Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-1550: Convert signatures to use Collection<? extends GrantedAuthority> where appropriate.

This commit is contained in:
Luke Taylor 2010-11-03 13:45:35 +00:00
parent 8d867e8b67
commit 1c8d28501c
37 changed files with 71 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
acl/src/main/java/org/springframework/security/acls/domain/SidRetrievalStrategyImpl.java
View File

@ -51,7 +51,7 @@ public class SidRetrievalStrategyImpl implements SidRetrievalStrategy {
//~ Methods ========================================================================================================
public List<Sid> getSids(Authentication authentication) {
Collection<GrantedAuthority> authorities = roleHierarchy.getReachableGrantedAuthorities(authentication.getAuthorities());
Collection<? extends GrantedAuthority> authorities = roleHierarchy.getReachableGrantedAuthorities(authentication.getAuthorities());
List<Sid> sids = new ArrayList<Sid>(authorities.size() + 1);
sids.add(new PrincipalSid(authentication));

5
acl/src/test/java/org/springframework/security/acls/sid/SidRetrievalStrategyTests.java
View File

@ -4,6 +4,7 @@ import static org.junit.Assert.*;
import static org.mockito.Matchers.*;
import static org.mockito.Mockito.*;
import java.util.Collection;
import java.util.List;
import org.junit.Test;
@ -53,8 +54,8 @@ public class SidRetrievalStrategyTests {
@Test
public void roleHierarchyIsUsedWhenSet() throws Exception {
RoleHierarchy rh = mock(RoleHierarchy.class);
List<GrantedAuthority> rhAuthorities = AuthorityUtils.createAuthorityList("D");
when(rh.getReachableGrantedAuthorities(anyList())).thenReturn(rhAuthorities);
List rhAuthorities = AuthorityUtils.createAuthorityList("D");
when(rh.getReachableGrantedAuthorities(anyCollection())).thenReturn(rhAuthorities);
SidRetrievalStrategy strat = new SidRetrievalStrategyImpl(rh);
List<Sid> sids = strat.getSids(authentication);

2
core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRoot.java
View File

@ -121,7 +121,7 @@ public abstract class SecurityExpressionRoot {
private Set<String> getAuthoritySet() {
if (roles == null) {
roles = new HashSet<String>();
Collection<GrantedAuthority> userAuthorities = authentication.getAuthorities();
Collection<? extends GrantedAuthority> userAuthorities = authentication.getAuthorities();
if (roleHierarchy != null) {
userAuthorities = roleHierarchy.getReachableGrantedAuthorities(userAuthorities);

2
core/src/main/java/org/springframework/security/access/hierarchicalroles/NullRoleHierarchy.java
View File

@ -11,7 +11,7 @@ import org.springframework.security.core.GrantedAuthority;
*/
public final class NullRoleHierarchy implements RoleHierarchy {
public Collection<GrantedAuthority> getReachableGrantedAuthorities(Collection<GrantedAuthority> authorities) {
public Collection<? extends GrantedAuthority> getReachableGrantedAuthorities(Collection<? extends GrantedAuthority> authorities) {
return authorities;
}

2
core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchy.java
View File

@ -40,6 +40,6 @@ public interface RoleHierarchy {
* @param authorities - List of the directly assigned authorities.
* @return List of all reachable authorities given the assigned authorities.
*/
public Collection<GrantedAuthority> getReachableGrantedAuthorities(Collection<GrantedAuthority> authorities);
public Collection<? extends GrantedAuthority> getReachableGrantedAuthorities(Collection<? extends GrantedAuthority> authorities);
}

2
core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java
View File

@ -105,7 +105,7 @@ public class RoleHierarchyImpl implements RoleHierarchy {
buildRolesReachableInOneOrMoreStepsMap();
}
public Collection<GrantedAuthority> getReachableGrantedAuthorities(Collection<GrantedAuthority> authorities) {
public Collection<GrantedAuthority> getReachableGrantedAuthorities(Collection<? extends GrantedAuthority> authorities) {
if (authorities == null || authorities.isEmpty()) {
return AuthorityUtils.NO_AUTHORITIES;
}

2
core/src/main/java/org/springframework/security/access/hierarchicalroles/UserDetailsWrapper.java
View File

