noExceptionThrown() + } - @EnableWebSecurity - @EnableGlobalMethodSecurity(prePostEnabled=true) - static class SecurityConfig extends WebSecurityConfigurerAdapter { + @EnableWebSecurity + @EnableGlobalMethodSecurity(prePostEnabled=true) + static class SecurityConfig extends WebSecurityConfigurerAdapter { - @Override - protected void configure(HttpSecurity http) throws Exception { - http - .authorizeRequests() - .anyRequest().hasAnyAuthority("USER"); - } + @Override + protected void configure(HttpSecurity http) throws Exception { + http + .authorizeRequests() + .anyRequest().hasAnyAuthority("USER"); + } - @Autowired - public void configureGlobal(AuthenticationManagerBuilder auth) { - auth - .inMemoryAuthentication() - .withUser("user").password("password").authorities("USER") - } + @Autowired + public void configureGlobal(AuthenticationManagerBuilder auth) { + auth + .inMemoryAuthentication() + .withUser("user").password("password").authorities("USER") + } - @Bean - Service service() { - return new ServiceImpl() - } + @Bean + Service service() { + return new ServiceImpl() + } - @Bean - static DefaultRolesPrefixPostProcessor defaultRolesPrefixPostProcessor() { - new DefaultRolesPrefixPostProcessor() - } - } + @Bean + static DefaultRolesPrefixPostProcessor defaultRolesPrefixPostProcessor() { + new DefaultRolesPrefixPostProcessor() + } + } - interface Service { - void doPreAuthorize() - void doJsr250() - } + interface Service { + void doPreAuthorize() + void doJsr250() + } - static class ServiceImpl implements Service { - @PreAuthorize("hasRole('USER')") - void doPreAuthorize() {} + static class ServiceImpl implements Service { + @PreAuthorize("hasRole('USER')") + void doPreAuthorize() {} - @RolesAllowed("USER") - void doJsr250() {} - } + @RolesAllowed("USER") + void doJsr250() {} + } - static class DefaultRolesPrefixPostProcessor implements BeanPostProcessor, PriorityOrdered { + static class DefaultRolesPrefixPostProcessor implements BeanPostProcessor, PriorityOrdered { - @Override - public Object postProcessAfterInitialization(Object bean, String beanName) - throws BeansException { - if(bean instanceof Jsr250MethodSecurityMetadataSource) { - ((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(null); - } - if(bean instanceof DefaultMethodSecurityExpressionHandler) { - ((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(null); - } - if(bean instanceof DefaultWebSecurityExpressionHandler) { - ((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(null); - } - return bean; - } + @Override + public Object postProcessAfterInitialization(Object bean, String beanName) + throws BeansException { + if(bean instanceof Jsr250MethodSecurityMetadataSource) { + ((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(null); + } + if(bean instanceof DefaultMethodSecurityExpressionHandler) { + ((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(null); + } + if(bean instanceof DefaultWebSecurityExpressionHandler) { + ((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(null); + } + return bean; + } - @Override - public Object postProcessBeforeInitialization(Object bean, String beanName) - throws BeansException { - return bean; - } + @Override + public Object postProcessBeforeInitialization(Object bean, String beanName) + throws BeansException { + return bean; + } - @Override - public int getOrder() { - return PriorityOrdered.HIGHEST_PRECEDENCE; - } + @Override + public int getOrder() { + return PriorityOrdered.HIGHEST_PRECEDENCE; + } } } diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/RequestMatchersTests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/RequestMatchersTests.groovy index 17f7af8c86..873f2ed396 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/web/RequestMatchersTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/RequestMatchersTests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -29,31 +29,31 @@ import spock.lang.Specification; */ class RequestMatchersTests extends Specification { - def "regexMatchers(GET,'/a.*') uses RegexRequestMatcher"() { - when: - def matchers = regexMatchers(HttpMethod.GET, "/a.*") - then: 'matcher is a RegexRequestMatcher' - matchers.collect {it.class } == [RegexRequestMatcher] - } + def "regexMatchers(GET,'/a.*') uses RegexRequestMatcher"() { + when: + def matchers = regexMatchers(HttpMethod.GET, "/a.*") + then: 'matcher is a RegexRequestMatcher' + matchers.collect {it.class } == [RegexRequestMatcher] + } - def "regexMatchers('/a.*') uses RegexRequestMatcher"() { - when: - def matchers = regexMatchers("/a.*") - then: 'matcher is a RegexRequestMatcher' - matchers.collect {it.class } == [RegexRequestMatcher] - } + def "regexMatchers('/a.*') uses RegexRequestMatcher"() { + when: + def matchers = regexMatchers("/a.*") + then: 'matcher is a RegexRequestMatcher' + matchers.collect {it.class } == [RegexRequestMatcher] + } - def "antMatchers(GET,'/a.*') uses AntPathRequestMatcher"() { - when: - def matchers = antMatchers(HttpMethod.GET, "/a.*") - then: 'matcher is a RegexRequestMatcher' - matchers.collect {it.class } == [AntPathRequestMatcher] - } + def "antMatchers(GET,'/a.*') uses AntPathRequestMatcher"() { + when: + def matchers = antMatchers(HttpMethod.GET, "/a.*") + then: 'matcher is a RegexRequestMatcher' + matchers.collect {it.class } == [AntPathRequestMatcher] + } - def "antMatchers('/a.*') uses AntPathRequestMatcher"() { - when: - def matchers = antMatchers("/a.*") - then: 'matcher is a AntPathRequestMatcher' - matchers.collect {it.class } == [AntPathRequestMatcher] - } + def "antMatchers('/a.*') uses AntPathRequestMatcher"() { + when: + def matchers = antMatchers("/a.*") + then: 'matcher is a AntPathRequestMatcher' + matchers.collect {it.class } == [AntPathRequestMatcher] + } } diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.groovy index d094c43766..4c9e6b3615 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -60,440 +60,440 @@ import org.springframework.security.web.util.matcher.RequestMatcher * */ public class NamespaceHttpTests extends BaseSpringSpec { - def "http@access-decision-manager-ref"() { - setup: - AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR = Mock(AccessDecisionManager) - AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR.supports(FilterInvocation) >> true - AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR.supports(_ as ConfigAttribute) >> true - when: - loadConfig(AccessDecisionManagerRefConfig) - then: - findFilter(FilterSecurityInterceptor).accessDecisionManager == AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR - } + def "http@access-decision-manager-ref"() { + setup: + AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR = Mock(AccessDecisionManager) + AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR.supports(FilterInvocation) >> true + AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR.supports(_ as ConfigAttribute) >> true + when: + loadConfig(AccessDecisionManagerRefConfig) + then: + findFilter(FilterSecurityInterceptor).accessDecisionManager == AccessDecisionManagerRefConfig.ACCESS_DECISION_MGR + } - @Configuration - static class AccessDecisionManagerRefConfig extends BaseWebConfig { - static AccessDecisionManager ACCESS_DECISION_MGR + @Configuration + static class AccessDecisionManagerRefConfig extends BaseWebConfig { + static AccessDecisionManager ACCESS_DECISION_MGR - protected void configure(HttpSecurity http) throws Exception { - http - .authorizeRequests() - .anyRequest().permitAll() - .accessDecisionManager(ACCESS_DECISION_MGR) - } - } + protected void configure(HttpSecurity http) throws Exception { + http + .authorizeRequests() + .anyRequest().permitAll() + .accessDecisionManager(ACCESS_DECISION_MGR) + } + } - def "http@access-denied-page"() { - when: - loadConfig(AccessDeniedPageConfig) - then: - findFilter(ExceptionTranslationFilter).accessDeniedHandler.errorPage == "/AccessDeniedPageConfig" - } + def "http@access-denied-page"() { + when: + loadConfig(AccessDeniedPageConfig) + then: + findFilter(ExceptionTranslationFilter).accessDeniedHandler.errorPage == "/AccessDeniedPageConfig" + } - @Configuration - static class AccessDeniedPageConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - http - .exceptionHandling() - .accessDeniedPage("/AccessDeniedPageConfig") - } - } + @Configuration + static class AccessDeniedPageConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http + .exceptionHandling() + .accessDeniedPage("/AccessDeniedPageConfig") + } + } - def "http@authentication-manager-ref"() { - when: "Specify AuthenticationManager" - loadConfig(AuthenticationManagerRefConfig) - then: "Populates the AuthenticationManager" - findFilter(FilterSecurityInterceptor).authenticationManager.parent.class == CustomAuthenticationManager - } + def "http@authentication-manager-ref"() { + when: "Specify AuthenticationManager" + loadConfig(AuthenticationManagerRefConfig) + then: "Populates the AuthenticationManager" + findFilter(FilterSecurityInterceptor).authenticationManager.parent.class == CustomAuthenticationManager + } - @Configuration - static class AuthenticationManagerRefConfig extends BaseWebConfig { - // demo authentication-manager-ref (could be any value) + @Configuration + static class AuthenticationManagerRefConfig extends BaseWebConfig { + // demo authentication-manager-ref (could be any value) - @Override - protected AuthenticationManager authenticationManager() throws Exception { - return new CustomAuthenticationManager(); - } + @Override + protected AuthenticationManager authenticationManager() throws Exception { + return new CustomAuthenticationManager(); + } - @Override - protected void configure(HttpSecurity http) throws Exception { - http - .authorizeRequests() - .anyRequest().hasRole("USER"); - } + @Override + protected void configure(HttpSecurity http) throws Exception { + http + .authorizeRequests() + .anyRequest().hasRole("USER"); + } - static class CustomAuthenticationManager implements AuthenticationManager { - public Authentication authenticate(Authentication authentication) - throws AuthenticationException { - throw new BadCredentialsException("This always fails"); - } - } - } + static class CustomAuthenticationManager implements AuthenticationManager { + public Authentication authenticate(Authentication authentication) + throws AuthenticationException { + throw new BadCredentialsException("This always fails"); + } + } + } - // Note: There is no http@auto-config equivalent in Java Config + // Note: There is no http@auto-config equivalent in Java Config - def "http@create-session=always"() { - when: - loadConfig(IfRequiredConfig) - then: - findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false - findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == true - findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == true - findFilter(ExceptionTranslationFilter).requestCache.class == HttpSessionRequestCache - } + def "http@create-session=always"() { + when: + loadConfig(IfRequiredConfig) + then: + findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false + findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == true + findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == true + findFilter(ExceptionTranslationFilter).requestCache.class == HttpSessionRequestCache + } - @Configuration - static class CreateSessionAlwaysConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - http - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.ALWAYS); - } - } + @Configuration + static class CreateSessionAlwaysConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http + .sessionManagement() + .sessionCreationPolicy(SessionCreationPolicy.ALWAYS); + } + } - def "http@create-session=stateless"() { - when: - loadConfig(CreateSessionStatelessConfig) - then: - findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false - findFilter(SecurityContextPersistenceFilter).repo.class == NullSecurityContextRepository - findFilter(SessionManagementFilter).securityContextRepository.class == NullSecurityContextRepository - findFilter(ExceptionTranslationFilter).requestCache.class == NullRequestCache - findFilter(RequestCacheAwareFilter).requestCache.class == NullRequestCache - } + def "http@create-session=stateless"() { + when: + loadConfig(CreateSessionStatelessConfig) + then: + findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false + findFilter(SecurityContextPersistenceFilter).repo.class == NullSecurityContextRepository + findFilter(SessionManagementFilter).securityContextRepository.class == NullSecurityContextRepository + findFilter(ExceptionTranslationFilter).requestCache.class == NullRequestCache + findFilter(RequestCacheAwareFilter).requestCache.class == NullRequestCache + } - @Configuration - static class CreateSessionStatelessConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - http - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.STATELESS); - } - } + @Configuration + static class CreateSessionStatelessConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http + .sessionManagement() + .sessionCreationPolicy(SessionCreationPolicy.STATELESS); + } + } - def "http@create-session=ifRequired"() { - when: - loadConfig(IfRequiredConfig) - then: - findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false - findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == true - findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == true - } + def "http@create-session=ifRequired"() { + when: + loadConfig(IfRequiredConfig) + then: + findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false + findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == true + findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == true + } - @Configuration - static class IfRequiredConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - http - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED); - } - } + @Configuration + static class IfRequiredConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http + .sessionManagement() + .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED); + } + } - def "http@create-session defaults to ifRequired"() { - when: - loadConfig(IfRequiredConfig) - then: - findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false - findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == true - findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == true - } + def "http@create-session defaults to ifRequired"() { + when: + loadConfig(IfRequiredConfig) + then: + findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false + findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == true + findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == true + } - def "http@create-session=never"() { - when: - loadConfig(CreateSessionNeverConfig) - then: - findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false - findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == false - findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == false - } + def "http@create-session=never"() { + when: + loadConfig(CreateSessionNeverConfig) + then: + findFilter(SecurityContextPersistenceFilter).forceEagerSessionCreation == false + findFilter(SecurityContextPersistenceFilter).repo.allowSessionCreation == false + findFilter(SessionManagementFilter).securityContextRepository.allowSessionCreation == false + } - @Configuration - static class CreateSessionNeverConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - http - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.NEVER); - } - } + @Configuration + static class CreateSessionNeverConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http + .sessionManagement() + .sessionCreationPolicy(SessionCreationPolicy.NEVER); + } + } - @Configuration - static class DefaultCreateSessionConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - } - } + @Configuration + static class DefaultCreateSessionConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + } + } - def "http@disable-url-rewriting = true (default for Java Config)"() { - when: - loadConfig(DefaultUrlRewritingConfig) - then: - findFilter(SecurityContextPersistenceFilter).repo.disableUrlRewriting - } + def "http@disable-url-rewriting = true (default for Java Config)"() { + when: + loadConfig(DefaultUrlRewritingConfig) + then: + findFilter(SecurityContextPersistenceFilter).repo.disableUrlRewriting + } - @Configuration - static class DefaultUrlRewritingConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - } - } + @Configuration + static class DefaultUrlRewritingConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + } + } - // http@disable-url-rewriting is on by default to disable it create a custom HttpSecurityContextRepository and use security-context-repository-ref + // http@disable-url-rewriting is on by default to disable it create a custom HttpSecurityContextRepository and use security-context-repository-ref - def "http@disable-url-rewriting = false"() { - when: - loadConfig(EnableUrlRewritingConfig) - then: - findFilter(SecurityContextPersistenceFilter).repo.disableUrlRewriting == false - } + def "http@disable-url-rewriting = false"() { + when: + loadConfig(EnableUrlRewritingConfig) + then: + findFilter(SecurityContextPersistenceFilter).repo.disableUrlRewriting == false + } - @Configuration - static class EnableUrlRewritingConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - HttpSessionSecurityContextRepository repository = new HttpSessionSecurityContextRepository() - repository.disableUrlRewriting = false // explicitly configured (not necessary due to default values) + @Configuration + static class EnableUrlRewritingConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + HttpSessionSecurityContextRepository repository = new HttpSessionSecurityContextRepository() + repository.disableUrlRewriting = false // explicitly configured (not necessary due to default values) - http. - securityContext() - .securityContextRepository(repository) - } - } + http. + securityContext() + .securityContextRepository(repository) + } + } - def "http@entry-point-ref"() { - when: - loadConfig(EntryPointRefConfig) - then: - findFilter(ExceptionTranslationFilter).authenticationEntryPoint.loginFormUrl == "/EntryPointRefConfig" - } + def "http@entry-point-ref"() { + when: + loadConfig(EntryPointRefConfig) + then: + findFilter(ExceptionTranslationFilter).authenticationEntryPoint.loginFormUrl == "/EntryPointRefConfig" + } - @Configuration - static class EntryPointRefConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - http - .exceptionHandling() - .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/EntryPointRefConfig")) - } - } + @Configuration + static class EntryPointRefConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http + .exceptionHandling() + .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/EntryPointRefConfig")) + } + } - def "http@jaas-api-provision"() { - when: - loadConfig(JaasApiProvisionConfig) - then: - findFilter(JaasApiIntegrationFilter) - } + def "http@jaas-api-provision"() { + when: + loadConfig(JaasApiProvisionConfig) + then: + findFilter(JaasApiIntegrationFilter) + } - @Configuration - static class JaasApiProvisionConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - http - .addFilter(new JaasApiIntegrationFilter()) - } - } + @Configuration + static class JaasApiProvisionConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http + .addFilter(new JaasApiIntegrationFilter()) + } + } - // http@name is not available since it can be done w/ standard bean configuration easily + // http@name is not available since it can be done w/ standard bean configuration easily - def "http@once-per-request=true"() { - when: - loadConfig(OncePerRequestConfig) - then: - findFilter(FilterSecurityInterceptor).observeOncePerRequest - } + def "http@once-per-request=true"() { + when: + loadConfig(OncePerRequestConfig) + then: + findFilter(FilterSecurityInterceptor).observeOncePerRequest + } - @Configuration - static class OncePerRequestConfig extends BaseWebConfig { - @Override - protected void configure(HttpSecurity http) throws Exception { - http - .authorizeRequests() - .anyRequest().hasRole("USER"); - } - } + @Configuration + static class OncePerRequestConfig extends BaseWebConfig { + @Override + protected void configure(HttpSecurity http) throws Exception { + http + .authorizeRequests() + .anyRequest().hasRole("USER"); + } + } - def "http@once-per-request=false"() { - when: - loadConfig(OncePerRequestFalseConfig) - then: - !findFilter(FilterSecurityInterceptor).observeOncePerRequest - } + def "http@once-per-request=false"() { + when: + loadConfig(OncePerRequestFalseConfig) + then: + !findFilter(FilterSecurityInterceptor).observeOncePerRequest + } - @Configuration - static class OncePerRequestFalseConfig extends BaseWebConfig { - @Override - protected void configure(HttpSecurity http) throws Exception { - http. - authorizeRequests() - .filterSecurityInterceptorOncePerRequest(false) - .antMatchers("/users**","/sessions/**").hasRole("ADMIN") - .antMatchers("/signup").permitAll() - .anyRequest().hasRole("USER"); - } - } + @Configuration + static class OncePerRequestFalseConfig extends BaseWebConfig { + @Override + protected void configure(HttpSecurity http) throws Exception { + http. + authorizeRequests() + .filterSecurityInterceptorOncePerRequest(false) + .antMatchers("/users**","/sessions/**").hasRole("ADMIN") + .antMatchers("/signup").permitAll() + .anyRequest().hasRole("USER"); + } + } - def "http@realm"() { - setup: - loadConfig(RealmConfig) - when: - springSecurityFilterChain.doFilter(request,response,chain) - then: - response.getHeader("WWW-Authenticate") == 'Basic realm="RealmConfig"' - } + def "http@realm"() { + setup: + loadConfig(RealmConfig) + when: + springSecurityFilterChain.doFilter(request,response,chain) + then: + response.getHeader("WWW-Authenticate") == 'Basic realm="RealmConfig"' + } - @Configuration - static class RealmConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .httpBasic().realmName("RealmConfig") - } - } + @Configuration + static class RealmConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http + .authorizeRequests() + .anyRequest().authenticated() + .and() + .httpBasic().realmName("RealmConfig") + } + } - // http@request-matcher is not available (instead request matcher instances are used) + // http@request-matcher is not available (instead request matcher instances are used) - def "http@request-matcher-ref ant"() { - when: - loadConfig(RequestMatcherAntConfig) - then: - filterChain(0).requestMatcher.pattern == "/api/**" - } + def "http@request-matcher-ref ant"() { + when: + loadConfig(RequestMatcherAntConfig) + then: + filterChain(0).requestMatcher.pattern == "/api/**" + } - @Configuration - static class RequestMatcherAntConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - http - .antMatcher("/api/**") - } - } + @Configuration + static class RequestMatcherAntConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http + .antMatcher("/api/**") + } + } - def "http@request-matcher-ref regex"() { - when: - loadConfig(RequestMatcherRegexConfig) - then: - filterChain(0).requestMatcher.class == RegexRequestMatcher - filterChain(0).requestMatcher.pattern.matcher("/regex/a") - filterChain(0).requestMatcher.pattern.matcher("/regex/b") - !filterChain(0).requestMatcher.pattern.matcher("/regex1/b") - } + def "http@request-matcher-ref regex"() { + when: + loadConfig(RequestMatcherRegexConfig) + then: + filterChain(0).requestMatcher.class == RegexRequestMatcher + filterChain(0).requestMatcher.pattern.matcher("/regex/a") + filterChain(0).requestMatcher.pattern.matcher("/regex/b") + !filterChain(0).requestMatcher.pattern.matcher("/regex1/b") + } - @Configuration - static class RequestMatcherRegexConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - http - .regexMatcher("/regex/.*") - } - } + @Configuration + static class RequestMatcherRegexConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http + .regexMatcher("/regex/.*") + } + } - def "http@request-matcher-ref"() { - when: - loadConfig(RequestMatcherRefConfig) - then: - filterChain(0).requestMatcher.class == MyRequestMatcher - } + def "http@request-matcher-ref"() { + when: + loadConfig(RequestMatcherRefConfig) + then: + filterChain(0).requestMatcher.class == MyRequestMatcher + } - @Configuration - static class RequestMatcherRefConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - http - .requestMatcher(new MyRequestMatcher()); - } - static class MyRequestMatcher implements RequestMatcher { - public boolean matches(HttpServletRequest request) { - return true; - } - } - } + @Configuration + static class RequestMatcherRefConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http + .requestMatcher(new MyRequestMatcher()); + } + static class MyRequestMatcher implements RequestMatcher { + public boolean matches(HttpServletRequest request) { + return true; + } + } + } - def "http@security=none"() { - when: - loadConfig(SecurityNoneConfig) - then: - filterChain(0).requestMatcher.pattern == "/resources/**" - filterChain(0).filters.empty - filterChain(1).requestMatcher.pattern == "/public/**" - filterChain(1).filters.empty - } + def "http@security=none"() { + when: + loadConfig(SecurityNoneConfig) + then: + filterChain(0).requestMatcher.pattern == "/resources/**" + filterChain(0).filters.empty + filterChain(1).requestMatcher.pattern == "/public/**" + filterChain(1).filters.empty + } - @Configuration - static class SecurityNoneConfig extends BaseWebConfig { + @Configuration + static class SecurityNoneConfig extends BaseWebConfig { - @Override - public void configure(WebSecurity web) - throws Exception { - web - .ignoring() - .antMatchers("/resources/**","/public/**") - } + @Override + public void configure(WebSecurity web) + throws Exception { + web + .ignoring() + .antMatchers("/resources/**","/public/**") + } - @Override - protected void configure(HttpSecurity http) throws Exception {} + @Override + protected void configure(HttpSecurity http) throws Exception {} - } + } - def "http@security-context-repository-ref"() { - when: - loadConfig(SecurityContextRepoConfig) - then: - findFilter(SecurityContextPersistenceFilter).repo.class == NullSecurityContextRepository - } + def "http@security-context-repository-ref"() { + when: + loadConfig(SecurityContextRepoConfig) + then: + findFilter(SecurityContextPersistenceFilter).repo.class == NullSecurityContextRepository + } - @Configuration - static class SecurityContextRepoConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - http - .securityContext() - .securityContextRepository(new NullSecurityContextRepository()) // security-context-repository-ref - } - } + @Configuration + static class SecurityContextRepoConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http + .securityContext() + .securityContextRepository(new NullSecurityContextRepository()) // security-context-repository-ref + } + } - def "http@servlet-api-provision=false"() { - when: - loadConfig(ServletApiProvisionConfig) - then: - findFilter(SecurityContextHolderAwareRequestFilter) == null - } + def "http@servlet-api-provision=false"() { + when: + loadConfig(ServletApiProvisionConfig) + then: + findFilter(SecurityContextHolderAwareRequestFilter) == null + } - @Configuration - static class ServletApiProvisionConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - http.servletApi().disable() - } - } + @Configuration + static class ServletApiProvisionConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http.servletApi().disable() + } + } - def "http@servlet-api-provision defaults to true"() { - when: - loadConfig(ServletApiProvisionDefaultsConfig) - then: - findFilter(SecurityContextHolderAwareRequestFilter) != null - } + def "http@servlet-api-provision defaults to true"() { + when: + loadConfig(ServletApiProvisionDefaultsConfig) + then: + findFilter(SecurityContextHolderAwareRequestFilter) != null + } - @Configuration - static class ServletApiProvisionDefaultsConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - } - } + @Configuration + static class ServletApiProvisionDefaultsConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + } + } - def "http@use-expressions=true"() { - when: - loadConfig(UseExpressionsConfig) - then: - findFilter(FilterSecurityInterceptor).securityMetadataSource.class == ExpressionBasedFilterInvocationSecurityMetadataSource - findFilter(FilterSecurityInterceptor).accessDecisionManager.decisionVoters.collect { it.class } == [WebExpressionVoter] - } + def "http@use-expressions=true"() { + when: + loadConfig(UseExpressionsConfig) + then: + findFilter(FilterSecurityInterceptor).securityMetadataSource.class == ExpressionBasedFilterInvocationSecurityMetadataSource + findFilter(FilterSecurityInterceptor).accessDecisionManager.decisionVoters.collect { it.class } == [WebExpressionVoter] + } - @EnableWebSecurity - static class UseExpressionsConfig extends BaseWebConfig { - protected void configure(HttpSecurity http) throws Exception { - http - .authorizeRequests() - .antMatchers("/users**","/sessions/**").hasRole("USER") - .antMatchers("/signup").permitAll() - .anyRequest().hasRole("USER") - } - } + @EnableWebSecurity + static class UseExpressionsConfig extends BaseWebConfig { + protected void configure(HttpSecurity http) throws Exception { + http + .authorizeRequests() + .antMatchers("/users**","/sessions/**").hasRole("USER") + .antMatchers("/signup").permitAll() + .anyRequest().hasRole("USER") + } + } - def "http@use-expressions=false"() { - when: - loadConfig(DisableUseExpressionsConfig) - then: - findFilter(FilterSecurityInterceptor).securityMetadataSource.class == DefaultFilterInvocationSecurityMetadataSource - findFilter(FilterSecurityInterceptor).accessDecisionManager.decisionVoters.collect { it.class } == [RoleVoter, AuthenticatedVoter] - } + def "http@use-expressions=false"() { + when: + loadConfig(DisableUseExpressionsConfig) + then: + findFilter(FilterSecurityInterceptor).securityMetadataSource.class == DefaultFilterInvocationSecurityMetadataSource + findFilter(FilterSecurityInterceptor).accessDecisionManager.decisionVoters.collect { it.class } == [RoleVoter, AuthenticatedVoter] + } } diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/BaseWebConfig.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/BaseWebConfig.groovy index 81d09f3603..7d0699590d 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/BaseWebConfig.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/BaseWebConfig.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -24,17 +24,17 @@ import org.springframework.security.config.annotation.authentication.builders.Au */ @EnableWebSecurity public abstract class BaseWebConfig extends WebSecurityConfigurerAdapter { - BaseWebConfig(boolean disableDefaults) { - super(disableDefaults) - } + BaseWebConfig(boolean disableDefaults) { + super(disableDefaults) + } - BaseWebConfig() { - } + BaseWebConfig() { + } - protected void configure(AuthenticationManagerBuilder auth) throws Exception { - auth - .inMemoryAuthentication() - .withUser("user").password("password").roles("USER").and() - .withUser("admin").password("password").roles("USER", "ADMIN"); - } + protected void configure(AuthenticationManagerBuilder auth) throws Exception { + auth + .inMemoryAuthentication() + .withUser("user").password("password").roles("USER").and() + .withUser("admin").password("password").roles("USER", "ADMIN"); + } } \ No newline at end of file diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/Sec2515Tests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/Sec2515Tests.groovy index e80059787a..7ee3a2bcd1 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/Sec2515Tests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/Sec2515Tests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -28,86 +28,86 @@ import org.springframework.security.config.annotation.authentication.builders.Au public class Sec2515Tests extends BaseSpringSpec { - def "SEC-2515: Prevent StackOverflow with bean graph cycle"() { - when: - loadConfig(StackOverflowSecurityConfig) - then: - thrown(FatalBeanException) - } + def "SEC-2515: Prevent StackOverflow with bean graph cycle"() { + when: + loadConfig(StackOverflowSecurityConfig) + then: + thrown(FatalBeanException) + } - @EnableWebSecurity - static class StackOverflowSecurityConfig extends WebSecurityConfigurerAdapter { + @EnableWebSecurity + static class StackOverflowSecurityConfig extends WebSecurityConfigurerAdapter { - @Override - @Bean - public AuthenticationManager authenticationManagerBean() - throws Exception { - return super.authenticationManagerBean(); - } - } + @Override + @Bean + public AuthenticationManager authenticationManagerBean() + throws Exception { + return super.authenticationManagerBean(); + } + } - def "Custom Name Prevent StackOverflow with bean graph cycle"() { - when: - loadConfig(StackOverflowSecurityConfig) - then: - thrown(FatalBeanException) - } + def "Custom Name Prevent StackOverflow with bean graph cycle"() { + when: + loadConfig(StackOverflowSecurityConfig) + then: + thrown(FatalBeanException) + } - @EnableWebSecurity - static class CustomBeanNameStackOverflowSecurityConfig extends WebSecurityConfigurerAdapter { + @EnableWebSecurity + static class CustomBeanNameStackOverflowSecurityConfig extends WebSecurityConfigurerAdapter { - @Override - @Bean(name="custom") - public AuthenticationManager authenticationManagerBean() - throws Exception { - return super.authenticationManagerBean(); - } - } + @Override + @Bean(name="custom") + public AuthenticationManager authenticationManagerBean() + throws Exception { + return super.authenticationManagerBean(); + } + } - def "SEC-2549: Can load with child classloader"() { - setup: - CanLoadWithChildConfig.AM = Mock(AuthenticationManager) - context = new AnnotationConfigApplicationContext() - context.classLoader = new URLClassLoader(new URL[0], context.classLoader) - context.register(CanLoadWithChildConfig) - context.refresh() - when: - authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("user", "password")) - then: - noExceptionThrown() - 1 * CanLoadWithChildConfig.AM.authenticate(_) >> new TestingAuthenticationToken("user","password","ROLE_USER") - } + def "SEC-2549: Can load with child classloader"() { + setup: + CanLoadWithChildConfig.AM = Mock(AuthenticationManager) + context = new AnnotationConfigApplicationContext() + context.classLoader = new URLClassLoader(new URL[0], context.classLoader) + context.register(CanLoadWithChildConfig) + context.refresh() + when: + authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("user", "password")) + then: + noExceptionThrown() + 1 * CanLoadWithChildConfig.AM.authenticate(_) >> new TestingAuthenticationToken("user","password","ROLE_USER") + } - @EnableWebSecurity - static class CanLoadWithChildConfig extends WebSecurityConfigurerAdapter { - static AuthenticationManager AM - @Bean - public AuthenticationManager am() { - AM - } - } + @EnableWebSecurity + static class CanLoadWithChildConfig extends WebSecurityConfigurerAdapter { + static AuthenticationManager AM + @Bean + public AuthenticationManager am() { + AM + } + } - def "SEC-2515: @Bean still works when configure(AuthenticationManagerBuilder) used"() { - when: - loadConfig(SecurityConfig) - then: - noExceptionThrown(); - } + def "SEC-2515: @Bean still works when configure(AuthenticationManagerBuilder) used"() { + when: + loadConfig(SecurityConfig) + then: + noExceptionThrown(); + } - @EnableWebSecurity - static class SecurityConfig extends WebSecurityConfigurerAdapter { + @EnableWebSecurity + static class SecurityConfig extends WebSecurityConfigurerAdapter { - @Override - @Bean - public AuthenticationManager authenticationManagerBean() - throws Exception { - return super.authenticationManagerBean(); - } + @Override + @Bean + public AuthenticationManager authenticationManagerBean() + throws Exception { + return super.authenticationManagerBean(); + } - @Override - protected void configure(AuthenticationManagerBuilder auth) - throws Exception { - auth.inMemoryAuthentication() - } - } + @Override + protected void configure(AuthenticationManagerBuilder auth) + throws Exception { + auth.inMemoryAuthentication() + } + } } diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/Issue55Tests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/Issue55Tests.groovy index 635c41b1e2..325a1a6c9c 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/Issue55Tests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/Issue55Tests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -36,83 +36,83 @@ import org.springframework.stereotype.Component */ class Issue55Tests extends BaseSpringSpec { - def "WebSecurityConfigurerAdapter defaults to @Autowired"() { - setup: - TestingAuthenticationToken token = new TestingAuthenticationToken("test", "this") - when: - loadConfig(WebSecurityConfigurerAdapterDefaultsAuthManagerConfig) - then: - context.getBean(FilterChainProxy) - findFilter(FilterSecurityInterceptor).authenticationManager.authenticate(token) == CustomAuthenticationManager.RESULT - } + def "WebSecurityConfigurerAdapter defaults to @Autowired"() { + setup: + TestingAuthenticationToken token = new TestingAuthenticationToken("test", "this") + when: + loadConfig(WebSecurityConfigurerAdapterDefaultsAuthManagerConfig) + then: + context.getBean(FilterChainProxy) + findFilter(FilterSecurityInterceptor).authenticationManager.authenticate(token) == CustomAuthenticationManager.RESULT + } - @EnableWebSecurity - static class WebSecurityConfigurerAdapterDefaultsAuthManagerConfig { - @Component - public static class WebSecurityAdapter extends WebSecurityConfigurerAdapter { + @EnableWebSecurity + static class WebSecurityConfigurerAdapterDefaultsAuthManagerConfig { + @Component + public static class WebSecurityAdapter extends WebSecurityConfigurerAdapter { - @Override - protected void configure(HttpSecurity http) throws Exception { - http - .authorizeRequests() - .anyRequest().hasRole("USER"); - } - } - @Configuration - public static class AuthenticationManagerConfiguration { - @Bean - public AuthenticationManager authenticationManager() throws Exception { - return new CustomAuthenticationManager(); - } - } - } + @Override + protected void configure(HttpSecurity http) throws Exception { + http + .authorizeRequests() + .anyRequest().hasRole("USER"); + } + } + @Configuration + public static class AuthenticationManagerConfiguration { + @Bean + public AuthenticationManager authenticationManager() throws Exception { + return new CustomAuthenticationManager(); + } + } + } - def "multi http WebSecurityConfigurerAdapter defaults to @Autowired"() { - setup: - TestingAuthenticationToken token = new TestingAuthenticationToken("test", "this") - when: - loadConfig(MultiWebSecurityConfigurerAdapterDefaultsAuthManagerConfig) - then: - context.getBean(FilterChainProxy) - findFilter(FilterSecurityInterceptor).authenticationManager.authenticate(token) == CustomAuthenticationManager.RESULT - findFilter(FilterSecurityInterceptor,1).authenticationManager.authenticate(token) == CustomAuthenticationManager.RESULT - } + def "multi http WebSecurityConfigurerAdapter defaults to @Autowired"() { + setup: + TestingAuthenticationToken token = new TestingAuthenticationToken("test", "this") + when: + loadConfig(MultiWebSecurityConfigurerAdapterDefaultsAuthManagerConfig) + then: + context.getBean(FilterChainProxy) + findFilter(FilterSecurityInterceptor).authenticationManager.authenticate(token) == CustomAuthenticationManager.RESULT + findFilter(FilterSecurityInterceptor,1).authenticationManager.authenticate(token) == CustomAuthenticationManager.RESULT + } - @EnableWebSecurity - static class MultiWebSecurityConfigurerAdapterDefaultsAuthManagerConfig { - @Component - @Order(1) - public static class ApiWebSecurityAdapter extends WebSecurityConfigurerAdapter { - @Override - protected void configure(HttpSecurity http) throws Exception { - http - .antMatcher("/api/**") - .authorizeRequests() - .anyRequest().hasRole("USER"); - } - } - @Component - public static class WebSecurityAdapter extends WebSecurityConfigurerAdapter { - @Override - protected void configure(HttpSecurity http) throws Exception { - http - .authorizeRequests() - .anyRequest().hasRole("USER"); - } - } - @Configuration - public static class AuthenticationManagerConfiguration { - @Bean - public AuthenticationManager authenticationManager() throws Exception { - return new CustomAuthenticationManager(); - } - } - } + @EnableWebSecurity + static class MultiWebSecurityConfigurerAdapterDefaultsAuthManagerConfig { + @Component + @Order(1) + public static class ApiWebSecurityAdapter extends WebSecurityConfigurerAdapter { + @Override + protected void configure(HttpSecurity http) throws Exception { + http + .antMatcher("/api/**") + .authorizeRequests() + .anyRequest().hasRole("USER"); + } + } + @Component + public static class WebSecurityAdapter extends WebSecurityConfigurerAdapter { + @Override + protected void configure(HttpSecurity http) throws Exception { + http + .authorizeRequests() + .anyRequest().hasRole("USER"); + } + } + @Configuration + public static class AuthenticationManagerConfiguration { + @Bean + public AuthenticationManager authenticationManager() throws Exception { + return new CustomAuthenticationManager(); + } + } + } - static class CustomAuthenticationManager implements AuthenticationManager { - static Authentication RESULT = new TestingAuthenticationToken("test", "this","ROLE_USER") - public Authentication authenticate(Authentication authentication) throws AuthenticationException { - return RESULT; - } - } + static class CustomAuthenticationManager implements AuthenticationManager { + static Authentication RESULT = new TestingAuthenticationToken("test", "this","ROLE_USER") + public Authentication authenticate(Authentication authentication) throws AuthenticationException { + return RESULT; + } + } } diff --git a/config/src/test/groovy/org/springframework/security/config/debug/AuthProviderDependency.groovy b/config/src/test/groovy/org/springframework/security/config/debug/AuthProviderDependency.groovy index ca5c47e1b1..25acb45216 100644 --- a/config/src/test/groovy/org/springframework/security/config/debug/AuthProviderDependency.groovy +++ b/config/src/test/groovy/org/springframework/security/config/debug/AuthProviderDependency.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, diff --git a/config/src/test/groovy/org/springframework/security/config/debug/TestAuthenticationProvider.groovy b/config/src/test/groovy/org/springframework/security/config/debug/TestAuthenticationProvider.groovy index 0cb8ce8176..8f310c9e6e 100644 --- a/config/src/test/groovy/org/springframework/security/config/debug/TestAuthenticationProvider.groovy +++ b/config/src/test/groovy/org/springframework/security/config/debug/TestAuthenticationProvider.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -29,15 +29,15 @@ import org.springframework.stereotype.Service @Service("authProvider") public class TestAuthenticationProvider implements AuthenticationProvider { - @Autowired - public TestAuthenticationProvider(AuthProviderDependency authProviderDependency) { - } + @Autowired + public TestAuthenticationProvider(AuthProviderDependency authProviderDependency) { + } - public Authentication authenticate(Authentication authentication) throws AuthenticationException { - throw new UnsupportedOperationException(); - } + public Authentication authenticate(Authentication authentication) throws AuthenticationException { + throw new UnsupportedOperationException(); + } - public boolean supports(Class authentication) { - throw new UnsupportedOperationException(); - } + public boolean supports(Class authentication) { + throw new UnsupportedOperationException(); + } } diff --git a/config/src/test/groovy/org/springframework/security/config/doc/Attribute.groovy b/config/src/test/groovy/org/springframework/security/config/doc/Attribute.groovy index 6ec02e4011..3dd3eb552f 100644 --- a/config/src/test/groovy/org/springframework/security/config/doc/Attribute.groovy +++ b/config/src/test/groovy/org/springframework/security/config/doc/Attribute.groovy @@ -23,11 +23,11 @@ package org.springframework.security.config.doc * @see XsdDocumentedSpec */ class Attribute { - def name - def desc - def elmt + def name + def desc + def elmt - def getId() { - return "${elmt.id}-${name}".toString() - } + def getId() { + return "${elmt.id}-${name}".toString() + } } diff --git a/config/src/test/groovy/org/springframework/security/config/doc/Element.groovy b/config/src/test/groovy/org/springframework/security/config/doc/Element.groovy index 225eff05a9..f62ee0f381 100644 --- a/config/src/test/groovy/org/springframework/security/config/doc/Element.groovy +++ b/config/src/test/groovy/org/springframework/security/config/doc/Element.groovy @@ -23,68 +23,68 @@ package org.springframework.security.config.doc * @see XsdDocumentedSpec */ class Element { - def name - def desc - def attrs - /** - * Contains the elements that extend this element (i.e. any-user-service contains ldap-user-service) - */ - def subGrps = [] - def childElmts = [:] - def parentElmts = [:] + def name + def desc + def attrs + /** + * Contains the elements that extend this element (i.e. any-user-service contains ldap-user-service) + */ + def subGrps = [] + def childElmts = [:] + def parentElmts = [:] - def getId() { - return "nsa-${name}".toString() - } + def getId() { + return "nsa-${name}".toString() + } - /** - * Gets all the ids related to this Element including attributes, parent elements, and child elements. - * - *

- * The expected ids to be found are documented below. - *

    - *
  • Elements - any xml element will have the nsa-<element>. For example the http element will have the id - * nsa-http
    • - *
  • Parent Section - Any element with a parent other than beans will have a section named - * nsa-<element>-parents. For example, authentication-provider would have a section id of - * nsa-authentication-provider-parents. The section would then contain a list of links pointing to the - * documentation for each parent element.
    • - *
  • Attributes Section - Any element with attributes will have a section with the id - * nsa-<element>-attributes. For example the http element would require a section with the id - * http-attributes.
    • - *
  • Attribute - Each attribute of an element would have an id of nsa-<element>-<attributeName>. For - * example the attribute create-session for the http attribute would have the id http-create-session.
    • - *
  • Child Section - Any element with a child element will have a section named nsa-<element>-children. - * For example, authentication-provider would have a section id of nsa-authentication-provider-children. The - * section would then contain a list of links pointing to the documentation for each child element.
    • - *
- * @return - */ - def getIds() { - def ids = [id] - childElmts.values()*.ids.each { ids.addAll it } - attrs*.id.each { ids.add it } - if(childElmts) { - ids.add id+'-children' - } - if(attrs) { - ids.add id+'-attributes' - } - if(parentElmts) { - ids.add id+'-parents' - } - ids - } + /** + * Gets all the ids related to this Element including attributes, parent elements, and child elements. + * + *

