Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-01 00:02:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-727: Ensure SecurityConfig cannot be constructed unsafely; also update SecurityConfigTests to JUnit 4.

Browse Source
This commit is contained in:
Ben Alex 2008-03-21 02:15:47 +00:00
parent 119cc9ff04
commit 16ea8faa0d
2 changed files with 34 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
core/src/main/java/org/springframework/security/SecurityConfig.java
View File

@ -15,6 +15,8 @@
package org.springframework.security; package org.springframework.security;
import org.springframework.util.Assert;
/** /**
* Stores a {@link ConfigAttribute} as a <code>String</code>. * Stores a {@link ConfigAttribute} as a <code>String</code>.
* *
@ -29,6 +31,7 @@ public class SecurityConfig implements ConfigAttribute {
//~ Constructors =================================================================================================== //~ Constructors ===================================================================================================
public SecurityConfig(String config) { public SecurityConfig(String config) {
Assert.hasText(config, "You must provide a configuration attribute");
this.attrib = config; this.attrib = config;
} }

70
core/src/test/java/org/springframework/security/SecurityConfigTests.java
View File

@ -15,7 +15,9 @@
package org.springframework.security; package org.springframework.security;
import junit.framework.TestCase; import junit.framework.Assert;
import org.junit.Test;
/** /**
@ -24,73 +26,63 @@ import junit.framework.TestCase;
* @author Ben Alex * @author Ben Alex
* @version $Id$ * @version $Id$
*/ */
public class SecurityConfigTests extends TestCase { public class SecurityConfigTests {
//~ Constructors ===================================================================================================
public SecurityConfigTests() {
super();
}
public SecurityConfigTests(String arg0) {
super(arg0);
}
//~ Methods ======================================================================================================== //~ Methods ========================================================================================================
public static void main(String[] args) { @Test
junit.textui.TestRunner.run(SecurityConfigTests.class);
}
public final void setUp() throws Exception {
super.setUp();
}
public void testHashCode() { public void testHashCode() {
SecurityConfig config = new SecurityConfig("TEST"); SecurityConfig config = new SecurityConfig("TEST");
assertEquals("TEST".hashCode(), config.hashCode()); Assert.assertEquals("TEST".hashCode(), config.hashCode());
}
@Test(expected=IllegalArgumentException.class)
public void testCannotConstructWithNullAttribute() {
new SecurityConfig(null); // SEC-727
} }
public void testNoArgConstructorDoesntExist() { @Test(expected=IllegalArgumentException.class)
Class clazz = SecurityConfig.class; public void testCannotConstructWithEmptyAttribute() {
new SecurityConfig(""); // SEC-727
try {
clazz.getDeclaredConstructor((Class[]) null);
fail("Should have thrown NoSuchMethodException");
} catch (NoSuchMethodException expected) {
assertTrue(true);
}
} }
@Test(expected=NoSuchMethodException.class)
public void testNoArgConstructorDoesntExist() throws Exception {
SecurityConfig.class.getDeclaredConstructor((Class[]) null);
}
@Test
public void testObjectEquals() throws Exception { public void testObjectEquals() throws Exception {
SecurityConfig security1 = new SecurityConfig("TEST"); SecurityConfig security1 = new SecurityConfig("TEST");
SecurityConfig security2 = new SecurityConfig("TEST"); SecurityConfig security2 = new SecurityConfig("TEST");
assertEquals(security1, security2); Assert.assertEquals(security1, security2);
// SEC-311: Must observe symmetry requirement of Object.equals(Object) contract // SEC-311: Must observe symmetry requirement of Object.equals(Object) contract
String securityString1 = "TEST"; String securityString1 = "TEST";
assertNotSame(security1, securityString1); Assert.assertNotSame(security1, securityString1);
String securityString2 = "NOT_EQUAL"; String securityString2 = "NOT_EQUAL";
assertTrue(!security1.equals(securityString2)); Assert.assertTrue(!security1.equals(securityString2));
SecurityConfig security3 = new SecurityConfig("NOT_EQUAL"); SecurityConfig security3 = new SecurityConfig("NOT_EQUAL");
assertTrue(!security1.equals(security3)); Assert.assertTrue(!security1.equals(security3));
MockConfigAttribute mock1 = new MockConfigAttribute("TEST"); MockConfigAttribute mock1 = new MockConfigAttribute("TEST");
assertEquals(security1, mock1); Assert.assertEquals(security1, mock1);
MockConfigAttribute mock2 = new MockConfigAttribute("NOT_EQUAL"); MockConfigAttribute mock2 = new MockConfigAttribute("NOT_EQUAL");
assertTrue(!security1.equals(mock2)); Assert.assertTrue(!security1.equals(mock2));
Integer int1 = new Integer(987); Integer int1 = new Integer(987);
assertTrue(!security1.equals(int1)); Assert.assertTrue(!security1.equals(int1));
} }
@Test
public void testToString() { public void testToString() {
SecurityConfig config = new SecurityConfig("TEST"); SecurityConfig config = new SecurityConfig("TEST");
assertEquals("TEST", config.toString()); Assert.assertEquals("TEST", config.toString());
} }
//~ Inner Classes ================================================================================================== //~ Inner Classes ==================================================================================================
private class MockConfigAttribute implements ConfigAttribute { private class MockConfigAttribute implements ConfigAttribute {