@ -49,7 +49,7 @@ public class UserDetailsWrapper implements UserDetails {
return userDetails.isAccountNonLocked();
}
public Collection<GrantedAuthority> getAuthorities() {
public Collection<? extends GrantedAuthority> getAuthorities() {
return roleHierarchy.getReachableGrantedAuthorities(userDetails.getAuthorities());
}

2
core/src/main/java/org/springframework/security/access/vote/RoleHierarchyVoter.java
View File

@ -26,7 +26,7 @@ public class RoleHierarchyVoter extends RoleVoter {
* Calls the <tt>RoleHierarchy</tt> to obtain the complete set of user authorities.
*/
@Override
Collection<GrantedAuthority> extractAuthorities(Authentication authentication) {
Collection<? extends GrantedAuthority> extractAuthorities(Authentication authentication) {
return roleHierarchy.getReachableGrantedAuthorities(authentication.getAuthorities());
}
}

4
core/src/main/java/org/springframework/security/access/vote/RoleVoter.java
View File

@ -93,7 +93,7 @@ public class RoleVoter implements AccessDecisionVoter {
public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> attributes) {
int result = ACCESS_ABSTAIN;
Collection<GrantedAuthority> authorities = extractAuthorities(authentication);
Collection<? extends GrantedAuthority> authorities = extractAuthorities(authentication);
for (ConfigAttribute attribute : attributes) {
if (this.supports(attribute)) {
@ -111,7 +111,7 @@ public class RoleVoter implements AccessDecisionVoter {
return result;
}
Collection<GrantedAuthority> extractAuthorities(Authentication authentication) {
Collection<? extends GrantedAuthority> extractAuthorities(Authentication authentication) {
return authentication.getAuthorities();
}
}

4
core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManager.java
View File

@ -30,7 +30,7 @@ public interface RemoteAuthenticationManager {
/**
* Attempts to authenticate the remote client using the presented username and password. If authentication
* is successful, an array of <code>GrantedAuthority[]</code> objects will be returned.
* is successful, a collection of {@code GrantedAuthority} objects will be returned.
* <p>
* In order to maximise remoting protocol compatibility, a design decision was taken to operate with minimal
* arguments and return only the minimal amount of information required for remote clients to enable/disable
@ -44,6 +44,6 @@ public interface RemoteAuthenticationManager {
*
* @throws RemoteAuthenticationException if the authentication failed.
*/
Collection<GrantedAuthority> attemptAuthentication(String username, String password)
Collection<? extends GrantedAuthority> attemptAuthentication(String username, String password)
throws RemoteAuthenticationException;
}

2
core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManagerImpl.java
View File

@ -44,7 +44,7 @@ public class RemoteAuthenticationManagerImpl implements RemoteAuthenticationMana
Assert.notNull(this.authenticationManager, "authenticationManager is required");
}
public Collection<GrantedAuthority> attemptAuthentication(String username, String password)
public Collection<? extends GrantedAuthority> attemptAuthentication(String username, String password)
throws RemoteAuthenticationException {
UsernamePasswordAuthenticationToken request = new UsernamePasswordAuthenticationToken(username, password);

2
core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProvider.java
View File

@ -58,7 +58,7 @@ public class RemoteAuthenticationProvider implements AuthenticationProvider, Ini
throws AuthenticationException {
String username = authentication.getPrincipal().toString();
String password = authentication.getCredentials().toString();
Collection<GrantedAuthority> authorities = remoteAuthenticationManager.attemptAuthentication(username, password);
Collection<? extends GrantedAuthority> authorities = remoteAuthenticationManager.attemptAuthentication(username, password);
return new UsernamePasswordAuthenticationToken(username, password, authorities);
}

2
core/src/main/java/org/springframework/security/core/Authentication.java
View File

@ -59,7 +59,7 @@ public interface Authentication extends Principal, Serializable {
* @return the authorities granted to the principal, or an empty collection if the token has not been authenticated.
* Never null.
*/
Collection<GrantedAuthority> getAuthorities();
Collection<? extends GrantedAuthority> getAuthorities();
/**
* The credentials that prove the principal is correct. This is usually a password, but could be anything

2
core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java
View File

@ -35,7 +35,7 @@ public abstract class AuthorityUtils {
* Converts an array of GrantedAuthority objects to a Set.
* @return a Set of the Strings obtained from each call to GrantedAuthority.getAuthority()
*/
public static Set<String> authorityListToSet(Collection<GrantedAuthority> userAuthorities) {
public static Set<String> authorityListToSet(Collection<? extends GrantedAuthority> userAuthorities) {
Set<String> set = new HashSet<String>(userAuthorities.size());
for (GrantedAuthority authority: userAuthorities) {

2
core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java
View File

@ -59,7 +59,7 @@ public interface UserDetails extends Serializable {
*
* @return the authorities, sorted by natural key (never <code>null</code>)
*/
Collection<GrantedAuthority> getAuthorities();
Collection<? extends GrantedAuthority> getAuthorities();
/**
* Returns the password used to authenticate the user. Cannot return <code>null</code>.