+ * The expected ids to be found are documented below. + *

    + *
  • Elements - any xml element will have the nsa-<element>. For example the http element will have the id + * nsa-http
    • + *
  • Parent Section - Any element with a parent other than beans will have a section named + * nsa-<element>-parents. For example, authentication-provider would have a section id of + * nsa-authentication-provider-parents. The section would then contain a list of links pointing to the + * documentation for each parent element.
    • + *
  • Attributes Section - Any element with attributes will have a section with the id + * nsa-<element>-attributes. For example the http element would require a section with the id + * http-attributes.
    • + *
  • Attribute - Each attribute of an element would have an id of nsa-<element>-<attributeName>. For + * example the attribute create-session for the http attribute would have the id http-create-session.
    • + *
  • Child Section - Any element with a child element will have a section named nsa-<element>-children. + * For example, authentication-provider would have a section id of nsa-authentication-provider-children. The + * section would then contain a list of links pointing to the documentation for each child element.
    • + *
+ * @return + */ + def getIds() { + def ids = [id] + childElmts.values()*.ids.each { ids.addAll it } + attrs*.id.each { ids.add it } + if(childElmts) { + ids.add id+'-children' + } + if(attrs) { + ids.add id+'-attributes' + } + if(parentElmts) { + ids.add id+'-parents' + } + ids + } - def getAllChildElmts() { - def result = [:] - childElmts.values()*.subGrps*.each { elmt -> result.put(elmt.name,elmt) } - result + childElmts - } + def getAllChildElmts() { + def result = [:] + childElmts.values()*.subGrps*.each { elmt -> result.put(elmt.name,elmt) } + result + childElmts + } - def getAllParentElmts() { - def result = [:] - parentElmts.values()*.subGrps*.each { elmt -> result.put(elmt.name,elmt) } - result + parentElmts - } + def getAllParentElmts() { + def result = [:] + parentElmts.values()*.subGrps*.each { elmt -> result.put(elmt.name,elmt) } + result + parentElmts + } } diff --git a/config/src/test/groovy/org/springframework/security/config/doc/SpringSecurityXsdParser.groovy b/config/src/test/groovy/org/springframework/security/config/doc/SpringSecurityXsdParser.groovy index 013f044c11..d6d3b4e233 100644 --- a/config/src/test/groovy/org/springframework/security/config/doc/SpringSecurityXsdParser.groovy +++ b/config/src/test/groovy/org/springframework/security/config/doc/SpringSecurityXsdParser.groovy @@ -23,155 +23,155 @@ import groovy.xml.Namespace * @author Rob Winch */ class SpringSecurityXsdParser { - private def rootElement + private def rootElement - private def xs = new Namespace("http://www.w3.org/2001/XMLSchema", 'xs') - private def attrElmts = [] as Set - private def elementNameToElement = [:] as Map + private def xs = new Namespace("http://www.w3.org/2001/XMLSchema", 'xs') + private def attrElmts = [] as Set + private def elementNameToElement = [:] as Map - /** - * Returns a map of the element name to the {@link Element}. - * @return - */ - Map parse() { - elements(rootElement) - elementNameToElement - } + /** + * Returns a map of the element name to the {@link Element}. + * @return + */ + Map parse() { + elements(rootElement) + elementNameToElement + } - /** - * Creates a Map of the name to an Element object of all the children of element. - * - * @param element - * @return - */ - private def elements(element) { - def elementNameToElement = [:] as Map - element.children().each { c-> - if(c.name() == 'element') { - def e = elmt(c) - elementNameToElement.put(e.name,e) - } else { - elementNameToElement.putAll(elements(c)) - } - } - elementNameToElement - } + /** + * Creates a Map of the name to an Element object of all the children of element. + * + * @param element + * @return + */ + private def elements(element) { + def elementNameToElement = [:] as Map + element.children().each { c-> + if(c.name() == 'element') { + def e = elmt(c) + elementNameToElement.put(e.name,e) + } else { + elementNameToElement.putAll(elements(c)) + } + } + elementNameToElement + } - /** - * Any children that are attribute will be returned as an Attribute object. - * @param element - * @return a collection of Attribute objects that are children of element. - */ - private def attrs(element) { - def r = [] - element.children().each { c-> - if(c.name() == 'attribute') { - r.add(attr(c)) - }else if(c.name() == 'element') { - }else { - r.addAll(attrs(c)) - } - } - r - } + /** + * Any children that are attribute will be returned as an Attribute object. + * @param element + * @return a collection of Attribute objects that are children of element. + */ + private def attrs(element) { + def r = [] + element.children().each { c-> + if(c.name() == 'attribute') { + r.add(attr(c)) + }else if(c.name() == 'element') { + }else { + r.addAll(attrs(c)) + } + } + r + } - /** - * Any children will be searched for an attributeGroup, each of it's children will be returned as an Attribute - * @param element - * @return - */ - private def attrgrps(element) { - def r = [] - element.children().each { c-> - if(c.name() == 'element') { - }else if (c.name() == 'attributeGroup') { - if(c.attributes().get('name')) { - r.addAll(attrgrp(c)) - } else { - def n = c.attributes().get('ref').split(':')[1] - def attrGrp = findNode(element,n) - r.addAll(attrgrp(attrGrp)) - } - } else { - r.addAll(attrgrps(c)) - } - } - r - } + /** + * Any children will be searched for an attributeGroup, each of it's children will be returned as an Attribute + * @param element + * @return + */ + private def attrgrps(element) { + def r = [] + element.children().each { c-> + if(c.name() == 'element') { + }else if (c.name() == 'attributeGroup') { + if(c.attributes().get('name')) { + r.addAll(attrgrp(c)) + } else { + def n = c.attributes().get('ref').split(':')[1] + def attrGrp = findNode(element,n) + r.addAll(attrgrp(attrGrp)) + } + } else { + r.addAll(attrgrps(c)) + } + } + r + } - private def findNode(c,name) { - def root = c - while(root.name() != 'schema') { - root = root.parent() - } - def result = root.breadthFirst().find { child-> name == child.@name?.text() } - assert result?.@name?.text() == name - result - } + private def findNode(c,name) { + def root = c + while(root.name() != 'schema') { + root = root.parent() + } + def result = root.breadthFirst().find { child-> name == child.@name?.text() } + assert result?.@name?.text() == name + result + } - /** - * Processes an individual attributeGroup by obtaining all the attributes and then looking for more attributeGroup elements and prcessing them. - * @param e - * @return all the attributes for a specific attributeGroup and any child attributeGroups - */ - private def attrgrp(e) { - def attrs = attrs(e) - attrs.addAll(attrgrps(e)) - attrs - } + /** + * Processes an individual attributeGroup by obtaining all the attributes and then looking for more attributeGroup elements and prcessing them. + * @param e + * @return all the attributes for a specific attributeGroup and any child attributeGroups + */ + private def attrgrp(e) { + def attrs = attrs(e) + attrs.addAll(attrgrps(e)) + attrs + } - /** - * Obtains the description for a specific element - * @param element - * @return - */ - private def desc(element) { - return element['annotation']['documentation'] - } + /** + * Obtains the description for a specific element + * @param element + * @return + */ + private def desc(element) { + return element['annotation']['documentation'] + } - /** - * Given an element creates an attribute from it. - * @param n - * @return - */ - private def attr(n) { - new Attribute(desc: desc(n), name: n.@name.text()) - } + /** + * Given an element creates an attribute from it. + * @param n + * @return + */ + private def attr(n) { + new Attribute(desc: desc(n), name: n.@name.text()) + } - /** - * Given an element creates an Element out of it by collecting all its attributes and child elements. - * - * @param n - * @return - */ - private def elmt(n) { - def name = n.@ref.text() - if(name) { - name = name.split(':')[1] - n = findNode(n,name) - } else { - name = n.@name.text() - } - if(elementNameToElement.containsKey(name)) { - return elementNameToElement.get(name) - } - attrElmts.add(name) - def e = new Element() - e.name = n.@name.text() - e.desc = desc(n) - e.childElmts = elements(n) - e.attrs = attrs(n) - e.attrs.addAll(attrgrps(n)) - e.attrs*.elmt = e - e.childElmts.values()*.each { it.parentElmts.put(e.name,e) } + /** + * Given an element creates an Element out of it by collecting all its attributes and child elements. + * + * @param n + * @return + */ + private def elmt(n) { + def name = n.@ref.text() + if(name) { + name = name.split(':')[1] + n = findNode(n,name) + } else { + name = n.@name.text() + } + if(elementNameToElement.containsKey(name)) { + return elementNameToElement.get(name) + } + attrElmts.add(name) + def e = new Element() + e.name = n.@name.text() + e.desc = desc(n) + e.childElmts = elements(n) + e.attrs = attrs(n) + e.attrs.addAll(attrgrps(n)) + e.attrs*.elmt = e + e.childElmts.values()*.each { it.parentElmts.put(e.name,e) } - def subGrpName = n.@substitutionGroup.text() - if(subGrpName) { - def subGrp = elmt(findNode(n,subGrpName.split(":")[1])) - subGrp.subGrps.add(e) - } + def subGrpName = n.@substitutionGroup.text() + if(subGrpName) { + def subGrp = elmt(findNode(n,subGrpName.split(":")[1])) + subGrp.subGrps.add(e) + } - elementNameToElement.put(name,e) - e - } + elementNameToElement.put(name,e) + e + } } diff --git a/config/src/test/groovy/org/springframework/security/config/doc/XsdDocumentedTests.groovy b/config/src/test/groovy/org/springframework/security/config/doc/XsdDocumentedTests.groovy index c0c8f70c64..efb81264ce 100644 --- a/config/src/test/groovy/org/springframework/security/config/doc/XsdDocumentedTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/doc/XsdDocumentedTests.groovy @@ -29,167 +29,167 @@ import spock.lang.* */ class XsdDocumentedTests extends Specification { - def ignoredIds = ['nsa-any-user-service','nsa-any-user-service-parents','nsa-authentication','nsa-websocket-security','nsa-ldap','nsa-method-security','nsa-web'] - @Shared def reference = new File('../docs/manual/src/docs/asciidoc/index.adoc') + def ignoredIds = ['nsa-any-user-service','nsa-any-user-service-parents','nsa-authentication','nsa-websocket-security','nsa-ldap','nsa-method-security','nsa-web'] + @Shared def reference = new File('../docs/manual/src/docs/asciidoc/index.adoc') - @Shared File schema31xDocument = new File('src/main/resources/org/springframework/security/config/spring-security-3.1.xsd') - @Shared File schemaDocument = new File('src/main/resources/org/springframework/security/config/spring-security-4.0.xsd') - @Shared Map elementNameToElement - @Shared GPathResult schemaRootElement + @Shared File schema31xDocument = new File('src/main/resources/org/springframework/security/config/spring-security-3.1.xsd') + @Shared File schemaDocument = new File('src/main/resources/org/springframework/security/config/spring-security-4.0.xsd') + @Shared Map elementNameToElement + @Shared GPathResult schemaRootElement - def setupSpec() { - schemaRootElement = new XmlSlurper().parse(schemaDocument) - elementNameToElement = new SpringSecurityXsdParser(rootElement: schemaRootElement).parse() - } + def setupSpec() { + schemaRootElement = new XmlSlurper().parse(schemaDocument) + elementNameToElement = new SpringSecurityXsdParser(rootElement: schemaRootElement).parse() + } - def cleanupSpec() { - reference = null - schema31xDocument = null - schemaDocument = null - elementNameToElement = null - schemaRootElement = null - } + def cleanupSpec() { + reference = null + schema31xDocument = null + schemaDocument = null + elementNameToElement = null + schemaRootElement = null + } - def 'SEC-2139: named-security-filter are all defined and ordered properly'() { - setup: - def expectedFilters = (EnumSet.allOf(SecurityFilters) as List).sort { it.order } - when: - def nsf = schemaRootElement.simpleType.find { it.@name == 'named-security-filter' } - def nsfValues = nsf.children().children().collect { c -> - Enum.valueOf(SecurityFilters, c.@value.toString()) - } - then: - expectedFilters == nsfValues - } + def 'SEC-2139: named-security-filter are all defined and ordered properly'() { + setup: + def expectedFilters = (EnumSet.allOf(SecurityFilters) as List).sort { it.order } + when: + def nsf = schemaRootElement.simpleType.find { it.@name == 'named-security-filter' } + def nsfValues = nsf.children().children().collect { c -> + Enum.valueOf(SecurityFilters, c.@value.toString()) + } + then: + expectedFilters == nsfValues + } - def 'SEC-2139: 3.1.x named-security-filter are all defined and ordered properly'() { - setup: - def expectedFilters = ["FIRST", "CHANNEL_FILTER", "SECURITY_CONTEXT_FILTER", "CONCURRENT_SESSION_FILTER", "LOGOUT_FILTER", "X509_FILTER", - "PRE_AUTH_FILTER", "CAS_FILTER", "FORM_LOGIN_FILTER", "OPENID_FILTER", "LOGIN_PAGE_FILTER", "DIGEST_AUTH_FILTER","BASIC_AUTH_FILTER", - "REQUEST_CACHE_FILTER", "SERVLET_API_SUPPORT_FILTER", "JAAS_API_SUPPORT_FILTER", "REMEMBER_ME_FILTER", "ANONYMOUS_FILTER", - "SESSION_MANAGEMENT_FILTER", "EXCEPTION_TRANSLATION_FILTER", "FILTER_SECURITY_INTERCEPTOR", "SWITCH_USER_FILTER", "LAST"].collect { - Enum.valueOf(SecurityFilters, it) - } - def schema31xRootElement = new XmlSlurper().parse(schema31xDocument) - when: - def nsf = schema31xRootElement.simpleType.find { it.@name == 'named-security-filter' } - def nsfValues = nsf.children().children().collect { c -> - Enum.valueOf(SecurityFilters, c.@value.toString()) - } - then: - expectedFilters == nsfValues - } + def 'SEC-2139: 3.1.x named-security-filter are all defined and ordered properly'() { + setup: + def expectedFilters = ["FIRST", "CHANNEL_FILTER", "SECURITY_CONTEXT_FILTER", "CONCURRENT_SESSION_FILTER", "LOGOUT_FILTER", "X509_FILTER", + "PRE_AUTH_FILTER", "CAS_FILTER", "FORM_LOGIN_FILTER", "OPENID_FILTER", "LOGIN_PAGE_FILTER", "DIGEST_AUTH_FILTER","BASIC_AUTH_FILTER", + "REQUEST_CACHE_FILTER", "SERVLET_API_SUPPORT_FILTER", "JAAS_API_SUPPORT_FILTER", "REMEMBER_ME_FILTER", "ANONYMOUS_FILTER", + "SESSION_MANAGEMENT_FILTER", "EXCEPTION_TRANSLATION_FILTER", "FILTER_SECURITY_INTERCEPTOR", "SWITCH_USER_FILTER", "LAST"].collect { + Enum.valueOf(SecurityFilters, it) + } + def schema31xRootElement = new XmlSlurper().parse(schema31xDocument) + when: + def nsf = schema31xRootElement.simpleType.find { it.@name == 'named-security-filter' } + def nsfValues = nsf.children().children().collect { c -> + Enum.valueOf(SecurityFilters, c.@value.toString()) + } + then: + expectedFilters == nsfValues + } - /** - * This will check to ensure that the expected number of xsd documents are found to ensure that we are validating - * against the current xsd document. If this test fails, all that is needed is to update the schemaDocument - * and the expected size for this test. - * @return - */ - def 'the latest schema is being validated'() { - when: 'all the schemas are found' - def schemas = schemaDocument.getParentFile().list().findAll { it.endsWith('.xsd') } - then: 'the count is equal to 8, if not then schemaDocument needs updated' - schemas.size() == 9 - } + /** + * This will check to ensure that the expected number of xsd documents are found to ensure that we are validating + * against the current xsd document. If this test fails, all that is needed is to update the schemaDocument + * and the expected size for this test. + * @return + */ + def 'the latest schema is being validated'() { + when: 'all the schemas are found' + def schemas = schemaDocument.getParentFile().list().findAll { it.endsWith('.xsd') } + then: 'the count is equal to 8, if not then schemaDocument needs updated' + schemas.size() == 9 + } - /** - * This uses a naming convention for the ids of the appendix to ensure that the entire appendix is documented. - * The naming convention for the ids is documented in {@link Element#getIds()}. - * @return - */ - def 'the entire schema is included in the appendix documentation'() { - setup: 'get all the documented ids and the expected ids' - def documentedIds = [] - reference.eachLine { line -> - if(line.matches("\\[\\[(nsa-.*)\\]\\]")) { - documentedIds.add(line.substring(2,line.length() - 2)) - } - } - when: 'the schema is compared to the appendix documentation' - def expectedIds = [] as Set - elementNameToElement*.value*.ids*.each { expectedIds.addAll it } - documentedIds.removeAll ignoredIds - expectedIds.removeAll ignoredIds - def undocumentedIds = (expectedIds - documentedIds) - def shouldNotBeDocumented = (documentedIds - expectedIds) - then: 'all the elements and attributes are documented' - shouldNotBeDocumented.empty - undocumentedIds.empty - } + /** + * This uses a naming convention for the ids of the appendix to ensure that the entire appendix is documented. + * The naming convention for the ids is documented in {@link Element#getIds()}. + * @return + */ + def 'the entire schema is included in the appendix documentation'() { + setup: 'get all the documented ids and the expected ids' + def documentedIds = [] + reference.eachLine { line -> + if(line.matches("\\[\\[(nsa-.*)\\]\\]")) { + documentedIds.add(line.substring(2,line.length() - 2)) + } + } + when: 'the schema is compared to the appendix documentation' + def expectedIds = [] as Set + elementNameToElement*.value*.ids*.each { expectedIds.addAll it } + documentedIds.removeAll ignoredIds + expectedIds.removeAll ignoredIds + def undocumentedIds = (expectedIds - documentedIds) + def shouldNotBeDocumented = (documentedIds - expectedIds) + then: 'all the elements and attributes are documented' + shouldNotBeDocumented.empty + undocumentedIds.empty + } - /** - * This test ensures that any element that has children or parents contains a section that has links pointing to that - * documentation. - * @return - */ - def 'validate parents and children are linked in the appendix documentation'() { - when: "get all the links for each element's children and parents" - def docAttrNameToChildren = [:] - def docAttrNameToParents = [:] + /** + * This test ensures that any element that has children or parents contains a section that has links pointing to that + * documentation. + * @return + */ + def 'validate parents and children are linked in the appendix documentation'() { + when: "get all the links for each element's children and parents" + def docAttrNameToChildren = [:] + def docAttrNameToParents = [:] - def currentDocAttrNameToElmt - def docAttrName + def currentDocAttrNameToElmt + def docAttrName - reference.eachLine { line -> - if(line.matches('^\\[\\[.*\\]\\]$')) { - def id = line.substring(2,line.length() - 2) - if(id.endsWith("-children")) { - docAttrName = id.substring(0,id.length() - 9) - currentDocAttrNameToElmt = docAttrNameToChildren - } else if(id.endsWith("-parents")) { - docAttrName = id.substring(0,id.length() - 8) - currentDocAttrNameToElmt = docAttrNameToParents - } else if(docAttrName && !id.startsWith(docAttrName)) { - currentDocAttrNameToElmt = null - docAttrName = null - } - } + reference.eachLine { line -> + if(line.matches('^\\[\\[.*\\]\\]$')) { + def id = line.substring(2,line.length() - 2) + if(id.endsWith("-children")) { + docAttrName = id.substring(0,id.length() - 9) + currentDocAttrNameToElmt = docAttrNameToChildren + } else if(id.endsWith("-parents")) { + docAttrName = id.substring(0,id.length() - 8) + currentDocAttrNameToElmt = docAttrNameToParents + } else if(docAttrName && !id.startsWith(docAttrName)) { + currentDocAttrNameToElmt = null + docAttrName = null + } + } - if(docAttrName) { - def expression = '^\\* <<(nsa-.*),.*>>$' - if(line.matches(expression)) { - String elmtId = line.replaceAll(expression, '$1') - currentDocAttrNameToElmt.get(docAttrName, []).add(elmtId) - } - } - } + if(docAttrName) { + def expression = '^\\* <<(nsa-.*),.*>>$' + if(line.matches(expression)) { + String elmtId = line.replaceAll(expression, '$1') + currentDocAttrNameToElmt.get(docAttrName, []).add(elmtId) + } + } + } - def schemaAttrNameToParents = [:] - def schemaAttrNameToChildren = [:] - elementNameToElement.each { entry -> - def key = 'nsa-'+entry.key - if(ignoredIds.contains(key)) { - return - } - def parentIds = entry.value.allParentElmts.values()*.id.findAll { !ignoredIds.contains(it) }.sort() - if(parentIds) { - schemaAttrNameToParents.put(key,parentIds) - } - def childIds = entry.value.allChildElmts.values()*.id.findAll { !ignoredIds.contains(it) }.sort() - if(childIds) { - schemaAttrNameToChildren.put(key,childIds) - } - } - then: "the expected parents and children are all documented" - schemaAttrNameToChildren.sort() == docAttrNameToChildren.sort() - schemaAttrNameToParents.sort() == docAttrNameToParents.sort() - } + def schemaAttrNameToParents = [:] + def schemaAttrNameToChildren = [:] + elementNameToElement.each { entry -> + def key = 'nsa-'+entry.key + if(ignoredIds.contains(key)) { + return + } + def parentIds = entry.value.allParentElmts.values()*.id.findAll { !ignoredIds.contains(it) }.sort() + if(parentIds) { + schemaAttrNameToParents.put(key,parentIds) + } + def childIds = entry.value.allChildElmts.values()*.id.findAll { !ignoredIds.contains(it) }.sort() + if(childIds) { + schemaAttrNameToChildren.put(key,childIds) + } + } + then: "the expected parents and children are all documented" + schemaAttrNameToChildren.sort() == docAttrNameToChildren.sort() + schemaAttrNameToParents.sort() == docAttrNameToParents.sort() + } - /** - * This test checks each xsd element and ensures there is documentation for it. - * @return - */ - def 'entire xsd is documented'() { - when: "validate that the entire xsd contains documentation" - def notDocElmtIds = elementNameToElement.values().findAll { - !it.desc.text() && !ignoredIds.contains(it.id) - }*.id.sort().join("\n") - def notDocAttrIds = elementNameToElement.values()*.attrs.flatten().findAll { - !it.desc.text() && !ignoredIds.contains(it.id) - }*.id.sort().join("\n") - then: "all the elements and attributes have some documentation" - !notDocElmtIds - !notDocAttrIds - } + /** + * This test checks each xsd element and ensures there is documentation for it. + * @return + */ + def 'entire xsd is documented'() { + when: "validate that the entire xsd contains documentation" + def notDocElmtIds = elementNameToElement.values().findAll { + !it.desc.text() && !ignoredIds.contains(it.id) + }*.id.sort().join("\n") + def notDocAttrIds = elementNameToElement.values()*.attrs.flatten().findAll { + !it.desc.text() && !ignoredIds.contains(it.id) + }*.id.sort().join("\n") + then: "all the elements and attributes have some documentation" + !notDocElmtIds + !notDocAttrIds + } } diff --git a/config/src/test/groovy/org/springframework/security/config/http/AbstractHttpConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/AbstractHttpConfigTests.groovy index 976d96c409..fc3e73baaa 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/AbstractHttpConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/AbstractHttpConfigTests.groovy @@ -28,55 +28,55 @@ import javax.servlet.http.HttpServletRequest * */ abstract class AbstractHttpConfigTests extends AbstractXmlConfigTests { - final int AUTO_CONFIG_FILTERS = 14; + final int AUTO_CONFIG_FILTERS = 14; - def httpAutoConfig(Closure c) { - xml.http(['auto-config': 'true', 'use-expressions':false], c) - } + def httpAutoConfig(Closure c) { + xml.http(['auto-config': 'true', 'use-expressions':false], c) + } - def httpAutoConfig(String matcher, Closure c) { - xml.http(['auto-config': 'true', 'use-expressions':false, 'request-matcher': matcher], c) - } + def httpAutoConfig(String matcher, Closure c) { + xml.http(['auto-config': 'true', 'use-expressions':false, 'request-matcher': matcher], c) + } - def interceptUrl(String path, String authz) { - xml.'intercept-url'(pattern: path, access: authz) - } + def interceptUrl(String path, String authz) { + xml.'intercept-url'(pattern: path, access: authz) + } - def interceptUrl(String path, String httpMethod, String authz) { - xml.'intercept-url'(pattern: path, method: httpMethod, access: authz) - } + def interceptUrl(String path, String httpMethod, String authz) { + xml.'intercept-url'(pattern: path, method: httpMethod, access: authz) + } - Filter getFilter(Class type) { - List filters = getFilters("/any"); + Filter getFilter(Class type) { + List filters = getFilters("/any"); - for (f in filters) { - if (f.class.isAssignableFrom(type)) { - return f; - } - } + for (f in filters) { + if (f.class.isAssignableFrom(type)) { + return f; + } + } - return null; - } + return null; + } - List getFilters(String url) { - springSecurityFilterChain.getFilters(url) - } + List getFilters(String url) { + springSecurityFilterChain.getFilters(url) + } - Filter getSpringSecurityFilterChain() { - appContext.getBean(BeanIds.FILTER_CHAIN_PROXY) - } + Filter getSpringSecurityFilterChain() { + appContext.getBean(BeanIds.FILTER_CHAIN_PROXY) + } - FilterInvocation createFilterinvocation(String path, String method) { - MockHttpServletRequest request = new MockHttpServletRequest(); - request.setMethod(method); - request.setRequestURI(null); - request.setServletPath(path); + FilterInvocation createFilterinvocation(String path, String method) { + MockHttpServletRequest request = new MockHttpServletRequest(); + request.setMethod(method); + request.setRequestURI(null); + request.setServletPath(path); - return new FilterInvocation(request, new MockHttpServletResponse(), new MockFilterChain()); - } + return new FilterInvocation(request, new MockHttpServletResponse(), new MockFilterChain()); + } - def basicLogin(HttpServletRequest request, String username="user",String password="password") { - def credentials = username + ":" + password - request.addHeader("Authorization", "Basic " + credentials.bytes.encodeBase64()) - } + def basicLogin(HttpServletRequest request, String username="user",String password="password") { + def credentials = username + ":" + password + request.addHeader("Authorization", "Basic " + credentials.bytes.encodeBase64()) + } } diff --git a/config/src/test/groovy/org/springframework/security/config/http/AccessDeniedConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/AccessDeniedConfigTests.groovy index 33d0e5b27b..b084d7888f 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/AccessDeniedConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/AccessDeniedConfigTests.groovy @@ -10,38 +10,38 @@ import org.springframework.security.web.access.ExceptionTranslationFilter * @author Luke Taylor */ class AccessDeniedConfigTests extends AbstractHttpConfigTests { - def invalidAccessDeniedUrlIsDetected() { - when: - httpAutoConfig() { - 'access-denied-handler'('error-page':'noLeadingSlash') - } - createAppContext(); - then: - thrown(BeanCreationException) - } + def invalidAccessDeniedUrlIsDetected() { + when: + httpAutoConfig() { + 'access-denied-handler'('error-page':'noLeadingSlash') + } + createAppContext(); + then: + thrown(BeanCreationException) + } - def accessDeniedHandlerIsSetCorectly() { - httpAutoConfig() { - 'access-denied-handler'(ref: 'adh') - } - bean('adh', AccessDeniedHandlerImpl) - createAppContext(); + def accessDeniedHandlerIsSetCorectly() { + httpAutoConfig() { + 'access-denied-handler'(ref: 'adh') + } + bean('adh', AccessDeniedHandlerImpl) + createAppContext(); - def filter = getFilter(ExceptionTranslationFilter.class); - def adh = appContext.getBean("adh"); + def filter = getFilter(ExceptionTranslationFilter.class); + def adh = appContext.getBean("adh"); - expect: - filter.accessDeniedHandler == adh - } + expect: + filter.accessDeniedHandler == adh + } - def void accessDeniedHandlerPageAndRefAreMutuallyExclusive() { - when: - httpAutoConfig { - 'access-denied-handler'('error-page': '/go-away', ref: 'adh') - } - createAppContext(); - bean('adh', AccessDeniedHandlerImpl) - then: - thrown(BeanDefinitionParsingException) - } + def void accessDeniedHandlerPageAndRefAreMutuallyExclusive() { + when: + httpAutoConfig { + 'access-denied-handler'('error-page': '/go-away', ref: 'adh') + } + createAppContext(); + bean('adh', AccessDeniedHandlerImpl) + then: + thrown(BeanDefinitionParsingException) + } } diff --git a/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy index 9c9b7b8725..bc5d11a6ab 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy @@ -43,303 +43,303 @@ import spock.lang.Unroll * @author Rob Winch */ class CsrfConfigTests extends AbstractHttpConfigTests { - MockHttpServletRequest request = new MockHttpServletRequest() - MockHttpServletResponse response = new MockHttpServletResponse() - MockFilterChain chain = new MockFilterChain() + MockHttpServletRequest request = new MockHttpServletRequest() + MockHttpServletResponse response = new MockHttpServletResponse() + MockFilterChain chain = new MockFilterChain() - @Unroll - def 'csrf is enabled by default'() { - setup: - httpAutoConfig { - } - createAppContext() - when: - request.method = httpMethod - springSecurityFilterChain.doFilter(request,response,chain) - then: - response.status == httpStatus - where: - httpMethod | httpStatus - 'POST' | HttpServletResponse.SC_FORBIDDEN - 'PUT' | HttpServletResponse.SC_FORBIDDEN - 'PATCH' | HttpServletResponse.SC_FORBIDDEN - 'DELETE' | HttpServletResponse.SC_FORBIDDEN - 'INVALID' | HttpServletResponse.SC_FORBIDDEN - 'GET' | HttpServletResponse.SC_OK - 'HEAD' | HttpServletResponse.SC_OK - 'TRACE' | HttpServletResponse.SC_OK - 'OPTIONS' | HttpServletResponse.SC_OK - } + @Unroll + def 'csrf is enabled by default'() { + setup: + httpAutoConfig { + } + createAppContext() + when: + request.method = httpMethod + springSecurityFilterChain.doFilter(request,response,chain) + then: + response.status == httpStatus + where: + httpMethod | httpStatus + 'POST' | HttpServletResponse.SC_FORBIDDEN + 'PUT' | HttpServletResponse.SC_FORBIDDEN + 'PATCH' | HttpServletResponse.SC_FORBIDDEN + 'DELETE' | HttpServletResponse.SC_FORBIDDEN + 'INVALID' | HttpServletResponse.SC_FORBIDDEN + 'GET' | HttpServletResponse.SC_OK + 'HEAD' | HttpServletResponse.SC_OK + 'TRACE' | HttpServletResponse.SC_OK + 'OPTIONS' | HttpServletResponse.SC_OK + } - def 'csrf disabled'() { - when: - httpAutoConfig { - csrf(disabled:true) - } - createAppContext() - then: - !getFilter(CsrfFilter) - } + def 'csrf disabled'() { + when: + httpAutoConfig { + csrf(disabled:true) + } + createAppContext() + then: + !getFilter(CsrfFilter) + } - @Unroll - def 'csrf defaults'() { - setup: - httpAutoConfig { - 'csrf'() - } - createAppContext() - when: - request.method = httpMethod - springSecurityFilterChain.doFilter(request,response,chain) - then: - response.status == httpStatus - where: - httpMethod | httpStatus - 'POST' | HttpServletResponse.SC_FORBIDDEN - 'PUT' | HttpServletResponse.SC_FORBIDDEN - 'PATCH' | HttpServletResponse.SC_FORBIDDEN - 'DELETE' | HttpServletResponse.SC_FORBIDDEN - 'INVALID' | HttpServletResponse.SC_FORBIDDEN - 'GET' | HttpServletResponse.SC_OK - 'HEAD' | HttpServletResponse.SC_OK - 'TRACE' | HttpServletResponse.SC_OK - 'OPTIONS' | HttpServletResponse.SC_OK - } + @Unroll + def 'csrf defaults'() { + setup: + httpAutoConfig { + 'csrf'() + } + createAppContext() + when: + request.method = httpMethod + springSecurityFilterChain.doFilter(request,response,chain) + then: + response.status == httpStatus + where: + httpMethod | httpStatus + 'POST' | HttpServletResponse.SC_FORBIDDEN + 'PUT' | HttpServletResponse.SC_FORBIDDEN + 'PATCH' | HttpServletResponse.SC_FORBIDDEN + 'DELETE' | HttpServletResponse.SC_FORBIDDEN + 'INVALID' | HttpServletResponse.SC_FORBIDDEN + 'GET' | HttpServletResponse.SC_OK + 'HEAD' | HttpServletResponse.SC_OK + 'TRACE' | HttpServletResponse.SC_OK + 'OPTIONS' | HttpServletResponse.SC_OK + } - def 'csrf default creates CsrfRequestDataValueProcessor'() { - when: - httpAutoConfig { - 'csrf'() - } - createAppContext() - then: - appContext.getBean("requestDataValueProcessor",RequestDataValueProcessor) - } + def 'csrf default creates CsrfRequestDataValueProcessor'() { + when: + httpAutoConfig { + 'csrf'() + } + createAppContext() + then: + appContext.getBean("requestDataValueProcessor",RequestDataValueProcessor) + } - def 'csrf custom AccessDeniedHandler'() { - setup: - httpAutoConfig { - 'access-denied-handler'(ref:'adh') - 'csrf'() - } - mockBean(AccessDeniedHandler,'adh') - createAppContext() - AccessDeniedHandler adh = appContext.getBean(AccessDeniedHandler) - request.method = "POST" - when: - springSecurityFilterChain.doFilter(request,response,chain) - then: - verify(adh).handle(any(HttpServletRequest),any(HttpServletResponse),any(AccessDeniedException)) - response.status == HttpServletResponse.SC_OK // our mock doesn't do anything - } + def 'csrf custom AccessDeniedHandler'() { + setup: + httpAutoConfig { + 'access-denied-handler'(ref:'adh') + 'csrf'() + } + mockBean(AccessDeniedHandler,'adh') + createAppContext() + AccessDeniedHandler adh = appContext.getBean(AccessDeniedHandler) + request.method = "POST" + when: + springSecurityFilterChain.doFilter(request,response,chain) + then: + verify(adh).handle(any(HttpServletRequest),any(HttpServletResponse),any(AccessDeniedException)) + response.status == HttpServletResponse.SC_OK // our mock doesn't do anything + } - def "csrf disables posts for RequestCache"() { - setup: - httpAutoConfig { - 'csrf'('token-repository-ref':'repo') - 'intercept-url'(pattern:"/**",access:'ROLE_USER') - } - mockBean(CsrfTokenRepository,'repo') - createAppContext() - CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) - CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") - when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) - when(repo.generateToken(any(HttpServletRequest))).thenReturn(token) - request.setParameter(token.parameterName,token.token) - request.servletPath = "/some-url" - request.requestURI = "/some-url" - request.method = "POST" - when: "CSRF passes and our session times out" - springSecurityFilterChain.doFilter(request,response,chain) - then: "sent to the login page" - response.status == HttpServletResponse.SC_MOVED_TEMPORARILY - response.redirectedUrl == "http://localhost/login" - when: "authenticate successfully" - response = new MockHttpServletResponse() - request = new MockHttpServletRequest(session: request.session) - request.servletPath = "/login" - request.setParameter(token.parameterName,token.token) - request.setParameter("username","user") - request.setParameter("password","password") - request.method = "POST" - springSecurityFilterChain.doFilter(request,response,chain) - then: "sent to default success because we don't want csrf attempts made prior to authentication to pass" - response.status == HttpServletResponse.SC_MOVED_TEMPORARILY - response.redirectedUrl == "/" - } + def "csrf disables posts for RequestCache"() { + setup: + httpAutoConfig { + 'csrf'('token-repository-ref':'repo') + 'intercept-url'(pattern:"/**",access:'ROLE_USER') + } + mockBean(CsrfTokenRepository,'repo') + createAppContext() + CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) + CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") + when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) + when(repo.generateToken(any(HttpServletRequest))).thenReturn(token) + request.setParameter(token.parameterName,token.token) + request.servletPath = "/some-url" + request.requestURI = "/some-url" + request.method = "POST" + when: "CSRF passes and our session times out" + springSecurityFilterChain.doFilter(request,response,chain) + then: "sent to the login page" + response.status == HttpServletResponse.SC_MOVED_TEMPORARILY + response.redirectedUrl == "http://localhost/login" + when: "authenticate successfully" + response = new MockHttpServletResponse() + request = new MockHttpServletRequest(session: request.session) + request.servletPath = "/login" + request.setParameter(token.parameterName,token.token) + request.setParameter("username","user") + request.setParameter("password","password") + request.method = "POST" + springSecurityFilterChain.doFilter(request,response,chain) + then: "sent to default success because we don't want csrf attempts made prior to authentication to pass" + response.status == HttpServletResponse.SC_MOVED_TEMPORARILY + response.redirectedUrl == "/" + } - def "csrf enables gets for RequestCache"() { - setup: - httpAutoConfig { - 'csrf'('token-repository-ref':'repo') - 'intercept-url'(pattern:"/**",access:'ROLE_USER') - } - mockBean(CsrfTokenRepository,'repo') - createAppContext() - CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) - CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") - when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) - when(repo.generateToken(any(HttpServletRequest))).thenReturn(token) - request.setParameter(token.parameterName,token.token) - request.servletPath = "/some-url" - request.requestURI = "/some-url" - request.method = "GET" - when: "CSRF passes and our session times out" - springSecurityFilterChain.doFilter(request,response,chain) - then: "sent to the login page" - response.status == HttpServletResponse.SC_MOVED_TEMPORARILY - response.redirectedUrl == "http://localhost/login" - when: "authenticate successfully" - response = new MockHttpServletResponse() - request = new MockHttpServletRequest(session: request.session) - request.servletPath = "/login" - request.setParameter(token.parameterName,token.token) - request.setParameter("username","user") - request.setParameter("password","password") - request.method = "POST" - springSecurityFilterChain.doFilter(request,response,chain) - then: "sent to original URL since it was a GET" - response.status == HttpServletResponse.SC_MOVED_TEMPORARILY - response.redirectedUrl == "http://localhost/some-url" - } + def "csrf enables gets for RequestCache"() { + setup: + httpAutoConfig { + 'csrf'('token-repository-ref':'repo') + 'intercept-url'(pattern:"/**",access:'ROLE_USER') + } + mockBean(CsrfTokenRepository,'repo') + createAppContext() + CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) + CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") + when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) + when(repo.generateToken(any(HttpServletRequest))).thenReturn(token) + request.setParameter(token.parameterName,token.token) + request.servletPath = "/some-url" + request.requestURI = "/some-url" + request.method = "GET" + when: "CSRF passes and our session times out" + springSecurityFilterChain.doFilter(request,response,chain) + then: "sent to the login page" + response.status == HttpServletResponse.SC_MOVED_TEMPORARILY + response.redirectedUrl == "http://localhost/login" + when: "authenticate successfully" + response = new MockHttpServletResponse() + request = new MockHttpServletRequest(session: request.session) + request.servletPath = "/login" + request.setParameter(token.parameterName,token.token) + request.setParameter("username","user") + request.setParameter("password","password") + request.method = "POST" + springSecurityFilterChain.doFilter(request,response,chain) + then: "sent to original URL since it was a GET" + response.status == HttpServletResponse.SC_MOVED_TEMPORARILY + response.redirectedUrl == "http://localhost/some-url" + } - def "SEC-2422: csrf expire CSRF token and session-management invalid-session-url"() { - setup: - httpAutoConfig { - 'csrf'() - 'session-management'('invalid-session-url': '/error/sessionError') - } - createAppContext() - request.setParameter("_csrf","abc") - request.method = "POST" - when: "No existing expected CsrfToken (session times out) and a POST" - springSecurityFilterChain.doFilter(request,response,chain) - then: "sent to the session timeout page page" - response.status == HttpServletResponse.SC_MOVED_TEMPORARILY - response.redirectedUrl == "/error/sessionError" - when: "Existing expected CsrfToken and a POST (invalid token provided)" - response = new MockHttpServletResponse() - request = new MockHttpServletRequest(session: request.session, method:'POST') - springSecurityFilterChain.doFilter(request,response,chain) - then: "Access Denied occurs" - response.status == HttpServletResponse.SC_FORBIDDEN - } + def "SEC-2422: csrf expire CSRF token and session-management invalid-session-url"() { + setup: + httpAutoConfig { + 'csrf'() + 'session-management'('invalid-session-url': '/error/sessionError') + } + createAppContext() + request.setParameter("_csrf","abc") + request.method = "POST" + when: "No existing expected CsrfToken (session times out) and a POST" + springSecurityFilterChain.doFilter(request,response,chain) + then: "sent to the session timeout page page" + response.status == HttpServletResponse.SC_MOVED_TEMPORARILY + response.redirectedUrl == "/error/sessionError" + when: "Existing expected CsrfToken and a POST (invalid token provided)" + response = new MockHttpServletResponse() + request = new MockHttpServletRequest(session: request.session, method:'POST') + springSecurityFilterChain.doFilter(request,response,chain) + then: "Access Denied occurs" + response.status == HttpServletResponse.SC_FORBIDDEN + } - def "csrf requireCsrfProtectionMatcher"() { - setup: - httpAutoConfig { - 'csrf'('request-matcher-ref':'matcher') - } - mockBean(RequestMatcher,'matcher') - createAppContext() - request.method = 'POST' - RequestMatcher matcher = appContext.getBean("matcher",RequestMatcher) - when: - when(matcher.matches(any(HttpServletRequest))).thenReturn(false) - springSecurityFilterChain.doFilter(request,response,chain) - then: - response.status == HttpServletResponse.SC_OK - when: - when(matcher.matches(any(HttpServletRequest))).thenReturn(true) - springSecurityFilterChain.doFilter(request,response,chain) - then: - response.status == HttpServletResponse.SC_FORBIDDEN - } + def "csrf requireCsrfProtectionMatcher"() { + setup: + httpAutoConfig { + 'csrf'('request-matcher-ref':'matcher') + } + mockBean(RequestMatcher,'matcher') + createAppContext() + request.method = 'POST' + RequestMatcher matcher = appContext.getBean("matcher",RequestMatcher) + when: + when(matcher.matches(any(HttpServletRequest))).thenReturn(false) + springSecurityFilterChain.doFilter(request,response,chain) + then: + response.status == HttpServletResponse.SC_OK + when: + when(matcher.matches(any(HttpServletRequest))).thenReturn(true) + springSecurityFilterChain.doFilter(request,response,chain) + then: + response.status == HttpServletResponse.SC_FORBIDDEN + } - def "csrf csrfTokenRepository"() { - setup: - httpAutoConfig { - 'csrf'('token-repository-ref':'repo') - } - mockBean(CsrfTokenRepository,'repo') - createAppContext() - CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) - CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") - when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) - request.setParameter(token.parameterName,token.token) - request.method = "POST" - when: - springSecurityFilterChain.doFilter(request,response,chain) - then: - response.status == HttpServletResponse.SC_OK - when: - request.setParameter(token.parameterName,token.token+"INVALID") - springSecurityFilterChain.doFilter(request,response,chain) - then: - response.status == HttpServletResponse.SC_FORBIDDEN - } + def "csrf csrfTokenRepository"() { + setup: + httpAutoConfig { + 'csrf'('token-repository-ref':'repo') + } + mockBean(CsrfTokenRepository,'repo') + createAppContext() + CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) + CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") + when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) + request.setParameter(token.parameterName,token.token) + request.method = "POST" + when: + springSecurityFilterChain.doFilter(request,response,chain) + then: + response.status == HttpServletResponse.SC_OK + when: + request.setParameter(token.parameterName,token.token+"INVALID") + springSecurityFilterChain.doFilter(request,response,chain) + then: + response.status == HttpServletResponse.SC_FORBIDDEN + } - def "csrf clears on login"() { - setup: - httpAutoConfig { - 'csrf'('token-repository-ref':'repo') - } - mockBean(CsrfTokenRepository,'repo') - createAppContext() - CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) - CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") - when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) - when(repo.generateToken(any(HttpServletRequest))).thenReturn(token) - request.setParameter(token.parameterName,token.token) - request.method = "POST" - request.setParameter("username","user") - request.setParameter("password","password") - request.servletPath = "/login" - when: - springSecurityFilterChain.doFilter(request,response,chain) - then: - verify(repo, atLeastOnce()).saveToken(eq(null),any(HttpServletRequest), any(HttpServletResponse)) - } + def "csrf clears on login"() { + setup: + httpAutoConfig { + 'csrf'('token-repository-ref':'repo') + } + mockBean(CsrfTokenRepository,'repo') + createAppContext() + CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) + CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") + when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) + when(repo.generateToken(any(HttpServletRequest))).thenReturn(token) + request.setParameter(token.parameterName,token.token) + request.method = "POST" + request.setParameter("username","user") + request.setParameter("password","password") + request.servletPath = "/login" + when: + springSecurityFilterChain.doFilter(request,response,chain) + then: + verify(repo, atLeastOnce()).saveToken(eq(null),any(HttpServletRequest), any(HttpServletResponse)) + } - def "csrf clears on logout"() { - setup: - httpAutoConfig { - 'csrf'('token-repository-ref':'repo') - } - mockBean(CsrfTokenRepository,'repo') - createAppContext() - CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) - CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") - when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) - request.setParameter(token.parameterName,token.token) - request.method = "POST" - request.servletPath = "/logout" - when: - springSecurityFilterChain.doFilter(request,response,chain) - then: - verify(repo).saveToken(eq(null),any(HttpServletRequest), any(HttpServletResponse)) - } + def "csrf clears on logout"() { + setup: + httpAutoConfig { + 'csrf'('token-repository-ref':'repo') + } + mockBean(CsrfTokenRepository,'repo') + createAppContext() + CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) + CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") + when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) + request.setParameter(token.parameterName,token.token) + request.method = "POST" + request.servletPath = "/logout" + when: + springSecurityFilterChain.doFilter(request,response,chain) + then: + verify(repo).saveToken(eq(null),any(HttpServletRequest), any(HttpServletResponse)) + } - def "SEC-2495: csrf disables logout on GET"() { - setup: - httpAutoConfig { - 'csrf'() - } - createAppContext() - login() - request.method = "GET" - request.requestURI = "/logout" - when: - springSecurityFilterChain.doFilter(request,response,chain) - then: - getAuthentication(request) != null - } + def "SEC-2495: csrf disables logout on GET"() { + setup: + httpAutoConfig { + 'csrf'() + } + createAppContext() + login() + request.method = "GET" + request.requestURI = "/logout" + when: + springSecurityFilterChain.doFilter(request,response,chain) + then: + getAuthentication(request) != null + } - def login(String username="user", String role="ROLE_USER") { - login(new UsernamePasswordAuthenticationToken(username, null, AuthorityUtils.createAuthorityList(role))) - } + def login(String username="user", String role="ROLE_USER") { + login(new UsernamePasswordAuthenticationToken(username, null, AuthorityUtils.createAuthorityList(role))) + } - def login(Authentication auth) { - HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository() - HttpRequestResponseHolder requestResponseHolder = new HttpRequestResponseHolder(request, response) - repo.loadContext(requestResponseHolder) - repo.saveContext(new SecurityContextImpl(authentication:auth), requestResponseHolder.request, requestResponseHolder.response) - } + def login(Authentication auth) { + HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository() + HttpRequestResponseHolder requestResponseHolder = new HttpRequestResponseHolder(request, response) + repo.loadContext(requestResponseHolder) + repo.saveContext(new SecurityContextImpl(authentication:auth), requestResponseHolder.request, requestResponseHolder.response) + } - def getAuthentication(HttpServletRequest request) { - HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository() - HttpRequestResponseHolder requestResponseHolder = new HttpRequestResponseHolder(request, response) - repo.loadContext(requestResponseHolder)?.authentication - } + def getAuthentication(HttpServletRequest request) { + HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository() + HttpRequestResponseHolder requestResponseHolder = new HttpRequestResponseHolder(request, response) + repo.loadContext(requestResponseHolder)?.authentication + } } diff --git a/config/src/test/groovy/org/springframework/security/config/http/FormLoginBeanDefinitionParserTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/FormLoginBeanDefinitionParserTests.groovy index d8def9663a..42c8d9b49a 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/FormLoginBeanDefinitionParserTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/FormLoginBeanDefinitionParserTests.groovy @@ -10,104 +10,104 @@ import org.springframework.mock.web.MockHttpServletResponse */ class FormLoginBeanDefinitionParserTests extends AbstractHttpConfigTests { - def 'form-login default login page'() { - setup: - MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login') - MockHttpServletResponse response = new MockHttpServletResponse() - MockFilterChain chain = new MockFilterChain() - httpAutoConfig { - csrf(disabled:true) - } - createAppContext() - when: - springSecurityFilterChain.doFilter(request,response,chain) - then: - response.getContentAsString() == """Login Page + def 'form-login default login page'() { + setup: + MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login') + MockHttpServletResponse response = new MockHttpServletResponse() + MockFilterChain chain = new MockFilterChain() + httpAutoConfig { + csrf(disabled:true) + } + createAppContext() + when: + springSecurityFilterChain.doFilter(request,response,chain) + then: + response.getContentAsString() == """Login Page

Login with Username and Password

- - - + + +
User:
Password:
User:
Password:
""" - } + } - def 'form-login default login page custom attributes'() { - setup: - MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login') - MockHttpServletResponse response = new MockHttpServletResponse() - MockFilterChain chain = new MockFilterChain() - httpAutoConfig { - 'form-login'('login-processing-url':'/login_custom','username-parameter':'custom_user','password-parameter':'custom_password') - csrf(disabled:true) - } - createAppContext() - when: - springSecurityFilterChain.doFilter(request,response,chain) - then: - response.getContentAsString() == """Login Page + def 'form-login default login page custom attributes'() { + setup: + MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login') + MockHttpServletResponse response = new MockHttpServletResponse() + MockFilterChain chain = new MockFilterChain() + httpAutoConfig { + 'form-login'('login-processing-url':'/login_custom','username-parameter':'custom_user','password-parameter':'custom_password') + csrf(disabled:true) + } + createAppContext() + when: + springSecurityFilterChain.doFilter(request,response,chain) + then: + response.getContentAsString() == """Login Page

Login with Username and Password

- - - + + +
User:
Password:
User:
Password:
""" - } + } - def 'openid-login default login page'() { - setup: - MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login') - MockHttpServletResponse response = new MockHttpServletResponse() - MockFilterChain chain = new MockFilterChain() - httpAutoConfig { - 'openid-login'() - csrf(disabled:true) - } - createAppContext() - when: - springSecurityFilterChain.doFilter(request,response,chain) - then: - response.getContentAsString() == """Login Page + def 'openid-login default login page'() { + setup: + MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login') + MockHttpServletResponse response = new MockHttpServletResponse() + MockFilterChain chain = new MockFilterChain() + httpAutoConfig { + 'openid-login'() + csrf(disabled:true) + } + createAppContext() + when: + springSecurityFilterChain.doFilter(request,response,chain) + then: + response.getContentAsString() == """Login Page

Login with Username and Password

- - - + + +
User:
Password:
User:
Password:

Login with OpenID Identity

- - + +
Identity:
Identity:
""" - } + } - def 'openid-login default login page custom attributes'() { - setup: - MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login') - MockHttpServletResponse response = new MockHttpServletResponse() - MockFilterChain chain = new MockFilterChain() - httpAutoConfig { - 'openid-login'('login-processing-url':'/login_custom') - csrf(disabled:true) - } - createAppContext() - when: - springSecurityFilterChain.doFilter(request,response,chain) - then: - response.getContentAsString() == """Login Page + def 'openid-login default login page custom attributes'() { + setup: + MockHttpServletRequest request = new MockHttpServletRequest(method:'GET',requestURI:'/login') + MockHttpServletResponse response = new MockHttpServletResponse() + MockFilterChain chain = new MockFilterChain() + httpAutoConfig { + 'openid-login'('login-processing-url':'/login_custom') + csrf(disabled:true) + } + createAppContext() + when: + springSecurityFilterChain.doFilter(request,response,chain) + then: + response.getContentAsString() == """Login Page

Login with Username and Password

- - - + + +
User:
Password:
User:
Password:

Login with OpenID Identity

- - + +
Identity:
Identity:
""" - } + } } diff --git a/config/src/test/groovy/org/springframework/security/config/http/FormLoginConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/FormLoginConfigTests.groovy index 75dbb95fbf..0f93981d90 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/FormLoginConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/FormLoginConfigTests.groovy @@ -15,93 +15,93 @@ import org.springframework.util.ReflectionUtils; */ class FormLoginConfigTests extends AbstractHttpConfigTests { - def formLoginWithNoLoginPageAddsDefaultLoginPageFilter() { - httpAutoConfig('ant') { - form-login() - } - createAppContext() - filtersMatchExpectedAutoConfigList(); - } + def formLoginWithNoLoginPageAddsDefaultLoginPageFilter() { + httpAutoConfig('ant') { + form-login() + } + createAppContext() + filtersMatchExpectedAutoConfigList(); + } - def 'Form login alwaysUseDefaultTarget sets correct property'() { - xml.http { - 'form-login'('default-target-url':'/default', 'always-use-default-target': 'true') - } - createAppContext() - def filter = getFilter(UsernamePasswordAuthenticationFilter.class); + def 'Form login alwaysUseDefaultTarget sets correct property'() { + xml.http { + 'form-login'('default-target-url':'/default', 'always-use-default-target': 'true') + } + createAppContext() + def filter = getFilter(UsernamePasswordAuthenticationFilter.class); - expect: - FieldUtils.getFieldValue(filter, 'successHandler.defaultTargetUrl') == '/default'; - FieldUtils.getFieldValue(filter, 'successHandler.alwaysUseDefaultTargetUrl'); - } + expect: + FieldUtils.getFieldValue(filter, 'successHandler.defaultTargetUrl') == '/default'; + FieldUtils.getFieldValue(filter, 'successHandler.alwaysUseDefaultTargetUrl'); + } - def 'form-login attributes support SpEL'() { - setup: - def spelUrl = '#{T(org.springframework.security.config.http.WebConfigUtilsTest).URL}' - def expectedUrl = WebConfigUtilsTest.URL - when: - xml.http { - 'form-login'('default-target-url': spelUrl , 'authentication-failure-url': spelUrl, 'login-page': spelUrl) - } - createAppContext() - def unPwdFilter = getFilter(UsernamePasswordAuthenticationFilter) - def exTransFilter = getFilter(ExceptionTranslationFilter) + def 'form-login attributes support SpEL'() { + setup: + def spelUrl = '#{T(org.springframework.security.config.http.WebConfigUtilsTest).URL}' + def expectedUrl = WebConfigUtilsTest.URL + when: + xml.http { + 'form-login'('default-target-url': spelUrl , 'authentication-failure-url': spelUrl, 'login-page': spelUrl) + } + createAppContext() + def unPwdFilter = getFilter(UsernamePasswordAuthenticationFilter) + def exTransFilter = getFilter(ExceptionTranslationFilter) - then: - unPwdFilter.successHandler.defaultTargetUrl == expectedUrl - unPwdFilter - FieldUtils.getFieldValue(unPwdFilter, 'successHandler.defaultTargetUrl') == expectedUrl - FieldUtils.getFieldValue(unPwdFilter, 'failureHandler.defaultFailureUrl') == expectedUrl - FieldUtils.getFieldValue(exTransFilter, 'authenticationEntryPoint.loginFormUrl') == expectedUrl - } + then: + unPwdFilter.successHandler.defaultTargetUrl == expectedUrl + unPwdFilter + FieldUtils.getFieldValue(unPwdFilter, 'successHandler.defaultTargetUrl') == expectedUrl + FieldUtils.getFieldValue(unPwdFilter, 'failureHandler.defaultFailureUrl') == expectedUrl + FieldUtils.getFieldValue(exTransFilter, 'authenticationEntryPoint.loginFormUrl') == expectedUrl + } - def invalidLoginPageIsDetected() { - when: - xml.http { - 'form-login'('login-page': 'noLeadingSlash') - } - createAppContext() + def invalidLoginPageIsDetected() { + when: + xml.http { + 'form-login'('login-page': 'noLeadingSlash') + } + createAppContext() - then: - BeanCreationException e = thrown(); - } + then: + BeanCreationException e = thrown(); + } - def invalidDefaultTargetUrlIsDetected() { - when: - xml.http { - 'form-login'('default-target-url': 'noLeadingSlash') - } - createAppContext() + def invalidDefaultTargetUrlIsDetected() { + when: + xml.http { + 'form-login'('default-target-url': 'noLeadingSlash') + } + createAppContext() - then: - BeanCreationException e = thrown(); - } + then: + BeanCreationException e = thrown(); + } - def customSuccessAndFailureHandlersCanBeSetThroughTheNamespace() { - xml.http { - 'form-login'('authentication-success-handler-ref': 'sh', 'authentication-failure-handler-ref':'fh') - } - bean('sh', SavedRequestAwareAuthenticationSuccessHandler.class.name) - bean('fh', SimpleUrlAuthenticationFailureHandler.class.name) - createAppContext() + def customSuccessAndFailureHandlersCanBeSetThroughTheNamespace() { + xml.http { + 'form-login'('authentication-success-handler-ref': 'sh', 'authentication-failure-handler-ref':'fh') + } + bean('sh', SavedRequestAwareAuthenticationSuccessHandler.class.name) + bean('fh', SimpleUrlAuthenticationFailureHandler.class.name) + createAppContext() - def apf = getFilter(UsernamePasswordAuthenticationFilter.class); + def apf = getFilter(UsernamePasswordAuthenticationFilter.class); - expect: - FieldUtils.getFieldValue(apf, "successHandler") == appContext.getBean("sh"); - FieldUtils.getFieldValue(apf, "failureHandler") == appContext.getBean("fh") - } + expect: + FieldUtils.getFieldValue(apf, "successHandler") == appContext.getBean("sh"); + FieldUtils.getFieldValue(apf, "failureHandler") == appContext.getBean("fh") + } - def usernameAndPasswordParametersCanBeSetThroughNamespace() { - xml.http { - 'form-login'('username-parameter': 'xname', 'password-parameter':'xpass') - } - createAppContext() + def usernameAndPasswordParametersCanBeSetThroughNamespace() { + xml.http { + 'form-login'('username-parameter': 'xname', 'password-parameter':'xpass') + } + createAppContext() - def apf = getFilter(UsernamePasswordAuthenticationFilter.class); + def apf = getFilter(UsernamePasswordAuthenticationFilter.class); - expect: - apf.usernameParameter == 'xname'; - apf.passwordParameter == 'xpass' - } + expect: + apf.usernameParameter == 'xname'; + apf.passwordParameter == 'xpass' + } } diff --git a/config/src/test/groovy/org/springframework/security/config/http/HttpConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/HttpConfigTests.groovy index 01130b7edf..59f1d812bb 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/HttpConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/HttpConfigTests.groovy @@ -43,20 +43,20 @@ import static org.mockito.Mockito.* * @author Rob Winch */ class HttpConfigTests extends AbstractHttpConfigTests { - MockHttpServletRequest request = new MockHttpServletRequest('GET','/secure') - MockHttpServletResponse response = new MockHttpServletResponse() - MockFilterChain chain = new MockFilterChain() + MockHttpServletRequest request = new MockHttpServletRequest('GET','/secure') + MockHttpServletResponse response = new MockHttpServletResponse() + MockFilterChain chain = new MockFilterChain() - def 'http minimal configuration works'() { - setup: - xml.http() {} - createAppContext(""" - - """) - when: 'request protected URL' - springSecurityFilterChain.doFilter(request,response,chain) - then: 'sent to login page' - response.status == HttpServletResponse.SC_MOVED_TEMPORARILY - response.redirectedUrl == 'http://localhost/login' - } + def 'http minimal configuration works'() { + setup: + xml.http() {} + createAppContext(""" + + """) + when: 'request protected URL' + springSecurityFilterChain.doFilter(request,response,chain) + then: 'sent to login page' + response.status == HttpServletResponse.SC_MOVED_TEMPORARILY + response.redirectedUrl == 'http://localhost/login' + } } \ No newline at end of file diff --git a/config/src/test/groovy/org/springframework/security/config/http/HttpHeadersConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/HttpHeadersConfigTests.groovy index c42550b9b8..93dff9b559 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/HttpHeadersConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/HttpHeadersConfigTests.groovy @@ -27,620 +27,620 @@ import org.springframework.security.web.util.matcher.AnyRequestMatcher * @author Rob Winch */ class HttpHeadersConfigTests extends AbstractHttpConfigTests { - def defaultHeaders = ['X-Content-Type-Options':'nosniff', - 'X-Frame-Options':'DENY', - 'Strict-Transport-Security': 'max-age=31536000 ; includeSubDomains', - 'Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate', - 'Expires' : '0', - 'Pragma':'no-cache', - 'X-XSS-Protection' : '1; mode=block'] - def 'headers disabled'() { - setup: - httpAutoConfig { - 'headers'(disabled:true) - } - createAppContext() - - when: - def hf = getFilter(HeaderWriterFilter) - then: - !hf - } - - def 'headers disabled with child fails'() { - when: - httpAutoConfig { - 'headers'(disabled:true) { - 'content-type-options'() - } - } - createAppContext() - then: - thrown(BeanDefinitionParsingException) - } - - def 'default headers'() { - httpAutoConfig { - } - createAppContext() - - when: - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - hf.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) - then: - assertHeaders(response, defaultHeaders) - } - - def 'http headers with empty headers'() { - setup: - httpAutoConfig { - 'headers'() - } - createAppContext() - when: - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - hf.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) - then: - assertHeaders(response, defaultHeaders) - } - - def 'http headers frame-options@policy=SAMEORIGIN with defaults'() { - httpAutoConfig { - 'headers'() { - 'frame-options'(policy:'SAMEORIGIN') - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - hf.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) - def expectedHeaders = [:] << defaultHeaders - expectedHeaders['X-Frame-Options'] = 'SAMEORIGIN' - - expect: - assertHeaders(response, expectedHeaders) - } - - - // --- defaults disabled - - def 'http headers content-type-options'() { - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'content-type-options'() - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - - expect: - assertHeaders(response, ['X-Content-Type-Options':'nosniff']) - } - - def 'http headers frame-options defaults to DENY'() { - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'frame-options'() - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - - expect: - assertHeaders(response, ['X-Frame-Options':'DENY']) - } - - def 'http headers frame-options DENY'() { - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'frame-options'(policy : 'DENY') - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - - expect: - assertHeaders(response, ['X-Frame-Options':'DENY']) - } - - def 'http headers frame-options SAMEORIGIN'() { - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'frame-options'(policy : 'SAMEORIGIN') - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - - expect: - assertHeaders(response, ['X-Frame-Options':'SAMEORIGIN']) - } - - def 'http headers frame-options ALLOW-FROM no origin reports error'() { - when: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'frame-options'(policy : 'ALLOW-FROM', strategy : 'static') - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - - then: - BeanDefinitionParsingException e = thrown() - e.message.contains "Strategy requires a 'value' to be set." // FIME better error message? - } - - def 'http headers frame-options ALLOW-FROM spaces only origin reports error'() { - when: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'frame-options'(policy : 'ALLOW-FROM', strategy: 'static', value : ' ') - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - - then: - BeanDefinitionParsingException e = thrown() - e.message.contains "Strategy requires a 'value' to be set." // FIME better error message? - } - - def 'http headers frame-options ALLOW-FROM'() { - when: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'frame-options'(policy : 'ALLOW-FROM', strategy: 'static', value : 'https://example.com') - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - - then: - assertHeaders(response, ['X-Frame-Options':'ALLOW-FROM https://example.com']) - } - - def 'http headers frame-options ALLOW-FROM with whitelist strategy'() { - when: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'frame-options'(policy : 'ALLOW-FROM', strategy: 'whitelist', value : 'https://example.com') - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - - def request = new MockHttpServletRequest() - request.setParameter("from", "https://example.com"); - hf.doFilter(request, response, new MockFilterChain()) - - then: - assertHeaders(response, ['X-Frame-Options':'ALLOW-FROM https://example.com']) - } - - def 'http headers header a=b'() { - when: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'header'(name : 'a', value: 'b') - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - - then: - assertHeaders(response, ['a':'b']) - } - - def 'http headers header a=b and c=d'() { - when: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'header'(name : 'a', value: 'b') - 'header'(name : 'c', value: 'd') - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - - then: - assertHeaders(response , ['a':'b', 'c':'d']) - } - - def 'http headers with ref'() { - setup: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'header'(ref:'headerWriter') - } - } - xml.'b:bean'(id: 'headerWriter', 'class': StaticHeadersWriter.name) { - 'b:constructor-arg'(value:'abc') {} - 'b:constructor-arg'(value:'def') {} - } - createAppContext() - when: - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - then: - assertHeaders(response, ['abc':'def']) - } - - def 'http headers header no name produces error'() { - when: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'header'(value: 'b') - } - } - createAppContext() - - then: - thrown(BeanCreationException) - } - - def 'http headers header no value produces error'() { - when: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'header'(name: 'a') - } - } - createAppContext() - - then: - thrown(BeanCreationException) - } - - def 'http headers xss-protection defaults'() { - when: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'xss-protection'() - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - - then: - assertHeaders(response, ['X-XSS-Protection':'1; mode=block']) - } - - def 'http headers xss-protection enabled=true'() { - when: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'xss-protection'(enabled:'true') - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - - then: - assertHeaders(response, ['X-XSS-Protection':'1; mode=block']) - } - - def 'http headers xss-protection enabled=false'() { - when: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'xss-protection'(enabled:'false') - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - MockHttpServletResponse response = new MockHttpServletResponse() - hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - - then: - assertHeaders(response, ['X-XSS-Protection':'0']) - } - - def 'http headers xss-protection enabled=false and block=true produces error'() { - when: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'xss-protection'(enabled:'false', block:'true') - } - } - createAppContext() - - def hf = getFilter(HeaderWriterFilter) - - then: - BeanCreationException e = thrown() - e.message.contains 'Cannot set block to true with enabled false' - } - - def 'http headers cache-control'() { - setup: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'cache-control'() - } - } - createAppContext() - def springSecurityFilterChain = appContext.getBean(FilterChainProxy) - MockHttpServletResponse response = new MockHttpServletResponse() - when: - springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - then: - assertHeaders(response, ['Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate', - 'Expires' : '0', - 'Pragma':'no-cache']) - } - - def 'http headers hsts'() { - setup: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'hsts'() - } - } - createAppContext() - def springSecurityFilterChain = appContext.getBean(FilterChainProxy) - MockHttpServletResponse response = new MockHttpServletResponse() - when: - springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) - then: - assertHeaders(response, ['Strict-Transport-Security': 'max-age=31536000 ; includeSubDomains']) - } - - def 'http headers hsts default only invokes on HttpServletRequest.isSecure = true'() { - setup: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'hsts'() - } - } - createAppContext() - def springSecurityFilterChain = appContext.getBean(FilterChainProxy) - MockHttpServletResponse response = new MockHttpServletResponse() - when: - springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - then: - response.headerNames.empty - } - - def 'http headers hsts custom'() { - setup: - httpAutoConfig { - 'headers'('defaults-disabled':true) { - 'hsts'('max-age-seconds':'1','include-subdomains':false, 'request-matcher-ref' : 'matcher') - } - } - - xml.'b:bean'(id: 'matcher', 'class': AnyRequestMatcher.name) - createAppContext() - def springSecurityFilterChain = appContext.getBean(FilterChainProxy) - MockHttpServletResponse response = new MockHttpServletResponse() - when: - springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - then: - assertHeaders(response, ['Strict-Transport-Security': 'max-age=1']) - } - - // --- disable single default header --- - - def 'http headers cache-controls@disabled=true'() { - setup: - httpAutoConfig { - 'headers'() { - 'cache-control'(disabled:true) - } - } - createAppContext() - def springSecurityFilterChain = appContext.getBean(FilterChainProxy) - MockHttpServletResponse response = new MockHttpServletResponse() - def expectedHeaders = [:] << defaultHeaders - expectedHeaders.remove('Cache-Control') - expectedHeaders.remove('Expires') - expectedHeaders.remove('Pragma') - when: - springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) - then: - assertHeaders(response, expectedHeaders) - } - - def 'http headers content-type-options@disabled=true'() { - setup: - httpAutoConfig { - 'headers'() { - 'content-type-options'(disabled:true) - } - } - createAppContext() - def springSecurityFilterChain = appContext.getBean(FilterChainProxy) - MockHttpServletResponse response = new MockHttpServletResponse() - def expectedHeaders = [:] << defaultHeaders - expectedHeaders.remove('X-Content-Type-Options') - when: - springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) - then: - assertHeaders(response, expectedHeaders) - } - - def 'http headers hsts@disabled=true'() { - setup: - httpAutoConfig { - 'headers'() { - 'hsts'(disabled:true) - } - } - createAppContext() - def springSecurityFilterChain = appContext.getBean(FilterChainProxy) - MockHttpServletResponse response = new MockHttpServletResponse() - def expectedHeaders = [:] << defaultHeaders - expectedHeaders.remove('Strict-Transport-Security') - when: - springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) - then: - assertHeaders(response, expectedHeaders) - } - - def 'http headers frame-options@disabled=true'() { - setup: - httpAutoConfig { - 'headers'() { - 'frame-options'(disabled:true) - } - } - createAppContext() - def springSecurityFilterChain = appContext.getBean(FilterChainProxy) - MockHttpServletResponse response = new MockHttpServletResponse() - def expectedHeaders = [:] << defaultHeaders - expectedHeaders.remove('X-Frame-Options') - when: - springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) - then: - assertHeaders(response, expectedHeaders) - } - - def 'http headers xss-protection@disabled=true'() { - setup: - httpAutoConfig { - 'headers'() { - 'xss-protection'(disabled:true) - } - } - createAppContext() - def springSecurityFilterChain = appContext.getBean(FilterChainProxy) - MockHttpServletResponse response = new MockHttpServletResponse() - def expectedHeaders = [:] << defaultHeaders - expectedHeaders.remove('X-XSS-Protection') - when: - springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) - then: - assertHeaders(response, expectedHeaders) - } - - // --- disable error handling --- - - def 'http headers hsts@disabled=true no include-subdomains'() { - setup: - httpAutoConfig { - 'headers'() { - 'hsts'(disabled:true,'include-subdomains':true) - } - } - when: - createAppContext() - then: - BeanDefinitionParsingException expected = thrown() - expected.message.contains 'include-subdomains' - } - - def 'http headers hsts@disabled=true no max-age'() { - setup: - httpAutoConfig { - 'headers'() { - 'hsts'(disabled:true,'max-age-seconds':123) - } - } - when: - createAppContext() - then: - BeanDefinitionParsingException expected = thrown() - expected.message.contains 'max-age' - } - - def 'http headers hsts@disabled=true no matcher-ref'() { - setup: - httpAutoConfig { - 'headers'() { - 'hsts'(disabled:true,'request-matcher-ref':'matcher') - } - } - xml.'b:bean'(id: 'matcher', 'class': AnyRequestMatcher.name) - when: - createAppContext() - then: - BeanDefinitionParsingException expected = thrown() - expected.message.contains 'request-matcher-ref' - } - - def 'http xss@disabled=true no enabled'() { - setup: - httpAutoConfig { - 'headers'() { - 'xss-protection'(disabled:true,'enabled':true) - } - } - when: - createAppContext() - then: - BeanDefinitionParsingException expected = thrown() - expected.message.contains 'enabled' - } - - def 'http xss@disabled=true no block'() { - setup: - httpAutoConfig { - 'headers'() { - 'xss-protection'(disabled:true,'block':true) - } - } - when: - createAppContext() - then: - BeanDefinitionParsingException expected = thrown() - expected.message.contains 'block' - } - - def 'http frame-options@disabled=true no policy'() { - setup: - httpAutoConfig { - 'headers'() { - 'frame-options'(disabled:true,'policy':'DENY') - } - } - when: - createAppContext() - then: - BeanDefinitionParsingException expected = thrown() - expected.message.contains 'policy' - } - - def assertHeaders(MockHttpServletResponse response, Map expected) { - assert response.headerNames == expected.keySet() - expected.each { headerName, value -> - assert response.getHeaderValues(headerName) == [value] - } - } + def defaultHeaders = ['X-Content-Type-Options':'nosniff', + 'X-Frame-Options':'DENY', + 'Strict-Transport-Security': 'max-age=31536000 ; includeSubDomains', + 'Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate', + 'Expires' : '0', + 'Pragma':'no-cache', + 'X-XSS-Protection' : '1; mode=block'] + def 'headers disabled'() { + setup: + httpAutoConfig { + 'headers'(disabled:true) + } + createAppContext() + + when: + def hf = getFilter(HeaderWriterFilter) + then: + !hf + } + + def 'headers disabled with child fails'() { + when: + httpAutoConfig { + 'headers'(disabled:true) { + 'content-type-options'() + } + } + createAppContext() + then: + thrown(BeanDefinitionParsingException) + } + + def 'default headers'() { + httpAutoConfig { + } + createAppContext() + + when: + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + hf.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) + then: + assertHeaders(response, defaultHeaders) + } + + def 'http headers with empty headers'() { + setup: + httpAutoConfig { + 'headers'() + } + createAppContext() + when: + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + hf.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) + then: + assertHeaders(response, defaultHeaders) + } + + def 'http headers frame-options@policy=SAMEORIGIN with defaults'() { + httpAutoConfig { + 'headers'() { + 'frame-options'(policy:'SAMEORIGIN') + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + hf.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) + def expectedHeaders = [:] << defaultHeaders + expectedHeaders['X-Frame-Options'] = 'SAMEORIGIN' + + expect: + assertHeaders(response, expectedHeaders) + } + + + // --- defaults disabled + + def 'http headers content-type-options'() { + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'content-type-options'() + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + + expect: + assertHeaders(response, ['X-Content-Type-Options':'nosniff']) + } + + def 'http headers frame-options defaults to DENY'() { + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'frame-options'() + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + + expect: + assertHeaders(response, ['X-Frame-Options':'DENY']) + } + + def 'http headers frame-options DENY'() { + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'frame-options'(policy : 'DENY') + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + + expect: + assertHeaders(response, ['X-Frame-Options':'DENY']) + } + + def 'http headers frame-options SAMEORIGIN'() { + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'frame-options'(policy : 'SAMEORIGIN') + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + + expect: + assertHeaders(response, ['X-Frame-Options':'SAMEORIGIN']) + } + + def 'http headers frame-options ALLOW-FROM no origin reports error'() { + when: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'frame-options'(policy : 'ALLOW-FROM', strategy : 'static') + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + + then: + BeanDefinitionParsingException e = thrown() + e.message.contains "Strategy requires a 'value' to be set." // FIME better error message? + } + + def 'http headers frame-options ALLOW-FROM spaces only origin reports error'() { + when: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'frame-options'(policy : 'ALLOW-FROM', strategy: 'static', value : ' ') + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + + then: + BeanDefinitionParsingException e = thrown() + e.message.contains "Strategy requires a 'value' to be set." // FIME better error message? + } + + def 'http headers frame-options ALLOW-FROM'() { + when: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'frame-options'(policy : 'ALLOW-FROM', strategy: 'static', value : 'https://example.com') + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + + then: + assertHeaders(response, ['X-Frame-Options':'ALLOW-FROM https://example.com']) + } + + def 'http headers frame-options ALLOW-FROM with whitelist strategy'() { + when: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'frame-options'(policy : 'ALLOW-FROM', strategy: 'whitelist', value : 'https://example.com') + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + + def request = new MockHttpServletRequest() + request.setParameter("from", "https://example.com"); + hf.doFilter(request, response, new MockFilterChain()) + + then: + assertHeaders(response, ['X-Frame-Options':'ALLOW-FROM https://example.com']) + } + + def 'http headers header a=b'() { + when: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'header'(name : 'a', value: 'b') + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + + then: + assertHeaders(response, ['a':'b']) + } + + def 'http headers header a=b and c=d'() { + when: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'header'(name : 'a', value: 'b') + 'header'(name : 'c', value: 'd') + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + + then: + assertHeaders(response , ['a':'b', 'c':'d']) + } + + def 'http headers with ref'() { + setup: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'header'(ref:'headerWriter') + } + } + xml.'b:bean'(id: 'headerWriter', 'class': StaticHeadersWriter.name) { + 'b:constructor-arg'(value:'abc') {} + 'b:constructor-arg'(value:'def') {} + } + createAppContext() + when: + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + then: + assertHeaders(response, ['abc':'def']) + } + + def 'http headers header no name produces error'() { + when: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'header'(value: 'b') + } + } + createAppContext() + + then: + thrown(BeanCreationException) + } + + def 'http headers header no value produces error'() { + when: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'header'(name: 'a') + } + } + createAppContext() + + then: + thrown(BeanCreationException) + } + + def 'http headers xss-protection defaults'() { + when: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'xss-protection'() + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + + then: + assertHeaders(response, ['X-XSS-Protection':'1; mode=block']) + } + + def 'http headers xss-protection enabled=true'() { + when: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'xss-protection'(enabled:'true') + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + + then: + assertHeaders(response, ['X-XSS-Protection':'1; mode=block']) + } + + def 'http headers xss-protection enabled=false'() { + when: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'xss-protection'(enabled:'false') + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + MockHttpServletResponse response = new MockHttpServletResponse() + hf.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + + then: + assertHeaders(response, ['X-XSS-Protection':'0']) + } + + def 'http headers xss-protection enabled=false and block=true produces error'() { + when: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'xss-protection'(enabled:'false', block:'true') + } + } + createAppContext() + + def hf = getFilter(HeaderWriterFilter) + + then: + BeanCreationException e = thrown() + e.message.contains 'Cannot set block to true with enabled false' + } + + def 'http headers cache-control'() { + setup: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'cache-control'() + } + } + createAppContext() + def springSecurityFilterChain = appContext.getBean(FilterChainProxy) + MockHttpServletResponse response = new MockHttpServletResponse() + when: + springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + then: + assertHeaders(response, ['Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate', + 'Expires' : '0', + 'Pragma':'no-cache']) + } + + def 'http headers hsts'() { + setup: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'hsts'() + } + } + createAppContext() + def springSecurityFilterChain = appContext.getBean(FilterChainProxy) + MockHttpServletResponse response = new MockHttpServletResponse() + when: + springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) + then: + assertHeaders(response, ['Strict-Transport-Security': 'max-age=31536000 ; includeSubDomains']) + } + + def 'http headers hsts default only invokes on HttpServletRequest.isSecure = true'() { + setup: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'hsts'() + } + } + createAppContext() + def springSecurityFilterChain = appContext.getBean(FilterChainProxy) + MockHttpServletResponse response = new MockHttpServletResponse() + when: + springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + then: + response.headerNames.empty + } + + def 'http headers hsts custom'() { + setup: + httpAutoConfig { + 'headers'('defaults-disabled':true) { + 'hsts'('max-age-seconds':'1','include-subdomains':false, 'request-matcher-ref' : 'matcher') + } + } + + xml.'b:bean'(id: 'matcher', 'class': AnyRequestMatcher.name) + createAppContext() + def springSecurityFilterChain = appContext.getBean(FilterChainProxy) + MockHttpServletResponse response = new MockHttpServletResponse() + when: + springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + then: + assertHeaders(response, ['Strict-Transport-Security': 'max-age=1']) + } + + // --- disable single default header --- + + def 'http headers cache-controls@disabled=true'() { + setup: + httpAutoConfig { + 'headers'() { + 'cache-control'(disabled:true) + } + } + createAppContext() + def springSecurityFilterChain = appContext.getBean(FilterChainProxy) + MockHttpServletResponse response = new MockHttpServletResponse() + def expectedHeaders = [:] << defaultHeaders + expectedHeaders.remove('Cache-Control') + expectedHeaders.remove('Expires') + expectedHeaders.remove('Pragma') + when: + springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) + then: + assertHeaders(response, expectedHeaders) + } + + def 'http headers content-type-options@disabled=true'() { + setup: + httpAutoConfig { + 'headers'() { + 'content-type-options'(disabled:true) + } + } + createAppContext() + def springSecurityFilterChain = appContext.getBean(FilterChainProxy) + MockHttpServletResponse response = new MockHttpServletResponse() + def expectedHeaders = [:] << defaultHeaders + expectedHeaders.remove('X-Content-Type-Options') + when: + springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) + then: + assertHeaders(response, expectedHeaders) + } + + def 'http headers hsts@disabled=true'() { + setup: + httpAutoConfig { + 'headers'() { + 'hsts'(disabled:true) + } + } + createAppContext() + def springSecurityFilterChain = appContext.getBean(FilterChainProxy) + MockHttpServletResponse response = new MockHttpServletResponse() + def expectedHeaders = [:] << defaultHeaders + expectedHeaders.remove('Strict-Transport-Security') + when: + springSecurityFilterChain.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()) + then: + assertHeaders(response, expectedHeaders) + } + + def 'http headers frame-options@disabled=true'() { + setup: + httpAutoConfig { + 'headers'() { + 'frame-options'(disabled:true) + } + } + createAppContext() + def springSecurityFilterChain = appContext.getBean(FilterChainProxy) + MockHttpServletResponse response = new MockHttpServletResponse() + def expectedHeaders = [:] << defaultHeaders + expectedHeaders.remove('X-Frame-Options') + when: + springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) + then: + assertHeaders(response, expectedHeaders) + } + + def 'http headers xss-protection@disabled=true'() { + setup: + httpAutoConfig { + 'headers'() { + 'xss-protection'(disabled:true) + } + } + createAppContext() + def springSecurityFilterChain = appContext.getBean(FilterChainProxy) + MockHttpServletResponse response = new MockHttpServletResponse() + def expectedHeaders = [:] << defaultHeaders + expectedHeaders.remove('X-XSS-Protection') + when: + springSecurityFilterChain.doFilter(new MockHttpServletRequest(secure:true), response, new MockFilterChain()) + then: + assertHeaders(response, expectedHeaders) + } + + // --- disable error handling --- + + def 'http headers hsts@disabled=true no include-subdomains'() { + setup: + httpAutoConfig { + 'headers'() { + 'hsts'(disabled:true,'include-subdomains':true) + } + } + when: + createAppContext() + then: + BeanDefinitionParsingException expected = thrown() + expected.message.contains 'include-subdomains' + } + + def 'http headers hsts@disabled=true no max-age'() { + setup: + httpAutoConfig { + 'headers'() { + 'hsts'(disabled:true,'max-age-seconds':123) + } + } + when: + createAppContext() + then: + BeanDefinitionParsingException expected = thrown() + expected.message.contains 'max-age' + } + + def 'http headers hsts@disabled=true no matcher-ref'() { + setup: + httpAutoConfig { + 'headers'() { + 'hsts'(disabled:true,'request-matcher-ref':'matcher') + } + } + xml.'b:bean'(id: 'matcher', 'class': AnyRequestMatcher.name) + when: + createAppContext() + then: + BeanDefinitionParsingException expected = thrown() + expected.message.contains 'request-matcher-ref' + } + + def 'http xss@disabled=true no enabled'() { + setup: + httpAutoConfig { + 'headers'() { + 'xss-protection'(disabled:true,'enabled':true) + } + } + when: + createAppContext() + then: + BeanDefinitionParsingException expected = thrown() + expected.message.contains 'enabled' + } + + def 'http xss@disabled=true no block'() { + setup: + httpAutoConfig { + 'headers'() { + 'xss-protection'(disabled:true,'block':true) + } + } + when: + createAppContext() + then: + BeanDefinitionParsingException expected = thrown() + expected.message.contains 'block' + } + + def 'http frame-options@disabled=true no policy'() { + setup: + httpAutoConfig { + 'headers'() { + 'frame-options'(disabled:true,'policy':'DENY') + } + } + when: + createAppContext() + then: + BeanDefinitionParsingException expected = thrown() + expected.message.contains 'policy' + } + + def assertHeaders(MockHttpServletResponse response, Map expected) { + assert response.headerNames == expected.keySet() + expected.each { headerName, value -> + assert response.getHeaderValues(headerName) == [value] + } + } } diff --git a/config/src/test/groovy/org/springframework/security/config/http/HttpOpenIDConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/HttpOpenIDConfigTests.groovy index 7b48a72759..e9ecbb209e 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/HttpOpenIDConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/HttpOpenIDConfigTests.groovy @@ -23,132 +23,132 @@ import javax.servlet.Filter */ class OpenIDConfigTests extends AbstractHttpConfigTests { - def openIDAndFormLoginWorkTogether() { - xml.http() { - 'openid-login'() - 'form-login'() - } - createAppContext() + def openIDAndFormLoginWorkTogether() { + xml.http() { + 'openid-login'() + 'form-login'() + } + createAppContext() - def etf = getFilter(ExceptionTranslationFilter) - def ap = etf.getAuthenticationEntryPoint(); + def etf = getFilter(ExceptionTranslationFilter) + def ap = etf.getAuthenticationEntryPoint(); - expect: - ap.loginFormUrl == "/login" - // Default login filter should be present since we haven't specified any login URLs - getFilter(DefaultLoginPageGeneratingFilter) != null - } + expect: + ap.loginFormUrl == "/login" + // Default login filter should be present since we haven't specified any login URLs + getFilter(DefaultLoginPageGeneratingFilter) != null + } - def formLoginEntryPointTakesPrecedenceIfLoginUrlIsSet() { - xml.http() { - 'openid-login'() - 'form-login'('login-page': '/form-page') - } - createAppContext() + def formLoginEntryPointTakesPrecedenceIfLoginUrlIsSet() { + xml.http() { + 'openid-login'() + 'form-login'('login-page': '/form-page') + } + createAppContext() - expect: - getFilter(ExceptionTranslationFilter).authenticationEntryPoint.loginFormUrl == '/form-page' - } + expect: + getFilter(ExceptionTranslationFilter).authenticationEntryPoint.loginFormUrl == '/form-page' + } - def openIDEntryPointTakesPrecedenceIfLoginUrlIsSet() { - xml.http() { - 'openid-login'('login-page': '/openid-page') - 'form-login'() - } - createAppContext() + def openIDEntryPointTakesPrecedenceIfLoginUrlIsSet() { + xml.http() { + 'openid-login'('login-page': '/openid-page') + 'form-login'() + } + createAppContext() - expect: - getFilter(ExceptionTranslationFilter).authenticationEntryPoint.loginFormUrl == '/openid-page' - } + expect: + getFilter(ExceptionTranslationFilter).authenticationEntryPoint.loginFormUrl == '/openid-page' + } - def multipleLoginPagesCausesError() { - when: - xml.http() { - 'openid-login'('login-page': '/openid-page') - 'form-login'('login-page': '/form-page') - } - createAppContext() - then: - thrown(BeanDefinitionParsingException) - } + def multipleLoginPagesCausesError() { + when: + xml.http() { + 'openid-login'('login-page': '/openid-page') + 'form-login'('login-page': '/form-page') + } + createAppContext() + then: + thrown(BeanDefinitionParsingException) + } - def openIDAndRememberMeWorkTogether() { - xml.debug() - xml.http() { - interceptUrl('/**', 'denyAll') - 'openid-login'() - 'remember-me'() - 'csrf'(disabled:true) - } - createAppContext() + def openIDAndRememberMeWorkTogether() { + xml.debug() + xml.http() { + interceptUrl('/**', 'denyAll') + 'openid-login'() + 'remember-me'() + 'csrf'(disabled:true) + } + createAppContext() - // Default login filter should be present since we haven't specified any login URLs - def loginFilter = getFilter(DefaultLoginPageGeneratingFilter) - def openIDFilter = getFilter(OpenIDAuthenticationFilter) - openIDFilter.setConsumer(new OpenIDConsumer() { - public String beginConsumption(HttpServletRequest req, String claimedIdentity, String returnToUrl, String realm) - throws OpenIDConsumerException { - return "http://testopenid.com?openid.return_to=" + returnToUrl; - } + // Default login filter should be present since we haven't specified any login URLs + def loginFilter = getFilter(DefaultLoginPageGeneratingFilter) + def openIDFilter = getFilter(OpenIDAuthenticationFilter) + openIDFilter.setConsumer(new OpenIDConsumer() { + public String beginConsumption(HttpServletRequest req, String claimedIdentity, String returnToUrl, String realm) + throws OpenIDConsumerException { + return "http://testopenid.com?openid.return_to=" + returnToUrl; + } - public OpenIDAuthenticationToken endConsumption(HttpServletRequest req) throws OpenIDConsumerException { - throw new UnsupportedOperationException(); - } - }) - Set returnToUrlParameters = new HashSet() - returnToUrlParameters.add(AbstractRememberMeServices.DEFAULT_PARAMETER) - openIDFilter.setReturnToUrlParameters(returnToUrlParameters) - assert loginFilter.openIDrememberMeParameter != null + public OpenIDAuthenticationToken endConsumption(HttpServletRequest req) throws OpenIDConsumerException { + throw new UnsupportedOperationException(); + } + }) + Set returnToUrlParameters = new HashSet() + returnToUrlParameters.add(AbstractRememberMeServices.DEFAULT_PARAMETER) + openIDFilter.setReturnToUrlParameters(returnToUrlParameters) + assert loginFilter.openIDrememberMeParameter != null - MockHttpServletRequest request = new MockHttpServletRequest(method:'GET'); - MockHttpServletResponse response = new MockHttpServletResponse(); + MockHttpServletRequest request = new MockHttpServletRequest(method:'GET'); + MockHttpServletResponse response = new MockHttpServletResponse(); - when: "Initial request is made" - Filter fc = appContext.getBean(BeanIds.SPRING_SECURITY_FILTER_CHAIN) - request.setServletPath("/something.html") - fc.doFilter(request, response, new MockFilterChain()) - then: "Redirected to login" - response.getRedirectedUrl().endsWith("/login") - when: "Login page is requested" - request.setServletPath("/login") - request.setRequestURI("/login") - response = new MockHttpServletResponse() - fc.doFilter(request, response, new MockFilterChain()) - then: "Remember-me choice is added to page" - response.getContentAsString().contains(AbstractRememberMeServices.DEFAULT_PARAMETER) - when: "Login is submitted with remember-me selected" - request.servletPath = "/login/openid" - request.setParameter(OpenIDAuthenticationFilter.DEFAULT_CLAIMED_IDENTITY_FIELD, "http://hey.openid.com/") - request.setParameter(AbstractRememberMeServices.DEFAULT_PARAMETER, "on") - response = new MockHttpServletResponse(); - fc.doFilter(request, response, new MockFilterChain()); - String expectedReturnTo = request.getRequestURL().append("?") - .append(AbstractRememberMeServices.DEFAULT_PARAMETER) - .append("=").append("on").toString(); - then: "return_to URL contains remember-me choice" - response.getRedirectedUrl() == "http://testopenid.com?openid.return_to=" + expectedReturnTo - } + when: "Initial request is made" + Filter fc = appContext.getBean(BeanIds.SPRING_SECURITY_FILTER_CHAIN) + request.setServletPath("/something.html") + fc.doFilter(request, response, new MockFilterChain()) + then: "Redirected to login" + response.getRedirectedUrl().endsWith("/login") + when: "Login page is requested" + request.setServletPath("/login") + request.setRequestURI("/login") + response = new MockHttpServletResponse() + fc.doFilter(request, response, new MockFilterChain()) + then: "Remember-me choice is added to page" + response.getContentAsString().contains(AbstractRememberMeServices.DEFAULT_PARAMETER) + when: "Login is submitted with remember-me selected" + request.servletPath = "/login/openid" + request.setParameter(OpenIDAuthenticationFilter.DEFAULT_CLAIMED_IDENTITY_FIELD, "http://hey.openid.com/") + request.setParameter(AbstractRememberMeServices.DEFAULT_PARAMETER, "on") + response = new MockHttpServletResponse(); + fc.doFilter(request, response, new MockFilterChain()); + String expectedReturnTo = request.getRequestURL().append("?") + .append(AbstractRememberMeServices.DEFAULT_PARAMETER) + .append("=").append("on").toString(); + then: "return_to URL contains remember-me choice" + response.getRedirectedUrl() == "http://testopenid.com?openid.return_to=" + expectedReturnTo + } - def openIDWithAttributeExchangeConfigurationIsParsedCorrectly() { - xml.http() { - 'openid-login'() { - 'attribute-exchange'() { - 'openid-attribute'(name: 'nickname', type: 'http://schema.openid.net/namePerson/friendly') - 'openid-attribute'(name: 'email', type: 'http://schema.openid.net/contact/email', required: 'true', - 'count': '2') - } - } - } - createAppContext() + def openIDWithAttributeExchangeConfigurationIsParsedCorrectly() { + xml.http() { + 'openid-login'() { + 'attribute-exchange'() { + 'openid-attribute'(name: 'nickname', type: 'http://schema.openid.net/namePerson/friendly') + 'openid-attribute'(name: 'email', type: 'http://schema.openid.net/contact/email', required: 'true', + 'count': '2') + } + } + } + createAppContext() - List attributes = getFilter(OpenIDAuthenticationFilter).consumer.attributesToFetchFactory.createAttributeList('http://someid') + List attributes = getFilter(OpenIDAuthenticationFilter).consumer.attributesToFetchFactory.createAttributeList('http://someid') - expect: - attributes.size() == 2 - attributes[0].name == 'nickname' - attributes[0].type == 'http://schema.openid.net/namePerson/friendly' - !attributes[0].required - attributes[1].required - attributes[1].getCount() == 2 - } + expect: + attributes.size() == 2 + attributes[0].name == 'nickname' + attributes[0].type == 'http://schema.openid.net/namePerson/friendly' + !attributes[0].required + attributes[1].required + attributes[1].getCount() == 2 + } } diff --git a/config/src/test/groovy/org/springframework/security/config/http/InterceptUrlConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/InterceptUrlConfigTests.groovy index 3a5a40c9b3..39471250da 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/InterceptUrlConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/InterceptUrlConfigTests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -85,80 +85,80 @@ import org.springframework.security.authentication.AuthenticationManager class InterceptUrlConfigTests extends AbstractHttpConfigTests { def "SEC-2256: intercept-url method is not given priority"() { - when: - httpAutoConfig { - 'intercept-url'(pattern: '/anyurl', access: "ROLE_USER") - 'intercept-url'(pattern: '/anyurl', 'method':'GET',access: 'ROLE_ADMIN') - } - createAppContext() + when: + httpAutoConfig { + 'intercept-url'(pattern: '/anyurl', access: "ROLE_USER") + 'intercept-url'(pattern: '/anyurl', 'method':'GET',access: 'ROLE_ADMIN') + } + createAppContext() - def fids = getFilter(FilterSecurityInterceptor).securityMetadataSource - def attrs = fids.getAttributes(createFilterinvocation("/anyurl", "GET")) - def attrsPost = fids.getAttributes(createFilterinvocation("/anyurl", "POST")) + def fids = getFilter(FilterSecurityInterceptor).securityMetadataSource + def attrs = fids.getAttributes(createFilterinvocation("/anyurl", "GET")) + def attrsPost = fids.getAttributes(createFilterinvocation("/anyurl", "POST")) - then: - attrs.size() == 1 - attrs.contains(new SecurityConfig("ROLE_USER")) - attrsPost.size() == 1 - attrsPost.contains(new SecurityConfig("ROLE_USER")) + then: + attrs.size() == 1 + attrs.contains(new SecurityConfig("ROLE_USER")) + attrsPost.size() == 1 + attrsPost.contains(new SecurityConfig("ROLE_USER")) } def "SEC-2355: intercept-url support patch"() { - setup: - MockHttpServletRequest request = new MockHttpServletRequest(method:'GET') - MockHttpServletResponse response = new MockHttpServletResponse() - MockFilterChain chain = new MockFilterChain() - xml.http('use-expressions':false) { - 'http-basic'() - 'intercept-url'(pattern: '/**', 'method':'PATCH',access: 'ROLE_ADMIN') - csrf(disabled:true) - } - createAppContext() - when: 'Method other than PATCH is used' - springSecurityFilterChain.doFilter(request,response,chain) - then: 'The response is OK' - response.status == HttpServletResponse.SC_OK - when: 'Method of PATCH is used' - request = new MockHttpServletRequest(method:'PATCH') - response = new MockHttpServletResponse() - chain = new MockFilterChain() - springSecurityFilterChain.doFilter(request, response, chain) - then: 'The response is unauthorized' - response.status == HttpServletResponse.SC_UNAUTHORIZED + setup: + MockHttpServletRequest request = new MockHttpServletRequest(method:'GET') + MockHttpServletResponse response = new MockHttpServletResponse() + MockFilterChain chain = new MockFilterChain() + xml.http('use-expressions':false) { + 'http-basic'() + 'intercept-url'(pattern: '/**', 'method':'PATCH',access: 'ROLE_ADMIN') + csrf(disabled:true) + } + createAppContext() + when: 'Method other than PATCH is used' + springSecurityFilterChain.doFilter(request,response,chain) + then: 'The response is OK' + response.status == HttpServletResponse.SC_OK + when: 'Method of PATCH is used' + request = new MockHttpServletRequest(method:'PATCH') + response = new MockHttpServletResponse() + chain = new MockFilterChain() + springSecurityFilterChain.doFilter(request, response, chain) + then: 'The response is unauthorized' + response.status == HttpServletResponse.SC_UNAUTHORIZED } - def "intercept-url supports hasAnyRoles"() { - setup: - MockHttpServletRequest request = new MockHttpServletRequest(method:'GET') - MockHttpServletResponse response = new MockHttpServletResponse() - MockFilterChain chain = new MockFilterChain() - xml.http('use-expressions':true) { - 'http-basic'() - 'intercept-url'(pattern: '/**', access: "hasAnyRole('ROLE_DEVELOPER','ROLE_USER')") - csrf(disabled:true) - } - when: - createAppContext() - then: 'no error' - noExceptionThrown() - when: 'ROLE_USER can access' - login(request, 'user', 'password') - springSecurityFilterChain.doFilter(request,response,chain) - then: 'The response is OK' - response.status == HttpServletResponse.SC_OK - when: 'ROLE_A cannot access' - request = new MockHttpServletRequest(method:'GET') - response = new MockHttpServletResponse() - chain = new MockFilterChain() - login(request, 'bob', 'bobspassword') - springSecurityFilterChain.doFilter(request,response,chain) - then: 'The response is Forbidden' - response.status == HttpServletResponse.SC_FORBIDDEN + def "intercept-url supports hasAnyRoles"() { + setup: + MockHttpServletRequest request = new MockHttpServletRequest(method:'GET') + MockHttpServletResponse response = new MockHttpServletResponse() + MockFilterChain chain = new MockFilterChain() + xml.http('use-expressions':true) { + 'http-basic'() + 'intercept-url'(pattern: '/**', access: "hasAnyRole('ROLE_DEVELOPER','ROLE_USER')") + csrf(disabled:true) + } + when: + createAppContext() + then: 'no error' + noExceptionThrown() + when: 'ROLE_USER can access' + login(request, 'user', 'password') + springSecurityFilterChain.doFilter(request,response,chain) + then: 'The response is OK' + response.status == HttpServletResponse.SC_OK + when: 'ROLE_A cannot access' + request = new MockHttpServletRequest(method:'GET') + response = new MockHttpServletResponse() + chain = new MockFilterChain() + login(request, 'bob', 'bobspassword') + springSecurityFilterChain.doFilter(request,response,chain) + then: 'The response is Forbidden' + response.status == HttpServletResponse.SC_FORBIDDEN - } + } - def login(MockHttpServletRequest request, String username, String password) { - String toEncode = username + ':' + password - request.addHeader('Authorization','Basic ' + new String(Base64.encode(toEncode.getBytes('UTF-8')))) - } + def login(MockHttpServletRequest request, String username, String password) { + String toEncode = username + ':' + password + request.addHeader('Authorization','Basic ' + new String(Base64.encode(toEncode.getBytes('UTF-8')))) + } } \ No newline at end of file diff --git a/config/src/test/groovy/org/springframework/security/config/http/MiscHttpConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/MiscHttpConfigTests.groovy index 17fdadcfeb..befef784a3 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/MiscHttpConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/MiscHttpConfigTests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -84,719 +84,719 @@ import org.springframework.security.authentication.AuthenticationManager */ class MiscHttpConfigTests extends AbstractHttpConfigTests { - def 'Minimal configuration parses'() { - setup: - xml.http { - 'http-basic'() - } - createAppContext() - } + def 'Minimal configuration parses'() { + setup: + xml.http { + 'http-basic'() + } + createAppContext() + } - def httpAutoConfigSetsUpCorrectFilterList() { - when: - xml.http('auto-config': 'true') - createAppContext() + def httpAutoConfigSetsUpCorrectFilterList() { + when: + xml.http('auto-config': 'true') + createAppContext() - then: - filtersMatchExpectedAutoConfigList('/anyurl'); - } + then: + filtersMatchExpectedAutoConfigList('/anyurl'); + } - void filtersMatchExpectedAutoConfigList(String url) { - def filterList = getFilters(url); - Iterator filters = filterList.iterator(); + void filtersMatchExpectedAutoConfigList(String url) { + def filterList = getFilters(url); + Iterator filters = filterList.iterator(); - assert filters.next() instanceof SecurityContextPersistenceFilter - assert filters.next() instanceof WebAsyncManagerIntegrationFilter - assert filters.next() instanceof HeaderWriterFilter - assert filters.next() instanceof CsrfFilter - assert filters.next() instanceof LogoutFilter - Object authProcFilter = filters.next(); - assert authProcFilter instanceof UsernamePasswordAuthenticationFilter - assert filters.next() instanceof DefaultLoginPageGeneratingFilter - assert filters.next() instanceof BasicAuthenticationFilter - assert filters.next() instanceof RequestCacheAwareFilter - assert filters.next() instanceof SecurityContextHolderAwareRequestFilter - assert filters.next() instanceof AnonymousAuthenticationFilter - assert filters.next() instanceof SessionManagementFilter - assert filters.next() instanceof ExceptionTranslationFilter - Object fsiObj = filters.next(); - assert fsiObj instanceof FilterSecurityInterceptor - def fsi = (FilterSecurityInterceptor) fsiObj; - assert fsi.isObserveOncePerRequest() - } + assert filters.next() instanceof SecurityContextPersistenceFilter + assert filters.next() instanceof WebAsyncManagerIntegrationFilter + assert filters.next() instanceof HeaderWriterFilter + assert filters.next() instanceof CsrfFilter + assert filters.next() instanceof LogoutFilter + Object authProcFilter = filters.next(); + assert authProcFilter instanceof UsernamePasswordAuthenticationFilter + assert filters.next() instanceof DefaultLoginPageGeneratingFilter + assert filters.next() instanceof BasicAuthenticationFilter + assert filters.next() instanceof RequestCacheAwareFilter + assert filters.next() instanceof SecurityContextHolderAwareRequestFilter + assert filters.next() instanceof AnonymousAuthenticationFilter + assert filters.next() instanceof SessionManagementFilter + assert filters.next() instanceof ExceptionTranslationFilter + Object fsiObj = filters.next(); + assert fsiObj instanceof FilterSecurityInterceptor + def fsi = (FilterSecurityInterceptor) fsiObj; + assert fsi.isObserveOncePerRequest() + } - def filterListShouldBeEmptyForPatternWithNoFilters() { - xml.debug() - xml.http(pattern: '/unprotected', security: 'none') - httpAutoConfig() {} - createAppContext() + def filterListShouldBeEmptyForPatternWithNoFilters() { + xml.debug() + xml.http(pattern: '/unprotected', security: 'none') + httpAutoConfig() {} + createAppContext() - expect: - getFilters("/unprotected").size() == 0 - } + expect: + getFilters("/unprotected").size() == 0 + } - def debugFilterHandlesMissingAndEmptyFilterChains() { - when: - xml.debug() - xml.http(pattern: '/unprotected', security: 'none') - createAppContext() - then: - Filter debugFilter = appContext.getBean(BeanIds.SPRING_SECURITY_FILTER_CHAIN); - MockHttpServletRequest request = new MockHttpServletRequest() - request.setServletPath("/unprotected"); - debugFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain()); - request.setServletPath("/nomatch"); - debugFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain()); - } + def debugFilterHandlesMissingAndEmptyFilterChains() { + when: + xml.debug() + xml.http(pattern: '/unprotected', security: 'none') + createAppContext() + then: + Filter debugFilter = appContext.getBean(BeanIds.SPRING_SECURITY_FILTER_CHAIN); + MockHttpServletRequest request = new MockHttpServletRequest() + request.setServletPath("/unprotected"); + debugFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain()); + request.setServletPath("/nomatch"); + debugFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain()); + } - def regexPathsWorkCorrectly() { - xml.http(pattern: '\\A\\/[a-z]+', security: 'none', 'request-matcher': 'regex') - httpAutoConfig() {} - createAppContext() + def regexPathsWorkCorrectly() { + xml.http(pattern: '\\A\\/[a-z]+', security: 'none', 'request-matcher': 'regex') + httpAutoConfig() {} + createAppContext() - expect: - getFilters('/imlowercase').size() == 0 - filtersMatchExpectedAutoConfigList('/MixedCase'); - } + expect: + getFilters('/imlowercase').size() == 0 + filtersMatchExpectedAutoConfigList('/MixedCase'); + } - def ciRegexPathsWorkCorrectly() { - when: - xml.http(pattern: '\\A\\/[a-z]+', security: 'none', 'request-matcher': 'ciRegex') - httpAutoConfig() {} - createAppContext() + def ciRegexPathsWorkCorrectly() { + when: + xml.http(pattern: '\\A\\/[a-z]+', security: 'none', 'request-matcher': 'ciRegex') + httpAutoConfig() {} + createAppContext() - then: - getFilters('/imMixedCase').size() == 0 - filtersMatchExpectedAutoConfigList('/Im_caught_by_the_Universal_Match'); - } + then: + getFilters('/imMixedCase').size() == 0 + filtersMatchExpectedAutoConfigList('/Im_caught_by_the_Universal_Match'); + } - def requestMatcherRefWorksCorrectly() { - xml.http('request-matcher-ref': 'matcher', security: 'none') - bean('matcher', AntPathRequestMatcher.class.name, ['/nofilters']) - httpAutoConfig() {} - createAppContext() + def requestMatcherRefWorksCorrectly() { + xml.http('request-matcher-ref': 'matcher', security: 'none') + bean('matcher', AntPathRequestMatcher.class.name, ['/nofilters']) + httpAutoConfig() {} + createAppContext() - expect: - getFilters('/nofilters').size() == 0 - filtersMatchExpectedAutoConfigList('/somethingElse'); - } + expect: + getFilters('/nofilters').size() == 0 + filtersMatchExpectedAutoConfigList('/somethingElse'); + } - // SEC-1152 - def anonymousFilterIsAddedByDefault() { - xml.http { - 'form-login'() - } - createAppContext() + // SEC-1152 + def anonymousFilterIsAddedByDefault() { + xml.http { + 'form-login'() + } + createAppContext() - expect: - getFilters("/anything")[8] instanceof AnonymousAuthenticationFilter - } + expect: + getFilters("/anything")[8] instanceof AnonymousAuthenticationFilter + } - def anonymousFilterIsRemovedIfDisabledFlagSet() { - xml.http { - 'form-login'() - 'anonymous'(enabled: 'false') - } - createAppContext() + def anonymousFilterIsRemovedIfDisabledFlagSet() { + xml.http { + 'form-login'() + 'anonymous'(enabled: 'false') + } + createAppContext() - expect: - !(getFilters("/anything").get(5) instanceof AnonymousAuthenticationFilter) - } + expect: + !(getFilters("/anything").get(5) instanceof AnonymousAuthenticationFilter) + } - def anonymousCustomAttributesAreSetCorrectly() { - xml.http { - 'form-login'() - 'anonymous'(username: 'joe', 'granted-authority':'anonymity', key: 'customKey') - } - createAppContext() + def anonymousCustomAttributesAreSetCorrectly() { + xml.http { + 'form-login'() + 'anonymous'(username: 'joe', 'granted-authority':'anonymity', key: 'customKey') + } + createAppContext() - AnonymousAuthenticationFilter filter = getFilter(AnonymousAuthenticationFilter); - def providers = appContext.getBeansOfType(AuthenticationManager).values()*.providers.flatten() + AnonymousAuthenticationFilter filter = getFilter(AnonymousAuthenticationFilter); + def providers = appContext.getBeansOfType(AuthenticationManager).values()*.providers.flatten() - expect: - 'customKey' == providers.find { it instanceof AnonymousAuthenticationProvider }.key - 'customKey' == filter.key - 'joe' == filter.principal - 'anonymity' == filter.authorities[0].authority - } + expect: + 'customKey' == providers.find { it instanceof AnonymousAuthenticationProvider }.key + 'customKey' == filter.key + 'joe' == filter.principal + 'anonymity' == filter.authorities[0].authority + } - def anonymousSupportsMultipleGrantedAuthorities() { - xml.http { - 'form-login'() - 'anonymous'(username: 'joe', 'granted-authority':'ROLE_INVITADO,ROLE_PROFILE_INVITADO,ROLE_GRUPO_PUBLICO', key: 'customKey') - } - createAppContext() + def anonymousSupportsMultipleGrantedAuthorities() { + xml.http { + 'form-login'() + 'anonymous'(username: 'joe', 'granted-authority':'ROLE_INVITADO,ROLE_PROFILE_INVITADO,ROLE_GRUPO_PUBLICO', key: 'customKey') + } + createAppContext() - AnonymousAuthenticationFilter filter = getFilter(AnonymousAuthenticationFilter); - def providers = appContext.getBeansOfType(AuthenticationManager).values()*.providers.flatten() + AnonymousAuthenticationFilter filter = getFilter(AnonymousAuthenticationFilter); + def providers = appContext.getBeansOfType(AuthenticationManager).values()*.providers.flatten() - expect: - 'customKey' == providers.find { it instanceof AnonymousAuthenticationProvider }.key - 'customKey' == filter.key - 'joe' == filter.principal - ['ROLE_INVITADO','ROLE_PROFILE_INVITADO','ROLE_GRUPO_PUBLICO'] == filter.authorities*.authority - } + expect: + 'customKey' == providers.find { it instanceof AnonymousAuthenticationProvider }.key + 'customKey' == filter.key + 'joe' == filter.principal + ['ROLE_INVITADO','ROLE_PROFILE_INVITADO','ROLE_GRUPO_PUBLICO'] == filter.authorities*.authority + } - def httpMethodMatchIsSupported() { - httpAutoConfig { - interceptUrl '/secure*', 'DELETE', 'ROLE_SUPERVISOR' - interceptUrl '/secure*', 'POST', 'ROLE_A,ROLE_B' - interceptUrl '/**', 'ROLE_C' - } - createAppContext() + def httpMethodMatchIsSupported() { + httpAutoConfig { + interceptUrl '/secure*', 'DELETE', 'ROLE_SUPERVISOR' + interceptUrl '/secure*', 'POST', 'ROLE_A,ROLE_B' + interceptUrl '/**', 'ROLE_C' + } + createAppContext() - def fids = getFilter(FilterSecurityInterceptor).getSecurityMetadataSource(); - def attrs = fids.getAttributes(createFilterinvocation("/secure", "POST")); + def fids = getFilter(FilterSecurityInterceptor).getSecurityMetadataSource(); + def attrs = fids.getAttributes(createFilterinvocation("/secure", "POST")); - expect: - attrs.size() == 2 - attrs.contains(new SecurityConfig("ROLE_A")) - attrs.contains(new SecurityConfig("ROLE_B")) - } + expect: + attrs.size() == 2 + attrs.contains(new SecurityConfig("ROLE_A")) + attrs.contains(new SecurityConfig("ROLE_B")) + } def httpMethodMatchIsSupportedForRequiresChannel() { - httpAutoConfig { - 'intercept-url'(pattern: '/anyurl') - 'intercept-url'(pattern: '/anyurl', 'method':'GET',access: 'ROLE_ADMIN', 'requires-channel': 'https') - } - createAppContext() + httpAutoConfig { + 'intercept-url'(pattern: '/anyurl') + 'intercept-url'(pattern: '/anyurl', 'method':'GET',access: 'ROLE_ADMIN', 'requires-channel': 'https') + } + createAppContext() - def fids = getFilter(ChannelProcessingFilter).getSecurityMetadataSource(); - def attrs = fids.getAttributes(createFilterinvocation("/anyurl", "GET")); - def attrsPost = fids.getAttributes(createFilterinvocation("/anyurl", "POST")); + def fids = getFilter(ChannelProcessingFilter).getSecurityMetadataSource(); + def attrs = fids.getAttributes(createFilterinvocation("/anyurl", "GET")); + def attrsPost = fids.getAttributes(createFilterinvocation("/anyurl", "POST")); - expect: - attrs.size() == 1 - attrs.contains(new SecurityConfig("REQUIRES_SECURE_CHANNEL")) - attrsPost == null + expect: + attrs.size() == 1 + attrs.contains(new SecurityConfig("REQUIRES_SECURE_CHANNEL")) + attrsPost == null } def httpMethodMatchIsSupportedForRequiresChannelAny() { - httpAutoConfig { - 'intercept-url'(pattern: '/**') - 'intercept-url'(pattern: '/**', 'method':'GET',access: 'ROLE_ADMIN', 'requires-channel': 'https') - } - createAppContext() + httpAutoConfig { + 'intercept-url'(pattern: '/**') + 'intercept-url'(pattern: '/**', 'method':'GET',access: 'ROLE_ADMIN', 'requires-channel': 'https') + } + createAppContext() - def fids = getFilter(ChannelProcessingFilter).getSecurityMetadataSource(); - def attrs = fids.getAttributes(createFilterinvocation("/anyurl", "GET")); - def attrsPost = fids.getAttributes(createFilterinvocation("/anyurl", "POST")); + def fids = getFilter(ChannelProcessingFilter).getSecurityMetadataSource(); + def attrs = fids.getAttributes(createFilterinvocation("/anyurl", "GET")); + def attrsPost = fids.getAttributes(createFilterinvocation("/anyurl", "POST")); - expect: - attrs.size() == 1 - attrs.contains(new SecurityConfig("REQUIRES_SECURE_CHANNEL")) - attrsPost == null + expect: + attrs.size() == 1 + attrs.contains(new SecurityConfig("REQUIRES_SECURE_CHANNEL")) + attrsPost == null } - def oncePerRequestAttributeIsSupported() { - xml.http('once-per-request': 'false') { - 'http-basic'() - } - createAppContext() - - expect: - !getFilter(FilterSecurityInterceptor).isObserveOncePerRequest() - } - - def httpBasicSupportsSeparateEntryPoint() { - xml.http() { - 'http-basic'('entry-point-ref': 'ep') - } - bean('ep', BasicAuthenticationEntryPoint.class.name, ['realmName':'whocares'],[:]) - createAppContext(); - - def baf = getFilter(BasicAuthenticationFilter) - def etf = getFilter(ExceptionTranslationFilter) - def ep = appContext.getBean("ep") - - expect: - baf.authenticationEntryPoint == ep - // Since no other authentication system is in use, this should also end up on the ETF - etf.authenticationEntryPoint == ep - } - - def interceptUrlWithRequiresChannelAddsChannelFilterToStack() { - httpAutoConfig { - 'intercept-url'(pattern: '/**', 'requires-channel': 'https') - } - createAppContext(); - List filters = getFilters("/someurl"); - - expect: - filters.size() == AUTO_CONFIG_FILTERS + 1 - filters[0] instanceof ChannelProcessingFilter - } - - def portMappingsAreParsedCorrectly() { - httpAutoConfig { - 'port-mappings'() { - 'port-mapping'(http: '9080', https: '9443') - } - } - createAppContext(); - - def pm = (appContext.getBeansOfType(PortMapperImpl).values() as List)[0]; - - expect: - pm.getTranslatedPortMappings().size() == 1 - pm.lookupHttpPort(9443) == 9080 - pm.lookupHttpsPort(9080) == 9443 - } - - def externalFiltersAreTreatedCorrectly() { - httpAutoConfig { - 'custom-filter'(position: 'FIRST', ref: '${customFilterRef}') - 'custom-filter'(after: 'LOGOUT_FILTER', ref: 'userFilter') - 'custom-filter'(before: 'SECURITY_CONTEXT_FILTER', ref: 'userFilter1') - } - bean('phc', PropertyPlaceholderConfigurer) - bean('userFilter', SecurityContextHolderAwareRequestFilter) - bean('userFilter1', SecurityContextPersistenceFilter) - - System.setProperty('customFilterRef', 'userFilter') - createAppContext(); - - def filters = getFilters("/someurl"); - - expect: - AUTO_CONFIG_FILTERS + 3 == filters.size(); - filters[0] instanceof SecurityContextHolderAwareRequestFilter - filters[1] instanceof SecurityContextPersistenceFilter - filters[7] instanceof SecurityContextHolderAwareRequestFilter - filters[1] instanceof SecurityContextPersistenceFilter - } - - def twoFiltersWithSameOrderAreRejected() { - when: - httpAutoConfig { - 'custom-filter'(position: 'LOGOUT_FILTER', ref: 'userFilter') - } - bean('userFilter', SecurityContextHolderAwareRequestFilter) - createAppContext(); - - then: - thrown(BeanDefinitionParsingException) - } - - def x509SupportAddsFilterAtExpectedPosition() { - httpAutoConfig { - x509() - } - createAppContext() - - expect: - getFilters("/someurl")[5] instanceof X509AuthenticationFilter - } - - def x509SubjectPrincipalRegexCanBeSetUsingPropertyPlaceholder() { - httpAutoConfig { - x509('subject-principal-regex':'${subject-principal-regex}') - } - bean('phc', PropertyPlaceholderConfigurer.class.name) - System.setProperty("subject-principal-regex", "uid=(.*),"); - createAppContext() - def filter = getFilter(X509AuthenticationFilter) - - expect: - filter.principalExtractor.subjectDnPattern.pattern() == "uid=(.*)," - } - - def invalidLogoutSuccessUrlIsDetected() { - when: - xml.http { - 'form-login'() - 'logout'('logout-success-url': 'noLeadingSlash') - } - createAppContext() - - then: - BeanCreationException e = thrown() - } - - def cookiesToDeleteOnLogoutUrlAddsCorrectLogoutHandler() { - xml.http { - 'logout'('delete-cookies': 'JSESSIONID, mycookie') - 'form-login'() - } - createAppContext() - def handlers = getFilter(LogoutFilter).handlers - - expect: - handlers[2] instanceof CookieClearingLogoutHandler - handlers[2].cookiesToClear[0] == 'JSESSIONID' - handlers[2].cookiesToClear[1] == 'mycookie' - } - - def logoutSuccessHandlerIsSetCorrectly() { - xml.http { - 'form-login'() - 'logout'('success-handler-ref': 'logoutHandler') - } - bean('logoutHandler', SimpleUrlLogoutSuccessHandler) - createAppContext() - - LogoutFilter filter = getFilter(LogoutFilter); - - expect: - FieldUtils.getFieldValue(filter, "logoutSuccessHandler") == appContext.getBean("logoutHandler") - } - - def externalRequestCacheIsConfiguredCorrectly() { - httpAutoConfig { - 'request-cache'(ref: 'cache') - } - bean('cache', HttpSessionRequestCache.class.name) - createAppContext() - - expect: - appContext.getBean("cache") == getFilter(ExceptionTranslationFilter.class).requestCache - } - - def customEntryPointIsSupported() { - xml.http('auto-config': 'true', 'entry-point-ref': 'entryPoint') {} - bean('entryPoint', MockEntryPoint.class.name) - createAppContext() - - expect: - getFilter(ExceptionTranslationFilter).getAuthenticationEntryPoint() instanceof MockEntryPoint - } - - /** - * See SEC-750. If the http security post processor causes beans to be instantiated too eagerly, they way miss - * additional processing. In this method we have a UserDetailsService which is referenced from the namespace - * and also has a post processor registered which will modify it. - */ - def httpElementDoesntInterfereWithBeanPostProcessing() { - xml.http('auto-config': 'true', 'entry-point-ref': 'entryPoint') {} - xml.'authentication-manager'() { - 'authentication-provider'('user-service-ref': 'myUserService') - 'authentication-provider'('ref': 'authProvider') - } - bean('authProvider', DaoAuthenticationProvider.class.name, [:], [userDetailsService: 'myUserService']) - bean('entryPoint', MockEntryPoint.class.name) - bean('myUserService', PostProcessedMockUserDetailsService) - bean('userServicePostProcessor', MockUserServiceBeanPostProcessor) - bean('nameCollectingPostProcessor', BeanNameCollectingPostProcessor) - createAppContext("") - def beanPP = appContext.getBean("nameCollectingPostProcessor") - Set preInitPPBeans = beanPP.beforeInitPostProcessedBeans - Set postInitPPBeans = beanPP.afterInitPostProcessedBeans - Set expectedBeans = ['authProvider', 'entryPoint', 'myUserService'] as Set - - expect: - appContext.getBean("myUserService").getPostProcessorWasHere() == "Hello from the post processor!" - preInitPPBeans.containsAll(expectedBeans) - postInitPPBeans.containsAll(expectedBeans) - } - - /* SEC-934 */ - def supportsTwoIdenticalInterceptUrls() { - httpAutoConfig { - interceptUrl ('/someUrl', 'ROLE_A') - interceptUrl ('/someUrl', 'ROLE_B') - } - createAppContext() - def fis = getFilter(FilterSecurityInterceptor) - def fids = fis.securityMetadataSource - Collection attrs = fids.getAttributes(createFilterinvocation("/someurl", null)); - - expect: - attrs.size() == 1 - attrs.contains(new SecurityConfig("ROLE_B")) - } - - def supportsExternallyDefinedSecurityContextRepository() { - xml.http('create-session': 'always', 'security-context-repository-ref': 'repo') { - 'http-basic'() - } - bean('repo', HttpSessionSecurityContextRepository) - createAppContext() - - def filter = getFilter(SecurityContextPersistenceFilter) - - expect: - filter.repo == appContext.getBean('repo') - filter.forceEagerSessionCreation - } - - def expressionBasedAccessAllowsAndDeniesAccessAsExpected() { - setup: - xml.http('auto-config': 'true', 'use-expressions': 'true') { - interceptUrl('/secure*', "hasAnyRole('ROLE_A','ROLE_C')") - interceptUrl('/**', 'permitAll') - } - createAppContext() - - def fis = getFilter(FilterSecurityInterceptor) - def fids = fis.getSecurityMetadataSource() - Collection attrs = fids.getAttributes(createFilterinvocation("/secure", null)); - assert 1 == attrs.size() - - when: "Unprotected URL" - SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("joe", "", "ROLE_A")); - fis.invoke(createFilterinvocation("/permitallurl", null)); - then: - notThrown(AccessDeniedException) - - when: "Invoking secure Url as a valid user" - fis.invoke(createFilterinvocation("/secure", null)); - then: - notThrown(AccessDeniedException) - - when: "User does not have the required role" - SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("joe", "", "ROLE_B")); - fis.invoke(createFilterinvocation("/secure", null)); - then: - thrown(AccessDeniedException) - } - - def expressionBasedAccessSupportsExternalExpressionHandler() { - setup: - xml.http('auto-config': 'true', 'use-expressions': 'true') { - interceptUrl('/**', "hasPermission('AnyObject','R')") - 'expression-handler'(ref: 'expressionHandler') - } - bean('expressionHandler', DefaultWebSecurityExpressionHandler.class.name, [:], [permissionEvaluator: 'pe']) - bean('pe', MockPermissionEvaluator) - createAppContext() - - def fis = getFilter(FilterSecurityInterceptor) - - when: "Invoking allowed URL protected by hasPermission() expression succeeds" - SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("joe", "", "ANY")); - fis.invoke(createFilterinvocation("/secure", null)); - then: - notThrown(AccessDeniedException) - } - - def protectedLoginPageReportsWarning() { - when: - xml.http('use-expressions': 'true') { - 'form-login'('login-page': '/login') - interceptUrl('/login*', "hasRole('ROLE_A')") - } - createAppContext() - then: - notThrown(BeansException) - } - - def disablingUrlRewritingThroughTheNamespaceSetsCorrectPropertyOnContextRepo() { - xml.http('auto-config': 'true', 'disable-url-rewriting': 'true') - createAppContext() - - expect: - getFilter(SecurityContextPersistenceFilter).repo.disableUrlRewriting - } - - def userDetailsServiceInParentContextIsLocatedSuccessfully() { - when: - createAppContext() - httpAutoConfig { - 'remember-me' - } - appContext = new InMemoryXmlApplicationContext(writer.toString(), appContext) - - then: - notThrown(BeansException) - } - - def httpConfigWithNoAuthProvidersWorksOk() { - when: "Http config has no internal authentication providers" - xml.debug() - xml.http() { - 'form-login'() - csrf(disabled:true) - anonymous(enabled: 'false') - } - createAppContext() - MockHttpServletRequest request = new MockHttpServletRequest("POST", "/login"); - request.setServletPath("/login"); - request.addParameter("username", "bob"); - request.addParameter("password", "bobspassword"); - then: "App context creation and login request succeed" - DebugFilter debugFilter = appContext.getBean(BeanIds.SPRING_SECURITY_FILTER_CHAIN); - debugFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain()); - appListener.events.size() == 2 - appListener.authenticationEvents.size() == 2 - } - - def eraseCredentialsDefaultsToTrue() { - xml.http() { - 'form-login'() - } - createAppContext() - expect: - getFilter(UsernamePasswordAuthenticationFilter).authenticationManager.eraseCredentialsAfterAuthentication - } - - def eraseCredentialsIsSetFromParentAuthenticationManager() { - xml.http() { - 'form-login'() - } - createAppContext(""); - expect: - !getFilter(UsernamePasswordAuthenticationFilter).authenticationManager.eraseCredentialsAfterAuthentication - } - - def 'SEC-2020 authentication-manager@erase-credentials with http@authentication-manager-ref'() { - xml.http('authentication-manager-ref':'authMgr') { - 'form-login'() - } - createAppContext(""); - expect: - def authManager = getFilter(UsernamePasswordAuthenticationFilter).authenticationManager - !authManager.eraseCredentialsAfterAuthentication - !authManager.parent.eraseCredentialsAfterAuthentication - } - - def 'authentication-manager@erase-credentials with http@authentication-manager-ref not ProviderManager'() { - xml.http('authentication-manager-ref':'authMgr') { - 'form-login'() - } - xml.'b:bean'(id: 'authMgr', 'class': MockAuthenticationManager.class.name) - createAppContext() - expect: - def authManager = getFilter(UsernamePasswordAuthenticationFilter).authenticationManager - !authManager.eraseCredentialsAfterAuthentication - authManager.parent instanceof MockAuthenticationManager - } - - def jeeFilterExtractsExpectedRoles() { - xml.http() { - jee('mappable-roles': 'admin,user,a,b,c') - } - createAppContext() - FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY) - Principal p = Mock(Principal) - p.getName() >> 'joe' - - when: - - MockHttpServletRequest request = new MockHttpServletRequest("GET","/something") - request.setUserPrincipal(p) - request.addUserRole('admin') - request.addUserRole('user') - request.addUserRole('c') - request.addUserRole('notmapped') - fcp.doFilter(request, new MockHttpServletResponse(), new MockFilterChain()) - SecurityContext ctx = request.getSession().getAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY); - Set roles = AuthorityUtils.authorityListToSet(ctx.getAuthentication().getAuthorities()); - - then: - roles.size() == 3 - roles.contains 'ROLE_admin' - roles.contains 'ROLE_user' - roles.contains 'ROLE_c' - } - - def authenticationDetailsSourceInjectionSucceeds() { - xml.http() { - 'form-login'('authentication-details-source-ref' : 'adsr') - 'openid-login' ('authentication-details-source-ref' : 'adsr') - 'http-basic' ('authentication-details-source-ref' : 'adsr') - 'x509' ('authentication-details-source-ref' : 'adsr') - } - bean('adsr', 'org.springframework.security.web.authentication.WebAuthenticationDetailsSource') - createAppContext() - def adsr = appContext.getBean('adsr') - expect: - getFilter(UsernamePasswordAuthenticationFilter).authenticationDetailsSource == adsr - getFilter(OpenIDAuthenticationFilter).authenticationDetailsSource == adsr - getFilter(BasicAuthenticationFilter).authenticationDetailsSource == adsr - getFilter(X509AuthenticationFilter).authenticationDetailsSource == adsr - } - - def includeJaasApiIntegrationFilter() { - xml.http(['auto-config':'true','jaas-api-provision':'true']) - createAppContext() - expect: - getFilter(JaasApiIntegrationFilter.class) != null - } - - def httpFirewallInjectionIsSupported() { - xml.'http-firewall'(ref: 'fw') - xml.http() { - 'form-login'() - } - bean('fw', DefaultHttpFirewall) - createAppContext() - FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY) - expect: - fcp.firewall == appContext.getBean('fw') - } - - def customAccessDecisionManagerIsSupported() { - xml.http('auto-config': 'true', 'access-decision-manager-ref': 'adm') - xml.'b:bean'(id: 'adm', 'class': AffirmativeBased.class.name) { - 'b:constructor-arg' { - 'b:list'() { - 'b:bean'('class': RoleVoter.class.name) - 'b:bean'('class': RoleVoter.class.name) - 'b:bean'('class': RoleVoter.class.name) - 'b:bean'('class': WebExpressionVoter.class.name) - } - } - } - createAppContext() - expect: - getFilter(FilterSecurityInterceptor.class).accessDecisionManager.decisionVoters[3] instanceof WebExpressionVoter - } - - def customAuthenticationManagerIsSupported() { - xml.http('auto-config': 'true', 'authentication-manager-ref': 'am') - xml.'b:bean'(id: 'am', 'class': MockAuthenticationManager.class.name) - createAppContext("") - expect: - getFilter(UsernamePasswordAuthenticationFilter.class).authenticationManager.parent instanceof MockAuthenticationManager - } - - // SEC-1893 - def customPortMappings() { - when: 'A custom port-mappings is registered' - def expectedHttpsPortMappings = [8443:8080] - xml.http('auto-config': 'true') { - 'intercept-url'('pattern':'/**','requires-channel':'https') - 'port-mappings' { - 'port-mapping'(http:'8443',https:'8080') - } - } - createAppContext() - - then: 'All the components created by the namespace use that port mapping' - getFilter(RequestCacheAwareFilter.class).requestCache.portResolver.portMapper.httpsPortMappings == expectedHttpsPortMappings - - def channelProcessors = getFilter(ChannelProcessingFilter.class).channelDecisionManager.channelProcessors - channelProcessors.size() == 2 - channelProcessors.each { cp-> - cp.entryPoint.portMapper.httpsPortMappings == expectedHttpsPortMappings - cp.entryPoint.portResolver.portMapper.httpsPortMappings == expectedHttpsPortMappings - } - - def authEntryPoint = getFilter(ExceptionTranslationFilter.class).authenticationEntryPoint - authEntryPoint.portMapper.httpsPortMappings == expectedHttpsPortMappings - authEntryPoint.portResolver.portMapper.httpsPortMappings == expectedHttpsPortMappings - } + def oncePerRequestAttributeIsSupported() { + xml.http('once-per-request': 'false') { + 'http-basic'() + } + createAppContext() + + expect: + !getFilter(FilterSecurityInterceptor).isObserveOncePerRequest() + } + + def httpBasicSupportsSeparateEntryPoint() { + xml.http() { + 'http-basic'('entry-point-ref': 'ep') + } + bean('ep', BasicAuthenticationEntryPoint.class.name, ['realmName':'whocares'],[:]) + createAppContext(); + + def baf = getFilter(BasicAuthenticationFilter) + def etf = getFilter(ExceptionTranslationFilter) + def ep = appContext.getBean("ep") + + expect: + baf.authenticationEntryPoint == ep + // Since no other authentication system is in use, this should also end up on the ETF + etf.authenticationEntryPoint == ep + } + + def interceptUrlWithRequiresChannelAddsChannelFilterToStack() { + httpAutoConfig { + 'intercept-url'(pattern: '/**', 'requires-channel': 'https') + } + createAppContext(); + List filters = getFilters("/someurl"); + + expect: + filters.size() == AUTO_CONFIG_FILTERS + 1 + filters[0] instanceof ChannelProcessingFilter + } + + def portMappingsAreParsedCorrectly() { + httpAutoConfig { + 'port-mappings'() { + 'port-mapping'(http: '9080', https: '9443') + } + } + createAppContext(); + + def pm = (appContext.getBeansOfType(PortMapperImpl).values() as List)[0]; + + expect: + pm.getTranslatedPortMappings().size() == 1 + pm.lookupHttpPort(9443) == 9080 + pm.lookupHttpsPort(9080) == 9443 + } + + def externalFiltersAreTreatedCorrectly() { + httpAutoConfig { + 'custom-filter'(position: 'FIRST', ref: '${customFilterRef}') + 'custom-filter'(after: 'LOGOUT_FILTER', ref: 'userFilter') + 'custom-filter'(before: 'SECURITY_CONTEXT_FILTER', ref: 'userFilter1') + } + bean('phc', PropertyPlaceholderConfigurer) + bean('userFilter', SecurityContextHolderAwareRequestFilter) + bean('userFilter1', SecurityContextPersistenceFilter) + + System.setProperty('customFilterRef', 'userFilter') + createAppContext(); + + def filters = getFilters("/someurl"); + + expect: + AUTO_CONFIG_FILTERS + 3 == filters.size(); + filters[0] instanceof SecurityContextHolderAwareRequestFilter + filters[1] instanceof SecurityContextPersistenceFilter + filters[7] instanceof SecurityContextHolderAwareRequestFilter + filters[1] instanceof SecurityContextPersistenceFilter + } + + def twoFiltersWithSameOrderAreRejected() { + when: + httpAutoConfig { + 'custom-filter'(position: 'LOGOUT_FILTER', ref: 'userFilter') + } + bean('userFilter', SecurityContextHolderAwareRequestFilter) + createAppContext(); + + then: + thrown(BeanDefinitionParsingException) + } + + def x509SupportAddsFilterAtExpectedPosition() { + httpAutoConfig { + x509() + } + createAppContext() + + expect: + getFilters("/someurl")[5] instanceof X509AuthenticationFilter + } + + def x509SubjectPrincipalRegexCanBeSetUsingPropertyPlaceholder() { + httpAutoConfig { + x509('subject-principal-regex':'${subject-principal-regex}') + } + bean('phc', PropertyPlaceholderConfigurer.class.name) + System.setProperty("subject-principal-regex", "uid=(.*),"); + createAppContext() + def filter = getFilter(X509AuthenticationFilter) + + expect: + filter.principalExtractor.subjectDnPattern.pattern() == "uid=(.*)," + } + + def invalidLogoutSuccessUrlIsDetected() { + when: + xml.http { + 'form-login'() + 'logout'('logout-success-url': 'noLeadingSlash') + } + createAppContext() + + then: + BeanCreationException e = thrown() + } + + def cookiesToDeleteOnLogoutUrlAddsCorrectLogoutHandler() { + xml.http { + 'logout'('delete-cookies': 'JSESSIONID, mycookie') + 'form-login'() + } + createAppContext() + def handlers = getFilter(LogoutFilter).handlers + + expect: + handlers[2] instanceof CookieClearingLogoutHandler + handlers[2].cookiesToClear[0] == 'JSESSIONID' + handlers[2].cookiesToClear[1] == 'mycookie' + } + + def logoutSuccessHandlerIsSetCorrectly() { + xml.http { + 'form-login'() + 'logout'('success-handler-ref': 'logoutHandler') + } + bean('logoutHandler', SimpleUrlLogoutSuccessHandler) + createAppContext() + + LogoutFilter filter = getFilter(LogoutFilter); + + expect: + FieldUtils.getFieldValue(filter, "logoutSuccessHandler") == appContext.getBean("logoutHandler") + } + + def externalRequestCacheIsConfiguredCorrectly() { + httpAutoConfig { + 'request-cache'(ref: 'cache') + } + bean('cache', HttpSessionRequestCache.class.name) + createAppContext() + + expect: + appContext.getBean("cache") == getFilter(ExceptionTranslationFilter.class).requestCache + } + + def customEntryPointIsSupported() { + xml.http('auto-config': 'true', 'entry-point-ref': 'entryPoint') {} + bean('entryPoint', MockEntryPoint.class.name) + createAppContext() + + expect: + getFilter(ExceptionTranslationFilter).getAuthenticationEntryPoint() instanceof MockEntryPoint + } + + /** + * See SEC-750. If the http security post processor causes beans to be instantiated too eagerly, they way miss + * additional processing. In this method we have a UserDetailsService which is referenced from the namespace + * and also has a post processor registered which will modify it. + */ + def httpElementDoesntInterfereWithBeanPostProcessing() { + xml.http('auto-config': 'true', 'entry-point-ref': 'entryPoint') {} + xml.'authentication-manager'() { + 'authentication-provider'('user-service-ref': 'myUserService') + 'authentication-provider'('ref': 'authProvider') + } + bean('authProvider', DaoAuthenticationProvider.class.name, [:], [userDetailsService: 'myUserService']) + bean('entryPoint', MockEntryPoint.class.name) + bean('myUserService', PostProcessedMockUserDetailsService) + bean('userServicePostProcessor', MockUserServiceBeanPostProcessor) + bean('nameCollectingPostProcessor', BeanNameCollectingPostProcessor) + createAppContext("") + def beanPP = appContext.getBean("nameCollectingPostProcessor") + Set preInitPPBeans = beanPP.beforeInitPostProcessedBeans + Set postInitPPBeans = beanPP.afterInitPostProcessedBeans + Set expectedBeans = ['authProvider', 'entryPoint', 'myUserService'] as Set + + expect: + appContext.getBean("myUserService").getPostProcessorWasHere() == "Hello from the post processor!" + preInitPPBeans.containsAll(expectedBeans) + postInitPPBeans.containsAll(expectedBeans) + } + + /* SEC-934 */ + def supportsTwoIdenticalInterceptUrls() { + httpAutoConfig { + interceptUrl ('/someUrl', 'ROLE_A') + interceptUrl ('/someUrl', 'ROLE_B') + } + createAppContext() + def fis = getFilter(FilterSecurityInterceptor) + def fids = fis.securityMetadataSource + Collection attrs = fids.getAttributes(createFilterinvocation("/someurl", null)); + + expect: + attrs.size() == 1 + attrs.contains(new SecurityConfig("ROLE_B")) + } + + def supportsExternallyDefinedSecurityContextRepository() { + xml.http('create-session': 'always', 'security-context-repository-ref': 'repo') { + 'http-basic'() + } + bean('repo', HttpSessionSecurityContextRepository) + createAppContext() + + def filter = getFilter(SecurityContextPersistenceFilter) + + expect: + filter.repo == appContext.getBean('repo') + filter.forceEagerSessionCreation + } + + def expressionBasedAccessAllowsAndDeniesAccessAsExpected() { + setup: + xml.http('auto-config': 'true', 'use-expressions': 'true') { + interceptUrl('/secure*', "hasAnyRole('ROLE_A','ROLE_C')") + interceptUrl('/**', 'permitAll') + } + createAppContext() + + def fis = getFilter(FilterSecurityInterceptor) + def fids = fis.getSecurityMetadataSource() + Collection attrs = fids.getAttributes(createFilterinvocation("/secure", null)); + assert 1 == attrs.size() + + when: "Unprotected URL" + SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("joe", "", "ROLE_A")); + fis.invoke(createFilterinvocation("/permitallurl", null)); + then: + notThrown(AccessDeniedException) + + when: "Invoking secure Url as a valid user" + fis.invoke(createFilterinvocation("/secure", null)); + then: + notThrown(AccessDeniedException) + + when: "User does not have the required role" + SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("joe", "", "ROLE_B")); + fis.invoke(createFilterinvocation("/secure", null)); + then: + thrown(AccessDeniedException) + } + + def expressionBasedAccessSupportsExternalExpressionHandler() { + setup: + xml.http('auto-config': 'true', 'use-expressions': 'true') { + interceptUrl('/**', "hasPermission('AnyObject','R')") + 'expression-handler'(ref: 'expressionHandler') + } + bean('expressionHandler', DefaultWebSecurityExpressionHandler.class.name, [:], [permissionEvaluator: 'pe']) + bean('pe', MockPermissionEvaluator) + createAppContext() + + def fis = getFilter(FilterSecurityInterceptor) + + when: "Invoking allowed URL protected by hasPermission() expression succeeds" + SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("joe", "", "ANY")); + fis.invoke(createFilterinvocation("/secure", null)); + then: + notThrown(AccessDeniedException) + } + + def protectedLoginPageReportsWarning() { + when: + xml.http('use-expressions': 'true') { + 'form-login'('login-page': '/login') + interceptUrl('/login*', "hasRole('ROLE_A')") + } + createAppContext() + then: + notThrown(BeansException) + } + + def disablingUrlRewritingThroughTheNamespaceSetsCorrectPropertyOnContextRepo() { + xml.http('auto-config': 'true', 'disable-url-rewriting': 'true') + createAppContext() + + expect: + getFilter(SecurityContextPersistenceFilter).repo.disableUrlRewriting + } + + def userDetailsServiceInParentContextIsLocatedSuccessfully() { + when: + createAppContext() + httpAutoConfig { + 'remember-me' + } + appContext = new InMemoryXmlApplicationContext(writer.toString(), appContext) + + then: + notThrown(BeansException) + } + + def httpConfigWithNoAuthProvidersWorksOk() { + when: "Http config has no internal authentication providers" + xml.debug() + xml.http() { + 'form-login'() + csrf(disabled:true) + anonymous(enabled: 'false') + } + createAppContext() + MockHttpServletRequest request = new MockHttpServletRequest("POST", "/login"); + request.setServletPath("/login"); + request.addParameter("username", "bob"); + request.addParameter("password", "bobspassword"); + then: "App context creation and login request succeed" + DebugFilter debugFilter = appContext.getBean(BeanIds.SPRING_SECURITY_FILTER_CHAIN); + debugFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain()); + appListener.events.size() == 2 + appListener.authenticationEvents.size() == 2 + } + + def eraseCredentialsDefaultsToTrue() { + xml.http() { + 'form-login'() + } + createAppContext() + expect: + getFilter(UsernamePasswordAuthenticationFilter).authenticationManager.eraseCredentialsAfterAuthentication + } + + def eraseCredentialsIsSetFromParentAuthenticationManager() { + xml.http() { + 'form-login'() + } + createAppContext(""); + expect: + !getFilter(UsernamePasswordAuthenticationFilter).authenticationManager.eraseCredentialsAfterAuthentication + } + + def 'SEC-2020 authentication-manager@erase-credentials with http@authentication-manager-ref'() { + xml.http('authentication-manager-ref':'authMgr') { + 'form-login'() + } + createAppContext(""); + expect: + def authManager = getFilter(UsernamePasswordAuthenticationFilter).authenticationManager + !authManager.eraseCredentialsAfterAuthentication + !authManager.parent.eraseCredentialsAfterAuthentication + } + + def 'authentication-manager@erase-credentials with http@authentication-manager-ref not ProviderManager'() { + xml.http('authentication-manager-ref':'authMgr') { + 'form-login'() + } + xml.'b:bean'(id: 'authMgr', 'class': MockAuthenticationManager.class.name) + createAppContext() + expect: + def authManager = getFilter(UsernamePasswordAuthenticationFilter).authenticationManager + !authManager.eraseCredentialsAfterAuthentication + authManager.parent instanceof MockAuthenticationManager + } + + def jeeFilterExtractsExpectedRoles() { + xml.http() { + jee('mappable-roles': 'admin,user,a,b,c') + } + createAppContext() + FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY) + Principal p = Mock(Principal) + p.getName() >> 'joe' + + when: + + MockHttpServletRequest request = new MockHttpServletRequest("GET","/something") + request.setUserPrincipal(p) + request.addUserRole('admin') + request.addUserRole('user') + request.addUserRole('c') + request.addUserRole('notmapped') + fcp.doFilter(request, new MockHttpServletResponse(), new MockFilterChain()) + SecurityContext ctx = request.getSession().getAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY); + Set roles = AuthorityUtils.authorityListToSet(ctx.getAuthentication().getAuthorities()); + + then: + roles.size() == 3 + roles.contains 'ROLE_admin' + roles.contains 'ROLE_user' + roles.contains 'ROLE_c' + } + + def authenticationDetailsSourceInjectionSucceeds() { + xml.http() { + 'form-login'('authentication-details-source-ref' : 'adsr') + 'openid-login' ('authentication-details-source-ref' : 'adsr') + 'http-basic' ('authentication-details-source-ref' : 'adsr') + 'x509' ('authentication-details-source-ref' : 'adsr') + } + bean('adsr', 'org.springframework.security.web.authentication.WebAuthenticationDetailsSource') + createAppContext() + def adsr = appContext.getBean('adsr') + expect: + getFilter(UsernamePasswordAuthenticationFilter).authenticationDetailsSource == adsr + getFilter(OpenIDAuthenticationFilter).authenticationDetailsSource == adsr + getFilter(BasicAuthenticationFilter).authenticationDetailsSource == adsr + getFilter(X509AuthenticationFilter).authenticationDetailsSource == adsr + } + + def includeJaasApiIntegrationFilter() { + xml.http(['auto-config':'true','jaas-api-provision':'true']) + createAppContext() + expect: + getFilter(JaasApiIntegrationFilter.class) != null + } + + def httpFirewallInjectionIsSupported() { + xml.'http-firewall'(ref: 'fw') + xml.http() { + 'form-login'() + } + bean('fw', DefaultHttpFirewall) + createAppContext() + FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY) + expect: + fcp.firewall == appContext.getBean('fw') + } + + def customAccessDecisionManagerIsSupported() { + xml.http('auto-config': 'true', 'access-decision-manager-ref': 'adm') + xml.'b:bean'(id: 'adm', 'class': AffirmativeBased.class.name) { + 'b:constructor-arg' { + 'b:list'() { + 'b:bean'('class': RoleVoter.class.name) + 'b:bean'('class': RoleVoter.class.name) + 'b:bean'('class': RoleVoter.class.name) + 'b:bean'('class': WebExpressionVoter.class.name) + } + } + } + createAppContext() + expect: + getFilter(FilterSecurityInterceptor.class).accessDecisionManager.decisionVoters[3] instanceof WebExpressionVoter + } + + def customAuthenticationManagerIsSupported() { + xml.http('auto-config': 'true', 'authentication-manager-ref': 'am') + xml.'b:bean'(id: 'am', 'class': MockAuthenticationManager.class.name) + createAppContext("") + expect: + getFilter(UsernamePasswordAuthenticationFilter.class).authenticationManager.parent instanceof MockAuthenticationManager + } + + // SEC-1893 + def customPortMappings() { + when: 'A custom port-mappings is registered' + def expectedHttpsPortMappings = [8443:8080] + xml.http('auto-config': 'true') { + 'intercept-url'('pattern':'/**','requires-channel':'https') + 'port-mappings' { + 'port-mapping'(http:'8443',https:'8080') + } + } + createAppContext() + + then: 'All the components created by the namespace use that port mapping' + getFilter(RequestCacheAwareFilter.class).requestCache.portResolver.portMapper.httpsPortMappings == expectedHttpsPortMappings + + def channelProcessors = getFilter(ChannelProcessingFilter.class).channelDecisionManager.channelProcessors + channelProcessors.size() == 2 + channelProcessors.each { cp-> + cp.entryPoint.portMapper.httpsPortMappings == expectedHttpsPortMappings + cp.entryPoint.portResolver.portMapper.httpsPortMappings == expectedHttpsPortMappings + } + + def authEntryPoint = getFilter(ExceptionTranslationFilter.class).authenticationEntryPoint + authEntryPoint.portMapper.httpsPortMappings == expectedHttpsPortMappings + authEntryPoint.portResolver.portMapper.httpsPortMappings == expectedHttpsPortMappings + } } class MockAuthenticationManager implements AuthenticationManager { - Authentication authenticate(Authentication authentication) { - return null - } + Authentication authenticate(Authentication authentication) { + return null + } } class MockPermissionEvaluator implements PermissionEvaluator { - boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission) { - return true - } + boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission) { + return true + } - boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission) { - return true - } + boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission) { + return true + } } class MockEntryPoint extends LoginUrlAuthenticationEntryPoint { - public MockEntryPoint() { - super("/notused"); - } + public MockEntryPoint() { + super("/notused"); + } } diff --git a/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy index a70aa68c43..6f06c39411 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy @@ -24,110 +24,110 @@ import org.springframework.security.web.SecurityFilterChain */ class MultiHttpBlockConfigTests extends AbstractHttpConfigTests { - def multipleHttpElementsAreSupported () { - when: "Two elements are used" - xml.http(pattern: '/stateless/**', 'create-session': 'stateless') { - 'http-basic'() - } - xml.http(pattern: '/stateful/**') { - 'form-login'() - } - createAppContext() - FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY) - def filterChains = fcp.getFilterChains(); + def multipleHttpElementsAreSupported () { + when: "Two elements are used" + xml.http(pattern: '/stateless/**', 'create-session': 'stateless') { + 'http-basic'() + } + xml.http(pattern: '/stateful/**') { + 'form-login'() + } + createAppContext() + FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY) + def filterChains = fcp.getFilterChains(); - then: - filterChains.size() == 2 - filterChains[0].requestMatcher.pattern == '/stateless/**' - } + then: + filterChains.size() == 2 + filterChains[0].requestMatcher.pattern == '/stateless/**' + } - def duplicateHttpElementsAreRejected () { - when: "Two elements are used" - xml.http('create-session': 'stateless') { - 'http-basic'() - } - xml.http() { - 'form-login'() - } - createAppContext() - then: - BeanCreationException e = thrown() - e.cause instanceof IllegalArgumentException - } + def duplicateHttpElementsAreRejected () { + when: "Two elements are used" + xml.http('create-session': 'stateless') { + 'http-basic'() + } + xml.http() { + 'form-login'() + } + createAppContext() + then: + BeanCreationException e = thrown() + e.cause instanceof IllegalArgumentException + } - def duplicatePatternsAreRejected () { - when: "Two elements with the same pattern are used" - xml.http(pattern: '/stateless/**', 'create-session': 'stateless') { - 'http-basic'() - } - xml.http(pattern: '/stateless/**') { - 'form-login'() - } - createAppContext() - then: - BeanCreationException e = thrown() - e.cause instanceof IllegalArgumentException - } + def duplicatePatternsAreRejected () { + when: "Two elements with the same pattern are used" + xml.http(pattern: '/stateless/**', 'create-session': 'stateless') { + 'http-basic'() + } + xml.http(pattern: '/stateless/**') { + 'form-login'() + } + createAppContext() + then: + BeanCreationException e = thrown() + e.cause instanceof IllegalArgumentException + } - def 'SEC-1937: http@authentication-manager-ref and multi authentication-mananager'() { - setup: - xml.http('authentication-manager-ref' : 'authManager', 'pattern' : '/first/**') { - 'form-login'('login-processing-url': '/first/login') - csrf(disabled:true) - } - xml.http('authentication-manager-ref' : 'authManager2') { - 'form-login'() - csrf(disabled:true) - } - mockBean(UserDetailsService,'uds') - mockBean(UserDetailsService,'uds2') - createAppContext(""" + def 'SEC-1937: http@authentication-manager-ref and multi authentication-mananager'() { + setup: + xml.http('authentication-manager-ref' : 'authManager', 'pattern' : '/first/**') { + 'form-login'('login-processing-url': '/first/login') + csrf(disabled:true) + } + xml.http('authentication-manager-ref' : 