Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-26 22:02:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-903: Wrong attribute mapping when using jdbc-user-service bean

Browse Source 
http://jira.springframework.org/browse/SEC-903. Corrected property name set by JdbcUserServiceBeanDefinitionParser (was setting authorities query rather than groups one).
This commit is contained in:
Luke Taylor 2008-07-15 16:43:57 +00:00
parent e303e8b71a
commit 1ddc033fe5
2 changed files with 21 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/src/main/java/org/springframework/security/config/JdbcUserServiceBeanDefinitionParser.java
View File

@ -50,7 +50,7 @@ public class JdbcUserServiceBeanDefinitionParser extends AbstractUserDetailsServ
if (StringUtils.hasText(groupAuthoritiesQuery)) { if (StringUtils.hasText(groupAuthoritiesQuery)) {
builder.addPropertyValue("enableGroups", Boolean.TRUE); builder.addPropertyValue("enableGroups", Boolean.TRUE);
builder.addPropertyValue("authoritiesByUsernameQuery", groupAuthoritiesQuery); builder.addPropertyValue("groupAuthoritiesByUsernameQuery", groupAuthoritiesQuery);
} }
} }
} }

28
core/src/test/java/org/springframework/security/config/JdbcUserServiceBeanDefinitionParserTests.java
View File

@ -1,8 +1,6 @@
package org.springframework.security.config; package org.springframework.security.config;
import static org.junit.Assert.assertNotNull; import static org.junit.Assert.*;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
import org.junit.After; import org.junit.After;
import org.junit.Test; import org.junit.Test;
@ -13,6 +11,7 @@ import org.springframework.security.providers.dao.DaoAuthenticationProvider;
import org.springframework.security.userdetails.UserDetails; import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.jdbc.JdbcUserDetailsManager; import org.springframework.security.userdetails.jdbc.JdbcUserDetailsManager;
import org.springframework.security.util.AuthorityUtils; import org.springframework.security.util.AuthorityUtils;
import org.springframework.security.util.FieldUtils;
import org.springframework.security.util.InMemoryXmlApplicationContext; import org.springframework.security.util.InMemoryXmlApplicationContext;
/** /**
@ -51,24 +50,37 @@ public class JdbcUserServiceBeanDefinitionParserTests {
@Test @Test
public void beanIdIsParsedCorrectly() { public void beanIdIsParsedCorrectly() {
setContext("<jdbc-user-service id='myUserService' data-source-ref='dataSource'/>" + DATA_SOURCE); setContext("<jdbc-user-service id='myUserService' data-source-ref='dataSource'/>" + DATA_SOURCE);
JdbcUserDetailsManager mgr = (JdbcUserDetailsManager) appContext.getBean("myUserService"); assertTrue(appContext.getBean("myUserService") instanceof JdbcUserDetailsManager);
} }
@Test @Test
public void usernameAndGroupQueriesAreParsedCorrectly() { public void usernameAndAuthorityQueriesAreParsedCorrectly() throws Exception {
String userQuery = "select username, password, true from users where username = ?";
String authoritiesQuery = "select username, authority from authorities where username = ? and 1 = 1";
setContext("<jdbc-user-service id='myUserService' " + setContext("<jdbc-user-service id='myUserService' " +
"data-source-ref='dataSource' " + "data-source-ref='dataSource' " +
"users-by-username-query='select username,password,enabled from users where username = ?' " + "users-by-username-query='"+ userQuery +"' " +
"authorities-by-username-query='select username,authority from authorities where username = ?'/>" + DATA_SOURCE); "authorities-by-username-query='" + authoritiesQuery + "'/>" + DATA_SOURCE);
JdbcUserDetailsManager mgr = (JdbcUserDetailsManager) appContext.getBean("myUserService"); JdbcUserDetailsManager mgr = (JdbcUserDetailsManager) appContext.getBean("myUserService");
assertEquals(userQuery, FieldUtils.getFieldValue(mgr, "usersByUsernameQuery"));
assertEquals(authoritiesQuery, FieldUtils.getFieldValue(mgr, "authoritiesByUsernameQuery"));
assertTrue(mgr.loadUserByUsername("rod") != null); assertTrue(mgr.loadUserByUsername("rod") != null);
} }
@Test
public void groupQueryIsParsedCorrectly() throws Exception {
setContext("<jdbc-user-service id='myUserService' " +
"data-source-ref='dataSource' " +
"group-authorities-by-username-query='blah blah'/>" + DATA_SOURCE);
JdbcUserDetailsManager mgr = (JdbcUserDetailsManager) appContext.getBean("myUserService");
assertEquals("blah blah", FieldUtils.getFieldValue(mgr, "groupAuthoritiesByUsernameQuery"));
assertTrue((Boolean)FieldUtils.getFieldValue(mgr, "enableGroups"));
}
@Test @Test
public void cacheRefIsparsedCorrectly() { public void cacheRefIsparsedCorrectly() {
setContext("<jdbc-user-service id='myUserService' cache-ref='userCache' data-source-ref='dataSource'/>" setContext("<jdbc-user-service id='myUserService' cache-ref='userCache' data-source-ref='dataSource'/>"
+ DATA_SOURCE +USER_CACHE_XML); + DATA_SOURCE +USER_CACHE_XML);
JdbcUserDetailsManager mgr = (JdbcUserDetailsManager) appContext.getBean("myUserService");
CachingUserDetailsService cachingUserService = CachingUserDetailsService cachingUserService =
(CachingUserDetailsService) appContext.getBean("myUserService" + AbstractUserDetailsServiceBeanDefinitionParser.CACHING_SUFFIX); (CachingUserDetailsService) appContext.getBean("myUserService" + AbstractUserDetailsServiceBeanDefinitionParser.CACHING_SUFFIX);
assertSame(cachingUserService.getUserCache(), appContext.getBean("userCache")); assertSame(cachingUserService.getUserCache(), appContext.getBean("userCache"));