2
core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java
View File

@ -493,7 +493,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
validateAuthorities(user.getAuthorities());
}
private void validateAuthorities(Collection<GrantedAuthority> authorities) {
private void validateAuthorities(Collection<? extends GrantedAuthority> authorities) {
Assert.notNull(authorities, "Authorities list must not be null");
for (GrantedAuthority authority : authorities) {

2
core/src/main/java/org/springframework/security/provisioning/MutableUser.java
View File

@ -27,7 +27,7 @@ class MutableUser implements MutableUserDetails {
this.password = password;
}
public Collection<GrantedAuthority> getAuthorities() {
public Collection<? extends GrantedAuthority> getAuthorities() {
return delegate.getAuthorities();
}

2
core/src/test/java/org/springframework/security/access/expression/SecurityExpressionRootTests.java
View File

@ -46,7 +46,7 @@ public class SecurityExpressionRootTests {
SecurityExpressionRoot root = new SecurityExpressionRoot(JOE) {};
root.setRoleHierarchy(new RoleHierarchy() {
public Collection<GrantedAuthority> getReachableGrantedAuthorities(Collection<GrantedAuthority> authorities) {
public Collection<GrantedAuthority> getReachableGrantedAuthorities(Collection<? extends GrantedAuthority> authorities) {
return AuthorityUtils.createAuthorityList("C");
}
});

6
core/src/test/java/org/springframework/security/access/hierarchicalroles/HierarchicalRolesTestHelper.java
View File

@ -28,7 +28,7 @@ import org.apache.commons.collections.CollectionUtils;
*/
public abstract class HierarchicalRolesTestHelper {
public static boolean containTheSameGrantedAuthorities(Collection<GrantedAuthority> authorities1, Collection<GrantedAuthority> authorities2) {
public static boolean containTheSameGrantedAuthorities(Collection<? extends GrantedAuthority> authorities1, Collection<? extends GrantedAuthority> authorities2) {
if (authorities1 == null && authorities2 == null) {
return true;
}
@ -39,7 +39,7 @@ public abstract class HierarchicalRolesTestHelper {
return CollectionUtils.isEqualCollection(authorities1, authorities2);
}
public static boolean containTheSameGrantedAuthoritiesCompareByAuthorityString(Collection<GrantedAuthority> authorities1, Collection<GrantedAuthority> authorities2) {
public static boolean containTheSameGrantedAuthoritiesCompareByAuthorityString(Collection<? extends GrantedAuthority> authorities1, Collection<? extends GrantedAuthority> authorities2) {
if (authorities1 == null && authorities2 == null) {
return true;
}
@ -50,7 +50,7 @@ public abstract class HierarchicalRolesTestHelper {
return CollectionUtils.isEqualCollection(toCollectionOfAuthorityStrings(authorities1), toCollectionOfAuthorityStrings(authorities2));
}
public static List<String> toCollectionOfAuthorityStrings(Collection<GrantedAuthority> authorities) {
public static List<String> toCollectionOfAuthorityStrings(Collection<? extends GrantedAuthority> authorities) {
if (authorities == null) {
return null;
}

2
core/src/test/java/org/springframework/security/authentication/jaas/JaasAuthenticationProviderTests.java
View File

@ -192,7 +192,7 @@ public class JaasAuthenticationProviderTests {
assertNotNull(jaasProvider.getLoginConfig());
assertNotNull(jaasProvider.getLoginContextName());
Collection<GrantedAuthority> list = auth.getAuthorities();
Collection<? extends GrantedAuthority> list = auth.getAuthorities();
assertTrue("GrantedAuthorities should contain ROLE_TEST1", list.contains(new GrantedAuthorityImpl("ROLE_TEST1")));
assertTrue("GrantedAuthorities should contain ROLE_TEST2", list.contains(new GrantedAuthorityImpl("ROLE_TEST2")));