'authManager2') { + 'form-login'() + csrf(disabled:true) + } + mockBean(UserDetailsService,'uds') + mockBean(UserDetailsService,'uds2') + createAppContext(""" - + - + """) - UserDetailsService uds = appContext.getBean('uds') - UserDetailsService uds2 = appContext.getBean('uds2') - when: - MockHttpServletRequest request = new MockHttpServletRequest() - MockHttpServletResponse response = new MockHttpServletResponse() - MockFilterChain chain = new MockFilterChain() - request.servletPath = "/first/login" - request.requestURI = "/first/login" - request.method = 'POST' - springSecurityFilterChain.doFilter(request,response,chain) - then: - verify(uds).loadUserByUsername(anyString()) || true - verifyZeroInteractions(uds2) || true - when: - MockHttpServletRequest request2 = new MockHttpServletRequest() - MockHttpServletResponse response2 = new MockHttpServletResponse() - MockFilterChain chain2 = new MockFilterChain() - request2.servletPath = "/login" - request2.requestURI = "/login" - request2.method = 'POST' - springSecurityFilterChain.doFilter(request2,response2,chain2) - then: - verify(uds2).loadUserByUsername(anyString()) || true - verifyNoMoreInteractions(uds) || true - } + UserDetailsService uds = appContext.getBean('uds') + UserDetailsService uds2 = appContext.getBean('uds2') + when: + MockHttpServletRequest request = new MockHttpServletRequest() + MockHttpServletResponse response = new MockHttpServletResponse() + MockFilterChain chain = new MockFilterChain() + request.servletPath = "/first/login" + request.requestURI = "/first/login" + request.method = 'POST' + springSecurityFilterChain.doFilter(request,response,chain) + then: + verify(uds).loadUserByUsername(anyString()) || true + verifyZeroInteractions(uds2) || true + when: + MockHttpServletRequest request2 = new MockHttpServletRequest() + MockHttpServletResponse response2 = new MockHttpServletResponse() + MockFilterChain chain2 = new MockFilterChain() + request2.servletPath = "/login" + request2.requestURI = "/login" + request2.method = 'POST' + springSecurityFilterChain.doFilter(request2,response2,chain2) + then: + verify(uds2).loadUserByUsername(anyString()) || true + verifyNoMoreInteractions(uds) || true + } - def multipleAuthenticationManagersWorks () { - xml.http(name: 'basic', pattern: '/basic/**', ) { - 'http-basic'() - } - xml.http(pattern: '/form/**') { - 'form-login'() - } - createAppContext() - FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY) - SecurityFilterChain basicChain = fcp.filterChains[0]; + def multipleAuthenticationManagersWorks () { + xml.http(name: 'basic', pattern: '/basic/**', ) { + 'http-basic'() + } + xml.http(pattern: '/form/**') { + 'form-login'() + } + createAppContext() + FilterChainProxy fcp = appContext.getBean(BeanIds.FILTER_CHAIN_PROXY) + SecurityFilterChain basicChain = fcp.filterChains[0]; - expect: - Assert.assertSame (basicChain, appContext.getBean('basic')) - } + expect: + Assert.assertSame (basicChain, appContext.getBean('basic')) + } } diff --git a/config/src/test/groovy/org/springframework/security/config/http/PlaceHolderAndELConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/PlaceHolderAndELConfigTests.groovy index 18feac728a..b7e3f92319 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/PlaceHolderAndELConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/PlaceHolderAndELConfigTests.groovy @@ -17,140 +17,140 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic class PlaceHolderAndELConfigTests extends AbstractHttpConfigTests { - def setup() { - // Add a PropertyPlaceholderConfigurer to the context for all the tests - bean(PropertyPlaceholderConfigurer.class.name, PropertyPlaceholderConfigurer.class) - } + def setup() { + // Add a PropertyPlaceholderConfigurer to the context for all the tests + bean(PropertyPlaceholderConfigurer.class.name, PropertyPlaceholderConfigurer.class) + } - def unsecuredPatternSupportsPlaceholderForPattern() { - System.setProperty("pattern.nofilters", "/unprotected"); + def unsecuredPatternSupportsPlaceholderForPattern() { + System.setProperty("pattern.nofilters", "/unprotected"); - xml.http(pattern: '${pattern.nofilters}', security: 'none') - httpAutoConfig() { - interceptUrl('/**', 'ROLE_A') - } - createAppContext() + xml.http(pattern: '${pattern.nofilters}', security: 'none') + httpAutoConfig() { + interceptUrl('/**', 'ROLE_A') + } + createAppContext() - List filters = getFilters("/unprotected"); + List filters = getFilters("/unprotected"); - expect: - filters.size() == 0 - } + expect: + filters.size() == 0 + } - // SEC-1201 - def interceptUrlsAndFormLoginSupportPropertyPlaceholders() { - System.setProperty("secure.Url", "/Secure"); - System.setProperty("secure.role", "ROLE_A"); - System.setProperty("login.page", "/loginPage"); - System.setProperty("default.target", "/defaultTarget"); - System.setProperty("auth.failure", "/authFailure"); + // SEC-1201 + def interceptUrlsAndFormLoginSupportPropertyPlaceholders() { + System.setProperty("secure.Url", "/Secure"); + System.setProperty("secure.role", "ROLE_A"); + System.setProperty("login.page", "/loginPage"); + System.setProperty("default.target", "/defaultTarget"); + System.setProperty("auth.failure", "/authFailure"); - xml.http(pattern: '${login.page}', security: 'none') - xml.http('use-expressions':false) { - interceptUrl('${secure.Url}', '${secure.role}') - 'form-login'('login-page':'${login.page}', 'default-target-url': '${default.target}', - 'authentication-failure-url':'${auth.failure}'); - } - createAppContext(); + xml.http(pattern: '${login.page}', security: 'none') + xml.http('use-expressions':false) { + interceptUrl('${secure.Url}', '${secure.role}') + 'form-login'('login-page':'${login.page}', 'default-target-url': '${default.target}', + 'authentication-failure-url':'${auth.failure}'); + } + createAppContext(); - expect: - propertyValuesMatchPlaceholders() - getFilters("/loginPage").size() == 0 - } + expect: + propertyValuesMatchPlaceholders() + getFilters("/loginPage").size() == 0 + } - // SEC-1309 - def interceptUrlsAndFormLoginSupportEL() { - System.setProperty("secure.url", "/Secure"); - System.setProperty("secure.role", "ROLE_A"); - System.setProperty("login.page", "/loginPage"); - System.setProperty("default.target", "/defaultTarget"); - System.setProperty("auth.failure", "/authFailure"); + // SEC-1309 + def interceptUrlsAndFormLoginSupportEL() { + System.setProperty("secure.url", "/Secure"); + System.setProperty("secure.role", "ROLE_A"); + System.setProperty("login.page", "/loginPage"); + System.setProperty("default.target", "/defaultTarget"); + System.setProperty("auth.failure", "/authFailure"); - xml.http('use-expressions':false) { - interceptUrl("#{systemProperties['secure.url']}", "#{systemProperties['secure.role']}") - 'form-login'('login-page':"#{systemProperties['login.page']}", 'default-target-url': "#{systemProperties['default.target']}", - 'authentication-failure-url':"#{systemProperties['auth.failure']}"); - } - createAppContext() + xml.http('use-expressions':false) { + interceptUrl("#{systemProperties['secure.url']}", "#{systemProperties['secure.role']}") + 'form-login'('login-page':"#{systemProperties['login.page']}", 'default-target-url': "#{systemProperties['default.target']}", + 'authentication-failure-url':"#{systemProperties['auth.failure']}"); + } + createAppContext() - expect: - propertyValuesMatchPlaceholders() - } + expect: + propertyValuesMatchPlaceholders() + } - private void propertyValuesMatchPlaceholders() { - // Check the security attribute - def fis = getFilter(FilterSecurityInterceptor); - def fids = fis.getSecurityMetadataSource(); - Collection attrs = fids.getAttributes(createFilterinvocation("/secure", null)); - assert attrs.size() == 1 - assert attrs.contains(new SecurityConfig("ROLE_A")) + private void propertyValuesMatchPlaceholders() { + // Check the security attribute + def fis = getFilter(FilterSecurityInterceptor); + def fids = fis.getSecurityMetadataSource(); + Collection attrs = fids.getAttributes(createFilterinvocation("/secure", null)); + assert attrs.size() == 1 + assert attrs.contains(new SecurityConfig("ROLE_A")) - // Check the form login properties are set - def apf = getFilter(UsernamePasswordAuthenticationFilter) - assert FieldUtils.getFieldValue(apf, "successHandler.defaultTargetUrl") == '/defaultTarget' - assert "/authFailure" == FieldUtils.getFieldValue(apf, "failureHandler.defaultFailureUrl") + // Check the form login properties are set + def apf = getFilter(UsernamePasswordAuthenticationFilter) + assert FieldUtils.getFieldValue(apf, "successHandler.defaultTargetUrl") == '/defaultTarget' + assert "/authFailure" == FieldUtils.getFieldValue(apf, "failureHandler.defaultFailureUrl") - def etf = getFilter(ExceptionTranslationFilter) - assert "/loginPage"== etf.authenticationEntryPoint.loginFormUrl - } + def etf = getFilter(ExceptionTranslationFilter) + assert "/loginPage"== etf.authenticationEntryPoint.loginFormUrl + } - def portMappingsWorkWithPlaceholdersAndEL() { - System.setProperty("http", "9080"); - System.setProperty("https", "9443"); + def portMappingsWorkWithPlaceholdersAndEL() { + System.setProperty("http", "9080"); + System.setProperty("https", "9443"); - httpAutoConfig { - 'port-mappings'() { - 'port-mapping'(http: '#{systemProperties.http}', https: '${https}') - } - } - createAppContext(); + httpAutoConfig { + 'port-mappings'() { + 'port-mapping'(http: '#{systemProperties.http}', https: '${https}') + } + } + createAppContext(); - def pm = (appContext.getBeansOfType(PortMapperImpl).values() as List)[0]; + def pm = (appContext.getBeansOfType(PortMapperImpl).values() as List)[0]; - expect: - pm.getTranslatedPortMappings().size() == 1 - pm.lookupHttpPort(9443) == 9080 - pm.lookupHttpsPort(9080) == 9443 - } + expect: + pm.getTranslatedPortMappings().size() == 1 + pm.lookupHttpPort(9443) == 9080 + pm.lookupHttpsPort(9080) == 9443 + } - def requiresChannelSupportsPlaceholder() { - System.setProperty("secure.url", "/secure"); - System.setProperty("required.channel", "https"); + def requiresChannelSupportsPlaceholder() { + System.setProperty("secure.url", "/secure"); + System.setProperty("required.channel", "https"); - httpAutoConfig { - 'intercept-url'(pattern: '${secure.url}', 'requires-channel': '${required.channel}') - } - createAppContext(); - List filters = getFilters("/secure"); + httpAutoConfig { + 'intercept-url'(pattern: '${secure.url}', 'requires-channel': '${required.channel}') + } + createAppContext(); + List filters = getFilters("/secure"); - expect: - filters.size() == AUTO_CONFIG_FILTERS + 1 - filters[0] instanceof ChannelProcessingFilter - MockHttpServletRequest request = new MockHttpServletRequest(); - request.setServletPath("/secure"); - MockHttpServletResponse response = new MockHttpServletResponse(); - filters[0].doFilter(request, response, new MockFilterChain()); - response.getRedirectedUrl().startsWith("https") - } + expect: + filters.size() == AUTO_CONFIG_FILTERS + 1 + filters[0] instanceof ChannelProcessingFilter + MockHttpServletRequest request = new MockHttpServletRequest(); + request.setServletPath("/secure"); + MockHttpServletResponse response = new MockHttpServletResponse(); + filters[0].doFilter(request, response, new MockFilterChain()); + response.getRedirectedUrl().startsWith("https") + } - def accessDeniedPageWorksWithPlaceholders() { - System.setProperty("accessDenied", "/go-away"); - xml.http('auto-config': 'true') { - 'access-denied-handler'('error-page' : '${accessDenied}') {} - } - createAppContext(); + def accessDeniedPageWorksWithPlaceholders() { + System.setProperty("accessDenied", "/go-away"); + xml.http('auto-config': 'true') { + 'access-denied-handler'('error-page' : '${accessDenied}') {} + } + createAppContext(); - expect: - FieldUtils.getFieldValue(getFilter(ExceptionTranslationFilter.class), "accessDeniedHandler.errorPage") == '/go-away' - } + expect: + FieldUtils.getFieldValue(getFilter(ExceptionTranslationFilter.class), "accessDeniedHandler.errorPage") == '/go-away' + } - def accessDeniedHandlerPageWorksWithEL() { - httpAutoConfig { - 'access-denied-handler'('error-page': "#{'/go' + '-away'}") - } - createAppContext() + def accessDeniedHandlerPageWorksWithEL() { + httpAutoConfig { + 'access-denied-handler'('error-page': "#{'/go' + '-away'}") + } + createAppContext() - expect: - getFilter(ExceptionTranslationFilter).accessDeniedHandler.errorPage == '/go-away' - } + expect: + getFilter(ExceptionTranslationFilter).accessDeniedHandler.errorPage == '/go-away' + } } diff --git a/config/src/test/groovy/org/springframework/security/config/http/RememberMeConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/RememberMeConfigTests.groovy index 5f29b6c301..77a8b782ea 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/RememberMeConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/RememberMeConfigTests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -45,268 +45,268 @@ import org.springframework.security.web.authentication.rememberme.TokenBasedReme */ class RememberMeConfigTests extends AbstractHttpConfigTests { - def rememberMeServiceWorksWithTokenRepoRef() { - httpAutoConfig () { - 'remember-me'('token-repository-ref': 'tokenRepo') - } - bean('tokenRepo', CustomTokenRepository.class.name) + def rememberMeServiceWorksWithTokenRepoRef() { + httpAutoConfig () { + 'remember-me'('token-repository-ref': 'tokenRepo') + } + bean('tokenRepo', CustomTokenRepository.class.name) - createAppContext(AUTH_PROVIDER_XML) + createAppContext(AUTH_PROVIDER_XML) - def rememberMeServices = rememberMeServices() + def rememberMeServices = rememberMeServices() - expect: - rememberMeServices instanceof PersistentTokenBasedRememberMeServices - rememberMeServices.tokenRepository instanceof CustomTokenRepository - FieldUtils.getFieldValue(rememberMeServices, "useSecureCookie") == null - } + expect: + rememberMeServices instanceof PersistentTokenBasedRememberMeServices + rememberMeServices.tokenRepository instanceof CustomTokenRepository + FieldUtils.getFieldValue(rememberMeServices, "useSecureCookie") == null + } - def rememberMeServiceWorksWithDataSourceRef() { - httpAutoConfig () { - 'remember-me'('data-source-ref': 'ds') - } - bean('ds', TestDataSource.class.name, ['tokendb']) + def rememberMeServiceWorksWithDataSourceRef() { + httpAutoConfig () { + 'remember-me'('data-source-ref': 'ds') + } + bean('ds', TestDataSource.class.name, ['tokendb']) - createAppContext(AUTH_PROVIDER_XML) + createAppContext(AUTH_PROVIDER_XML) - def rememberMeServices = rememberMeServices() + def rememberMeServices = rememberMeServices() - expect: - rememberMeServices instanceof PersistentTokenBasedRememberMeServices - rememberMeServices.tokenRepository instanceof JdbcTokenRepositoryImpl - } + expect: + rememberMeServices instanceof PersistentTokenBasedRememberMeServices + rememberMeServices.tokenRepository instanceof JdbcTokenRepositoryImpl + } - def rememberMeServiceWorksWithAuthenticationSuccessHandlerRef() { - httpAutoConfig () { - 'remember-me'('authentication-success-handler-ref': 'sh') - } - bean('sh', SimpleUrlAuthenticationSuccessHandler.class.name, ['/target']) + def rememberMeServiceWorksWithAuthenticationSuccessHandlerRef() { + httpAutoConfig () { + 'remember-me'('authentication-success-handler-ref': 'sh') + } + bean('sh', SimpleUrlAuthenticationSuccessHandler.class.name, ['/target']) - createAppContext(AUTH_PROVIDER_XML) + createAppContext(AUTH_PROVIDER_XML) - expect: - getFilter(RememberMeAuthenticationFilter.class).successHandler instanceof SimpleUrlAuthenticationSuccessHandler - } + expect: + getFilter(RememberMeAuthenticationFilter.class).successHandler instanceof SimpleUrlAuthenticationSuccessHandler + } - def rememberMeServiceWorksWithExternalServicesImpl() { - httpAutoConfig () { - 'remember-me'('key': "#{'our' + 'key'}", 'services-ref': 'rms') - csrf(disabled:true) - } - xml.'b:bean'(id: 'rms', 'class': TokenBasedRememberMeServices.class.name) { - 'b:constructor-arg'(value: 'ourKey') - 'b:constructor-arg'(ref: 'us') - 'b:property'(name: 'tokenValiditySeconds', value: '5000') - } + def rememberMeServiceWorksWithExternalServicesImpl() { + httpAutoConfig () { + 'remember-me'('key': "#{'our' + 'key'}", 'services-ref': 'rms') + csrf(disabled:true) + } + xml.'b:bean'(id: 'rms', 'class': TokenBasedRememberMeServices.class.name) { + 'b:constructor-arg'(value: 'ourKey') + 'b:constructor-arg'(ref: 'us') + 'b:property'(name: 'tokenValiditySeconds', value: '5000') + } - createAppContext(AUTH_PROVIDER_XML) + createAppContext(AUTH_PROVIDER_XML) - List logoutHandlers = FieldUtils.getFieldValue(getFilter(LogoutFilter.class), "handlers"); - Map ams = appContext.getBeansOfType(ProviderManager.class); - ProviderManager am = (ams.values() as List).find { it instanceof ProviderManager && it.providers.size() == 2} - RememberMeAuthenticationProvider rmp = am.providers.find { it instanceof RememberMeAuthenticationProvider} + List logoutHandlers = FieldUtils.getFieldValue(getFilter(LogoutFilter.class), "handlers"); + Map ams = appContext.getBeansOfType(ProviderManager.class); + ProviderManager am = (ams.values() as List).find { it instanceof ProviderManager && it.providers.size() == 2} + RememberMeAuthenticationProvider rmp = am.providers.find { it instanceof RememberMeAuthenticationProvider} - expect: - rmp != null - 5000 == FieldUtils.getFieldValue(rememberMeServices(), "tokenValiditySeconds") - // SEC-909 - logoutHandlers.size() == 2 - logoutHandlers.get(1) == rememberMeServices() - // SEC-1281 - rmp.key == "ourkey" - } + expect: + rmp != null + 5000 == FieldUtils.getFieldValue(rememberMeServices(), "tokenValiditySeconds") + // SEC-909 + logoutHandlers.size() == 2 + logoutHandlers.get(1) == rememberMeServices() + // SEC-1281 + rmp.key == "ourkey" + } - def rememberMeAddsLogoutHandlerToLogoutFilter() { - httpAutoConfig () { - 'remember-me'() - csrf(disabled:true) - } - createAppContext(AUTH_PROVIDER_XML) + def rememberMeAddsLogoutHandlerToLogoutFilter() { + httpAutoConfig () { + 'remember-me'() + csrf(disabled:true) + } + createAppContext(AUTH_PROVIDER_XML) - def rememberMeServices = rememberMeServices() - List logoutHandlers = getFilter(LogoutFilter.class).handlers + def rememberMeServices = rememberMeServices() + List logoutHandlers = getFilter(LogoutFilter.class).handlers - expect: - rememberMeServices - logoutHandlers.size() == 2 - logoutHandlers.get(0) instanceof SecurityContextLogoutHandler - logoutHandlers.get(1) == rememberMeServices - } + expect: + rememberMeServices + logoutHandlers.size() == 2 + logoutHandlers.get(0) instanceof SecurityContextLogoutHandler + logoutHandlers.get(1) == rememberMeServices + } - def rememberMeTokenValidityIsParsedCorrectly() { - httpAutoConfig () { - 'remember-me'('key': 'ourkey', 'token-validity-seconds':'10000') - } + def rememberMeTokenValidityIsParsedCorrectly() { + httpAutoConfig () { + 'remember-me'('key': 'ourkey', 'token-validity-seconds':'10000') + } - createAppContext(AUTH_PROVIDER_XML) + createAppContext(AUTH_PROVIDER_XML) - def rememberMeServices = rememberMeServices() - def rememberMeFilter = getFilter(RememberMeAuthenticationFilter.class) + def rememberMeServices = rememberMeServices() + def rememberMeFilter = getFilter(RememberMeAuthenticationFilter.class) - expect: - rememberMeFilter.authenticationManager - rememberMeServices.key == 'ourkey' - rememberMeServices.tokenValiditySeconds == 10000 - rememberMeServices.userDetailsService - } + expect: + rememberMeFilter.authenticationManager + rememberMeServices.key == 'ourkey' + rememberMeServices.tokenValiditySeconds == 10000 + rememberMeServices.userDetailsService + } - def 'Remember-me token validity allows negative value for non-persistent implementation'() { - httpAutoConfig () { - 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1') - } + def 'Remember-me token validity allows negative value for non-persistent implementation'() { + httpAutoConfig () { + 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1') + } - createAppContext(AUTH_PROVIDER_XML) - expect: - rememberMeServices().tokenValiditySeconds == -1 - } + createAppContext(AUTH_PROVIDER_XML) + expect: + rememberMeServices().tokenValiditySeconds == -1 + } - def 'remember-me@token-validity-seconds denies for persistent implementation'() { - setup: - httpAutoConfig () { - 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1', 'dataSource' : 'dataSource') - } - mockBean(DataSource) - when: - createAppContext(AUTH_PROVIDER_XML) - then: - thrown(FatalBeanException) - } + def 'remember-me@token-validity-seconds denies for persistent implementation'() { + setup: + httpAutoConfig () { + 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1', 'dataSource' : 'dataSource') + } + mockBean(DataSource) + when: + createAppContext(AUTH_PROVIDER_XML) + then: + thrown(FatalBeanException) + } - def 'SEC-2165: remember-me@token-validity-seconds allows property placeholders'() { - when: - httpAutoConfig () { - 'remember-me'('key': 'ourkey', 'token-validity-seconds':'${security.rememberme.ttl}') - } - xml.'b:bean'(class: PropertyPlaceholderConfigurer.name) { - 'b:property'(name:'properties', value:'security.rememberme.ttl=30') - } + def 'SEC-2165: remember-me@token-validity-seconds allows property placeholders'() { + when: + httpAutoConfig () { + 'remember-me'('key': 'ourkey', 'token-validity-seconds':'${security.rememberme.ttl}') + } + xml.'b:bean'(class: PropertyPlaceholderConfigurer.name) { + 'b:property'(name:'properties', value:'security.rememberme.ttl=30') + } - createAppContext(AUTH_PROVIDER_XML) - then: - rememberMeServices().tokenValiditySeconds == 30 - } + createAppContext(AUTH_PROVIDER_XML) + then: + rememberMeServices().tokenValiditySeconds == 30 + } - def rememberMeSecureCookieAttributeIsSetCorrectly() { - httpAutoConfig () { - 'remember-me'('key': 'ourkey', 'use-secure-cookie':'true') - } + def rememberMeSecureCookieAttributeIsSetCorrectly() { + httpAutoConfig () { + 'remember-me'('key': 'ourkey', 'use-secure-cookie':'true') + } - createAppContext(AUTH_PROVIDER_XML) - expect: - FieldUtils.getFieldValue(rememberMeServices(), "useSecureCookie") - } + createAppContext(AUTH_PROVIDER_XML) + expect: + FieldUtils.getFieldValue(rememberMeServices(), "useSecureCookie") + } - // SEC-1827 - def rememberMeSecureCookieAttributeFalse() { - httpAutoConfig () { - 'remember-me'('key': 'ourkey', 'use-secure-cookie':'false') - } + // SEC-1827 + def rememberMeSecureCookieAttributeFalse() { + httpAutoConfig () { + 'remember-me'('key': 'ourkey', 'use-secure-cookie':'false') + } - createAppContext(AUTH_PROVIDER_XML) - expect: 'useSecureCookie is false' - FieldUtils.getFieldValue(rememberMeServices(), "useSecureCookie") == Boolean.FALSE - } + createAppContext(AUTH_PROVIDER_XML) + expect: 'useSecureCookie is false' + FieldUtils.getFieldValue(rememberMeServices(), "useSecureCookie") == Boolean.FALSE + } - def 'Negative token-validity is rejected with persistent implementation'() { - when: - httpAutoConfig () { - 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1', 'token-repository-ref': 'tokenRepo') - } - bean('tokenRepo', InMemoryTokenRepositoryImpl.class.name) - createAppContext(AUTH_PROVIDER_XML) + def 'Negative token-validity is rejected with persistent implementation'() { + when: + httpAutoConfig () { + 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1', 'token-repository-ref': 'tokenRepo') + } + bean('tokenRepo', InMemoryTokenRepositoryImpl.class.name) + createAppContext(AUTH_PROVIDER_XML) - then: - BeanDefinitionParsingException e = thrown() - } + then: + BeanDefinitionParsingException e = thrown() + } - def 'Custom user service is supported'() { - when: - httpAutoConfig () { - 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1', 'user-service-ref': 'userService') - } - bean('userService', MockUserDetailsService.class.name) - createAppContext(AUTH_PROVIDER_XML) + def 'Custom user service is supported'() { + when: + httpAutoConfig () { + 'remember-me'('key': 'ourkey', 'token-validity-seconds':'-1', 'user-service-ref': 'userService') + } + bean('userService', MockUserDetailsService.class.name) + createAppContext(AUTH_PROVIDER_XML) - then: "Parses OK" - notThrown BeanDefinitionParsingException - } + then: "Parses OK" + notThrown BeanDefinitionParsingException + } - // SEC-742 - def rememberMeWorksWithoutBasicProcessingFilter() { - when: - xml.http () { - 'form-login'('login-page': '/login.jsp', 'default-target-url': '/messageList.html' ) - logout('logout-success-url': '/login.jsp') - anonymous(username: 'guest', 'granted-authority': 'guest') - 'remember-me'() - } - createAppContext(AUTH_PROVIDER_XML) + // SEC-742 + def rememberMeWorksWithoutBasicProcessingFilter() { + when: + xml.http () { + 'form-login'('login-page': '/login.jsp', 'default-target-url': '/messageList.html' ) + logout('logout-success-url': '/login.jsp') + anonymous(username: 'guest', 'granted-authority': 'guest') + 'remember-me'() + } + createAppContext(AUTH_PROVIDER_XML) - then: "Parses OK" - notThrown BeanDefinitionParsingException - } + then: "Parses OK" + notThrown BeanDefinitionParsingException + } - def 'Default remember-me-parameter is correct'() { - httpAutoConfig () { - 'remember-me'() - } + def 'Default remember-me-parameter is correct'() { + httpAutoConfig () { + 'remember-me'() + } - createAppContext(AUTH_PROVIDER_XML) - expect: - rememberMeServices().parameter == AbstractRememberMeServices.DEFAULT_PARAMETER - } + createAppContext(AUTH_PROVIDER_XML) + expect: + rememberMeServices().parameter == AbstractRememberMeServices.DEFAULT_PARAMETER + } - // SEC-2119 - def 'Custom remember-me-parameter is supported'() { - httpAutoConfig () { - 'remember-me'('remember-me-parameter': 'ourParam') - } + // SEC-2119 + def 'Custom remember-me-parameter is supported'() { + httpAutoConfig () { + 'remember-me'('remember-me-parameter': 'ourParam') + } - createAppContext(AUTH_PROVIDER_XML) - expect: - rememberMeServices().parameter == 'ourParam' - } + createAppContext(AUTH_PROVIDER_XML) + expect: + rememberMeServices().parameter == 'ourParam' + } - def 'remember-me-parameter cannot be used together with services-ref'() { - when: - httpAutoConfig () { - 'remember-me'('remember-me-parameter': 'ourParam', 'services-ref': 'ourService') - } - createAppContext(AUTH_PROVIDER_XML) - then: - BeanDefinitionParsingException e = thrown() - } + def 'remember-me-parameter cannot be used together with services-ref'() { + when: + httpAutoConfig () { + 'remember-me'('remember-me-parameter': 'ourParam', 'services-ref': 'ourService') + } + createAppContext(AUTH_PROVIDER_XML) + then: + BeanDefinitionParsingException e = thrown() + } - // SEC-2826 - def 'Custom remember-me-cookie is supported'() { - httpAutoConfig () { - 'remember-me'('remember-me-cookie': 'ourCookie') - } + // SEC-2826 + def 'Custom remember-me-cookie is supported'() { + httpAutoConfig () { + 'remember-me'('remember-me-cookie': 'ourCookie') + } - createAppContext(AUTH_PROVIDER_XML) - expect: - rememberMeServices().cookieName == 'ourCookie' - } + createAppContext(AUTH_PROVIDER_XML) + expect: + rememberMeServices().cookieName == 'ourCookie' + } - // SEC-2826 - def 'remember-me-cookie cannot be used together with services-ref'() { - when: - httpAutoConfig () { - 'remember-me'('remember-me-cookie': 'ourCookie', 'services-ref': 'ourService') - } + // SEC-2826 + def 'remember-me-cookie cannot be used together with services-ref'() { + when: + httpAutoConfig () { + 'remember-me'('remember-me-cookie': 'ourCookie', 'services-ref': 'ourService') + } - createAppContext(AUTH_PROVIDER_XML) - then: - BeanDefinitionParsingException e = thrown() - expect: - e.message == 'Configuration problem: services-ref can\'t be used in combination with attributes token-repository-ref,data-source-ref, user-service-ref, token-validity-seconds, use-secure-cookie, remember-me-parameter or remember-me-cookie\nOffending resource: null' - } + createAppContext(AUTH_PROVIDER_XML) + then: + BeanDefinitionParsingException e = thrown() + expect: + e.message == 'Configuration problem: services-ref can\'t be used in combination with attributes token-repository-ref,data-source-ref, user-service-ref, token-validity-seconds, use-secure-cookie, remember-me-parameter or remember-me-cookie\nOffending resource: null' + } - def rememberMeServices() { - getFilter(RememberMeAuthenticationFilter.class).getRememberMeServices() - } + def rememberMeServices() { + getFilter(RememberMeAuthenticationFilter.class).getRememberMeServices() + } - static class CustomTokenRepository extends InMemoryTokenRepositoryImpl { + static class CustomTokenRepository extends InMemoryTokenRepositoryImpl { - } + } } diff --git a/config/src/test/groovy/org/springframework/security/config/http/SessionManagementConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/SessionManagementConfigTests.groovy index e5653ae023..865321b0b1 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/SessionManagementConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/SessionManagementConfigTests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -58,375 +58,375 @@ import org.springframework.security.web.session.SessionManagementFilter */ class SessionManagementConfigTests extends AbstractHttpConfigTests { - def settingCreateSessionToAlwaysSetsFilterPropertiesCorrectly() { - httpCreateSession('always') { } - createAppContext(); + def settingCreateSessionToAlwaysSetsFilterPropertiesCorrectly() { + httpCreateSession('always') { } + createAppContext(); - def filter = getFilter(SecurityContextPersistenceFilter.class); + def filter = getFilter(SecurityContextPersistenceFilter.class); - expect: - filter.forceEagerSessionCreation - filter.repo.allowSessionCreation - !filter.repo.disableUrlRewriting - } + expect: + filter.forceEagerSessionCreation + filter.repo.allowSessionCreation + !filter.repo.disableUrlRewriting + } - def settingCreateSessionToNeverSetsFilterPropertiesCorrectly() { - httpCreateSession('never') { } - createAppContext(); + def settingCreateSessionToNeverSetsFilterPropertiesCorrectly() { + httpCreateSession('never') { } + createAppContext(); - def filter = getFilter(SecurityContextPersistenceFilter.class); + def filter = getFilter(SecurityContextPersistenceFilter.class); - expect: - !filter.forceEagerSessionCreation - !filter.repo.allowSessionCreation - } + expect: + !filter.forceEagerSessionCreation + !filter.repo.allowSessionCreation + } - def settingCreateSessionToStatelessSetsFilterPropertiesCorrectly() { - httpCreateSession('stateless') { } - createAppContext(); + def settingCreateSessionToStatelessSetsFilterPropertiesCorrectly() { + httpCreateSession('stateless') { } + createAppContext(); - def filter = getFilter(SecurityContextPersistenceFilter.class); + def filter = getFilter(SecurityContextPersistenceFilter.class); - expect: - !filter.forceEagerSessionCreation - filter.repo instanceof NullSecurityContextRepository - getFilter(SessionManagementFilter.class) == null - getFilter(RequestCacheAwareFilter.class) == null - } + expect: + !filter.forceEagerSessionCreation + filter.repo instanceof NullSecurityContextRepository + getFilter(SessionManagementFilter.class) == null + getFilter(RequestCacheAwareFilter.class) == null + } - def settingCreateSessionToIfRequiredDoesntCreateASessionForPublicInvocation() { - httpCreateSession('ifRequired') { } - createAppContext(); + def settingCreateSessionToIfRequiredDoesntCreateASessionForPublicInvocation() { + httpCreateSession('ifRequired') { } + createAppContext(); - def filter = getFilter(SecurityContextPersistenceFilter.class); + def filter = getFilter(SecurityContextPersistenceFilter.class); - expect: - !filter.forceEagerSessionCreation - filter.repo.allowSessionCreation - } + expect: + !filter.forceEagerSessionCreation + filter.repo.allowSessionCreation + } - def 'SEC-1208: Session is not created when rejecting user due to max sessions exceeded'() { - setup: - httpCreateSession('never') { - 'session-management'() { - 'concurrency-control'('max-sessions':1,'error-if-maximum-exceeded':'true') - } - csrf(disabled:true) - } - createAppContext() - SessionRegistry registry = appContext.getBean(SessionRegistry) - registry.registerNewSession("1", new User("user","password",AuthorityUtils.createAuthorityList("ROLE_USER"))) - MockHttpServletRequest request = new MockHttpServletRequest() - MockHttpServletResponse response = new MockHttpServletResponse() - String credentials = "user:password" - request.addHeader("Authorization", "Basic " + credentials.bytes.encodeBase64()) - when: "exceed max authentication attempts" - appContext.getBean(FilterChainProxy).doFilter(request, response, new MockFilterChain()) - then: "no new session is created" - request.getSession(false) == null - response.status == HttpServletResponse.SC_UNAUTHORIZED - } + def 'SEC-1208: Session is not created when rejecting user due to max sessions exceeded'() { + setup: + httpCreateSession('never') { + 'session-management'() { + 'concurrency-control'('max-sessions':1,'error-if-maximum-exceeded':'true') + } + csrf(disabled:true) + } + createAppContext() + SessionRegistry registry = appContext.getBean(SessionRegistry) + registry.registerNewSession("1", new User("user","password",AuthorityUtils.createAuthorityList("ROLE_USER"))) + MockHttpServletRequest request = new MockHttpServletRequest() + MockHttpServletResponse response = new MockHttpServletResponse() + String credentials = "user:password" + request.addHeader("Authorization", "Basic " + credentials.bytes.encodeBase64()) + when: "exceed max authentication attempts" + appContext.getBean(FilterChainProxy).doFilter(request, response, new MockFilterChain()) + then: "no new session is created" + request.getSession(false) == null + response.status == HttpServletResponse.SC_UNAUTHORIZED + } - def 'SEC-2137: disable session fixation and enable concurrency control'() { - setup: "context where session fixation is disabled and concurrency control is enabled" - httpAutoConfig { - 'session-management'('session-fixation-protection':'none') { - 'concurrency-control'('max-sessions':'1','error-if-maximum-exceeded':'true') - } - } - createAppContext() - MockHttpServletRequest request = new MockHttpServletRequest() - MockHttpServletResponse response = new MockHttpServletResponse() - String originalSessionId = request.session.id - String credentials = "user:password" - request.addHeader("Authorization", "Basic " + credentials.bytes.encodeBase64()) - when: "authenticate" - appContext.getBean(FilterChainProxy).doFilter(request, response, new MockFilterChain()) - then: "session invalidate is not called" - request.session.id == originalSessionId - } + def 'SEC-2137: disable session fixation and enable concurrency control'() { + setup: "context where session fixation is disabled and concurrency control is enabled" + httpAutoConfig { + 'session-management'('session-fixation-protection':'none') { + 'concurrency-control'('max-sessions':'1','error-if-maximum-exceeded':'true') + } + } + createAppContext() + MockHttpServletRequest request = new MockHttpServletRequest() + MockHttpServletResponse response = new MockHttpServletResponse() + String originalSessionId = request.session.id + String credentials = "user:password" + request.addHeader("Authorization", "Basic " + credentials.bytes.encodeBase64()) + when: "authenticate" + appContext.getBean(FilterChainProxy).doFilter(request, response, new MockFilterChain()) + then: "session invalidate is not called" + request.session.id == originalSessionId + } - def httpCreateSession(String create, Closure c) { - xml.http(['auto-config': 'true', 'create-session': create], c) - } + def httpCreateSession(String create, Closure c) { + xml.http(['auto-config': 'true', 'create-session': create], c) + } - def concurrentSessionSupportAddsFilterAndExpectedBeans() { - when: - httpAutoConfig { - 'session-management'() { - 'concurrency-control'('session-registry-alias':'sr', 'expired-url': '/expired') - } - csrf(disabled:true) - } - createAppContext(); - List filters = getFilters("/someurl"); - def concurrentSessionFilter = filters.get(1) + def concurrentSessionSupportAddsFilterAndExpectedBeans() { + when: + httpAutoConfig { + 'session-management'() { + 'concurrency-control'('session-registry-alias':'sr', 'expired-url': '/expired') + } + csrf(disabled:true) + } + createAppContext(); + List filters = getFilters("/someurl"); + def concurrentSessionFilter = filters.get(1) - then: - concurrentSessionFilter instanceof ConcurrentSessionFilter - concurrentSessionFilter.expiredUrl == '/expired' - appContext.getBean("sr") != null - getFilter(SessionManagementFilter.class) != null - sessionRegistryIsValid(); + then: + concurrentSessionFilter instanceof ConcurrentSessionFilter + concurrentSessionFilter.expiredUrl == '/expired' + appContext.getBean("sr") != null + getFilter(SessionManagementFilter.class) != null + sessionRegistryIsValid(); - concurrentSessionFilter.handlers.size() == 1 - def logoutHandler = concurrentSessionFilter.handlers[0] - logoutHandler instanceof SecurityContextLogoutHandler - logoutHandler.invalidateHttpSession + concurrentSessionFilter.handlers.size() == 1 + def logoutHandler = concurrentSessionFilter.handlers[0] + logoutHandler instanceof SecurityContextLogoutHandler + logoutHandler.invalidateHttpSession - } + } - def 'concurrency-control adds custom logout handlers'() { - when: 'Custom logout and remember-me' - httpAutoConfig { - 'session-management'() { - 'concurrency-control'() - } - 'logout'('invalidate-session': false, 'delete-cookies': 'testCookie') - 'remember-me'() - csrf(disabled:true) - } - createAppContext() + def 'concurrency-control adds custom logout handlers'() { + when: 'Custom logout and remember-me' + httpAutoConfig { + 'session-management'() { + 'concurrency-control'() + } + 'logout'('invalidate-session': false, 'delete-cookies': 'testCookie') + 'remember-me'() + csrf(disabled:true) + } + createAppContext() - List filters = getFilters("/someurl") - ConcurrentSessionFilter concurrentSessionFilter = filters.get(1) - def logoutHandlers = concurrentSessionFilter.handlers + List filters = getFilters("/someurl") + ConcurrentSessionFilter concurrentSessionFilter = filters.get(1) + def logoutHandlers = concurrentSessionFilter.handlers - then: 'ConcurrentSessionFilter contains the customized LogoutHandlers' - logoutHandlers.size() == 3 - def securityCtxlogoutHandler = logoutHandlers.find { it instanceof SecurityContextLogoutHandler } - securityCtxlogoutHandler.invalidateHttpSession == false - def cookieClearingLogoutHandler = logoutHandlers.find { it instanceof CookieClearingLogoutHandler } - cookieClearingLogoutHandler.cookiesToClear == ['testCookie'] - def remembermeLogoutHandler = logoutHandlers.find { it instanceof RememberMeServices } - remembermeLogoutHandler == getFilter(RememberMeAuthenticationFilter.class).rememberMeServices - } + then: 'ConcurrentSessionFilter contains the customized LogoutHandlers' + logoutHandlers.size() == 3 + def securityCtxlogoutHandler = logoutHandlers.find { it instanceof SecurityContextLogoutHandler } + securityCtxlogoutHandler.invalidateHttpSession == false + def cookieClearingLogoutHandler = logoutHandlers.find { it instanceof CookieClearingLogoutHandler } + cookieClearingLogoutHandler.cookiesToClear == ['testCookie'] + def remembermeLogoutHandler = logoutHandlers.find { it instanceof RememberMeServices } + remembermeLogoutHandler == getFilter(RememberMeAuthenticationFilter.class).rememberMeServices + } - def 'concurrency-control with remember-me and no LogoutFilter contains SecurityContextLogoutHandler and RememberMeServices as LogoutHandlers'() { - when: 'RememberMe and No LogoutFilter' - xml.http(['entry-point-ref': 'entryPoint'], { - 'session-management'() { - 'concurrency-control'() - } - 'remember-me'() - csrf(disabled:true) - }) - bean('entryPoint', 'org.springframework.security.web.authentication.Http403ForbiddenEntryPoint') - createAppContext() + def 'concurrency-control with remember-me and no LogoutFilter contains SecurityContextLogoutHandler and RememberMeServices as LogoutHandlers'() { + when: 'RememberMe and No LogoutFilter' + xml.http(['entry-point-ref': 'entryPoint'], { + 'session-management'() { + 'concurrency-control'() + } + 'remember-me'() + csrf(disabled:true) + }) + bean('entryPoint', 'org.springframework.security.web.authentication.Http403ForbiddenEntryPoint') + createAppContext() - List filters = getFilters("/someurl") - ConcurrentSessionFilter concurrentSessionFilter = filters.get(1) - def logoutHandlers = concurrentSessionFilter.handlers + List filters = getFilters("/someurl") + ConcurrentSessionFilter concurrentSessionFilter = filters.get(1) + def logoutHandlers = concurrentSessionFilter.handlers - then: 'SecurityContextLogoutHandler and RememberMeServices are in ConcurrentSessionFilter logoutHandlers' - !filters.find { it instanceof LogoutFilter } - logoutHandlers.size() == 2 - def securityCtxlogoutHandler = logoutHandlers.find { it instanceof SecurityContextLogoutHandler } - securityCtxlogoutHandler.invalidateHttpSession == true - logoutHandlers.find { it instanceof RememberMeServices } == getFilter(RememberMeAuthenticationFilter).rememberMeServices - } + then: 'SecurityContextLogoutHandler and RememberMeServices are in ConcurrentSessionFilter logoutHandlers' + !filters.find { it instanceof LogoutFilter } + logoutHandlers.size() == 2 + def securityCtxlogoutHandler = logoutHandlers.find { it instanceof SecurityContextLogoutHandler } + securityCtxlogoutHandler.invalidateHttpSession == true + logoutHandlers.find { it instanceof RememberMeServices } == getFilter(RememberMeAuthenticationFilter).rememberMeServices + } - def 'concurrency-control with no remember-me or LogoutFilter contains SecurityContextLogoutHandler as LogoutHandlers'() { - when: 'No Logout Filter or RememberMe' - xml.http(['entry-point-ref': 'entryPoint'], { - 'session-management'() { - 'concurrency-control'() - } - }) - bean('entryPoint', 'org.springframework.security.web.authentication.Http403ForbiddenEntryPoint') - createAppContext() + def 'concurrency-control with no remember-me or LogoutFilter contains SecurityContextLogoutHandler as LogoutHandlers'() { + when: 'No Logout Filter or RememberMe' + xml.http(['entry-point-ref': 'entryPoint'], { + 'session-management'() { + 'concurrency-control'() + } + }) + bean('entryPoint', 'org.springframework.security.web.authentication.Http403ForbiddenEntryPoint') + createAppContext() - List filters = getFilters("/someurl") - ConcurrentSessionFilter concurrentSessionFilter = filters.get(1) - def logoutHandlers = concurrentSessionFilter.handlers + List filters = getFilters("/someurl") + ConcurrentSessionFilter concurrentSessionFilter = filters.get(1) + def logoutHandlers = concurrentSessionFilter.handlers - then: 'Only SecurityContextLogoutHandler is found in ConcurrentSessionFilter logoutHandlers' - !filters.find { it instanceof LogoutFilter } - logoutHandlers.size() == 1 - def securityCtxlogoutHandler = logoutHandlers.find { it instanceof SecurityContextLogoutHandler } - securityCtxlogoutHandler.invalidateHttpSession == true - } + then: 'Only SecurityContextLogoutHandler is found in ConcurrentSessionFilter logoutHandlers' + !filters.find { it instanceof LogoutFilter } + logoutHandlers.size() == 1 + def securityCtxlogoutHandler = logoutHandlers.find { it instanceof SecurityContextLogoutHandler } + securityCtxlogoutHandler.invalidateHttpSession == true + } - def 'SEC-2057: ConcurrentSessionFilter is after SecurityContextPersistenceFilter'() { - httpAutoConfig { - 'session-management'() { - 'concurrency-control'() - } - } - createAppContext() - List filters = getFilters("/someurl") + def 'SEC-2057: ConcurrentSessionFilter is after SecurityContextPersistenceFilter'() { + httpAutoConfig { + 'session-management'() { + 'concurrency-control'() + } + } + createAppContext() + List filters = getFilters("/someurl") - expect: - filters.get(0) instanceof SecurityContextPersistenceFilter - filters.get(1) instanceof ConcurrentSessionFilter - } + expect: + filters.get(0) instanceof SecurityContextPersistenceFilter + filters.get(1) instanceof ConcurrentSessionFilter + } - def 'concurrency-control handles default expired-url as null'() { - httpAutoConfig { - 'session-management'() { - 'concurrency-control'('session-registry-alias':'sr') - } - } - createAppContext(); - List filters = getFilters("/someurl"); + def 'concurrency-control handles default expired-url as null'() { + httpAutoConfig { + 'session-management'() { + 'concurrency-control'('session-registry-alias':'sr') + } + } + createAppContext(); + List filters = getFilters("/someurl"); - expect: - filters.get(1).expiredUrl == null - } + expect: + filters.get(1).expiredUrl == null + } - def externalSessionStrategyIsSupported() { - setup: - httpAutoConfig { - 'session-management'('session-authentication-strategy-ref':'ss') - csrf(disabled:true) - } - mockBean(SessionAuthenticationStrategy,'ss') - createAppContext() + def externalSessionStrategyIsSupported() { + setup: + httpAutoConfig { + 'session-management'('session-authentication-strategy-ref':'ss') + csrf(disabled:true) + } + mockBean(SessionAuthenticationStrategy,'ss') + createAppContext() - MockHttpServletRequest request = new MockHttpServletRequest(); - request.getSession(); - request.servletPath = "/login" - request.setMethod("POST"); - request.setParameter("username", "user"); - request.setParameter("password", "password"); + MockHttpServletRequest request = new MockHttpServletRequest(); + request.getSession(); + request.servletPath = "/login" + request.setMethod("POST"); + request.setParameter("username", "user"); + request.setParameter("password", "password"); - SessionAuthenticationStrategy sessionAuthStrategy = appContext.getBean('ss',SessionAuthenticationStrategy) - FilterChainProxy springSecurityFilterChain = appContext.getBean(FilterChainProxy) - when: - springSecurityFilterChain.doFilter(request,new MockHttpServletResponse(), new MockFilterChain()) - then: "CustomSessionAuthenticationStrategy has seen the request (although REQUEST is a wrapped request)" - verify(sessionAuthStrategy).onAuthentication(any(Authentication), any(HttpServletRequest), any(HttpServletResponse)) - } + SessionAuthenticationStrategy sessionAuthStrategy = appContext.getBean('ss',SessionAuthenticationStrategy) + FilterChainProxy springSecurityFilterChain = appContext.getBean(FilterChainProxy) + when: + springSecurityFilterChain.doFilter(request,new MockHttpServletResponse(), new MockFilterChain()) + then: "CustomSessionAuthenticationStrategy has seen the request (although REQUEST is a wrapped request)" + verify(sessionAuthStrategy).onAuthentication(any(Authentication), any(HttpServletRequest), any(HttpServletResponse)) + } - def externalSessionRegistryBeanIsConfiguredCorrectly() { - httpAutoConfig { - 'session-management'() { - 'concurrency-control'('session-registry-ref':'sr') - } - csrf(disabled:true) - } - bean('sr', SessionRegistryImpl.class.name) - createAppContext(); + def externalSessionRegistryBeanIsConfiguredCorrectly() { + httpAutoConfig { + 'session-management'() { + 'concurrency-control'('session-registry-ref':'sr') + } + csrf(disabled:true) + } + bean('sr', SessionRegistryImpl.class.name) + createAppContext(); - expect: - sessionRegistryIsValid(); - } + expect: + sessionRegistryIsValid(); + } - def sessionRegistryIsValid() { - Object sessionRegistry = appContext.getBean("sr"); - Object sessionRegistryFromConcurrencyFilter = FieldUtils.getFieldValue( - getFilter(ConcurrentSessionFilter.class), "sessionRegistry"); - Object sessionRegistryFromFormLoginFilter = FieldUtils.getFieldValue(getFilter(UsernamePasswordAuthenticationFilter),"sessionStrategy").delegateStrategies[0].sessionRegistry - Object sessionRegistryFromMgmtFilter = FieldUtils.getFieldValue(getFilter(SessionManagementFilter),"sessionAuthenticationStrategy").delegateStrategies[0].sessionRegistry + def sessionRegistryIsValid() { + Object sessionRegistry = appContext.getBean("sr"); + Object sessionRegistryFromConcurrencyFilter = FieldUtils.getFieldValue( + getFilter(ConcurrentSessionFilter.class), "sessionRegistry"); + Object sessionRegistryFromFormLoginFilter = FieldUtils.getFieldValue(getFilter(UsernamePasswordAuthenticationFilter),"sessionStrategy").delegateStrategies[0].sessionRegistry + Object sessionRegistryFromMgmtFilter = FieldUtils.getFieldValue(getFilter(SessionManagementFilter),"sessionAuthenticationStrategy").delegateStrategies[0].sessionRegistry - assertSame(sessionRegistry, sessionRegistryFromConcurrencyFilter); - assertSame(sessionRegistry, sessionRegistryFromMgmtFilter); - // SEC-1143 - assertSame(sessionRegistry, sessionRegistryFromFormLoginFilter); - true; - } + assertSame(sessionRegistry, sessionRegistryFromConcurrencyFilter); + assertSame(sessionRegistry, sessionRegistryFromMgmtFilter); + // SEC-1143 + assertSame(sessionRegistry, sessionRegistryFromFormLoginFilter); + true; + } - def concurrentSessionMaxSessionsIsCorrectlyConfigured() { - setup: - httpAutoConfig { - 'session-management'('session-authentication-error-url':'/max-exceeded') { - 'concurrency-control'('max-sessions': '2', 'error-if-maximum-exceeded':'true') - } - } - createAppContext(); + def concurrentSessionMaxSessionsIsCorrectlyConfigured() { + setup: + httpAutoConfig { + 'session-management'('session-authentication-error-url':'/max-exceeded') { + 'concurrency-control'('max-sessions': '2', 'error-if-maximum-exceeded':'true') + } + } + createAppContext(); - def seshFilter = getFilter(SessionManagementFilter.class); - def auth = new UsernamePasswordAuthenticationToken("bob", "pass"); - SecurityContextHolder.getContext().setAuthentication(auth); - MockHttpServletResponse mockResponse = new MockHttpServletResponse(); - def response = new SaveContextOnUpdateOrErrorResponseWrapper(mockResponse, false) { - protected void saveContext(SecurityContext context) { - } - }; - when: "First session is established" - seshFilter.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()); - then: "ok" - mockResponse.redirectedUrl == null - when: "Second session is established" - seshFilter.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()); - then: "ok" - mockResponse.redirectedUrl == null - when: "Third session is established" - seshFilter.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()); - then: "Rejected" - mockResponse.redirectedUrl == "/max-exceeded"; - } + def seshFilter = getFilter(SessionManagementFilter.class); + def auth = new UsernamePasswordAuthenticationToken("bob", "pass"); + SecurityContextHolder.getContext().setAuthentication(auth); + MockHttpServletResponse mockResponse = new MockHttpServletResponse(); + def response = new SaveContextOnUpdateOrErrorResponseWrapper(mockResponse, false) { + protected void saveContext(SecurityContext context) { + } + }; + when: "First session is established" + seshFilter.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()); + then: "ok" + mockResponse.redirectedUrl == null + when: "Second session is established" + seshFilter.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()); + then: "ok" + mockResponse.redirectedUrl == null + when: "Third session is established" + seshFilter.doFilter(new MockHttpServletRequest(), response, new MockFilterChain()); + then: "Rejected" + mockResponse.redirectedUrl == "/max-exceeded"; + } - def disablingSessionProtectionRemovesSessionManagementFilterIfNoInvalidSessionUrlSet() { - httpAutoConfig { - 'session-management'('session-fixation-protection': 'none') - csrf(disabled:true) - } - createAppContext() + def disablingSessionProtectionRemovesSessionManagementFilterIfNoInvalidSessionUrlSet() { + httpAutoConfig { + 'session-management'('session-fixation-protection': 'none') + csrf(disabled:true) + } + createAppContext() - expect: - !(getFilters("/someurl").find { it instanceof SessionManagementFilter}) - } + expect: + !(getFilters("/someurl").find { it instanceof SessionManagementFilter}) + } - def 'session-fixation-protection=none'() { - setup: - MockHttpServletRequest request = new MockHttpServletRequest(method:'POST') - request.session.id = '123' - request.setParameter('username', 'user') - request.setParameter('password', 'password') - request.servletPath = '/login' + def 'session-fixation-protection=none'() { + setup: + MockHttpServletRequest request = new MockHttpServletRequest(method:'POST') + request.session.id = '123' + request.setParameter('username', 'user') + request.setParameter('password', 'password') + request.servletPath = '/login' - MockHttpServletResponse response = new MockHttpServletResponse() - MockFilterChain chain = new MockFilterChain() - httpAutoConfig { - 'session-management'('session-fixation-protection': 'none') - csrf(disabled:true) - } - createAppContext() - request.session.id = '123' + MockHttpServletResponse response = new MockHttpServletResponse() + MockFilterChain chain = new MockFilterChain() + httpAutoConfig { + 'session-management'('session-fixation-protection': 'none') + csrf(disabled:true) + } + createAppContext() + request.session.id = '123' - when: - springSecurityFilterChain.doFilter(request,response, chain) + when: + springSecurityFilterChain.doFilter(request,response, chain) - then: - request.session.id == '123' - } + then: + request.session.id == '123' + } - def 'session-fixation-protection=migrateSession'() { - setup: - MockHttpServletRequest request = new MockHttpServletRequest(method:'POST') - request.session.id = '123' - request.setParameter('username', 'user') - request.setParameter('password', 'password') - request.servletPath = '/login' + def 'session-fixation-protection=migrateSession'() { + setup: + MockHttpServletRequest request = new MockHttpServletRequest(method:'POST') + request.session.id = '123' + request.setParameter('username', 'user') + request.setParameter('password', 'password') + request.servletPath = '/login' - MockHttpServletResponse response = new MockHttpServletResponse() - MockFilterChain chain = new MockFilterChain() - httpAutoConfig { - 'session-management'('session-fixation-protection': 'migrateSession') - csrf(disabled:true) - } - createAppContext() - request.session.id = '123' + MockHttpServletResponse response = new MockHttpServletResponse() + MockFilterChain chain = new MockFilterChain() + httpAutoConfig { + 'session-management'('session-fixation-protection': 'migrateSession') + csrf(disabled:true) + } + createAppContext() + request.session.id = '123' - when: - springSecurityFilterChain.doFilter(request,response, chain) + when: + springSecurityFilterChain.doFilter(request,response, chain) - then: - request.session.id != '123' - } + then: + request.session.id != '123' + } - def disablingSessionProtectionRetainsSessionManagementFilterInvalidSessionUrlSet() { - httpAutoConfig { - 'session-management'('session-fixation-protection': 'none', 'invalid-session-url': '/timeoutUrl') - csrf(disabled:true) - } - createAppContext() - def filter = getFilters("/someurl")[10] + def disablingSessionProtectionRetainsSessionManagementFilterInvalidSessionUrlSet() { + httpAutoConfig { + 'session-management'('session-fixation-protection': 'none', 'invalid-session-url': '/timeoutUrl') + csrf(disabled:true) + } + createAppContext() + def filter = getFilters("/someurl")[10] - expect: - filter instanceof SessionManagementFilter - filter.invalidSessionStrategy.destinationUrl == '/timeoutUrl' - } + expect: + filter instanceof SessionManagementFilter + filter.invalidSessionStrategy.destinationUrl == '/timeoutUrl' + } } diff --git a/core/core.gradle b/core/core.gradle index d44ddc1636..c2866496a0 100644 --- a/core/core.gradle +++ b/core/core.gradle @@ -5,47 +5,47 @@ def cryptoProject = project(':spring-security-crypto') def cryptoClasses = cryptoProject.sourceSets.main.output configurations { - included + included - compile.extendsFrom included + compile.extendsFrom included - testCompile.exclude group: 'org.mockito', module: 'mockito-all' + testCompile.exclude group: 'org.mockito', module: 'mockito-all' } dependencies { - compile springCoreDependency, - 'aopalliance:aopalliance:1.0', - "org.springframework:spring-aop:$springVersion", - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-expression:$springVersion" + compile springCoreDependency, + 'aopalliance:aopalliance:1.0', + "org.springframework:spring-aop:$springVersion", + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-expression:$springVersion" - optional "net.sf.ehcache:ehcache:$ehcacheVersion", - 'javax.annotation:jsr250-api:1.0', - "org.aspectj:aspectjrt:$aspectjVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.springframework:spring-tx:$springVersion" + optional "net.sf.ehcache:ehcache:$ehcacheVersion", + 'javax.annotation:jsr250-api:1.0', + "org.aspectj:aspectjrt:$aspectjVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.springframework:spring-tx:$springVersion" - included cryptoProject + included cryptoProject - testCompile "commons-collections:commons-collections:$commonsCollectionsVersion", - "org.springframework:spring-test:$springVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - powerMockDependencies + testCompile "commons-collections:commons-collections:$commonsCollectionsVersion", + "org.springframework:spring-test:$springVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + powerMockDependencies - testRuntime "org.hsqldb:hsqldb:$hsqlVersion" + testRuntime "org.hsqldb:hsqldb:$hsqlVersion" } classes.doLast { - copy { - from cryptoClasses - into sourceSets.main.output.classesDir - } + copy { + from cryptoClasses + into sourceSets.main.output.classesDir + } } sourceJar.from cryptoProject.sourceSets.main.java configure(project.tasks.withType(Test)) { - systemProperties['springSecurityVersion'] = version - systemProperties['springVersion'] = springVersion + systemProperties['springSecurityVersion'] = version + systemProperties['springVersion'] = springVersion } \ No newline at end of file diff --git a/crypto/crypto.gradle b/crypto/crypto.gradle index 619e9b4c02..9690c4ff14 100644 --- a/crypto/crypto.gradle +++ b/crypto/crypto.gradle @@ -5,8 +5,8 @@ int maxAESKeySize = javax.crypto.Cipher.getMaxAllowedKeyLength('AES') configure(project.tasks.withType(Test)) { - if (maxAESKeySize < 256) { - println "AES keysize limited to $maxAESKeySize, skipping EncryptorsTests" - exclude '**/EncryptorsTests.class' - } + if (maxAESKeySize < 256) { + println "AES keysize limited to $maxAESKeySize, skipping EncryptorsTests" + exclude '**/EncryptorsTests.class' + } } diff --git a/data/data.gradle b/data/data.gradle index cc96350d29..9de1fe8d2d 100644 --- a/data/data.gradle +++ b/data/data.gradle @@ -1,6 +1,6 @@ dependencies { - compile project(':spring-security-core'), - springCoreDependency, - "org.springframework.data:spring-data-commons:$springDataCommonsVersion" + compile project(':spring-security-core'), + springCoreDependency, + "org.springframework.data:spring-data-commons:$springDataCommonsVersion" } \ No newline at end of file diff --git a/docs/docs.gradle b/docs/docs.gradle index 7701905dcb..6837b0e840 100644 --- a/docs/docs.gradle +++ b/docs/docs.gradle @@ -1,147 +1,147 @@ - // Docbook and Javadoc building and uploading tasks + // Docbook and Javadoc building and uploading tasks apply plugin: 'base' task docs { - dependsOn 'manual:reference', 'apidocs', 'guides:asciidoctor' + dependsOn 'manual:reference', 'apidocs', 'guides:asciidoctor' } project('manual') { - apply plugin: 'base' - apply plugin: 'org.asciidoctor.gradle.asciidoctor' - apply plugin: 'docbook-reference' + apply plugin: 'base' + apply plugin: 'org.asciidoctor.gradle.asciidoctor' + apply plugin: 'docbook-reference' - ext.expandPlaceholders = "" + ext.expandPlaceholders = "" - asciidoctorj { - version = '1.5.2' - } + asciidoctorj { + version = '1.5.2' + } - asciidoctor { - backends = ['docbook5'] - options = [ - eruby: 'erubis', - attributes: [ - copycss : '', - icons : 'font', - 'source-highlighter': 'prettify', - sectanchors : '', - toc2: '', - idprefix: '', - idseparator: '-', - doctype: 'book', - numbered: '', - 'spring-security-version' : project.version, - 'spring-version' : springVersion, - revnumber : project.version - ] - ] - } + asciidoctor { + backends = ['docbook5'] + options = [ + eruby: 'erubis', + attributes: [ + copycss : '', + icons : 'font', + 'source-highlighter': 'prettify', + sectanchors : '', + toc2: '', + idprefix: '', + idseparator: '-', + doctype: 'book', + numbered: '', + 'spring-security-version' : project.version, + 'spring-version' : springVersion, + revnumber : project.version + ] + ] + } - reference { - sourceDir = new File(asciidoctor.outputDir , 'docbook5') - pdfFilename = "spring-security-reference.pdf" - epubFilename = "spring-security-reference.epub" - expandPlaceholders = "" - } + reference { + sourceDir = new File(asciidoctor.outputDir , 'docbook5') + pdfFilename = "spring-security-reference.pdf" + epubFilename = "spring-security-reference.epub" + expandPlaceholders = "" + } - afterEvaluate { - tasks.findAll { it.name.startsWith("reference") }.each{ it.dependsOn.add("asciidoctor") } - } + afterEvaluate { + tasks.findAll { it.name.startsWith("reference") }.each{ it.dependsOn.add("asciidoctor") } + } - ext.spec = copySpec { - from (reference) { - into 'reference' - } - } + ext.spec = copySpec { + from (reference) { + into 'reference' + } + } } task apidocs(type: Javadoc) { - destinationDir = new File(buildDir, 'apidocs') - title = "Spring Security $version API" + destinationDir = new File(buildDir, 'apidocs') + title = "Spring Security $version API" - source coreModuleProjects.collect { project -> - project.sourceSets.main.allJava - } + source coreModuleProjects.collect { project -> + project.sourceSets.main.allJava + } - classpath = files(coreModuleProjects.collect { project -> - project.sourceSets.main.compileClasspath - }) + classpath = files(coreModuleProjects.collect { project -> + project.sourceSets.main.compileClasspath + }) } apidocs.options.outputLevel = org.gradle.external.javadoc.JavadocOutputLevel.QUIET apidocs.options.links = [ - "http://static.springframework.org/spring/docs/3.2.x/javadoc-api", - "http://static.springsource.org/spring-ldap/docs/1.3.x/apidocs/", - "http://download.oracle.com/javase/6/docs/api/" + "http://static.springframework.org/spring/docs/3.2.x/javadoc-api", + "http://static.springsource.org/spring-ldap/docs/1.3.x/apidocs/", + "http://download.oracle.com/javase/6/docs/api/" ] apidocs.options.groups = [ - 'Spring Security Core':[ - 'org.springframework.security.core*', - 'org.springframework.security.authentication*', - 'org.springframework.security.access*', - 'org.springframework.security.remoting*', - 'org.springframework.security.provisioning*', - 'org.springframework.security.util*'], - 'Spring Security Web':['org.springframework.security.web*'], - 'Spring Security LDAP':['org.springframework.security.ldap*'], - 'Spring Security Crypto':['org.springframework.security.crypto*'], - 'Spring Security OpenID':['org.springframework.security.openid*'], - 'Spring Security CAS':['org.springframework.security.cas*'], - 'Spring Security ACL':['org.springframework.security.acls*'], - 'Spring Security Config':['org.springframework.security.config*'], - 'Spring Security Taglibs':['org.springframework.security.taglibs*'], + 'Spring Security Core':[ + 'org.springframework.security.core*', + 'org.springframework.security.authentication*', + 'org.springframework.security.access*', + 'org.springframework.security.remoting*', + 'org.springframework.security.provisioning*', + 'org.springframework.security.util*'], + 'Spring Security Web':['org.springframework.security.web*'], + 'Spring Security LDAP':['org.springframework.security.ldap*'], + 'Spring Security Crypto':['org.springframework.security.crypto*'], + 'Spring Security OpenID':['org.springframework.security.openid*'], + 'Spring Security CAS':['org.springframework.security.cas*'], + 'Spring Security ACL':['org.springframework.security.acls*'], + 'Spring Security Config':['org.springframework.security.config*'], + 'Spring Security Taglibs':['org.springframework.security.taglibs*'], ] ext.apiSpec = copySpec { - into('apidocs') { - from(apidocs.destinationDir) - } + into('apidocs') { + from(apidocs.destinationDir) + } } assemble.dependsOn = [apidocs, 'manual:asciidoctor'] task docsZip(type: Zip) { - dependsOn docs - evaluationDependsOn('guides') - group = 'Distribution' - baseName = rootProject.name - classifier = 'docs' - description = "Builds -${classifier} archive containing api and reference " + - "for deployment at static.springframework.org/spring-security/site/docs." + dependsOn docs + evaluationDependsOn('guides') + group = 'Distribution' + baseName = rootProject.name + classifier = 'docs' + description = "Builds -${classifier} archive containing api and reference " + + "for deployment at static.springframework.org/spring-security/site/docs." - with(project(':docs').apiSpec) - with(project(':docs:manual').spec) - with(project(':docs:guides').spec) + with(project(':docs').apiSpec) + with(project(':docs:manual').spec) + with(project(':docs:guides').spec) } task schemaZip(type: Zip) { - group = 'Distribution' - baseName = rootProject.name - classifier = 'schema' - description = "Builds -${classifier} archive containing all " + - "XSDs for deployment at static.springframework.org/schema." + group = 'Distribution' + baseName = rootProject.name + classifier = 'schema' + description = "Builds -${classifier} archive containing all " + + "XSDs for deployment at static.springframework.org/schema." - coreModuleProjects.each { module -> - def Properties schemas = new Properties(); + coreModuleProjects.each { module -> + def Properties schemas = new Properties(); - module.sourceSets.main.resources.find { - it.path.endsWith('META-INF/spring.schemas') - }?.withInputStream { schemas.load(it) } + module.sourceSets.main.resources.find { + it.path.endsWith('META-INF/spring.schemas') + }?.withInputStream { schemas.load(it) } - for (def key : schemas.keySet()) { - def shortName = key.replaceAll(/http.*schema.(.*).spring-.*/, '$1') - assert shortName != key - File xsdFile = module.sourceSets.main.resources.find { - it.path.endsWith(schemas.get(key)) - } - assert xsdFile != null - into (shortName) { - from xsdFile.path - } - } - } + for (def key : schemas.keySet()) { + def shortName = key.replaceAll(/http.*schema.(.*).spring-.*/, '$1') + assert shortName != key + File xsdFile = module.sourceSets.main.resources.find { + it.path.endsWith(schemas.get(key)) + } + assert xsdFile != null + into (shortName) { + from xsdFile.path + } + } + } } diff --git a/docs/guides/build.gradle b/docs/guides/build.gradle index ba44c86009..8d2e03e636 100644 --- a/docs/guides/build.gradle +++ b/docs/guides/build.gradle @@ -1,46 +1,46 @@ apply plugin: 'org.asciidoctor.gradle.asciidoctor' asciidoctor { - baseDir = file('src/docs/asciidoc') - options = [ - eruby: 'erubis', - eruby: 'erubis', - attributes: [ - copycss : '', - icons : 'font', - 'source-highlighter': 'prettify', - sectanchors : '', - toc: '', - 'toc-placement' : 'preamble', - idprefix: '', - idseparator: '-', - doctype: 'book', - 'spring-security-version' : project.version, - 'download-url' : getDownloadUrl(), - 'include-maven-repository' : getMavenRepositoryInclude(), - revnumber : project.version - ] - ] + baseDir = file('src/docs/asciidoc') + options = [ + eruby: 'erubis', + eruby: 'erubis', + attributes: [ + copycss : '', + icons : 'font', + 'source-highlighter': 'prettify', + sectanchors : '', + toc: '', + 'toc-placement' : 'preamble', + idprefix: '', + idseparator: '-', + doctype: 'book', + 'spring-security-version' : project.version, + 'download-url' : getDownloadUrl(), + 'include-maven-repository' : getMavenRepositoryInclude(), + revnumber : project.version + ] + ] } ext.spec = copySpec { - into ('guides') { - from(asciidoctor.outputDir) - exclude 'build', 'Guardfile' - } + into ('guides') { + from(asciidoctor.outputDir) + exclude 'build', 'Guardfile' + } } def getDownloadUrl() { - snapshotBuild ? "https://github.com/SpringSource/spring-security/archive/master.zip" : "https://github.com/spring-projects/spring-security/archive/${project.version}.zip" + snapshotBuild ? "https://github.com/SpringSource/spring-security/archive/master.zip" : "https://github.com/spring-projects/spring-security/archive/${project.version}.zip" } def getMavenRepositoryInclude() { - if(snapshotBuild) { - return "_includes/maven-repository-snapshot.asc" - } else if(releaseBuild) { - return "_includes/maven-repository-release.asc" - } else { - return "_includes/maven-repository-milestone.asc" - } + if(snapshotBuild) { + return "_includes/maven-repository-snapshot.asc" + } else if(releaseBuild) { + return "_includes/maven-repository-release.asc" + } else { + return "_includes/maven-repository-milestone.asc" + } } \ No newline at end of file diff --git a/gradle/javaprojects.gradle b/gradle/javaprojects.gradle index 5d4241c5d9..c7b272ba42 100644 --- a/gradle/javaprojects.gradle +++ b/gradle/javaprojects.gradle @@ -41,206 +41,206 @@ ext.thymeleafVersion = '2.1.3.RELEASE' ext.thymeleafVersion = '1.2.7.RELEASE' ext.spockDependencies = [ - dependencies.create("org.spockframework:spock-spring:$spockVersion") { - exclude group: 'junit', module: 'junit-dep' - }, - dependencies.create("org.spockframework:spock-core:$spockVersion") { - exclude group: 'junit', module: 'junit-dep' - } + dependencies.create("org.spockframework:spock-spring:$spockVersion") { + exclude group: 'junit', module: 'junit-dep' + }, + dependencies.create("org.spockframework:spock-core:$spockVersion") { + exclude group: 'junit', module: 'junit-dep' + } ] ext.gebDependencies = spockDependencies + [ - "org.seleniumhq.selenium:selenium-htmlunit-driver:$seleniumVersion", - "org.gebish:geb-spock:$gebVersion", - 'commons-httpclient:commons-httpclient:3.1', - "org.codehaus.groovy:groovy:$groovyVersion" + "org.seleniumhq.selenium:selenium-htmlunit-driver:$seleniumVersion", + "org.gebish:geb-spock:$gebVersion", + 'commons-httpclient:commons-httpclient:3.1', + "org.codehaus.groovy:groovy:$groovyVersion" ] ext.powerMockDependencies = [ - "org.powermock:powermock-core:$powerMockVersion", - "org.powermock:powermock-api-support:$powerMockVersion", - "org.powermock:powermock-module-junit4-common:$powerMockVersion", - "org.powermock:powermock-module-junit4:$powerMockVersion", - dependencies.create("org.powermock:powermock-api-mockito:$powerMockVersion") { - exclude group: 'org.mockito', module: 'mockito-all' - }, - "org.powermock:powermock-reflect:$powerMockVersion" + "org.powermock:powermock-core:$powerMockVersion", + "org.powermock:powermock-api-support:$powerMockVersion", + "org.powermock:powermock-module-junit4-common:$powerMockVersion", + "org.powermock:powermock-module-junit4:$powerMockVersion", + dependencies.create("org.powermock:powermock-api-mockito:$powerMockVersion") { + exclude group: 'org.mockito', module: 'mockito-all' + }, + "org.powermock:powermock-reflect:$powerMockVersion" ] ext.springCoreDependency = [ - dependencies.create("org.springframework:spring-core:$springVersion") { - exclude(group: 'commons-logging', module: 'commons-logging') - } + dependencies.create("org.springframework:spring-core:$springVersion") { + exclude(group: 'commons-logging', module: 'commons-logging') + } ] ext.jstlDependencies = [ - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "org.apache.taglibs:taglibs-standard-jstlel:1.2.1" + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "org.apache.taglibs:taglibs-standard-jstlel:1.2.1" ] ext.apachedsDependencies = [ - "org.apache.directory.server:apacheds-core:$apacheDsVersion", - "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion", - "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion", - "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion", - "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion", - 'org.apache.directory.shared:shared-ldap:0.9.15' + "org.apache.directory.server:apacheds-core:$apacheDsVersion", + "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion", + "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion", + "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion", + "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion", + 'org.apache.directory.shared:shared-ldap:0.9.15' ] // Integration test setup configurations { - integrationTestCompile { - extendsFrom testCompile, optional, provided - } - integrationTestRuntime { - extendsFrom integrationTestCompile, testRuntime - } + integrationTestCompile { + extendsFrom testCompile, optional, provided + } + integrationTestRuntime { + extendsFrom integrationTestCompile, testRuntime + } } sourceSets { - integrationTest { - java.srcDir file('src/integration-test/java') - groovy.srcDirs file('src/integration-test/groovy') - resources.srcDir file('src/integration-test/resources') - compileClasspath = sourceSets.main.output + sourceSets.test.output + configurations.integrationTestCompile - runtimeClasspath = output + compileClasspath + configurations.integrationTestRuntime - } + integrationTest { + java.srcDir file('src/integration-test/java') + groovy.srcDirs file('src/integration-test/groovy') + resources.srcDir file('src/integration-test/resources') + compileClasspath = sourceSets.main.output + sourceSets.test.output + configurations.integrationTestCompile + runtimeClasspath = output + compileClasspath + configurations.integrationTestRuntime + } } task integrationTest(type: Test, dependsOn: jar) { - testClassesDir = sourceSets.integrationTest.output.classesDir - logging.captureStandardOutput(LogLevel.INFO) - classpath = sourceSets.integrationTest.runtimeClasspath - maxParallelForks = 1 - reports { - html.destination = project.file("$project.buildDir/reports/integration-tests/") - junitXml.destination = project.file("$project.buildDir/integration-test-results/") - } + testClassesDir = sourceSets.integrationTest.output.classesDir + logging.captureStandardOutput(LogLevel.INFO) + classpath = sourceSets.integrationTest.runtimeClasspath + maxParallelForks = 1 + reports { + html.destination = project.file("$project.buildDir/reports/integration-tests/") + junitXml.destination = project.file("$project.buildDir/integration-test-results/") + } } eclipse { - classpath { - plusConfigurations += [ configurations.integrationTestCompile ] - } + classpath { + plusConfigurations += [ configurations.integrationTestCompile ] + } } project.conf2ScopeMappings.addMapping(MavenPlugin.TEST_COMPILE_PRIORITY + 1, project.configurations.getByName("integrationTestCompile"), Conf2ScopeMappingContainer.TEST) project.conf2ScopeMappings.addMapping(MavenPlugin.TEST_COMPILE_PRIORITY + 2, project.configurations.getByName("integrationTestRuntime"), Conf2ScopeMappingContainer.TEST) check.dependsOn integrationTest dependencies { - optional "commons-logging:commons-logging:$commonsLoggingVersion" + optional "commons-logging:commons-logging:$commonsLoggingVersion" - testCompile "junit:junit:$junitVersion", - 'org.mockito:mockito-core:1.9.5', - "org.springframework:spring-test:$springVersion", - 'org.easytesting:fest-assert:1.4' + testCompile "junit:junit:$junitVersion", + 'org.mockito:mockito-core:1.9.5', + "org.springframework:spring-test:$springVersion", + 'org.easytesting:fest-assert:1.4' - // Use slf4j/logback for logging - testRuntime "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "ch.qos.logback:logback-classic:$logbackVersion" + // Use slf4j/logback for logging + testRuntime "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "ch.qos.logback:logback-classic:$logbackVersion" } [configurations.runtime, configurations.default, configurations.testCompile]*.exclude(module: 'commons-logging') configurations.all { - resolutionStrategy.eachDependency { DependencyResolveDetails details -> - if (details.requested.group == 'org.slf4j') { - details.useVersion slf4jVersion - } - } + resolutionStrategy.eachDependency { DependencyResolveDetails details -> + if (details.requested.group == 'org.slf4j') { + details.useVersion slf4jVersion + } + } } [compileJava, compileTestJava]*.options*.encoding = 'UTF-8' project.tasks.matching { it instanceof Test && it.name != 'integrationTest' }.all { - jvmArgs = ['-ea', '-Xmx500m', '-XX:MaxPermSize=256M'] - maxParallelForks = guessMaxForks() - logging.captureStandardOutput(LogLevel.INFO) + jvmArgs = ['-ea', '-Xmx500m', '-XX:MaxPermSize=256M'] + maxParallelForks = guessMaxForks() + logging.captureStandardOutput(LogLevel.INFO) } def guessMaxForks() { - int processors = Runtime.runtime.availableProcessors() - return Math.max(2, (int) (processors / 2)) + int processors = Runtime.runtime.availableProcessors() + return Math.max(2, (int) (processors / 2)) } javadoc { - title = "Spring Security $version API" - source = sourceSets.main.allJava - options { - memberLevel = org.gradle.external.javadoc.JavadocMemberLevel.PROTECTED - author = true - header = project.name - outputLevel = org.gradle.external.javadoc.JavadocOutputLevel.QUIET - links = [ - "http://static.springsource.org/spring/docs/3.2.x/javadoc-api/", - "http://static.springsource.org/spring-ldap/docs/1.3.x/apidocs/", - "http://download.oracle.com/javase/6/docs/api/" - ] - groups = [ - 'Spring Security Core':[ - 'org.springframework.security.core*', - 'org.springframework.security.authentication*', - 'org.springframework.security.access*', - 'org.springframework.security.remoting*', - 'org.springframework.security.provisioning*', - 'org.springframework.security.util*'], - 'Spring Security Web':['org.springframework.security.web*'], - 'Spring Security LDAP':['org.springframework.security.ldap*'], - 'Spring Security Crypto':['org.springframework.security.crypto*'], - 'Spring Security OpenID':['org.springframework.security.openid*'], - 'Spring Security CAS':['org.springframework.security.cas*'], - 'Spring Security ACL':['org.springframework.security.acls*'], - 'Spring Security Config':['org.springframework.security.config*'], - 'Spring Security Taglibs':['org.springframework.security.taglibs*'], - ] - } + title = "Spring Security $version API" + source = sourceSets.main.allJava + options { + memberLevel = org.gradle.external.javadoc.JavadocMemberLevel.PROTECTED + author = true + header = project.name + outputLevel = org.gradle.external.javadoc.JavadocOutputLevel.QUIET + links = [ + "http://static.springsource.org/spring/docs/3.2.x/javadoc-api/", + "http://static.springsource.org/spring-ldap/docs/1.3.x/apidocs/", + "http://download.oracle.com/javase/6/docs/api/" + ] + groups = [ + 'Spring Security Core':[ + 'org.springframework.security.core*', + 'org.springframework.security.authentication*', + 'org.springframework.security.access*', + 'org.springframework.security.remoting*', + 'org.springframework.security.provisioning*', + 'org.springframework.security.util*'], + 'Spring Security Web':['org.springframework.security.web*'], + 'Spring Security LDAP':['org.springframework.security.ldap*'], + 'Spring Security Crypto':['org.springframework.security.crypto*'], + 'Spring Security OpenID':['org.springframework.security.openid*'], + 'Spring Security CAS':['org.springframework.security.cas*'], + 'Spring Security ACL':['org.springframework.security.acls*'], + 'Spring Security Config':['org.springframework.security.config*'], + 'Spring Security Taglibs':['org.springframework.security.taglibs*'], + ] + } } eclipse.classpath.downloadSources = true // http://forums.gradle.org/gradle/topics/eclipse_wtp_deploys_testcode_to_server_example_provided eclipse.classpath { - defaultOutputDir = file('bin/main') - file.whenMerged { cp -> - cp.entries.findAll { it instanceof SourceFolder && (it.path.contains("test") || it.path.contains("Test")) }*.output = "bin/test" - } + defaultOutputDir = file('bin/main') + file.whenMerged { cp -> + cp.entries.findAll { it instanceof SourceFolder && (it.path.contains("test") || it.path.contains("Test")) }*.output = "bin/test" + } } // GRADLE-1116 project.eclipse.classpath.file.whenMerged { classpath -> - classpath.entries.removeAll { entry -> entry.path.endsWith('/build/resources/test') } - classpath.entries.removeAll { entry -> entry.path.endsWith('/build/classes/test') } - classpath.entries.removeAll { entry -> entry.path.endsWith('/build/resources/main') } - classpath.entries.removeAll { entry -> entry.path.endsWith('/build/classes/main') } + classpath.entries.removeAll { entry -> entry.path.endsWith('/build/resources/test') } + classpath.entries.removeAll { entry -> entry.path.endsWith('/build/classes/test') } + classpath.entries.removeAll { entry -> entry.path.endsWith('/build/resources/main') } + classpath.entries.removeAll { entry -> entry.path.endsWith('/build/classes/main') } } // GRADLE-1422 project.eclipseClasspath.doFirst { // delay adding whenMerged till the entryAttributes are added (must be the last whenMerged) project.eclipse.classpath.file.whenMerged { classpath -> - def includeDeps = project.configurations.getByName('runtime').collect {f -> f.absolutePath } as Set - classpath.entries.each { cp -> - if(cp instanceof org.gradle.plugins.ide.eclipse.model.Library) { - def include = includeDeps.contains(cp.path) - def attr = 'org.eclipse.jst.component.dependency' - if(!include) { - cp.entryAttributes.remove(attr) - } - } - } + def includeDeps = project.configurations.getByName('runtime').collect {f -> f.absolutePath } as Set + classpath.entries.each { cp -> + if(cp instanceof org.gradle.plugins.ide.eclipse.model.Library) { + def include = includeDeps.contains(cp.path) + def attr = 'org.eclipse.jst.component.dependency' + if(!include) { + cp.entryAttributes.remove(attr) + } + } + } } } project.idea.module { - scopes.TEST.plus += [project.configurations.integrationTestRuntime] - testSourceDirs += sourceSets.integrationTest.resources.srcDirs + scopes.TEST.plus += [project.configurations.integrationTestRuntime] + testSourceDirs += sourceSets.integrationTest.resources.srcDirs } task javadocJar(type: Jar) { - classifier = 'javadoc' - from javadoc + classifier = 'javadoc' + from javadoc } artifacts { - archives javadocJar + archives javadocJar } diff --git a/gradle/maven-deployment.gradle b/gradle/maven-deployment.gradle index e66962a4f0..e4018e58ce 100644 --- a/gradle/maven-deployment.gradle +++ b/gradle/maven-deployment.gradle @@ -2,129 +2,129 @@ apply plugin: 'maven' // Create a source jar for uploading task sourceJar(type: Jar) { - classifier = 'sources' - from sourceSets.main.java.srcDirs - include '**/*.java', '**/*.aj' + classifier = 'sources' + from sourceSets.main.java.srcDirs + include '**/*.java', '**/*.aj' } artifacts { - archives sourceJar + archives sourceJar } // Configuration for SpringSource s3 maven deployer configurations { - deployerJars + deployerJars } dependencies { - deployerJars "org.springframework.build.aws:org.springframework.build.aws.maven:3.0.0.RELEASE" + deployerJars "org.springframework.build.aws:org.springframework.build.aws.maven:3.0.0.RELEASE" } install { - repositories.mavenInstaller { - customizePom(pom, project) - } + repositories.mavenInstaller { + customizePom(pom, project) + } } def customizePom(pom, gradleProject) { - pom.whenConfigured { p -> - p.dependencies.findAll{ it.scope == "optional" }.each { - it.scope = "compile" - it.optional = true - } - // sort to make pom dependencies order consistent to ease comparison of older poms - p.dependencies = p.dependencies.sort { dep -> - "$dep.scope:$dep.optional:$dep.groupId:$dep.artifactId" - } - } - def isWar = project.hasProperty('war') - pom.project { - name = gradleProject.name - if(isWar) { - packaging = "war" - } - description = gradleProject.name - url = 'http://spring.io/spring-security' - organization { - name = 'spring.io' - url = 'http://spring.io/' - } - licenses { - license { - name 'The Apache Software License, Version 2.0' - url 'http://www.apache.org/licenses/LICENSE-2.0.txt' - distribution 'repo' - } - } - scm { - url = 'https://github.com/spring-projects/spring-security' - connection = 'scm:git:git://github.com/spring-projects/spring-security' - developerConnection = 'scm:git:git://github.com/spring-projects/spring-security' - } - developers { - developer { - id = 'rwinch' - name = 'Rob Winch' - email = 'rwinch@gopivotal.com' - } - } - if(isWar) { - properties { - 'm2eclipse.wtp.contextRoot' '/' + project.war.baseName - } - } - if(project.snapshotBuild) { - repositories { - repository { - id 'spring-snasphot' - url 'https://repo.spring.io/snapshot' - } - } - } else if(!project.releaseBuild) { - repositories { - repository { - id 'spring-milestone' - url 'https://repo.spring.io/milestone' - } - } - } - } + pom.whenConfigured { p -> + p.dependencies.findAll{ it.scope == "optional" }.each { + it.scope = "compile" + it.optional = true + } + // sort to make pom dependencies order consistent to ease comparison of older poms + p.dependencies = p.dependencies.sort { dep -> + "$dep.scope:$dep.optional:$dep.groupId:$dep.artifactId" + } + } + def isWar = project.hasProperty('war') + pom.project { + name = gradleProject.name + if(isWar) { + packaging = "war" + } + description = gradleProject.name + url = 'http://spring.io/spring-security' + organization { + name = 'spring.io' + url = 'http://spring.io/' + } + licenses { + license { + name 'The Apache Software License, Version 2.0' + url 'http://www.apache.org/licenses/LICENSE-2.0.txt' + distribution 'repo' + } + } + scm { + url = 'https://github.com/spring-projects/spring-security' + connection = 'scm:git:git://github.com/spring-projects/spring-security' + developerConnection = 'scm:git:git://github.com/spring-projects/spring-security' + } + developers { + developer { + id = 'rwinch' + name = 'Rob Winch' + email = 'rwinch@gopivotal.com' + } + } + if(isWar) { + properties { + 'm2eclipse.wtp.contextRoot' '/' + project.war.baseName + } + } + if(project.snapshotBuild) { + repositories { + repository { + id 'spring-snasphot' + url 'https://repo.spring.io/snapshot' + } + } + } else if(!project.releaseBuild) { + repositories { + repository { + id 'spring-milestone' + url 'https://repo.spring.io/milestone' + } + } + } + } - // http://forums.gradle.org/gradle/topics/after_upgrade_gradle_to_2_0_version_the_maven_pom_not_support_build_property - pom.withXml { - def plugins = asNode().appendNode('build').appendNode('plugins') - plugins - .appendNode('plugin') - .appendNode('artifactId','maven-compiler-plugin').parent() - .appendNode('configuration') - .appendNode('source','1.7').parent() - .appendNode('target','1.7') - if(isWar) { - plugins - .appendNode('plugin') - .appendNode('artifactId','maven-war-plugin').parent() - .appendNode('version','2.3').parent() - .appendNode('configuration') - .appendNode('failOnMissingWebXml','false') - } - } + // http://forums.gradle.org/gradle/topics/after_upgrade_gradle_to_2_0_version_the_maven_pom_not_support_build_property + pom.withXml { + def plugins = asNode().appendNode('build').appendNode('plugins') + plugins + .appendNode('plugin') + .appendNode('artifactId','maven-compiler-plugin').parent() + .appendNode('configuration') + .appendNode('source','1.7').parent() + .appendNode('target','1.7') + if(isWar) { + plugins + .appendNode('plugin') + .appendNode('artifactId','maven-war-plugin').parent() + .appendNode('version','2.3').parent() + .appendNode('configuration') + .appendNode('failOnMissingWebXml','false') + } + } } task generatePom { - group = 'Build' - description = 'Generates a Maven pom.xml' + group = 'Build' + description = 'Generates a Maven pom.xml' - ext.generatedPomFileName = "pom.xml" - onlyIf { install.enabled } + ext.generatedPomFileName = "pom.xml" + onlyIf { install.enabled } - inputs.files(fileTree(project.rootProject.rootDir).include("**/*.gradle").files) - inputs.files(new File(project.rootProject.rootDir, Project.GRADLE_PROPERTIES)) - outputs.files(generatedPomFileName) + inputs.files(fileTree(project.rootProject.rootDir).include("**/*.gradle").files) + inputs.files(new File(project.rootProject.rootDir, Project.GRADLE_PROPERTIES)) + outputs.files(generatedPomFileName) - doLast() { - def p = pom {} - customizePom(p, project) - p.writeTo(generatedPomFileName) - } + doLast() { + def p = pom {} + customizePom(p, project) + p.writeTo(generatedPomFileName) + } } build.dependsOn generatePom diff --git a/gradle/release-checks.gradle b/gradle/release-checks.gradle index 78294a81bf..4cf510694e 100644 --- a/gradle/release-checks.gradle +++ b/gradle/release-checks.gradle @@ -1,22 +1,22 @@ task checkDependencies << { - verifyNoDependenciesMatchingVersion(".*-SNAPSHOT") - if(releaseBuild) { - verifyNoDependenciesMatchingVersion(".*M.*") - verifyNoDependenciesMatchingVersion(".*RC.*") - } + verifyNoDependenciesMatchingVersion(".*-SNAPSHOT") + if(releaseBuild) { + verifyNoDependenciesMatchingVersion(".*M.*") + verifyNoDependenciesMatchingVersion(".*RC.*") + } } if(!snapshotBuild) { - tasks.findByPath('check')?.dependsOn checkDependencies + tasks.findByPath('check')?.dependsOn checkDependencies } def verifyNoDependenciesMatchingVersion(def pattern) { - def dependencies = configurations.all*.allDependencies*.findAll { d -> - def ignored = 'io.spring.platform:platform-versions' - def groupAndName = "$d.group:$d.name".toString() - ignored != groupAndName && d.version?.matches(pattern) - }.flatten().toSet().join("\n ") - if(dependencies) { - throw new GradleException("${project.name} cannot have dependencies with a version that matches $pattern when its version is ${project.version}. Got\n $dependencies") - } + def dependencies = configurations.all*.allDependencies*.findAll { d -> + def ignored = 'io.spring.platform:platform-versions' + def groupAndName = "$d.group:$d.name".toString() + ignored != groupAndName && d.version?.matches(pattern) + }.flatten().toSet().join("\n ") + if(dependencies) { + throw new GradleException("${project.name} cannot have dependencies with a version that matches $pattern when its version is ${project.version}. Got\n $dependencies") + } } \ No newline at end of file diff --git a/gradle/tomcat.gradle b/gradle/tomcat.gradle index d1ed9b604e..0ad83472b6 100644 --- a/gradle/tomcat.gradle +++ b/gradle/tomcat.gradle @@ -1,68 +1,68 @@ buildscript { - repositories { - maven { url "https://repo.spring.io/plugins-release" } - } - dependencies { - classpath("org.gradle.api.plugins:gradle-tomcat-plugin:1.2.5") - } + repositories { + maven { url "https://repo.spring.io/plugins-release" } + } + dependencies { + classpath("org.gradle.api.plugins:gradle-tomcat-plugin:1.2.5") + } } apply plugin: 'tomcat' dependencies { - def tomcatVersion = '7.0.54' - tomcat "org.apache.tomcat.embed:tomcat-embed-core:${tomcatVersion}", - "org.apache.tomcat.embed:tomcat-embed-logging-juli:${tomcatVersion}", - "org.apache.tomcat.embed:tomcat-embed-websocket:${tomcatVersion}" - tomcat("org.apache.tomcat.embed:tomcat-embed-jasper:${tomcatVersion}") { - exclude group: 'org.eclipse.jdt.core.compiler', module: 'ecj' - } + def tomcatVersion = '7.0.54' + tomcat "org.apache.tomcat.embed:tomcat-embed-core:${tomcatVersion}", + "org.apache.tomcat.embed:tomcat-embed-logging-juli:${tomcatVersion}", + "org.apache.tomcat.embed:tomcat-embed-websocket:${tomcatVersion}" + tomcat("org.apache.tomcat.embed:tomcat-embed-jasper:${tomcatVersion}") { + exclude group: 'org.eclipse.jdt.core.compiler', module: 'ecj' + } } task integrationTomcatRun(type: org.gradle.api.plugins.tomcat.tasks.TomcatRun) { - onlyIf { !sourceSets.integrationTest.allSource.empty } - buildscriptClasspath = tomcatRun.buildscriptClasspath - contextPath = tomcatRun.contextPath - daemon = true - tomcatClasspath = tomcatRun.tomcatClasspath - webAppClasspath = tomcatRun.webAppClasspath - webAppSourceDirectory = tomcatRun.webAppSourceDirectory - doFirst { - def mainOutputDir = project.sourceSets.main.output.classesDir - if(mainOutputDir) { - classesDirectory = mainOutputDir - } - // delay reserving ports to ensure they are still available - def ports = reservePorts(3) - httpPort = ports[0] - ajpPort = ports[1] - stopPort = ports[2] - } + onlyIf { !sourceSets.integrationTest.allSource.empty } + buildscriptClasspath = tomcatRun.buildscriptClasspath + contextPath = tomcatRun.contextPath + daemon = true + tomcatClasspath = tomcatRun.tomcatClasspath + webAppClasspath = tomcatRun.webAppClasspath + webAppSourceDirectory = tomcatRun.webAppSourceDirectory + doFirst { + def mainOutputDir = project.sourceSets.main.output.classesDir + if(mainOutputDir) { + classesDirectory = mainOutputDir + } + // delay reserving ports to ensure they are still available + def ports = reservePorts(3) + httpPort = ports[0] + ajpPort = ports[1] + stopPort = ports[2] + } } task integrationTomcatStop(type: org.gradle.api.plugins.tomcat.tasks.TomcatStop) { - onlyIf { !sourceSets.integrationTest.allSource.empty } - doFirst { - stopPort = integrationTomcatRun.stopPort - } + onlyIf { !sourceSets.integrationTest.allSource.empty } + doFirst { + stopPort = integrationTomcatRun.stopPort + } } integrationTest { - dependsOn integrationTomcatRun - doFirst { - def host = 'localhost:' + integrationTomcatRun.httpPort - systemProperties['geb.build.baseUrl'] = 'http://'+host+'/' + integrationTomcatRun.contextPath + '/' - systemProperties['geb.build.reportsDir'] = 'build/geb-reports' - } - finalizedBy integrationTomcatStop + dependsOn integrationTomcatRun + doFirst { + def host = 'localhost:' + integrationTomcatRun.httpPort + systemProperties['geb.build.baseUrl'] = 'http://'+host+'/' + integrationTomcatRun.contextPath + '/' + systemProperties['geb.build.reportsDir'] = 'build/geb-reports' + } + finalizedBy integrationTomcatStop } def reservePorts(int count) { - def sockets = [] - for(int i in 1..count) { - sockets << new ServerSocket(0) - } - def result = sockets*.localPort - sockets*.close() - result + def sockets = [] + for(int i in 1..count) { + sockets << new ServerSocket(0) + } + def result = sockets*.localPort + sockets*.close() + result } \ No newline at end of file diff --git a/gradle/war-sample.gradle b/gradle/war-sample.gradle index 99199e2619..8decfb919b 100644 --- a/gradle/war-sample.gradle +++ b/gradle/war-sample.gradle @@ -2,9 +2,9 @@ apply plugin: 'war' apply from: TOMCAT_GRADLE war { - baseName = "sample" + baseName = "sample" } sonarRunner { - skipProject = true + skipProject = true } \ No newline at end of file diff --git a/itest/context/itest-context.gradle b/itest/context/itest-context.gradle index c61cd812b0..b6986dc182 100644 --- a/itest/context/itest-context.gradle +++ b/itest/context/itest-context.gradle @@ -1,17 +1,17 @@ System.setProperty('python.cachedir.skip', 'true') dependencies { - compile project(':spring-security-core'), - 'aopalliance:aopalliance:1.0', - 'org.python:jython:2.5.0', - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-aop:$springVersion", - "org.springframework:spring-tx:$springVersion", - "org.springframework:spring-beans:$springVersion" + compile project(':spring-security-core'), + 'aopalliance:aopalliance:1.0', + 'org.python:jython:2.5.0', + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-aop:$springVersion", + "org.springframework:spring-tx:$springVersion", + "org.springframework:spring-beans:$springVersion" - testCompile project(':spring-security-web'), - "javax.servlet:javax.servlet-api:$servletApiVersion", - "org.springframework:spring-web:$springVersion" - testRuntime project(':spring-security-config'), - "org.aspectj:aspectjweaver:$aspectjVersion" + testCompile project(':spring-security-web'), + "javax.servlet:javax.servlet-api:$servletApiVersion", + "org.springframework:spring-web:$springVersion" + testRuntime project(':spring-security-config'), + "org.aspectj:aspectjweaver:$aspectjVersion" } \ No newline at end of file diff --git a/itest/web/itest-web.gradle b/itest/web/itest-web.gradle index 995c470b2f..d7b3de0a93 100644 --- a/itest/web/itest-web.gradle +++ b/itest/web/itest-web.gradle @@ -1,38 +1,38 @@ dependencies { - compile "org.springframework:spring-context:$springVersion", - "org.springframework:spring-web:$springVersion" + compile "org.springframework:spring-context:$springVersion", + "org.springframework:spring-web:$springVersion" - provided "javax.servlet:javax.servlet-api:$servletApiVersion" + provided "javax.servlet:javax.servlet-api:$servletApiVersion" - testCompile project(':spring-security-core'), - project(':spring-security-web'), - project(':spring-security-taglibs'), - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-webmvc:$springVersion", - "org.mortbay.jetty:jetty-util:$jettyVersion", - "org.testng:testng:5.11:jdk15" - testCompile ("org.mortbay.jetty:jetty:$jettyVersion") { - exclude group: 'org.mortbay.jetty', module: 'servlet-api' - } - testCompile ('net.sourceforge.jwebunit:jwebunit-core:2.2') { - exclude group: 'javax.servlet', module: 'servlet-api' - exclude group: 'regexp', module: 'regexp' - } + testCompile project(':spring-security-core'), + project(':spring-security-web'), + project(':spring-security-taglibs'), + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-webmvc:$springVersion", + "org.mortbay.jetty:jetty-util:$jettyVersion", + "org.testng:testng:5.11:jdk15" + testCompile ("org.mortbay.jetty:jetty:$jettyVersion") { + exclude group: 'org.mortbay.jetty', module: 'servlet-api' + } + testCompile ('net.sourceforge.jwebunit:jwebunit-core:2.2') { + exclude group: 'javax.servlet', module: 'servlet-api' + exclude group: 'regexp', module: 'regexp' + } - testRuntime project(':spring-security-config'), - project(':spring-security-ldap'), - "org.mortbay.jetty:jsp-2.1-jetty:$jettyVersion", - testRuntime ('net.sourceforge.jwebunit:jwebunit-htmlunit-plugin:2.2') { - exclude group: 'javax.servlet', module: 'servlet-api' - } + testRuntime project(':spring-security-config'), + project(':spring-security-ldap'), + "org.mortbay.jetty:jsp-2.1-jetty:$jettyVersion", + testRuntime ('net.sourceforge.jwebunit:jwebunit-htmlunit-plugin:2.2') { + exclude group: 'javax.servlet', module: 'servlet-api' + } } integrationTest { - useTestNG(); - options { - jvmArgs = ["-ea", '-Xms128m', '-Xmx500m'] - systemProperties = ['webapp.dir': "$projectDir/src/main/webapp"] - } - maxParallelForks = 1 + useTestNG(); + options { + jvmArgs = ["-ea", '-Xms128m', '-Xmx500m'] + systemProperties = ['webapp.dir': "$projectDir/src/main/webapp"] + } + maxParallelForks = 1 } diff --git a/ldap/ldap.gradle b/ldap/ldap.gradle index 403e03b25f..af38b874db 100644 --- a/ldap/ldap.gradle +++ b/ldap/ldap.gradle @@ -1,41 +1,41 @@ // Ldap build file dependencies { - compile project(':spring-security-core'), - springCoreDependency, - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-tx:$springVersion" + compile project(':spring-security-core'), + springCoreDependency, + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-tx:$springVersion" - optional "org.apache.directory.server:apacheds-core:$apacheDsVersion", - "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion", - "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion", - "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion", - "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion", - 'org.apache.directory.shared:shared-ldap:0.9.15', - 'ldapsdk:ldapsdk:4.1' + optional "org.apache.directory.server:apacheds-core:$apacheDsVersion", + "org.apache.directory.server:apacheds-core-entry:$apacheDsVersion", + "org.apache.directory.server:apacheds-protocol-shared:$apacheDsVersion", + "org.apache.directory.server:apacheds-protocol-ldap:$apacheDsVersion", + "org.apache.directory.server:apacheds-server-jndi:$apacheDsVersion", + 'org.apache.directory.shared:shared-ldap:0.9.15', + 'ldapsdk:ldapsdk:4.1' - compile ("org.springframework.ldap:spring-ldap-core:$springLdapVersion") { - exclude(group: 'commons-logging', module: 'commons-logging') - exclude(group: 'org.springframework', module: 'spring-core') - exclude(group: 'org.springframework', module: 'spring-tx') - exclude(group: 'org.springframework', module: 'spring-beans') - exclude(group: 'org.springframework.data', module: 'spring-data-commons') - } + compile ("org.springframework.ldap:spring-ldap-core:$springLdapVersion") { + exclude(group: 'commons-logging', module: 'commons-logging') + exclude(group: 'org.springframework', module: 'spring-core') + exclude(group: 'org.springframework', module: 'spring-tx') + exclude(group: 'org.springframework', module: 'spring-beans') + exclude(group: 'org.springframework.data', module: 'spring-data-commons') + } - testCompile "org.slf4j:slf4j-api:$slf4jVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion" + testCompile "org.slf4j:slf4j-api:$slf4jVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion" } integrationTest { - include('**/ApacheDSServerIntegrationTests.class') -// exclude('**/OpenLDAPIntegrationTestSuite.class') - maxParallelForks = 1 + include('**/ApacheDSServerIntegrationTests.class') +// exclude('**/OpenLDAPIntegrationTestSuite.class') + maxParallelForks = 1 } // Runs a server for running the integration tests against (from an IDE, for example) task(ldapServer, dependsOn: 'integrationTestClasses', type: JavaExec) { - classpath = sourceSets.integrationTest.runtimeClasspath - main = 'org.springframework.security.ldap.ApacheDSServerIntegrationTests' + classpath = sourceSets.integrationTest.runtimeClasspath + main = 'org.springframework.security.ldap.ApacheDSServerIntegrationTests' } diff --git a/messaging/messaging.gradle b/messaging/messaging.gradle index cc07363e13..beb3eab4b0 100644 --- a/messaging/messaging.gradle +++ b/messaging/messaging.gradle @@ -1,24 +1,24 @@ apply plugin: 'groovy' dependencies { - compile project(':spring-security-core'), - springCoreDependency, - 'aopalliance:aopalliance:1.0', - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-expression:$springVersion", - "org.springframework:spring-messaging:$springVersion" + compile project(':spring-security-core'), + springCoreDependency, + 'aopalliance:aopalliance:1.0', + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-expression:$springVersion", + "org.springframework:spring-messaging:$springVersion" - optional project(':spring-security-web'), - "org.springframework:spring-websocket:$springVersion", - "javax.servlet:javax.servlet-api:$servletApiVersion" + optional project(':spring-security-web'), + "org.springframework:spring-websocket:$springVersion", + "javax.servlet:javax.servlet-api:$servletApiVersion" - testCompile project(':spring-security-core').sourceSets.test.output, - "commons-codec:commons-codec:$commonsCodecVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "org.codehaus.groovy:groovy-all:$groovyVersion", - powerMockDependencies, - spockDependencies + testCompile project(':spring-security-core').sourceSets.test.output, + "commons-codec:commons-codec:$commonsCodecVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "org.codehaus.groovy:groovy-all:$groovyVersion", + powerMockDependencies, + spockDependencies - testRuntime "org.hsqldb:hsqldb:$hsqlVersion" + testRuntime "org.hsqldb:hsqldb:$hsqlVersion" } \ No newline at end of file diff --git a/openid/openid.gradle b/openid/openid.gradle index 64e51e9a4b..e383326d24 100644 --- a/openid/openid.gradle +++ b/openid/openid.gradle @@ -1,24 +1,24 @@ // OpenID Module build file dependencies { - compile project(':spring-security-core'), - project(':spring-security-web'), - springCoreDependency, - "org.springframework:spring-aop:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-web:$springVersion" + compile project(':spring-security-core'), + project(':spring-security-web'), + springCoreDependency, + "org.springframework:spring-aop:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-web:$springVersion" - // openid4java has a compile time dep on guice with a group - // name which is different from the maven central one. - // We use the maven central version here instead. - compile('org.openid4java:openid4java-nodeps:0.9.6') { - exclude group: 'com.google.code.guice', module: 'guice' - } - compile 'com.google.inject:guice:2.0' + // openid4java has a compile time dep on guice with a group + // name which is different from the maven central one. + // We use the maven central version here instead. + compile('org.openid4java:openid4java-nodeps:0.9.6') { + exclude group: 'com.google.code.guice', module: 'guice' + } + compile 'com.google.inject:guice:2.0' - provided "javax.servlet:javax.servlet-api:$servletApiVersion" + provided "javax.servlet:javax.servlet-api:$servletApiVersion" - runtime 'org.apache.httpcomponents:httpclient:4.2.3', - 'net.sourceforge.nekohtml:nekohtml:1.9.20' + runtime 'org.apache.httpcomponents:httpclient:4.2.3', + 'net.sourceforge.nekohtml:nekohtml:1.9.20' } diff --git a/remoting/remoting.gradle b/remoting/remoting.gradle index 63e12dfd89..30f9b134b8 100644 --- a/remoting/remoting.gradle +++ b/remoting/remoting.gradle @@ -1,12 +1,12 @@ // Remoting module build file dependencies { - compile project(':spring-security-core'), - 'aopalliance:aopalliance:1.0', - springCoreDependency, - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-web:$springVersion" + compile project(':spring-security-core'), + 'aopalliance:aopalliance:1.0', + springCoreDependency, + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-web:$springVersion" - testCompile project(':spring-security-core').sourceSets.test.output + testCompile project(':spring-security-core').sourceSets.test.output } diff --git a/samples/aspectj-jc/build.gradle b/samples/aspectj-jc/build.gradle index 2c8a490f90..029e55272d 100644 --- a/samples/aspectj-jc/build.gradle +++ b/samples/aspectj-jc/build.gradle @@ -1,9 +1,9 @@ dependencies { - compile project(':spring-security-core'), - project(':spring-security-config') + compile project(':spring-security-core'), + project(':spring-security-config') - aspectpath project(':spring-security-aspects') + aspectpath project(':spring-security-aspects') - runtime project(':spring-security-aspects') + runtime project(':spring-security-aspects') } diff --git a/samples/aspectj-xml/aspectj.gradle b/samples/aspectj-xml/aspectj.gradle index b3c512ce37..470b537601 100644 --- a/samples/aspectj-xml/aspectj.gradle +++ b/samples/aspectj-xml/aspectj.gradle @@ -1,9 +1,9 @@ dependencies { - compile project(':spring-security-core') + compile project(':spring-security-core') - aspectpath project(':spring-security-aspects') + aspectpath project(':spring-security-aspects') - runtime project(':spring-security-config'), - project(':spring-security-aspects') + runtime project(':spring-security-config'), + project(':spring-security-aspects') } diff --git a/samples/cas/sample-xml/cassample.gradle b/samples/cas/sample-xml/cassample.gradle index c31cae6658..951ec2b800 100644 --- a/samples/cas/sample-xml/cassample.gradle +++ b/samples/cas/sample-xml/cassample.gradle @@ -10,65 +10,65 @@ def keystore = "$rootDir/samples/certificates/server.jks" def password = 'password' configurations { - casServer - excludeModules.each {name -> - runtime.exclude module: name - } + casServer + excludeModules.each {name -> + runtime.exclude module: name + } - runtime.exclude group: 'org.aspectj' + runtime.exclude group: 'org.aspectj' } sourceSets { - test.resources.exclude 'GebConfig.groovy' - integrationTest.groovy.srcDir file('src/integration-test/groovy') + test.resources.exclude 'GebConfig.groovy' + integrationTest.groovy.srcDir file('src/integration-test/groovy') } eclipse.classpath.plusConfigurations += [configurations.integrationTestRuntime] dependencies { - providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" + providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - compile project(':spring-security-core'), - project(':spring-security-cas'), - "org.jasig.cas.client:cas-client-core:$casClientVersion" + compile project(':spring-security-core'), + project(':spring-security-cas'), + "org.jasig.cas.client:cas-client-core:$casClientVersion" - runtime project(':spring-security-web'), - project(':spring-security-config'), - "org.springframework:spring-context-support:$springVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "ch.qos.logback:logback-classic:$logbackVersion", - "net.sf.ehcache:ehcache:$ehcacheVersion" + runtime project(':spring-security-web'), + project(':spring-security-config'), + "org.springframework:spring-context-support:$springVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "ch.qos.logback:logback-classic:$logbackVersion", + "net.sf.ehcache:ehcache:$ehcacheVersion" - integrationTestCompile project(':spring-security-cas'), - "org.seleniumhq.selenium:selenium-htmlunit-driver:$seleniumVersion", - "org.gebish:geb-spock:$gebVersion", - 'commons-httpclient:commons-httpclient:3.1', - "org.eclipse.jetty:jetty-server:$jettyVersion", - "org.eclipse.jetty:jetty-servlet:$jettyVersion", - "org.codehaus.groovy:groovy:$groovyVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - spockDependencies + integrationTestCompile project(':spring-security-cas'), + "org.seleniumhq.selenium:selenium-htmlunit-driver:$seleniumVersion", + "org.gebish:geb-spock:$gebVersion", + 'commons-httpclient:commons-httpclient:3.1', + "org.eclipse.jetty:jetty-server:$jettyVersion", + "org.eclipse.jetty:jetty-servlet:$jettyVersion", + "org.codehaus.groovy:groovy:$groovyVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + spockDependencies } [jettyRun, jettyRunWar]*.configure { - contextPath = "/cas-sample" - def httpConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.nio.SelectChannelConnector').newInstance() - httpConnector.port = 8080 - httpConnector.confidentialPort = 8443 - def httpsConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector').newInstance() - httpsConnector.port = 8443 - httpsConnector.keystore = httpsConnector.truststore = keystore - httpsConnector.keyPassword = httpsConnector.trustPassword = password + contextPath = "/cas-sample" + def httpConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.nio.SelectChannelConnector').newInstance() + httpConnector.port = 8080 + httpConnector.confidentialPort = 8443 + def httpsConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector').newInstance() + httpsConnector.port = 8443 + httpsConnector.keystore = httpsConnector.truststore = keystore + httpsConnector.keyPassword = httpsConnector.trustPassword = password - connectors = [httpConnector, httpsConnector] - doFirst() { - System.setProperty('cas.server.host', casServer().httpsHost) - System.setProperty('cas.service.host', jettyRunWar.httpsHost) - } + connectors = [httpConnector, httpsConnector] + doFirst() { + System.setProperty('cas.server.host', casServer().httpsHost) + System.setProperty('cas.service.host', jettyRunWar.httpsHost) + } } task cas (dependsOn: [jettyRunWar]) { - jettyRunWar.dependsOn(':spring-security-samples-casserver:casServer') + jettyRunWar.dependsOn(':spring-security-samples-casserver:casServer') } task casServer(dependsOn: ':spring-security-samples-casserver:casServer') { @@ -76,54 +76,54 @@ task casServer(dependsOn: ':spring-security-samples-casserver:casServer') { integrationTest.dependsOn cas integrationTest.doFirst { - def casServiceHost = jettyRunWar.httpsHost - systemProperties['cas.server.host'] = casServer().httpsHost - systemProperties['cas.service.host'] = casServiceHost - systemProperties['geb.build.baseUrl'] = 'https://'+casServiceHost+'/cas-sample/' - systemProperties['geb.build.reportsDir'] = 'build/geb-reports' - systemProperties['jar.path'] = jar.archivePath - systemProperties['javax.net.ssl.trustStore'] = keystore - systemProperties['javax.net.ssl.trustStorePassword'] = password + def casServiceHost = jettyRunWar.httpsHost + systemProperties['cas.server.host'] = casServer().httpsHost + systemProperties['cas.service.host'] = casServiceHost + systemProperties['geb.build.baseUrl'] = 'https://'+casServiceHost+'/cas-sample/' + systemProperties['geb.build.reportsDir'] = 'build/geb-reports' + systemProperties['jar.path'] = jar.archivePath + systemProperties['javax.net.ssl.trustStore'] = keystore + systemProperties['javax.net.ssl.trustStorePassword'] = password } gradle.taskGraph.whenReady {graph -> - def casServer = casServer() - [casServer,jettyRunWar]*.metaClass*.getHttpsConnector {-> - def sslSocketConnClass = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector') - delegate.connectors.find { it in sslSocketConnClass } - } - [casServer,jettyRunWar]*.metaClass*.getHttpsHost {-> - "localhost:"+delegate.httpsConnector.port - } - jettyRunWar.metaClass.getHttpConnector {-> - def channelConnClass = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.nio.SelectChannelConnector') - delegate.connectors.find { it in channelConnClass } - } - if (graph.hasTask(cas)) { - casServer.daemon = true - } - if(graph.hasTask(integrationTest)) { - tasks.getByPath(':spring-security-samples-casserver:casServerOverlay').logLevel = 'ERROR' - jettyRunWar { - additionalRuntimeJars += file("src/integration-test/resources") - daemon = true - } + def casServer = casServer() + [casServer,jettyRunWar]*.metaClass*.getHttpsConnector {-> + def sslSocketConnClass = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector') + delegate.connectors.find { it in sslSocketConnClass } + } + [casServer,jettyRunWar]*.metaClass*.getHttpsHost {-> + "localhost:"+delegate.httpsConnector.port + } + jettyRunWar.metaClass.getHttpConnector {-> + def channelConnClass = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.nio.SelectChannelConnector') + delegate.connectors.find { it in channelConnClass } + } + if (graph.hasTask(cas)) { + casServer.daemon = true + } + if(graph.hasTask(integrationTest)) { + tasks.getByPath(':spring-security-samples-casserver:casServerOverlay').logLevel = 'ERROR' + jettyRunWar { + additionalRuntimeJars += file("src/integration-test/resources") + daemon = true + } - [jettyRunWar.httpConnector,jettyRunWar.httpsConnector,casServer.httpsConnector]*.metaClass*.reservePort { taskToCloseSocket -> - def serverSocket = new ServerSocket(0) - delegate.metaClass.serverSocket = serverSocket - delegate.port = serverSocket.localPort - taskToCloseSocket.doFirst { - serverSocket.close() - } - } + [jettyRunWar.httpConnector,jettyRunWar.httpsConnector,casServer.httpsConnector]*.metaClass*.reservePort { taskToCloseSocket -> + def serverSocket = new ServerSocket(0) + delegate.metaClass.serverSocket = serverSocket + delegate.port = serverSocket.localPort + taskToCloseSocket.doFirst { + serverSocket.close() + } + } - [jettyRunWar.httpConnector,jettyRunWar.httpsConnector]*.reservePort(jettyRunWar) - jettyRunWar.httpConnector.confidentialPort = jettyRunWar.httpsConnector.port - casServer.httpsConnector.reservePort(casServer) - } + [jettyRunWar.httpConnector,jettyRunWar.httpsConnector]*.reservePort(jettyRunWar) + jettyRunWar.httpConnector.confidentialPort = jettyRunWar.httpsConnector.port + casServer.httpsConnector.reservePort(casServer) + } } def casServer() { - tasks.getByPath(':spring-security-samples-casserver:casServer') + tasks.getByPath(':spring-security-samples-casserver:casServer') } diff --git a/samples/cas/server/casserver.gradle b/samples/cas/server/casserver.gradle index bdae92743e..1316212e7f 100644 --- a/samples/cas/server/casserver.gradle +++ b/samples/cas/server/casserver.gradle @@ -6,58 +6,58 @@ def keystore = "$rootDir/samples/certificates/server.jks" def password = 'password' configurations { - casServer + casServer } dependencies { - casServer "org.jasig.cas:cas-server-webapp:4.0.0@war" + casServer "org.jasig.cas:cas-server-webapp:4.0.0@war" } task casServerOverlay(type: Sync) { - def war = configurations.casServer.resolve().toArray()[0] - def warName = war.name.replace('.war','-custom') - def overlayDir = file('src/main/webapp') - def explodedWar = file("$buildDir/tmp/${warName}") - ext.customWar = file("$buildDir/tmp/${warName}.war") - ext.tokens = [logLevel: 'INFO'] + def war = configurations.casServer.resolve().toArray()[0] + def warName = war.name.replace('.war','-custom') + def overlayDir = file('src/main/webapp') + def explodedWar = file("$buildDir/tmp/${warName}") + ext.customWar = file("$buildDir/tmp/${warName}.war") + ext.tokens = [logLevel: 'INFO'] - inputs.files(war, overlayDir) - inputs.property('tokens',{tokens}) - outputs.files (customWar,explodedWar,file("$buildDir/tmp/expandedArchives")) + inputs.files(war, overlayDir) + inputs.property('tokens',{tokens}) + outputs.files (customWar,explodedWar,file("$buildDir/tmp/expandedArchives")) - from zipTree(war) - from (overlayDir) { - filter(ReplaceTokens,tokens: tokens) - } - into explodedWar + from zipTree(war) + from (overlayDir) { + filter(ReplaceTokens,tokens: tokens) + } + into explodedWar - doLast { - if(customWar.exists()) { - customWar.delete() - } - ant.zip(destfile: customWar, baseDir: explodedWar) - } + doLast { + if(customWar.exists()) { + customWar.delete() + } + ant.zip(destfile: customWar, baseDir: explodedWar) + } } casServerOverlay.metaClass.setLogLevel { level -> - tokens['logLevel'] = level + tokens['logLevel'] = level } task casServer (type: org.gradle.api.plugins.jetty.JettyRunWar, dependsOn: 'casServerOverlay') { - contextPath = "/cas" - connectors = [casServer.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector').newInstance()] - connectors[0].port = 9443 - connectors[0].keystore = connectors[0].truststore = keystore - connectors[0].keyPassword = connectors[0].trustPassword = password - connectors[0].wantClientAuth = true - connectors[0].needClientAuth = false - webApp = casServerOverlay.customWar + contextPath = "/cas" + connectors = [casServer.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector').newInstance()] + connectors[0].port = 9443 + connectors[0].keystore = connectors[0].truststore = keystore + connectors[0].keyPassword = connectors[0].trustPassword = password + connectors[0].wantClientAuth = true + connectors[0].needClientAuth = false + webApp = casServerOverlay.customWar - inputs.file casServerOverlay.customWar + inputs.file casServerOverlay.customWar - doFirst() { - System.setProperty('javax.net.ssl.trustStore', keystore) - System.setProperty('javax.net.ssl.trustStorePassword', password) - System.setProperty('java.naming.factory.url.pkgs','org.mortbay.naming') - System.setProperty('java.naming.factory.initial','org.mortbay.naming.InitialContextFactory') - } + doFirst() { + System.setProperty('javax.net.ssl.trustStore', keystore) + System.setProperty('javax.net.ssl.trustStorePassword', password) + System.setProperty('java.naming.factory.url.pkgs','org.mortbay.naming') + System.setProperty('java.naming.factory.initial','org.mortbay.naming.InitialContextFactory') + } } diff --git a/samples/chat-jc/build.gradle b/samples/chat-jc/build.gradle index 25d2b3954e..e125d8295a 100644 --- a/samples/chat-jc/build.gradle +++ b/samples/chat-jc/build.gradle @@ -1,40 +1,40 @@ apply from: WAR_SAMPLE_GRADLE repositories { - maven { url 'http://clojars.org/repo' } + maven { url 'http://clojars.org/repo' } } dependencies { - providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" + providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - compile project(":spring-security-web"), - project(":spring-security-config"), - project(":spring-security-messaging"), - project(":spring-security-data"), - "org.springframework:spring-webmvc:${springVersion}", - "org.springframework:spring-websocket:${springVersion}", - "org.springframework:spring-messaging:${springVersion}", - "org.springframework.session:spring-session:${springSessionVersion}", - "org.springframework.data:spring-data-redis:${springDataRedisVersion}", - "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.0.Final", - "org.hsqldb:hsqldb:$hsqlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final", - "redis.clients:jedis:2.4.2", - "redis.embedded:embedded-redis:0.2", - "org.apache.commons:commons-pool2:2.2", - "org.thymeleaf:thymeleaf-spring4:$thymeleafVersion", - "org.thymeleaf.extras:thymeleaf-extras-tiles2-spring4:2.1.1.RELEASE", - "org.slf4j:slf4j-api:$slf4jVersion", - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "com.fasterxml.jackson.core:jackson-databind:$jacksonDatavindVersion" - compile('org.hibernate:hibernate-entitymanager:3.6.10.Final') { - exclude group:'javassist', module: 'javassist' - } - compile("org.springframework.data:spring-data-jpa:$springDataJpaVersion") { - exclude group:'org.aspectj', module:'aspectjrt' - } + compile project(":spring-security-web"), + project(":spring-security-config"), + project(":spring-security-messaging"), + project(":spring-security-data"), + "org.springframework:spring-webmvc:${springVersion}", + "org.springframework:spring-websocket:${springVersion}", + "org.springframework:spring-messaging:${springVersion}", + "org.springframework.session:spring-session:${springSessionVersion}", + "org.springframework.data:spring-data-redis:${springDataRedisVersion}", + "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.0.Final", + "org.hsqldb:hsqldb:$hsqlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final", + "redis.clients:jedis:2.4.2", + "redis.embedded:embedded-redis:0.2", + "org.apache.commons:commons-pool2:2.2", + "org.thymeleaf:thymeleaf-spring4:$thymeleafVersion", + "org.thymeleaf.extras:thymeleaf-extras-tiles2-spring4:2.1.1.RELEASE", + "org.slf4j:slf4j-api:$slf4jVersion", + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "com.fasterxml.jackson.core:jackson-databind:$jacksonDatavindVersion" + compile('org.hibernate:hibernate-entitymanager:3.6.10.Final') { + exclude group:'javassist', module: 'javassist' + } + compile("org.springframework.data:spring-data-jpa:$springDataJpaVersion") { + exclude group:'org.aspectj', module:'aspectjrt' + } - runtime "ch.qos.logback:logback-classic:$logbackVersion" + runtime "ch.qos.logback:logback-classic:$logbackVersion" } \ No newline at end of file diff --git a/samples/concurrency-jc/build.gradle b/samples/concurrency-jc/build.gradle index 70e3f866d1..1e203e783e 100644 --- a/samples/concurrency-jc/build.gradle +++ b/samples/concurrency-jc/build.gradle @@ -2,24 +2,24 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile project(":spring-security-config"), - project(":spring-security-samples-messages-jc"), - project(":spring-security-core"), - project(":spring-security-web"), - "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.slf4j:slf4j-api:$slf4jVersion", - "org.slf4j:log4j-over-slf4j:$slf4jVersion", - "org.slf4j:jul-to-slf4j:$slf4jVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final" + compile project(":spring-security-config"), + project(":spring-security-samples-messages-jc"), + project(":spring-security-core"), + project(":spring-security-web"), + "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.slf4j:slf4j-api:$slf4jVersion", + "org.slf4j:log4j-over-slf4j:$slf4jVersion", + "org.slf4j:jul-to-slf4j:$slf4jVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final" - runtime "opensymphony:sitemesh:2.4.2", - "cglib:cglib-nodep:$cglibVersion", - 'ch.qos.logback:logback-classic:0.9.30' + runtime "opensymphony:sitemesh:2.4.2", + "cglib:cglib-nodep:$cglibVersion", + 'ch.qos.logback:logback-classic:0.9.30' } \ No newline at end of file diff --git a/samples/contacts-xml/contacts.gradle b/samples/contacts-xml/contacts.gradle index a1ae36981c..57aeb01ee6 100644 --- a/samples/contacts-xml/contacts.gradle +++ b/samples/contacts-xml/contacts.gradle @@ -3,27 +3,27 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" + providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - compile project(':spring-security-core'), - project(':spring-security-acl'), - "org.springframework:spring-aop:$springVersion", - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.springframework:spring-tx:$springVersion", - "org.springframework:spring-web:$springVersion", - "org.springframework:spring-webmvc:$springVersion" + compile project(':spring-security-core'), + project(':spring-security-acl'), + "org.springframework:spring-aop:$springVersion", + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.springframework:spring-tx:$springVersion", + "org.springframework:spring-web:$springVersion", + "org.springframework:spring-webmvc:$springVersion" - runtime project(':spring-security-web'), - project(':spring-security-config'), - project(':spring-security-taglibs'), - "org.springframework:spring-context-support:$springVersion", - jstlDependencies, - "org.hsqldb:hsqldb:$hsqlVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "ch.qos.logback:logback-classic:$logbackVersion", - "net.sf.ehcache:ehcache:$ehcacheVersion" + runtime project(':spring-security-web'), + project(':spring-security-config'), + project(':spring-security-taglibs'), + "org.springframework:spring-context-support:$springVersion", + jstlDependencies, + "org.hsqldb:hsqldb:$hsqlVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "ch.qos.logback:logback-classic:$logbackVersion", + "net.sf.ehcache:ehcache:$ehcacheVersion" - integrationTestCompile gebDependencies + integrationTestCompile gebDependencies } \ No newline at end of file diff --git a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/ContactsTests.groovy b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/ContactsTests.groovy index 18dd2abb2a..42779a79c8 100644 --- a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/ContactsTests.groovy +++ b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/ContactsTests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -26,62 +26,62 @@ import org.springframework.security.samples.pages.* */ @Stepwise class ContactsTests extends GebReportingSpec { - def 'access home page with unauthenticated user success'() { - when: 'Unauthenticated user accesses the Home Page' - to HomePage - then: 'The page is displayed' - at HomePage - } + def 'access home page with unauthenticated user success'() { + when: 'Unauthenticated user accesses the Home Page' + to HomePage + then: 'The page is displayed' + at HomePage + } - def 'access manage page with unauthenticated user sends to login page'() { - when: 'Unauthenticated user accesses the Manage Page' - manage.click(LoginPage) - then: 'The login page is displayed' - at LoginPage - } + def 'access manage page with unauthenticated user sends to login page'() { + when: 'Unauthenticated user accesses the Manage Page' + manage.click(LoginPage) + then: 'The login page is displayed' + at LoginPage + } - def 'authenticated user is sent to original page'() { - when: 'user authenticates' - login() - then: 'The manage page is displayed' - at ContactsPage - } + def 'authenticated user is sent to original page'() { + when: 'user authenticates' + login() + then: 'The manage page is displayed' + at ContactsPage + } - def 'add contact link works'() { - when: 'user clicks add link' - addContact.click(AddPage) - then: 'The add page is displayed' - at AddPage - } + def 'add contact link works'() { + when: 'user clicks add link' + addContact.click(AddPage) + then: 'The add page is displayed' + at AddPage + } - def 'add contact'() { - when: 'add a contact' - addContact - then: 'The add page is displayed' - at ContactsPage - and: 'The new contact is displayed' - contacts.find { it.email == 'rob@example.com' }?.name == 'Rob Winch' - } + def 'add contact'() { + when: 'add a contact' + addContact + then: 'The add page is displayed' + at ContactsPage + and: 'The new contact is displayed' + contacts.find { it.email == 'rob@example.com' }?.name == 'Rob Winch' + } - def 'delete contact'() { - when: 'delete a contact' - contacts.find { it.email == 'rob@example.com' }.delete() - then: 'Delete confirmation displayed' - at DeleteConfirmPage - when: 'View Manage Page' - manage.click() - then: 'New contact has been removed' - !contacts.find { it.email == 'rob@example.com' } - } + def 'delete contact'() { + when: 'delete a contact' + contacts.find { it.email == 'rob@example.com' }.delete() + then: 'Delete confirmation displayed' + at DeleteConfirmPage + when: 'View Manage Page' + manage.click() + then: 'New contact has been removed' + !contacts.find { it.email == 'rob@example.com' } + } - def 'authenticated user logs out'() { - when: 'user logs out' - logout.click() - then: 'the default logout success page is displayed' - at HomePage - when: 'Unauthenticated user accesses the Manage Page' - via ContactsPage - then: 'The login page is displayed' - at LoginPage - } + def 'authenticated user logs out'() { + when: 'user logs out' + logout.click() + then: 'the default logout success page is displayed' + at HomePage + when: 'Unauthenticated user accesses the Manage Page' + via ContactsPage + then: 'The login page is displayed' + at LoginPage + } } \ No newline at end of file diff --git a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/AddPage.groovy b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/AddPage.groovy index 50a3571135..735f4bdfdc 100644 --- a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/AddPage.groovy +++ b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/AddPage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,15 +23,15 @@ import geb.Page * @author Rob Winch */ class AddPage extends Page { - static url = 'add' - static at = { assert driver.title == 'Add New Contact'; true} - static content = { - addContact(required:false) { name = 'Rob Winch', email = 'rob@example.com'-> - addForm.name = name - addForm.email = email - submit.click() - } - addForm { $('form') } - submit { $('input', type: 'submit') } - } + static url = 'add' + static at = { assert driver.title == 'Add New Contact'; true} + static content = { + addContact(required:false) { name = 'Rob Winch', email = 'rob@example.com'-> + addForm.name = name + addForm.email = email + submit.click() + } + addForm { $('form') } + submit { $('input', type: 'submit') } + } } \ No newline at end of file diff --git a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy index 42e3bae6d1..76cb9699fc 100644 --- a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy +++ b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,11 +23,11 @@ import geb.* * @author Rob Winch */ class HomePage extends Page { - static url = '' - static at = { assert driver.title == 'Contacts Security Demo'; true} - static content = { - manage(to: [ContactsPage,LoginPage]) { $('a', text: 'Manage') } - debug { $('a', text: 'Debug').click() } - frames { $('a', text: 'Frames').click() } - } + static url = '' + static at = { assert driver.title == 'Contacts Security Demo'; true} + static content = { + manage(to: [ContactsPage,LoginPage]) { $('a', text: 'Manage') } + debug { $('a', text: 'Debug').click() } + frames { $('a', text: 'Frames').click() } + } } \ No newline at end of file diff --git a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy index ea1d48a695..55c1e69340 100644 --- a/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy +++ b/samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,15 +23,15 @@ import geb.* * @author Rob Winch */ class LoginPage extends Page { - static url = 'login' - static at = { assert driver.title == 'Login'; true} - static content = { - login(required:false) { user='rod', password='koala' -> - loginForm.username = user - loginForm.password = password - submit.click() - } - loginForm { $('form') } - submit { $('input', type: 'submit') } - } + static url = 'login' + static at = { assert driver.title == 'Login'; true} + static content = { + login(required:false) { user='rod', password='koala' -> + loginForm.username = user + loginForm.password = password + submit.click() + } + loginForm { $('form') } + submit { $('input', type: 'submit') } + } } \ No newline at end of file diff --git a/samples/data-jc/build.gradle b/samples/data-jc/build.gradle index 5cc491faab..2d4609c873 100644 --- a/samples/data-jc/build.gradle +++ b/samples/data-jc/build.gradle @@ -1,10 +1,10 @@ dependencies { - compile project(':spring-security-data'), - project(':spring-security-config'), - "org.springframework.data:spring-data-jpa:$springDataJpaVersion", - "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.0.Final", - 'org.hibernate:hibernate-entitymanager:3.6.10.Final', - "org.hsqldb:hsqldb:$hsqlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final" + compile project(':spring-security-data'), + project(':spring-security-config'), + "org.springframework.data:spring-data-jpa:$springDataJpaVersion", + "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.0.Final", + 'org.hibernate:hibernate-entitymanager:3.6.10.Final', + "org.hsqldb:hsqldb:$hsqlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final" } \ No newline at end of file diff --git a/samples/dms-xml/dms.gradle b/samples/dms-xml/dms.gradle index fa332974f9..df1a81e69d 100644 --- a/samples/dms-xml/dms.gradle +++ b/samples/dms-xml/dms.gradle @@ -1,16 +1,16 @@ dependencies { - compile project(':spring-security-core'), - project(':spring-security-acl'), - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-tx:$springVersion", - "org.springframework:spring-jdbc:$springVersion" + compile project(':spring-security-core'), + project(':spring-security-acl'), + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-tx:$springVersion", + "org.springframework:spring-jdbc:$springVersion" - testCompile "org.springframework:spring-context:$springVersion" + testCompile "org.springframework:spring-context:$springVersion" - runtime project(':spring-security-config'), - "org.hsqldb:hsqldb:$hsqlVersion", - "org.springframework:spring-context-support:$springVersion" + runtime project(':spring-security-config'), + "org.hsqldb:hsqldb:$hsqlVersion", + "org.springframework:spring-context-support:$springVersion" - optional "net.sf.ehcache:ehcache:$ehcacheVersion" + optional "net.sf.ehcache:ehcache:$ehcacheVersion" } diff --git a/samples/form-jc/build.gradle b/samples/form-jc/build.gradle index 61f4dc3573..d9fa6c6010 100644 --- a/samples/form-jc/build.gradle +++ b/samples/form-jc/build.gradle @@ -2,26 +2,26 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile project(":spring-security-config"), - project(":spring-security-samples-messages-jc"), - project(":spring-security-core"), - project(":spring-security-web"), - "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.slf4j:slf4j-api:$slf4jVersion", - "org.slf4j:log4j-over-slf4j:$slf4jVersion", - "org.slf4j:jul-to-slf4j:$slf4jVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final" + compile project(":spring-security-config"), + project(":spring-security-samples-messages-jc"), + project(":spring-security-core"), + project(":spring-security-web"), + "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.slf4j:slf4j-api:$slf4jVersion", + "org.slf4j:log4j-over-slf4j:$slf4jVersion", + "org.slf4j:jul-to-slf4j:$slf4jVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final" - runtime "opensymphony:sitemesh:2.4.2", - "cglib:cglib-nodep:$cglibVersion", - 'ch.qos.logback:logback-classic:0.9.30' + runtime "opensymphony:sitemesh:2.4.2", + "cglib:cglib-nodep:$cglibVersion", + 'ch.qos.logback:logback-classic:0.9.30' - integrationTestCompile gebDependencies + integrationTestCompile gebDependencies } \ No newline at end of file diff --git a/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/FormJcTests.groovy b/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/FormJcTests.groovy index 85bc256e72..7ba86e8dff 100644 --- a/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/FormJcTests.groovy +++ b/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/FormJcTests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -27,30 +27,30 @@ import org.springframework.security.samples.pages.* */ @Stepwise class FormJcTests extends GebReportingSpec { - def 'access home page with unauthenticated user sends to login page'() { - when: 'Unauthenticated user accesses the Home Page' - via HomePage - then: 'The login page is displayed' - at LoginPage - } + def 'access home page with unauthenticated user sends to login page'() { + when: 'Unauthenticated user accesses the Home Page' + via HomePage + then: 'The login page is displayed' + at LoginPage + } - def 'authenticated user is sent to original page'() { - when: 'user authenticates' - login() - then: 'The home page is displayed' - at HomePage - and: 'The username is displayed' - user == 'user' - } + def 'authenticated user is sent to original page'() { + when: 'user authenticates' + login() + then: 'The home page is displayed' + at HomePage + and: 'The username is displayed' + user == 'user' + } - def 'authenticated user logs out'() { - when: 'user logs out' - logout() - then: 'the login page is displayed' - at LoginPage - when: 'Unauthenticated user accesses the Home Page' - via HomePage - then: 'The login page is displayed' - at LoginPage - } + def 'authenticated user logs out'() { + when: 'user logs out' + logout() + then: 'the login page is displayed' + at LoginPage + when: 'Unauthenticated user accesses the Home Page' + via HomePage + then: 'The login page is displayed' + at LoginPage + } } \ No newline at end of file diff --git a/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy index 25ce258a34..da92e8020e 100644 --- a/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy +++ b/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,10 +23,10 @@ import geb.* * @author Rob Winch */ class HomePage extends Page { - static url = '' - static at = { assert driver.title == 'Messages : View All'; true} - static content = { - user { $('p.navbar-text').text() } - logout { $('input', type: 'submit').click() } - } + static url = '' + static at = { assert driver.title == 'Messages : View All'; true} + static content = { + user { $('p.navbar-text').text() } + logout { $('input', type: 'submit').click() } + } } \ No newline at end of file diff --git a/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy b/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy index 2c23499763..4cb8562b31 100644 --- a/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy +++ b/samples/form-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,15 +23,15 @@ import geb.* * @author Rob Winch */ class LoginPage extends Page { - static url = 'login' - static at = { assert driver.title == 'Please Login'; true} - static content = { - login(required:false) { user='user', password='password' -> - loginForm.username = user - loginForm.password = password - submit.click() - } - loginForm { $('form') } - submit { $('button', type: 'submit') } - } + static url = 'login' + static at = { assert driver.title == 'Please Login'; true} + static content = { + login(required:false) { user='user', password='password' -> + loginForm.username = user + loginForm.password = password + submit.click() + } + loginForm { $('form') } + submit { $('button', type: 'submit') } + } } \ No newline at end of file diff --git a/samples/gae-xml/gae.gradle b/samples/gae-xml/gae.gradle index e2d80eb3a3..2f078b06fc 100644 --- a/samples/gae-xml/gae.gradle +++ b/samples/gae-xml/gae.gradle @@ -5,43 +5,43 @@ apply plugin: 'gae' def gaeVersion="1.4.2" repositories { - maven { - // Hibernate Validator - name = 'JBoss' - url = 'https://repository.jboss.org/nexus/content/repositories/releases' - } - maven { - // GAE Jars - name = 'GAE' - url = 'http://maven-gae-plugin.googlecode.com/svn/repository' - } + maven { + // Hibernate Validator + name = 'JBoss' + url = 'https://repository.jboss.org/nexus/content/repositories/releases' + } + maven { + // GAE Jars + name = 'GAE' + url = 'http://maven-gae-plugin.googlecode.com/svn/repository' + } } // Remove logback as it causes security issues with GAE. configurations.runtime.exclude(group: 'ch.qos.logback') dependencies { - providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" + providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - compile project(':spring-security-core'), - project(':spring-security-web'), - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-web:$springVersion", - "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-context-support:$springVersion", - "com.google.appengine:appengine-api-1.0-sdk:$gaeVersion", - 'javax.validation:validation-api:1.0.0.GA', - 'org.hibernate:hibernate-validator:4.2.0.Final', - "org.slf4j:slf4j-api:$slf4jVersion" + compile project(':spring-security-core'), + project(':spring-security-web'), + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-web:$springVersion", + "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-context-support:$springVersion", + "com.google.appengine:appengine-api-1.0-sdk:$gaeVersion", + 'javax.validation:validation-api:1.0.0.GA', + 'org.hibernate:hibernate-validator:4.2.0.Final', + "org.slf4j:slf4j-api:$slf4jVersion" - runtime project(':spring-security-config'), - project(':spring-security-taglibs'), - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "org.slf4j:slf4j-jdk14:$slf4jVersion" - testCompile "com.google.appengine:appengine-testing:$gaeVersion" + runtime project(':spring-security-config'), + project(':spring-security-taglibs'), + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "org.slf4j:slf4j-jdk14:$slf4jVersion" + testCompile "com.google.appengine:appengine-testing:$gaeVersion" - testRuntime "com.google.appengine:appengine-api-labs:$gaeVersion", - "com.google.appengine:appengine-api-stubs:$gaeVersion" + testRuntime "com.google.appengine:appengine-api-labs:$gaeVersion", + "com.google.appengine:appengine-api-stubs:$gaeVersion" } diff --git a/samples/hellojs-jc/build.gradle b/samples/hellojs-jc/build.gradle index 29b08fd927..d5d69a2134 100644 --- a/samples/hellojs-jc/build.gradle +++ b/samples/hellojs-jc/build.gradle @@ -2,25 +2,25 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile project(":spring-security-config"), - project(":spring-security-samples-messages-jc"), - project(":spring-security-core"), - project(":spring-security-web"), - "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.slf4j:slf4j-api:$slf4jVersion", - "org.slf4j:log4j-over-slf4j:$slf4jVersion", - "org.slf4j:jul-to-slf4j:$slf4jVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final", - "com.fasterxml.jackson.core:jackson-databind:2.2.1" + compile project(":spring-security-config"), + project(":spring-security-samples-messages-jc"), + project(":spring-security-core"), + project(":spring-security-web"), + "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.slf4j:slf4j-api:$slf4jVersion", + "org.slf4j:log4j-over-slf4j:$slf4jVersion", + "org.slf4j:jul-to-slf4j:$slf4jVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final", + "com.fasterxml.jackson.core:jackson-databind:2.2.1" - runtime "opensymphony:sitemesh:2.4.2", - "cglib:cglib-nodep:$cglibVersion", - 'ch.qos.logback:logback-classic:0.9.30' + runtime "opensymphony:sitemesh:2.4.2", + "cglib:cglib-nodep:$cglibVersion", + 'ch.qos.logback:logback-classic:0.9.30' } \ No newline at end of file diff --git a/samples/hellomvc-jc/build.gradle b/samples/hellomvc-jc/build.gradle index dc56895165..915d79260b 100644 --- a/samples/hellomvc-jc/build.gradle +++ b/samples/hellomvc-jc/build.gradle @@ -2,26 +2,26 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile project(":spring-security-config"), - project(":spring-security-samples-messages-jc"), - project(":spring-security-core"), - project(":spring-security-web"), - "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.slf4j:slf4j-api:$slf4jVersion", - "org.slf4j:log4j-over-slf4j:$slf4jVersion", - "org.slf4j:jul-to-slf4j:$slf4jVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final" + compile project(":spring-security-config"), + project(":spring-security-samples-messages-jc"), + project(":spring-security-core"), + project(":spring-security-web"), + "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.slf4j:slf4j-api:$slf4jVersion", + "org.slf4j:log4j-over-slf4j:$slf4jVersion", + "org.slf4j:jul-to-slf4j:$slf4jVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final" - runtime "opensymphony:sitemesh:2.4.2", - "cglib:cglib-nodep:$cglibVersion", - 'ch.qos.logback:logback-classic:0.9.30' + runtime "opensymphony:sitemesh:2.4.2", + "cglib:cglib-nodep:$cglibVersion", + 'ch.qos.logback:logback-classic:0.9.30' - testCompile project(":spring-security-test") + testCompile project(":spring-security-test") } \ No newline at end of file diff --git a/samples/helloworld-jc/build.gradle b/samples/helloworld-jc/build.gradle index 0efd980377..8b401bbd5c 100644 --- a/samples/helloworld-jc/build.gradle +++ b/samples/helloworld-jc/build.gradle @@ -2,15 +2,15 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile project(":spring-security-config"), - project(":spring-security-web"), - jstlDependencies, - "org.slf4j:jcl-over-slf4j:$slf4jVersion" + compile project(":spring-security-config"), + project(":spring-security-web"), + jstlDependencies, + "org.slf4j:jcl-over-slf4j:$slf4jVersion" - runtime "ch.qos.logback:logback-classic:$logbackVersion" + runtime "ch.qos.logback:logback-classic:$logbackVersion" - integrationTestCompile gebDependencies + integrationTestCompile gebDependencies } \ No newline at end of file diff --git a/samples/helloworld-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/helloworld-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy index 83e1128cfd..9168ceb0e0 100644 --- a/samples/helloworld-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy +++ b/samples/helloworld-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,10 +23,10 @@ import geb.* * @author Rob Winch */ class HomePage extends Page { - static url = '' - static at = { assert driver.title == 'Hello Security'; true} - static content = { - message { $('p').text() } - logout { $('input', type: 'submit').click() } - } + static url = '' + static at = { assert driver.title == 'Hello Security'; true} + static content = { + message { $('p').text() } + logout { $('input', type: 'submit').click() } + } } \ No newline at end of file diff --git a/samples/helloworld-xml/build.gradle b/samples/helloworld-xml/build.gradle index 0efd980377..8b401bbd5c 100644 --- a/samples/helloworld-xml/build.gradle +++ b/samples/helloworld-xml/build.gradle @@ -2,15 +2,15 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile project(":spring-security-config"), - project(":spring-security-web"), - jstlDependencies, - "org.slf4j:jcl-over-slf4j:$slf4jVersion" + compile project(":spring-security-config"), + project(":spring-security-web"), + jstlDependencies, + "org.slf4j:jcl-over-slf4j:$slf4jVersion" - runtime "ch.qos.logback:logback-classic:$logbackVersion" + runtime "ch.qos.logback:logback-classic:$logbackVersion" - integrationTestCompile gebDependencies + integrationTestCompile gebDependencies } \ No newline at end of file diff --git a/samples/inmemory-jc/build.gradle b/samples/inmemory-jc/build.gradle index dc56895165..915d79260b 100644 --- a/samples/inmemory-jc/build.gradle +++ b/samples/inmemory-jc/build.gradle @@ -2,26 +2,26 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile project(":spring-security-config"), - project(":spring-security-samples-messages-jc"), - project(":spring-security-core"), - project(":spring-security-web"), - "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.slf4j:slf4j-api:$slf4jVersion", - "org.slf4j:log4j-over-slf4j:$slf4jVersion", - "org.slf4j:jul-to-slf4j:$slf4jVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final" + compile project(":spring-security-config"), + project(":spring-security-samples-messages-jc"), + project(":spring-security-core"), + project(":spring-security-web"), + "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.slf4j:slf4j-api:$slf4jVersion", + "org.slf4j:log4j-over-slf4j:$slf4jVersion", + "org.slf4j:jul-to-slf4j:$slf4jVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final" - runtime "opensymphony:sitemesh:2.4.2", - "cglib:cglib-nodep:$cglibVersion", - 'ch.qos.logback:logback-classic:0.9.30' + runtime "opensymphony:sitemesh:2.4.2", + "cglib:cglib-nodep:$cglibVersion", + 'ch.qos.logback:logback-classic:0.9.30' - testCompile project(":spring-security-test") + testCompile project(":spring-security-test") } \ No newline at end of file diff --git a/samples/insecure/build.gradle b/samples/insecure/build.gradle index 7205393555..073d7aabb2 100644 --- a/samples/insecure/build.gradle +++ b/samples/insecure/build.gradle @@ -2,13 +2,13 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile jstlDependencies, - "org.slf4j:jcl-over-slf4j:$slf4jVersion" + compile jstlDependencies, + "org.slf4j:jcl-over-slf4j:$slf4jVersion" - runtime "ch.qos.logback:logback-classic:$logbackVersion" + runtime "ch.qos.logback:logback-classic:$logbackVersion" - integrationTestCompile gebDependencies + integrationTestCompile gebDependencies } \ No newline at end of file diff --git a/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/HelloInsecureTests.groovy b/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/HelloInsecureTests.groovy index b7d8537e97..27ed3a9105 100644 --- a/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/HelloInsecureTests.groovy +++ b/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/HelloInsecureTests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -26,12 +26,12 @@ import org.springframework.security.samples.pages.* */ @Stepwise class HelloInsecureTests extends GebReportingSpec { - def 'The HomePage is accessible'() { - when: 'Unauthenticated user accesses the Home Page' - to HomePage - then: 'The HomePage is displayed' - at HomePage - and: 'We can see the message' - message == 'We would like to secure this page' - } + def 'The HomePage is accessible'() { + when: 'Unauthenticated user accesses the Home Page' + to HomePage + then: 'The HomePage is displayed' + at HomePage + and: 'We can see the message' + message == 'We would like to secure this page' + } } \ No newline at end of file diff --git a/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy index 345fe74e1e..5f034d1319 100644 --- a/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy +++ b/samples/insecure/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,9 +23,9 @@ import geb.