2
core/src/test/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProviderTests.java
View File

@ -91,7 +91,7 @@ public class RemoteAuthenticationProviderTests extends TestCase {
this.grantAccess = grantAccess;
}
public Collection<GrantedAuthority> attemptAuthentication(String username, String password)
public Collection<? extends GrantedAuthority> attemptAuthentication(String username, String password)
throws RemoteAuthenticationException {
if (grantAccess) {
return AuthorityUtils.createAuthorityList("foo");

4
ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java
View File

@ -251,7 +251,7 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa
try {
DirContextOperations userData = getAuthenticator().authenticate(authentication);
Collection<GrantedAuthority> extraAuthorities = loadUserAuthorities(userData, username, password);
Collection<? extends GrantedAuthority> extraAuthorities = loadUserAuthorities(userData, username, password);
UserDetails user = userDetailsContextMapper.mapUserFromContext(userData, username, extraAuthorities);
@ -272,7 +272,7 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa
}
}
protected Collection<GrantedAuthority> loadUserAuthorities(DirContextOperations userData, String username, String password) {
protected Collection<? extends GrantedAuthority> loadUserAuthorities(DirContextOperations userData, String username, String password) {
return getAuthoritiesPopulator().getGrantedAuthorities(userData, username);
}

2
ldap/src/main/java/org/springframework/security/ldap/authentication/UserDetailsServiceLdapAuthoritiesPopulator.java
View File

@ -24,7 +24,7 @@ public class UserDetailsServiceLdapAuthoritiesPopulator implements LdapAuthoriti
this.userDetailsService = userService;
}
public Collection<GrantedAuthority> getGrantedAuthorities(DirContextOperations userData, String username) {
public Collection<? extends GrantedAuthority> getGrantedAuthorities(DirContextOperations userData, String username) {
return userDetailsService.loadUserByUsername(username).getAuthorities();
}
}

2
ldap/src/main/java/org/springframework/security/ldap/userdetails/InetOrgPersonContextMapper.java
View File

@ -28,7 +28,7 @@ import org.springframework.util.Assert;
*/
public class InetOrgPersonContextMapper implements UserDetailsContextMapper {
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<GrantedAuthority> authorities) {
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities) {
InetOrgPerson.Essence p = new InetOrgPerson.Essence(ctx);
p.setUsername(username);

2
ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapAuthoritiesPopulator.java
View File

@ -42,5 +42,5 @@ public interface LdapAuthoritiesPopulator {
* @return the granted authorities for the given user.
*
*/
Collection<GrantedAuthority> getGrantedAuthorities(DirContextOperations userData, String username);
Collection<? extends GrantedAuthority> getGrantedAuthorities(DirContextOperations userData, String username);
}

2
ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsImpl.java
View File

@ -222,7 +222,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData
instance.accountNonLocked = accountNonLocked;
}
public void setAuthorities(Collection<GrantedAuthority> authorities) {
public void setAuthorities(Collection<? extends GrantedAuthority> authorities) {
mutableAuthorities = new ArrayList<GrantedAuthority>();
mutableAuthorities.addAll(authorities);
}

4
ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java
View File

@ -310,7 +310,7 @@ public class LdapUserDetailsManager implements UserDetailsManager {
userDetailsMapper.mapUserToContext(user, ctx);
}
protected void addAuthorities(DistinguishedName userDn, Collection<GrantedAuthority> authorities) {
protected void addAuthorities(DistinguishedName userDn, Collection<? extends GrantedAuthority> authorities) {
modifyAuthorities(userDn, authorities, DirContext.ADD_ATTRIBUTE);
}
@ -318,7 +318,7 @@ public class LdapUserDetailsManager implements UserDetailsManager {
modifyAuthorities(userDn, authorities, DirContext.REMOVE_ATTRIBUTE);
}
private void modifyAuthorities(final DistinguishedName userDn, final Collection<GrantedAuthority> authorities, final int modType) {
private void modifyAuthorities(final DistinguishedName userDn, final Collection<? extends GrantedAuthority> authorities, final int modType) {
template.executeReadWrite(new ContextExecutor() {
public Object executeWithContext(DirContext ctx) throws NamingException {
for(GrantedAuthority authority : authorities) {

2
ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java
View File

@ -45,7 +45,7 @@ public class LdapUserDetailsMapper implements UserDetailsContextMapper {
//~ Methods ========================================================================================================
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<GrantedAuthority> authorities) {
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities) {
String dn = ctx.getNameInNamespace();
logger.debug("Mapping user details from context with DN: " + dn);

2
ldap/src/main/java/org/springframework/security/ldap/userdetails/PersonContextMapper.java
View File

@ -13,7 +13,7 @@ import org.springframework.util.Assert;
*/
public class PersonContextMapper implements UserDetailsContextMapper {
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<GrantedAuthority> authorities) {
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities) {
Person.Essence p = new Person.Essence(ctx);
p.setUsername(username);

4
ldap/src/main/java/org/springframework/security/ldap/userdetails/UserDetailsContextMapper.java
View File

@ -36,10 +36,10 @@ public interface UserDetailsContextMapper {
*
* @param ctx the context object which contains the user information.
* @param username the user's supplied login name.
* @param authority the list of authorities which the user should be given.
* @param authorities
* @return the user object.
*/
UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<GrantedAuthority> authority);
UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities);
/**
* Reverse of the above operation. Populates a context object from the supplied user object.

6
ldap/src/test/java/org/springframework/security/ldap/populator/UserDetailsServiceLdapAuthoritiesPopulatorTests.java
View File

@ -4,6 +4,7 @@ import static org.junit.Assert.*;
import static org.mockito.Mockito.*;
import java.util.Collection;
import java.util.List;
import org.junit.Test;
import org.springframework.ldap.core.DirContextAdapter;
@ -23,10 +24,11 @@ public class UserDetailsServiceLdapAuthoritiesPopulatorTests {
UserDetailsService uds = mock(UserDetailsService.class);
UserDetails user = mock(UserDetails.class);
when(uds.loadUserByUsername("joe")).thenReturn(user);
when(user.getAuthorities()).thenReturn(AuthorityUtils.createAuthorityList("ROLE_USER"));
List authorities = AuthorityUtils.createAuthorityList("ROLE_USER");
when(user.getAuthorities()).thenReturn(authorities);
UserDetailsServiceLdapAuthoritiesPopulator populator = new UserDetailsServiceLdapAuthoritiesPopulator(uds);
Collection<GrantedAuthority> auths = populator.getGrantedAuthorities(new DirContextAdapter(), "joe");
Collection<? extends GrantedAuthority> auths = populator.getGrantedAuthorities(new DirContextAdapter(), "joe");
assertEquals(1, auths.size());
assertTrue(AuthorityUtils.authorityListToSet(auths).contains("ROLE_USER"));

10
taglibs/src/main/java/org/springframework/security/taglibs/authz/AbstractAuthorizeTag.java
View File

@ -131,7 +131,7 @@ public abstract class AbstractAuthorizeTag {
return false;
}
final Collection<GrantedAuthority> granted = getPrincipalAuthorities();
final Collection<? extends GrantedAuthority> granted = getPrincipalAuthorities();
if (hasTextAllGranted) {
if (!granted.containsAll(toAuthorities(getIfAllGranted()))) {
@ -255,7 +255,7 @@ public abstract class AbstractAuthorizeTag {
/*------------- Private helper methods -----------------*/
private Collection<GrantedAuthority> getPrincipalAuthorities() {
private Collection<? extends GrantedAuthority> getPrincipalAuthorities() {
Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();
if (null == currentUser) {
return Collections.emptyList();
@ -269,7 +269,7 @@ public abstract class AbstractAuthorizeTag {
return requiredAuthorities;
}
private Set<GrantedAuthority> retainAll(final Collection<GrantedAuthority> granted,
private Set<GrantedAuthority> retainAll(final Collection<? extends GrantedAuthority> granted,
final Set<GrantedAuthority> required) {
Set<String> grantedRoles = authoritiesToRoles(granted);
Set<String> requiredRoles = authoritiesToRoles(required);
@ -278,7 +278,7 @@ public abstract class AbstractAuthorizeTag {
return rolesToAuthorities(grantedRoles, granted);
}
private Set<String> authoritiesToRoles(Collection<GrantedAuthority> c) {
private Set<String> authoritiesToRoles(Collection<? extends GrantedAuthority> c) {
Set<String> target = new HashSet<String>();
for (GrantedAuthority authority : c) {
if (null == authority.getAuthority()) {
@ -291,7 +291,7 @@ public abstract class AbstractAuthorizeTag {
return target;
}
private Set<GrantedAuthority> rolesToAuthorities(Set<String> grantedRoles, Collection<GrantedAuthority> granted) {
private Set<GrantedAuthority> rolesToAuthorities(Set<String> grantedRoles, Collection<? extends GrantedAuthority> granted) {
Set<GrantedAuthority> target = new HashSet<GrantedAuthority>();
for (String role : grantedRoles) {
for (GrantedAuthority authority : granted) {