* * @author Rob Winch */ class HomePage extends Page { - static url = '' - static at = { assert driver.title == 'Hello World'; true} - static content = { - message { $('p').text() } - } + static url = '' + static at = { assert driver.title == 'Hello World'; true} + static content = { + message { $('p').text() } + } } \ No newline at end of file diff --git a/samples/insecuremvc/build.gradle b/samples/insecuremvc/build.gradle index 61ce64787c..668b1502aa 100644 --- a/samples/insecuremvc/build.gradle +++ b/samples/insecuremvc/build.gradle @@ -2,21 +2,21 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile project(":spring-security-samples-messages-jc"), - "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.slf4j:slf4j-api:$slf4jVersion", - "org.slf4j:log4j-over-slf4j:$slf4jVersion", - "org.slf4j:jul-to-slf4j:$slf4jVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final" + compile project(":spring-security-samples-messages-jc"), + "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.slf4j:slf4j-api:$slf4jVersion", + "org.slf4j:log4j-over-slf4j:$slf4jVersion", + "org.slf4j:jul-to-slf4j:$slf4jVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final" - runtime "opensymphony:sitemesh:2.4.2", - "cglib:cglib-nodep:$cglibVersion", - 'ch.qos.logback:logback-classic:0.9.30' + runtime "opensymphony:sitemesh:2.4.2", + "cglib:cglib-nodep:$cglibVersion", + 'ch.qos.logback:logback-classic:0.9.30' } \ No newline at end of file diff --git a/samples/jaas-xml/jaas.gradle b/samples/jaas-xml/jaas.gradle index f51474c6a2..d786a22779 100644 --- a/samples/jaas-xml/jaas.gradle +++ b/samples/jaas-xml/jaas.gradle @@ -4,28 +4,28 @@ apply from: WAR_SAMPLE_GRADLE def excludeModules = ['spring-security-acl', 'jsr250-api', 'ehcache', 'spring-jdbc', 'spring-tx'] configurations { - excludeModules.each {name -> - runtime.exclude module: name - } + excludeModules.each {name -> + runtime.exclude module: name + } - runtime.exclude group: 'org.aspectj' + runtime.exclude group: 'org.aspectj' } dependencies { - providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" + providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - compile project(':spring-security-core'), - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-web:$springVersion" + compile project(':spring-security-core'), + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-web:$springVersion" - runtime project(':spring-security-web'), - project(':spring-security-config'), - project(':spring-security-taglibs'), - "org.springframework:spring-context-support:$springVersion", - jstlDependencies, - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "ch.qos.logback:logback-classic:$logbackVersion" + runtime project(':spring-security-web'), + project(':spring-security-config'), + project(':spring-security-taglibs'), + "org.springframework:spring-context-support:$springVersion", + jstlDependencies, + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "ch.qos.logback:logback-classic:$logbackVersion" - integrationTestCompile gebDependencies + integrationTestCompile gebDependencies } \ No newline at end of file diff --git a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/JaasXmlTests.groovy b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/JaasXmlTests.groovy index 50f34f5d71..1b92a7bbf8 100644 --- a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/JaasXmlTests.groovy +++ b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/JaasXmlTests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -27,35 +27,35 @@ import org.springframework.security.samples.pages.* */ @Stepwise class JaasXmlTests extends GebReportingSpec { - def 'access home page with unauthenticated works'() { - when: 'Unauthenticated user accesses the Home Page' - to HomePage - then: 'The home page is displayed' - at HomePage - } + def 'access home page with unauthenticated works'() { + when: 'Unauthenticated user accesses the Home Page' + to HomePage + then: 'The home page is displayed' + at HomePage + } - def 'access secure page with unauthenticated requires login'() { - when: 'Unauthenticated user accesses the Secure Page' - securePage LoginPage - then: 'The login page is displayed' - at LoginPage - } + def 'access secure page with unauthenticated requires login'() { + when: 'Unauthenticated user accesses the Secure Page' + securePage LoginPage + then: 'The login page is displayed' + at LoginPage + } - def 'authenticated user is sent to original page'() { - when: 'user authenticates' - login() - then: 'The secure page is displayed' - at SecurePage - } + def 'authenticated user is sent to original page'() { + when: 'user authenticates' + login() + then: 'The secure page is displayed' + at SecurePage + } - def 'authenticated user logs out'() { - when: 'user logs out' - logout() - then: 'the default logout success page is displayed' - at LogoutPage - when: 'Unauthenticated user accesses the Secure Page' - via SecurePage - then: 'The login page is displayed' - at LoginPage - } + def 'authenticated user logs out'() { + when: 'user logs out' + logout() + then: 'the default logout success page is displayed' + at LogoutPage + when: 'Unauthenticated user accesses the Secure Page' + via SecurePage + then: 'The login page is displayed' + at LoginPage + } } \ No newline at end of file diff --git a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy index 6d238ed69f..a6411d6fb8 100644 --- a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy +++ b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,9 +23,9 @@ import geb.* * @author Rob Winch */ class HomePage extends Page { - static url = '' - static at = { assert driver.title == 'Home Page'; true} - static content = { - securePage(to: [SecurePage,LoginPage]) { $('a').click() } - } + static url = '' + static at = { assert driver.title == 'Home Page'; true} + static content = { + securePage(to: [SecurePage,LoginPage]) { $('a').click() } + } } \ No newline at end of file diff --git a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy index 82f146b3fe..a448b34ddd 100644 --- a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy +++ b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,15 +23,15 @@ import geb.* * @author Rob Winch */ class LoginPage extends Page { - static url = 'login' - static at = { assert driver.title == 'Login Page'; true} - static content = { - login(required:false) { user='user', password='user' -> - loginForm.username = user - loginForm.password = password - submit.click() - } - loginForm { $('form') } - submit { $('input', type: 'submit') } - } + static url = 'login' + static at = { assert driver.title == 'Login Page'; true} + static content = { + login(required:false) { user='user', password='user' -> + loginForm.username = user + loginForm.password = password + submit.click() + } + loginForm { $('form') } + submit { $('input', type: 'submit') } + } } \ No newline at end of file diff --git a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy index 81b6264824..eb15b51d11 100644 --- a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy +++ b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,6 +23,6 @@ import geb.Page * @author Rob Winch */ class LogoutPage extends LoginPage { - static url = 'login' - static at = { assert driver.title == 'Login Page' && $('p').text() == 'You have been logged out'; true} + static url = 'login' + static at = { assert driver.title == 'Login Page' && $('p').text() == 'You have been logged out'; true} } \ No newline at end of file diff --git a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy index 30d4b358e6..fdab6febc6 100644 --- a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy +++ b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,10 +23,10 @@ import geb.Page * @author Rob Winch */ class SecurePage extends Page { - static url = 'secure/' - static at = { assert driver.title == 'Security Debug Information'; true} - static content = { - message { $('p').text() } - logout { $('input', type: 'submit').click() } - } + static url = 'secure/' + static at = { assert driver.title == 'Security Debug Information'; true} + static content = { + message { $('p').text() } + logout { $('input', type: 'submit').click() } + } } \ No newline at end of file diff --git a/samples/jdbc-jc/build.gradle b/samples/jdbc-jc/build.gradle index 61f4dc3573..d9fa6c6010 100644 --- a/samples/jdbc-jc/build.gradle +++ b/samples/jdbc-jc/build.gradle @@ -2,26 +2,26 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile project(":spring-security-config"), - project(":spring-security-samples-messages-jc"), - project(":spring-security-core"), - project(":spring-security-web"), - "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.slf4j:slf4j-api:$slf4jVersion", - "org.slf4j:log4j-over-slf4j:$slf4jVersion", - "org.slf4j:jul-to-slf4j:$slf4jVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final" + compile project(":spring-security-config"), + project(":spring-security-samples-messages-jc"), + project(":spring-security-core"), + project(":spring-security-web"), + "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.slf4j:slf4j-api:$slf4jVersion", + "org.slf4j:log4j-over-slf4j:$slf4jVersion", + "org.slf4j:jul-to-slf4j:$slf4jVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final" - runtime "opensymphony:sitemesh:2.4.2", - "cglib:cglib-nodep:$cglibVersion", - 'ch.qos.logback:logback-classic:0.9.30' + runtime "opensymphony:sitemesh:2.4.2", + "cglib:cglib-nodep:$cglibVersion", + 'ch.qos.logback:logback-classic:0.9.30' - integrationTestCompile gebDependencies + integrationTestCompile gebDependencies } \ No newline at end of file diff --git a/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/JdbcJcTests.groovy b/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/JdbcJcTests.groovy index eb5cf0e0fb..02269b00ee 100644 --- a/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/JdbcJcTests.groovy +++ b/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/JdbcJcTests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -27,30 +27,30 @@ import org.springframework.security.samples.pages.* */ @Stepwise class JdbcJcTests extends GebReportingSpec { - def 'access home page with unauthenticated user sends to login page'() { - when: 'Unauthenticated user accesses the Home Page' - via HomePage - then: 'The login page is displayed' - at LoginPage - } + def 'access home page with unauthenticated user sends to login page'() { + when: 'Unauthenticated user accesses the Home Page' + via HomePage + then: 'The login page is displayed' + at LoginPage + } - def 'authenticated user is sent to original page'() { - when: 'user authenticates' - login() - then: 'The home page is displayed' - at HomePage - and: 'The username is displayed' - user == 'user' - } + def 'authenticated user is sent to original page'() { + when: 'user authenticates' + login() + then: 'The home page is displayed' + at HomePage + and: 'The username is displayed' + user == 'user' + } - def 'authenticated user logs out'() { - when: 'user logs out' - logout() - then: 'the login page is displayed' - at LoginPage - when: 'Unauthenticated user accesses the Home Page' - via HomePage - then: 'The login page is displayed' - at LoginPage - } + def 'authenticated user logs out'() { + when: 'user logs out' + logout() + then: 'the login page is displayed' + at LoginPage + when: 'Unauthenticated user accesses the Home Page' + via HomePage + then: 'The login page is displayed' + at LoginPage + } } \ No newline at end of file diff --git a/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy index 25ce258a34..da92e8020e 100644 --- a/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy +++ b/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,10 +23,10 @@ import geb.* * @author Rob Winch */ class HomePage extends Page { - static url = '' - static at = { assert driver.title == 'Messages : View All'; true} - static content = { - user { $('p.navbar-text').text() } - logout { $('input', type: 'submit').click() } - } + static url = '' + static at = { assert driver.title == 'Messages : View All'; true} + static content = { + user { $('p.navbar-text').text() } + logout { $('input', type: 'submit').click() } + } } \ No newline at end of file diff --git a/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy b/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy index b2a553064b..41486d5085 100644 --- a/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy +++ b/samples/jdbc-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,15 +23,15 @@ import geb.* * @author Rob Winch */ class LoginPage extends Page { - static url = 'login' - static at = { assert driver.title == 'Login Page'; true} - static content = { - login(required:false) { user='user', password='password' -> - loginForm.username = user - loginForm.password = password - submit.click() - } - loginForm { $('form') } - submit { $('input', type: 'submit') } - } + static url = 'login' + static at = { assert driver.title == 'Login Page'; true} + static content = { + login(required:false) { user='user', password='password' -> + loginForm.username = user + loginForm.password = password + submit.click() + } + loginForm { $('form') } + submit { $('input', type: 'submit') } + } } \ No newline at end of file diff --git a/samples/ldap-jc/build.gradle b/samples/ldap-jc/build.gradle index 2e2880a9b8..fd696eb600 100644 --- a/samples/ldap-jc/build.gradle +++ b/samples/ldap-jc/build.gradle @@ -2,28 +2,28 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile project(":spring-security-ldap"), - apachedsDependencies, - project(":spring-security-config"), - project(":spring-security-samples-messages-jc"), - project(":spring-security-core"), - project(":spring-security-web"), - "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.slf4j:slf4j-api:$slf4jVersion", - "org.slf4j:log4j-over-slf4j:$slf4jVersion", - "org.slf4j:jul-to-slf4j:$slf4jVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final" + compile project(":spring-security-ldap"), + apachedsDependencies, + project(":spring-security-config"), + project(":spring-security-samples-messages-jc"), + project(":spring-security-core"), + project(":spring-security-web"), + "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.slf4j:slf4j-api:$slf4jVersion", + "org.slf4j:log4j-over-slf4j:$slf4jVersion", + "org.slf4j:jul-to-slf4j:$slf4jVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final" - runtime "opensymphony:sitemesh:2.4.2", - "cglib:cglib-nodep:$cglibVersion", - 'ch.qos.logback:logback-classic:0.9.30' + runtime "opensymphony:sitemesh:2.4.2", + "cglib:cglib-nodep:$cglibVersion", + 'ch.qos.logback:logback-classic:0.9.30' - integrationTestCompile gebDependencies + integrationTestCompile gebDependencies } \ No newline at end of file diff --git a/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/LdapJcTests.groovy b/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/LdapJcTests.groovy index 09b8907923..ca868df254 100644 --- a/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/LdapJcTests.groovy +++ b/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/LdapJcTests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -27,30 +27,30 @@ import org.springframework.security.samples.pages.* */ @Stepwise class LdapJcTests extends GebReportingSpec { - def 'access home page with unauthenticated user sends to login page'() { - when: 'Unauthenticated user accesses the Home Page' - via HomePage - then: 'The login page is displayed' - at LoginPage - } + def 'access home page with unauthenticated user sends to login page'() { + when: 'Unauthenticated user accesses the Home Page' + via HomePage + then: 'The login page is displayed' + at LoginPage + } - def 'authenticated user is sent to original page'() { - when: 'user authenticates' - login() - then: 'The home page is displayed' - at HomePage - and: 'The username is displayed' - user == 'user' - } + def 'authenticated user is sent to original page'() { + when: 'user authenticates' + login() + then: 'The home page is displayed' + at HomePage + and: 'The username is displayed' + user == 'user' + } - def 'authenticated user logs out'() { - when: 'user logs out' - logout() - then: 'the login page is displayed' - at LoginPage - when: 'Unauthenticated user accesses the Home Page' - via HomePage - then: 'The login page is displayed' - at LoginPage - } + def 'authenticated user logs out'() { + when: 'user logs out' + logout() + then: 'the login page is displayed' + at LoginPage + when: 'Unauthenticated user accesses the Home Page' + via HomePage + then: 'The login page is displayed' + at LoginPage + } } \ No newline at end of file diff --git a/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy index 25ce258a34..da92e8020e 100644 --- a/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy +++ b/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,10 +23,10 @@ import geb.* * @author Rob Winch */ class HomePage extends Page { - static url = '' - static at = { assert driver.title == 'Messages : View All'; true} - static content = { - user { $('p.navbar-text').text() } - logout { $('input', type: 'submit').click() } - } + static url = '' + static at = { assert driver.title == 'Messages : View All'; true} + static content = { + user { $('p.navbar-text').text() } + logout { $('input', type: 'submit').click() } + } } \ No newline at end of file diff --git a/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy b/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy index b2a553064b..41486d5085 100644 --- a/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy +++ b/samples/ldap-jc/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,15 +23,15 @@ import geb.* * @author Rob Winch */ class LoginPage extends Page { - static url = 'login' - static at = { assert driver.title == 'Login Page'; true} - static content = { - login(required:false) { user='user', password='password' -> - loginForm.username = user - loginForm.password = password - submit.click() - } - loginForm { $('form') } - submit { $('input', type: 'submit') } - } + static url = 'login' + static at = { assert driver.title == 'Login Page'; true} + static content = { + login(required:false) { user='user', password='password' -> + loginForm.username = user + loginForm.password = password + submit.click() + } + loginForm { $('form') } + submit { $('input', type: 'submit') } + } } \ No newline at end of file diff --git a/samples/ldap-xml/ldap.gradle b/samples/ldap-xml/ldap.gradle index ac62c14041..9c3bd22576 100644 --- a/samples/ldap-xml/ldap.gradle +++ b/samples/ldap-xml/ldap.gradle @@ -4,23 +4,23 @@ apply from: WAR_SAMPLE_GRADLE def excludeModules = ['spring-security-acl', 'jsr250-api', 'ehcache', 'spring-jdbc', 'ldapsdk'] configurations { - excludeModules.each {name -> - runtime.exclude module: name - } + excludeModules.each {name -> + runtime.exclude module: name + } - runtime.exclude group: 'org.aspectj' + runtime.exclude group: 'org.aspectj' } dependencies { - compile project(':spring-security-taglibs'), - jstlDependencies + compile project(':spring-security-taglibs'), + jstlDependencies - runtime project(':spring-security-web'), - project(':spring-security-config'), - project(':spring-security-ldap'), - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "ch.qos.logback:logback-classic:$logbackVersion", - apachedsDependencies + runtime project(':spring-security-web'), + project(':spring-security-config'), + project(':spring-security-ldap'), + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "ch.qos.logback:logback-classic:$logbackVersion", + apachedsDependencies - integrationTestCompile gebDependencies + integrationTestCompile gebDependencies } \ No newline at end of file diff --git a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/LdapXmlTests.groovy b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/LdapXmlTests.groovy index dfe51b9e94..80bee7f293 100644 --- a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/LdapXmlTests.groovy +++ b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/LdapXmlTests.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -26,35 +26,35 @@ import org.springframework.security.samples.pages.* */ @Stepwise class LdapXmlTests extends GebReportingSpec { - def 'access home page with unauthenticated user success'() { - when: 'Unauthenticated user accesses the Home Page' - to HomePage - then: 'The page is displayed' - at HomePage - } + def 'access home page with unauthenticated user success'() { + when: 'Unauthenticated user accesses the Home Page' + to HomePage + then: 'The page is displayed' + at HomePage + } - def 'access manage page with unauthenticated user sends to login page'() { - when: 'Unauthenticated user accesses the Manage Page' - secure.click(LoginPage) - then: 'The login page is displayed' - at LoginPage - } + def 'access manage page with unauthenticated user sends to login page'() { + when: 'Unauthenticated user accesses the Manage Page' + secure.click(LoginPage) + then: 'The login page is displayed' + at LoginPage + } - def 'authenticated user is sent to original page'() { - when: 'user authenticates' - login() - then: 'The secure page is displayed' - at SecurePage - } + def 'authenticated user is sent to original page'() { + when: 'user authenticates' + login() + then: 'The secure page is displayed' + at SecurePage + } - def 'authenticated user logs out'() { - when: 'user logs out' - logout.click() - then: 'the default logout success page is displayed' - at LogoutPage - when: 'Unauthenticated user accesses the Manage Page' - via SecurePage - then: 'The login page is displayed' - at LoginPage - } + def 'authenticated user logs out'() { + when: 'user logs out' + logout.click() + then: 'the default logout success page is displayed' + at LogoutPage + when: 'Unauthenticated user accesses the Manage Page' + via SecurePage + then: 'The login page is displayed' + at LoginPage + } } \ No newline at end of file diff --git a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy index 622b83af25..0f2be21ffc 100644 --- a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy +++ b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,9 +23,9 @@ import geb.* * @author Rob Winch */ class HomePage extends Page { - static url = '' - static at = { assert driver.title == 'Home Page'; true} - static content = { - secure(to: [SecurePage,LoginPage]) { $('a', text: 'Secure page') } - } + static url = '' + static at = { assert driver.title == 'Home Page'; true} + static content = { + secure(to: [SecurePage,LoginPage]) { $('a', text: 'Secure page') } + } } \ No newline at end of file diff --git a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy index 72a3e8dedb..7223c3a221 100644 --- a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy +++ b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,15 +23,15 @@ import geb.* * @author Rob Winch */ class LoginPage extends Page { - static url = 'login' - static at = { assert driver.title == 'Login Page'; true} - static content = { - login(required:false) { user='rod', password='koala' -> - loginForm.username = user - loginForm.password = password - submit.click() - } - loginForm { $('form') } - submit { $('input', type: 'submit') } - } + static url = 'login' + static at = { assert driver.title == 'Login Page'; true} + static content = { + login(required:false) { user='rod', password='koala' -> + loginForm.username = user + loginForm.password = password + submit.click() + } + loginForm { $('form') } + submit { $('input', type: 'submit') } + } } \ No newline at end of file diff --git a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy index 10246e55d3..593a6abef7 100644 --- a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy +++ b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LogoutPage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -20,6 +20,6 @@ package org.springframework.security.samples.pages * @author Rob Winch */ class LogoutPage extends LoginPage { - static url = 'login' - static at = { assert driver.title == 'Login Page' && $('p').text() == 'You have been logged out'; true} + static url = 'login' + static at = { assert driver.title == 'Login Page' && $('p').text() == 'You have been logged out'; true} } \ No newline at end of file diff --git a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy index 315176bf17..17a1aee7d8 100644 --- a/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy +++ b/samples/ldap-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,9 +23,9 @@ import geb.* * @author Rob Winch */ class SecurePage extends Page { - static url = 'secure/' - static at = { assert driver.title == 'Secure Page'; true} - static content = { - logout { $("input[type=submit]", value: "Logoff") } - } + static url = 'secure/' + static at = { assert driver.title == 'Secure Page'; true} + static content = { + logout { $("input[type=submit]", value: "Logoff") } + } } \ No newline at end of file diff --git a/samples/messages-jc/build.gradle b/samples/messages-jc/build.gradle index d8bdd49736..b565eee840 100644 --- a/samples/messages-jc/build.gradle +++ b/samples/messages-jc/build.gradle @@ -1,30 +1,30 @@ sonarRunner.skipProject = true dependencies { - provided "javax.servlet:javax.servlet-api:3.0.1" + provided "javax.servlet:javax.servlet-api:3.0.1" - compile project(":spring-security-web"), - project(":spring-security-config"), - "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.0.Final", - "org.hsqldb:hsqldb:$hsqlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final", - "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-orm:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-aop:$springVersion", - "org.springframework:spring-tx:$springVersion", - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-instrument:$springVersion", - "org.springframework:spring-core:$springVersion", - "org.springframework:spring-aspects:$springVersion", - "org.thymeleaf:thymeleaf-spring4:$thymeleafVersion", - "org.thymeleaf.extras:thymeleaf-extras-tiles2-spring4:2.1.1.RELEASE" - compile('org.hibernate:hibernate-entitymanager:3.6.10.Final') { - exclude group:'javassist', module: 'javassist' - } - compile("org.springframework.data:spring-data-jpa:$springDataJpaVersion") { - exclude group:'org.aspectj', module:'aspectjrt' - } + compile project(":spring-security-web"), + project(":spring-security-config"), + "org.hibernate.javax.persistence:hibernate-jpa-2.0-api:1.0.0.Final", + "org.hsqldb:hsqldb:$hsqlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final", + "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-orm:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-aop:$springVersion", + "org.springframework:spring-tx:$springVersion", + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-instrument:$springVersion", + "org.springframework:spring-core:$springVersion", + "org.springframework:spring-aspects:$springVersion", + "org.thymeleaf:thymeleaf-spring4:$thymeleafVersion", + "org.thymeleaf.extras:thymeleaf-extras-tiles2-spring4:2.1.1.RELEASE" + compile('org.hibernate:hibernate-entitymanager:3.6.10.Final') { + exclude group:'javassist', module: 'javassist' + } + compile("org.springframework.data:spring-data-jpa:$springDataJpaVersion") { + exclude group:'org.aspectj', module:'aspectjrt' + } } diff --git a/samples/openid-jc/build.gradle b/samples/openid-jc/build.gradle index ca297eb37f..a9f84d4d39 100644 --- a/samples/openid-jc/build.gradle +++ b/samples/openid-jc/build.gradle @@ -2,26 +2,26 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile project(":spring-security-config"), - project(":spring-security-openid"), - project(":spring-security-samples-messages-jc"), - project(":spring-security-core"), - project(":spring-security-web"), - "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.slf4j:slf4j-api:$slf4jVersion", - "org.slf4j:log4j-over-slf4j:$slf4jVersion", - "org.slf4j:jul-to-slf4j:$slf4jVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final" + compile project(":spring-security-config"), + project(":spring-security-openid"), + project(":spring-security-samples-messages-jc"), + project(":spring-security-core"), + project(":spring-security-web"), + "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.slf4j:slf4j-api:$slf4jVersion", + "org.slf4j:log4j-over-slf4j:$slf4jVersion", + "org.slf4j:jul-to-slf4j:$slf4jVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final" - runtime "opensymphony:sitemesh:2.4.2", - "cglib:cglib-nodep:$cglibVersion", - 'ch.qos.logback:logback-classic:0.9.30', - "net.sourceforge.nekohtml:nekohtml:1.9.10" + runtime "opensymphony:sitemesh:2.4.2", + "cglib:cglib-nodep:$cglibVersion", + 'ch.qos.logback:logback-classic:0.9.30', + "net.sourceforge.nekohtml:nekohtml:1.9.10" } \ No newline at end of file diff --git a/samples/openid-xml/openid.gradle b/samples/openid-xml/openid.gradle index 75073847cf..c924e66edf 100644 --- a/samples/openid-xml/openid.gradle +++ b/samples/openid-xml/openid.gradle @@ -4,16 +4,16 @@ apply plugin: 'war' apply plugin: 'jetty' dependencies { - compile project(':spring-security-core'), - project(':spring-security-openid') + compile project(':spring-security-core'), + project(':spring-security-openid') - providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" + providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - runtime project(':spring-security-config'), - project(':spring-security-taglibs'), - jstlDependencies, - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "ch.qos.logback:logback-classic:$logbackVersion" + runtime project(':spring-security-config'), + project(':spring-security-taglibs'), + jstlDependencies, + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "ch.qos.logback:logback-classic:$logbackVersion" } [jettyRun, jettyRunWar]*.contextPath = "/openid" diff --git a/samples/preauth-jc/build.gradle b/samples/preauth-jc/build.gradle index 70e3f866d1..1e203e783e 100644 --- a/samples/preauth-jc/build.gradle +++ b/samples/preauth-jc/build.gradle @@ -2,24 +2,24 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile project(":spring-security-config"), - project(":spring-security-samples-messages-jc"), - project(":spring-security-core"), - project(":spring-security-web"), - "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.slf4j:slf4j-api:$slf4jVersion", - "org.slf4j:log4j-over-slf4j:$slf4jVersion", - "org.slf4j:jul-to-slf4j:$slf4jVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final" + compile project(":spring-security-config"), + project(":spring-security-samples-messages-jc"), + project(":spring-security-core"), + project(":spring-security-web"), + "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.slf4j:slf4j-api:$slf4jVersion", + "org.slf4j:log4j-over-slf4j:$slf4jVersion", + "org.slf4j:jul-to-slf4j:$slf4jVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final" - runtime "opensymphony:sitemesh:2.4.2", - "cglib:cglib-nodep:$cglibVersion", - 'ch.qos.logback:logback-classic:0.9.30' + runtime "opensymphony:sitemesh:2.4.2", + "cglib:cglib-nodep:$cglibVersion", + 'ch.qos.logback:logback-classic:0.9.30' } \ No newline at end of file diff --git a/samples/preauth-xml/preauth.gradle b/samples/preauth-xml/preauth.gradle index 4f197d2d43..24dcd70dd5 100644 --- a/samples/preauth-xml/preauth.gradle +++ b/samples/preauth-xml/preauth.gradle @@ -8,21 +8,21 @@ war.baseName = "sample" def excludeModules = ['jsr250-api', 'ehcache', 'spring-jdbc', 'spring-tx'] configurations { - excludeModules.each {name -> - runtime.exclude module: name - } + excludeModules.each {name -> + runtime.exclude module: name + } - runtime.exclude group: 'org.aspectj' + runtime.exclude group: 'org.aspectj' } dependencies { - runtime project(':spring-security-web'), - project(':spring-security-config'), - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "ch.qos.logback:logback-classic:$logbackVersion" + runtime project(':spring-security-web'), + project(':spring-security-config'), + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "ch.qos.logback:logback-classic:$logbackVersion" } jettyRun { - userRealms = [jettyRun.class.classLoader.loadClass('org.mortbay.jetty.security.HashUserRealm').newInstance('Preauth Realm', "$projectDir/realm.properties")] + userRealms = [jettyRun.class.classLoader.loadClass('org.mortbay.jetty.security.HashUserRealm').newInstance('Preauth Realm', "$projectDir/realm.properties")] } diff --git a/samples/rememberme-jc/build.gradle b/samples/rememberme-jc/build.gradle index 70e3f866d1..1e203e783e 100644 --- a/samples/rememberme-jc/build.gradle +++ b/samples/rememberme-jc/build.gradle @@ -2,24 +2,24 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile project(":spring-security-config"), - project(":spring-security-samples-messages-jc"), - project(":spring-security-core"), - project(":spring-security-web"), - "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.slf4j:slf4j-api:$slf4jVersion", - "org.slf4j:log4j-over-slf4j:$slf4jVersion", - "org.slf4j:jul-to-slf4j:$slf4jVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final" + compile project(":spring-security-config"), + project(":spring-security-samples-messages-jc"), + project(":spring-security-core"), + project(":spring-security-web"), + "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.slf4j:slf4j-api:$slf4jVersion", + "org.slf4j:log4j-over-slf4j:$slf4jVersion", + "org.slf4j:jul-to-slf4j:$slf4jVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final" - runtime "opensymphony:sitemesh:2.4.2", - "cglib:cglib-nodep:$cglibVersion", - 'ch.qos.logback:logback-classic:0.9.30' + runtime "opensymphony:sitemesh:2.4.2", + "cglib:cglib-nodep:$cglibVersion", + 'ch.qos.logback:logback-classic:0.9.30' } \ No newline at end of file diff --git a/samples/servletapi-xml/servletapi.gradle b/samples/servletapi-xml/servletapi.gradle index d371ae9825..e86f96ac1e 100644 --- a/samples/servletapi-xml/servletapi.gradle +++ b/samples/servletapi-xml/servletapi.gradle @@ -5,30 +5,30 @@ apply plugin: 'war' def excludeModules = ['spring-security-acl', 'jsr250-api', 'ehcache', 'spring-jdbc', 'spring-tx'] configurations { - excludeModules.each {name -> - runtime.exclude module: name - } + excludeModules.each {name -> + runtime.exclude module: name + } - runtime.exclude group: 'org.aspectj' + runtime.exclude group: 'org.aspectj' } dependencies { - providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" + providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - compile project(':spring-security-core'), - project(':spring-security-web'), - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-web:$springVersion", - "org.springframework:spring-webmvc:$springVersion" + compile project(':spring-security-core'), + project(':spring-security-web'), + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-web:$springVersion", + "org.springframework:spring-webmvc:$springVersion" - runtime project(':spring-security-config'), - project(':spring-security-taglibs'), - "org.springframework:spring-context-support:$springVersion", - jstlDependencies, - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "ch.qos.logback:logback-classic:$logbackVersion" + runtime project(':spring-security-config'), + project(':spring-security-taglibs'), + "org.springframework:spring-context-support:$springVersion", + jstlDependencies, + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "ch.qos.logback:logback-classic:$logbackVersion" } eclipse.wtp.component.contextPath = "servletapi" diff --git a/samples/tutorial-xml/tutorial.gradle b/samples/tutorial-xml/tutorial.gradle index ae330b9c79..8f3c64db62 100644 --- a/samples/tutorial-xml/tutorial.gradle +++ b/samples/tutorial-xml/tutorial.gradle @@ -8,39 +8,39 @@ war.baseName = "sample" def excludeModules = ['spring-security-acl', 'jsr250-api', 'ehcache', 'spring-jdbc', 'spring-tx'] configurations { - excludeModules.each {name -> - runtime.exclude module: name - } + excludeModules.each {name -> + runtime.exclude module: name + } - runtime.exclude group: 'org.aspectj' + runtime.exclude group: 'org.aspectj' } dependencies { - providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" + providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - compile project(':spring-security-core'), - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-web:$springVersion", - "org.springframework:spring-webmvc:$springVersion", - "org.slf4j:slf4j-api:$slf4jVersion" + compile project(':spring-security-core'), + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-web:$springVersion", + "org.springframework:spring-webmvc:$springVersion", + "org.slf4j:slf4j-api:$slf4jVersion" - runtime project(':spring-security-web'), - project(':spring-security-config'), - project(':spring-security-taglibs'), - jstlDependencies, - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "ch.qos.logback:logback-core:$logbackVersion", - "ch.qos.logback:logback-classic:$logbackVersion" + runtime project(':spring-security-web'), + project(':spring-security-config'), + project(':spring-security-taglibs'), + jstlDependencies, + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "ch.qos.logback:logback-core:$logbackVersion", + "ch.qos.logback:logback-classic:$logbackVersion" } jettyRun { - def httpConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.nio.SelectChannelConnector').newInstance() - httpConnector.port = 8080 - httpConnector.confidentialPort = 8443 - def httpsConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector').newInstance() - httpsConnector.port = 8443 - httpsConnector.keystore = "$rootDir/samples/certificates/server.jks" - httpsConnector.keyPassword = 'password' + def httpConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.nio.SelectChannelConnector').newInstance() + httpConnector.port = 8080 + httpConnector.confidentialPort = 8443 + def httpsConnector = jettyRunWar.class.classLoader.loadClass('org.mortbay.jetty.security.SslSocketConnector').newInstance() + httpsConnector.port = 8443 + httpsConnector.keystore = "$rootDir/samples/certificates/server.jks" + httpsConnector.keyPassword = 'password' - connectors = [httpConnector, httpsConnector] + connectors = [httpConnector, httpsConnector] } diff --git a/samples/x509-jc/build.gradle b/samples/x509-jc/build.gradle index 685ac71f0d..75ee07cdf7 100644 --- a/samples/x509-jc/build.gradle +++ b/samples/x509-jc/build.gradle @@ -3,24 +3,24 @@ apply from: WAR_SAMPLE_GRADLE dependencies { - providedCompile "javax.servlet:javax.servlet-api:3.0.1", - 'javax.servlet.jsp:jsp-api:2.1' + providedCompile "javax.servlet:javax.servlet-api:3.0.1", + 'javax.servlet.jsp:jsp-api:2.1' - compile project(":spring-security-config"), - project(":spring-security-samples-messages-jc"), - project(":spring-security-core"), - project(":spring-security-web"), - "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.slf4j:slf4j-api:$slf4jVersion", - "org.slf4j:log4j-over-slf4j:$slf4jVersion", - "org.slf4j:jul-to-slf4j:$slf4jVersion", - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", - "javax.validation:validation-api:1.0.0.GA", - "org.hibernate:hibernate-validator:4.2.0.Final" + compile project(":spring-security-config"), + project(":spring-security-samples-messages-jc"), + project(":spring-security-core"), + project(":spring-security-web"), + "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.slf4j:slf4j-api:$slf4jVersion", + "org.slf4j:log4j-over-slf4j:$slf4jVersion", + "org.slf4j:jul-to-slf4j:$slf4jVersion", + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion", + "javax.validation:validation-api:1.0.0.GA", + "org.hibernate:hibernate-validator:4.2.0.Final" - runtime "opensymphony:sitemesh:2.4.2", - "cglib:cglib-nodep:$cglibVersion", - 'ch.qos.logback:logback-classic:0.9.30' + runtime "opensymphony:sitemesh:2.4.2", + "cglib:cglib-nodep:$cglibVersion", + 'ch.qos.logback:logback-classic:0.9.30' } \ No newline at end of file diff --git a/sandbox/heavyduty/build.gradle b/sandbox/heavyduty/build.gradle index da92fbfa51..502a1b0b5d 100644 --- a/sandbox/heavyduty/build.gradle +++ b/sandbox/heavyduty/build.gradle @@ -8,36 +8,36 @@ targetCompatibility = '1.5' sourceCompatibility = '1.5' repositories { - mavenRepo name:'Local', urls: "file://" + System.properties['user.home'] + "/.m2/repository" + mavenRepo name:'Local', urls: "file://" + System.properties['user.home'] + "/.m2/repository" } dependencies { - compile 'aopalliance:aopalliance:1.0', - "org.springframework.security:spring-security-core:$version", - "org.springframework.security:spring-security-web:$version", - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-core:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-tx:$springVersion", - "org.springframework:spring-web:$springVersion", - "org.springframework:spring-webmvc:$springVersion", - 'org.aspectj:aspectjrt:1.6.8', - 'org.hibernate:ejb3-persistence:1.0.2.GA', - 'javax.persistence:persistence-api:1.0', - 'org.slf4j:jcl-over-slf4j:1.5.11' + compile 'aopalliance:aopalliance:1.0', + "org.springframework.security:spring-security-core:$version", + "org.springframework.security:spring-security-web:$version", + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-core:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-tx:$springVersion", + "org.springframework:spring-web:$springVersion", + "org.springframework:spring-webmvc:$springVersion", + 'org.aspectj:aspectjrt:1.6.8', + 'org.hibernate:ejb3-persistence:1.0.2.GA', + 'javax.persistence:persistence-api:1.0', + 'org.slf4j:jcl-over-slf4j:1.5.11' - providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" + providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion" - runtime 'org.hibernate:hibernate-entitymanager:3.4.0.GA', - "org.springframework:spring-context-support:$springVersion", - "org.springframework.security:spring-security-ldap:$version", - "org.springframework.security:spring-security-config:$version", - "org.springframework.security:spring-security-taglibs:$version", - "org.springframework:spring-orm:$springVersion", - 'org.apache.directory.server:apacheds-core:1.5.5', - 'org.apache.directory.server:apacheds-server-jndi:1.5.5', - 'org.freemarker:freemarker:2.3.16', - "org.hsqldb:hsqldb:$hsqlVersion", - 'org.slf4j:slf4j-log4j12:1.5.11', - 'log4j:log4j:1.2.14' + runtime 'org.hibernate:hibernate-entitymanager:3.4.0.GA', + "org.springframework:spring-context-support:$springVersion", + "org.springframework.security:spring-security-ldap:$version", + "org.springframework.security:spring-security-config:$version", + "org.springframework.security:spring-security-taglibs:$version", + "org.springframework:spring-orm:$springVersion", + 'org.apache.directory.server:apacheds-core:1.5.5', + 'org.apache.directory.server:apacheds-server-jndi:1.5.5', + 'org.freemarker:freemarker:2.3.16', + "org.hsqldb:hsqldb:$hsqlVersion", + 'org.slf4j:slf4j-log4j12:1.5.11', + 'log4j:log4j:1.2.14' } diff --git a/settings.gradle b/settings.gradle index a5f27c3a86..c6b38d2a55 100644 --- a/settings.gradle +++ b/settings.gradle @@ -1,87 +1,87 @@ def String[] modules = [ - 'core', - 'data', - 'remoting', - 'web', - 'ldap', - 'acl', - 'config', - 'cas', - 'openid', - 'taglibs', - 'aspects', - 'crypto', - 'messaging', - 'test' + 'core', + 'data', + 'remoting', + 'web', + 'ldap', + 'acl', + 'config', + 'cas', + 'openid', + 'taglibs', + 'aspects', + 'crypto', + 'messaging', + 'test' ] def String[] samples = [ - 'tutorial-xml', - 'contacts-xml', - 'chat-jc', - 'openid-xml', - 'aspectj-xml', - 'aspectj-jc', - 'data-jc', - 'gae-xml', - 'dms-xml', - 'preauth-xml', - 'cas/server', - 'cas/sample-xml', - 'ldap-xml', - 'jaas-xml', - 'servletapi-xml', - 'concurrency-jc', - 'form-jc', - 'helloworld-jc', - 'helloworld-xml', - 'hellomvc-jc', - 'hellojs-jc', - 'insecure', - 'insecuremvc', - 'inmemory-jc', - 'jdbc-jc', - 'ldap-jc', - 'messages-jc', - 'openid-jc', - 'preauth-jc', - 'rememberme-jc', - 'x509-jc' + 'tutorial-xml', + 'contacts-xml', + 'chat-jc', + 'openid-xml', + 'aspectj-xml', + 'aspectj-jc', + 'data-jc', + 'gae-xml', + 'dms-xml', + 'preauth-xml', + 'cas/server', + 'cas/sample-xml', + 'ldap-xml', + 'jaas-xml', + 'servletapi-xml', + 'concurrency-jc', + 'form-jc', + 'helloworld-jc', + 'helloworld-xml', + 'hellomvc-jc', + 'hellojs-jc', + 'insecure', + 'insecuremvc', + 'inmemory-jc', + 'jdbc-jc', + 'ldap-jc', + 'messages-jc', + 'openid-jc', + 'preauth-jc', + 'rememberme-jc', + 'x509-jc' ] def String[] itest = [ - 'web', - 'context' + 'web', + 'context' ] include modules modules.each {name -> - def p = findProject(":${name}") - p.name = "spring-security-${name}" - p.buildFileName = "${name}.gradle" + def p = findProject(":${name}") + p.name = "spring-security-${name}" + p.buildFileName = "${name}.gradle" } include samples samples.each {name -> - def p = findProject(":${name}") - def fullName = name.replaceAll('/','') - p.name = "spring-security-samples-${fullName}" - p.projectDir = new File(settingsDir, "samples/${name}"); - if(!p.buildFile.exists()) { - def buildFile = fullName.replaceFirst("-xml","") - p.buildFileName = "${buildFile}.gradle" - } + def p = findProject(":${name}") + def fullName = name.replaceAll('/','') + p.name = "spring-security-samples-${fullName}" + p.projectDir = new File(settingsDir, "samples/${name}"); + if(!p.buildFile.exists()) { + def buildFile = fullName.replaceFirst("-xml","") + p.buildFileName = "${buildFile}.gradle" + } } include itest itest.each { name -> - def p = findProject(":${name}") - p.name = "itest-${name}" - p.buildFileName = "itest-${name}.gradle" - p.projectDir = new File(settingsDir, "itest/${name}"); + def p = findProject(":${name}") + p.name = "itest-${name}" + p.buildFileName = "itest-${name}.gradle" + p.projectDir = new File(settingsDir, "itest/${name}"); } include 'docs', 'docs:manual', 'docs:guides' @@ -92,8 +92,8 @@ docs.buildFileName = 'docs.gradle' rootProject.name = 'spring-security' rootProject.children.each {project -> - //assert project.projectDir.isDirectory() - //assert project.buildFile.isFile() + //assert project.projectDir.isDirectory() + //assert project.buildFile.isFile() } include 'bom' diff --git a/taglibs/src/test/groovy/org/springframework/security/taglibs/TldTests.groovy b/taglibs/src/test/groovy/org/springframework/security/taglibs/TldTests.groovy index bc20a94e40..9f717b5866 100644 --- a/taglibs/src/test/groovy/org/springframework/security/taglibs/TldTests.groovy +++ b/taglibs/src/test/groovy/org/springframework/security/taglibs/TldTests.groovy @@ -7,11 +7,11 @@ import spock.lang.Specification class TldTests extends Specification { def "SEC-2324: tld version is correct"() { - when: - File securityTld = new File('src/main/resources/META-INF/security.tld') - GPathResult tldRoot = new XmlSlurper().parse(securityTld) - then: - String version = System.getProperty('springSecurityVersion'); - version.startsWith(tldRoot.'tlib-version'.text()) + when: + File securityTld = new File('src/main/resources/META-INF/security.tld') + GPathResult tldRoot = new XmlSlurper().parse(securityTld) + then: + String version = System.getProperty('springSecurityVersion'); + version.startsWith(tldRoot.'tlib-version'.text()) } } diff --git a/taglibs/taglibs.gradle b/taglibs/taglibs.gradle index 0909732bbc..0b36ab17d2 100644 --- a/taglibs/taglibs.gradle +++ b/taglibs/taglibs.gradle @@ -2,25 +2,25 @@ apply plugin: 'groovy' dependencies { - compile project(':spring-security-core'), - project(':spring-security-web'), - project(':spring-security-acl'), - springCoreDependency, - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-aop:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-expression:$springVersion", - "org.springframework:spring-web:$springVersion" + compile project(':spring-security-core'), + project(':spring-security-web'), + project(':spring-security-acl'), + springCoreDependency, + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-aop:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-expression:$springVersion", + "org.springframework:spring-web:$springVersion" - provided 'javax.servlet.jsp:javax.servlet.jsp-api:2.2.1', - "javax.servlet:javax.servlet-api:$servletApiVersion" + provided 'javax.servlet.jsp:javax.servlet.jsp-api:2.2.1', + "javax.servlet:javax.servlet-api:$servletApiVersion" - testCompile "org.codehaus.groovy:groovy-all:$groovyVersion", - spockDependencies + testCompile "org.codehaus.groovy:groovy-all:$groovyVersion", + spockDependencies - testRuntime "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion" + testRuntime "javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:$jstlVersion" } configure(project.tasks.withType(Test)) { - systemProperties['springSecurityVersion'] = version + systemProperties['springSecurityVersion'] = version } \ No newline at end of file diff --git a/test/test.gradle b/test/test.gradle index b3406e3c90..69eaa2c640 100644 --- a/test/test.gradle +++ b/test/test.gradle @@ -1,15 +1,15 @@ // OpenID Module build file dependencies { - compile project(':spring-security-core'), - project(':spring-security-web'), - springCoreDependency, - "org.springframework:spring-test:$springVersion" + compile project(':spring-security-core'), + project(':spring-security-web'), + springCoreDependency, + "org.springframework:spring-test:$springVersion" - optional project(':spring-security-config') + optional project(':spring-security-config') - provided "javax.servlet:javax.servlet-api:$servletApiVersion" + provided "javax.servlet:javax.servlet-api:$servletApiVersion" - testCompile "org.springframework:spring-webmvc:$springVersion", - powerMockDependencies + testCompile "org.springframework:spring-webmvc:$springVersion", + powerMockDependencies } diff --git a/web/web.gradle b/web/web.gradle index 666dc6fae4..a525bfef8c 100644 --- a/web/web.gradle +++ b/web/web.gradle @@ -1,26 +1,26 @@ apply plugin: 'groovy' dependencies { - compile project(':spring-security-core'), - springCoreDependency, - 'aopalliance:aopalliance:1.0', - "org.springframework:spring-beans:$springVersion", - "org.springframework:spring-context:$springVersion", - "org.springframework:spring-expression:$springVersion", - "org.springframework:spring-web:$springVersion" + compile project(':spring-security-core'), + springCoreDependency, + 'aopalliance:aopalliance:1.0', + "org.springframework:spring-beans:$springVersion", + "org.springframework:spring-context:$springVersion", + "org.springframework:spring-expression:$springVersion", + "org.springframework:spring-web:$springVersion" - optional "org.springframework:spring-webmvc:$springVersion", - "org.springframework:spring-jdbc:$springVersion", - "org.springframework:spring-tx:$springVersion" + optional "org.springframework:spring-webmvc:$springVersion", + "org.springframework:spring-jdbc:$springVersion", + "org.springframework:spring-tx:$springVersion" - provided "javax.servlet:javax.servlet-api:$servletApiVersion" + provided "javax.servlet:javax.servlet-api:$servletApiVersion" - testCompile project(':spring-security-core').sourceSets.test.output, - 'commons-codec:commons-codec:1.3', - "org.slf4j:jcl-over-slf4j:$slf4jVersion", - "org.codehaus.groovy:groovy-all:$groovyVersion", - powerMockDependencies, - spockDependencies + testCompile project(':spring-security-core').sourceSets.test.output, + 'commons-codec:commons-codec:1.3', + "org.slf4j:jcl-over-slf4j:$slf4jVersion", + "org.codehaus.groovy:groovy-all:$groovyVersion", + powerMockDependencies, + spockDependencies - testRuntime "org.hsqldb:hsqldb:$hsqlVersion" + testRuntime "org.hsqldb:hsqldb:$hsqlVersion" } \ No newline at end of file