4
web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserAuthorityChanger.java
View File

@ -22,10 +22,10 @@ public interface SwitchUserAuthorityChanger {
*
* @param targetUser the UserDetails representing the identity being switched to
* @param currentAuthentication the current Authentication of the principal performing the switching
* @param authoritiesToBeGranted all {@link GrantedAuthority} instances to be granted to the user,
* @param authoritiesToBeGranted all {@link org.springframework.security.core.GrantedAuthority} instances to be granted to the user,
* excluding the special "switch user" authority that is used internally (guaranteed never null)
*
* @return the modified list of granted authorities.
*/
Collection<GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, Collection<GrantedAuthority> authoritiesToBeGranted);
Collection<? extends GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, Collection<? extends GrantedAuthority> authoritiesToBeGranted);
}

4
web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilter.java
View File

@ -291,7 +291,7 @@ public class SwitchUserFilter extends GenericFilterBean implements ApplicationEv
GrantedAuthority switchAuthority = new SwitchUserGrantedAuthority(ROLE_PREVIOUS_ADMINISTRATOR, currentAuth);
// get the original authorities
Collection<GrantedAuthority> orig = targetUser.getAuthorities();
Collection<? extends GrantedAuthority> orig = targetUser.getAuthorities();
// Allow subclasses to change the authorities to be granted
if (switchUserAuthorityChanger != null) {
@ -324,7 +324,7 @@ public class SwitchUserFilter extends GenericFilterBean implements ApplicationEv
Authentication original = null;
// iterate over granted authorities and find the 'switch user' authority
Collection<GrantedAuthority> authorities = current.getAuthorities();
Collection<? extends GrantedAuthority> authorities = current.getAuthorities();
for (GrantedAuthority auth : authorities) {
// check for switch user type of authority

2
web/src/main/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestWrapper.java
View File

@ -127,7 +127,7 @@ public class SecurityContextHolderAwareRequestWrapper extends HttpServletRequest
return false;
}
Collection<GrantedAuthority> authorities = auth.getAuthorities();
Collection<? extends GrantedAuthority> authorities = auth.getAuthorities();
if (authorities == null) {
return false;

5
web/src/test/java/org/springframework/security/web/authentication/preauth/websphere/WebSphere2SpringSecurityPropagationInterceptorTests.java
View File

@ -18,6 +18,8 @@ import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsChecker;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider;
import java.util.List;
/**
*
* @author Luke Taylor
@ -54,7 +56,8 @@ public class WebSphere2SpringSecurityPropagationInterceptorTests {
PreAuthenticatedAuthenticationProvider provider = new PreAuthenticatedAuthenticationProvider();
AuthenticationUserDetailsService uds = mock(AuthenticationUserDetailsService.class);
UserDetails user = mock(UserDetails.class);
when(user.getAuthorities()).thenReturn(AuthorityUtils.createAuthorityList("SOME_ROLE"));
List authorities = AuthorityUtils.createAuthorityList("SOME_ROLE");
when(user.getAuthorities()).thenReturn(authorities);
when(uds.loadUserDetails(any(Authentication.class))).thenReturn(user);
provider.setPreAuthenticatedUserDetailsService(uds);
provider.setUserDetailsChecker(mock(UserDetailsChecker.class));

2
web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilterTests.java
View File

@ -368,7 +368,7 @@ public class SwitchUserFilterTests {
SwitchUserFilter filter = new SwitchUserFilter();
filter.setUserDetailsService(new MockUserDetailsService());
filter.setSwitchUserAuthorityChanger(new SwitchUserAuthorityChanger() {
public Collection<GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, Collection<GrantedAuthority> authoritiesToBeGranted) {
public Collection<GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, Collection<? extends GrantedAuthority> authoritiesToBeGranted) {
List <GrantedAuthority>auths = new ArrayList<GrantedAuthority>();
auths.add(new GrantedAuthorityImpl("ROLE_NEW"));
return auths;