From 207e8b932e6ce04010277a4e35951d5efa1d454b Mon Sep 17 00:00:00 2001 From: Vishal Puri Date: Thu, 14 Jun 2007 11:17:05 +0000 Subject: [PATCH] SEC-271: implemented auto creation of AuthenticationProcessingFilter and it's dependencies --- ...ticationMechanismBeanDefinitionParser.java | 13 ++++++++++ ...nProcessingFilterBeanDefinitionParser.java | 21 +++++++++++++--- ...icationRepositoryBeanDefinitionParser.java | 6 +++++ .../AutoConfigBeanDefinitionParser.java | 7 +++++- .../AutoConfigBeanDefinitionParserTests.java | 25 ++++++++++++++++--- 5 files changed, 63 insertions(+), 9 deletions(-) diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationMechanismBeanDefinitionParser.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationMechanismBeanDefinitionParser.java index 77855a5ec4..17f3546bc6 100644 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationMechanismBeanDefinitionParser.java +++ b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationMechanismBeanDefinitionParser.java @@ -76,5 +76,18 @@ public class AuthenticationMechanismBeanDefinitionParser extends AbstractBeanDef } return authMechanismBeanDef; } + /** + * Creates a default bean definition. + * @return + */ + protected static RootBeanDefinition createBeanDefinitionWithDefaults() { + RootBeanDefinition authMechanismBeanDef = new RootBeanDefinition(ProviderManager.class); + ManagedList providers = new ManagedList(); + // create authentication-repository (DaoAuthenticationProvider) and add that to list + RootBeanDefinition authRepo = AuthenticationRepositoryBeanDefinitionParser.createBeanDefinitionWithDefaults(); + providers.add(authRepo); + authMechanismBeanDef.getPropertyValues().addPropertyValue("providers", providers); + return authMechanismBeanDef; + } } diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationProcessingFilterBeanDefinitionParser.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationProcessingFilterBeanDefinitionParser.java index c6ce35ac26..37f9a57fcd 100644 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationProcessingFilterBeanDefinitionParser.java +++ b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationProcessingFilterBeanDefinitionParser.java @@ -3,6 +3,7 @@ */ package org.acegisecurity.config; +import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices; import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter; import org.springframework.beans.factory.support.AbstractBeanDefinition; import org.springframework.beans.factory.support.RootBeanDefinition; @@ -39,10 +40,10 @@ public class AuthenticationProcessingFilterBeanDefinitionParser extends Abstract setPropertyIfAvailable(element, ERROR_FORM_URL, "authenticationFailureUrl", definition); setPropertyIfAvailable(element, DEFAULT_TARGET_URL, "defaultTargetUrl", definition); - // register BFPP to re-unite all other collaborators - RootBeanDefinition postProcessor = new RootBeanDefinition( - AuthenticationProcessingFilterDependenciesConfigurer.class); - parserContext.getReaderContext().registerWithGeneratedName(postProcessor); + // register BFPP to wire all other collaborators +// RootBeanDefinition postProcessor = new RootBeanDefinition( +// AuthenticationProcessingFilterDependenciesConfigurer.class); +// parserContext.getReaderContext().registerWithGeneratedName(postProcessor); return definition; } @@ -55,4 +56,16 @@ public class AuthenticationProcessingFilterBeanDefinitionParser extends Abstract } } + protected static RootBeanDefinition createBeandefinitionWithDefaults() { + RootBeanDefinition definition = new RootBeanDefinition(AuthenticationProcessingFilter.class); + definition.getPropertyValues().addPropertyValue("authenticationManager", + AuthenticationMechanismBeanDefinitionParser.createBeanDefinitionWithDefaults()); + definition.getPropertyValues().addPropertyValue("rememberMeServices", + RememberMeServicesBeanDefinitionParser.doCreateBeanDefintionWithDefaults()); + /* TODO: There should not be any defaults for these urls ?!?! */ + definition.getPropertyValues().addPropertyValue("authenticationFailureUrl", "/acegilogin.jsp?login_error=1"); + definition.getPropertyValues().addPropertyValue("defaultTargetUrl", "/"); + return definition; + } + } diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationRepositoryBeanDefinitionParser.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationRepositoryBeanDefinitionParser.java index 7ea5411b2a..edb3212506 100644 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationRepositoryBeanDefinitionParser.java +++ b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationRepositoryBeanDefinitionParser.java @@ -10,6 +10,7 @@ import org.acegisecurity.providers.encoding.Md5PasswordEncoder; import org.springframework.beans.factory.config.BeanDefinitionHolder; import org.springframework.beans.factory.config.RuntimeBeanReference; import org.springframework.beans.factory.support.AbstractBeanDefinition; +import org.springframework.beans.factory.support.ManagedList; import org.springframework.beans.factory.support.RootBeanDefinition; import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; import org.springframework.beans.factory.xml.ParserContext; @@ -185,5 +186,10 @@ public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDe saltSourceTypeElement.getAttribute("systemWideSalt")); return definition; } + + protected static RootBeanDefinition createBeanDefinitionWithDefaults() { + RootBeanDefinition repositoryBeanDef = new RootBeanDefinition(DaoAuthenticationProvider.class); + return repositoryBeanDef; + } } diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AutoConfigBeanDefinitionParser.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AutoConfigBeanDefinitionParser.java index e85edd2cb5..230fe5f46c 100644 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AutoConfigBeanDefinitionParser.java +++ b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AutoConfigBeanDefinitionParser.java @@ -26,10 +26,15 @@ public class AutoConfigBeanDefinitionParser implements BeanDefinitionParser { public BeanDefinition parse(Element element, ParserContext parserContext) { createAndRegisterBeanDefinitionForHttpSessionContextIntegrationFilter(parserContext); createAndRegisterBeanDefinitionForLogoutFilter(parserContext); - + createAndRegisterBeanDefinitionForAuthenticationProcessingFilter(parserContext); return null; } + private void createAndRegisterBeanDefinitionForAuthenticationProcessingFilter(ParserContext parserContext) { + RootBeanDefinition defintion = AuthenticationProcessingFilterBeanDefinitionParser.createBeandefinitionWithDefaults(); + registerBeanDefinition(parserContext, defintion); + } + private void createAndRegisterBeanDefinitionForLogoutFilter(ParserContext parserContext) { RootBeanDefinition defintion =LogoutFilterBeanDefinitionParser.doCreateBeanDefinitionWithDefaults(); registerBeanDefinition(parserContext, defintion); diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AutoConfigBeanDefinitionParserTests.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AutoConfigBeanDefinitionParserTests.java index 3f67272afa..d579f8d95d 100644 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AutoConfigBeanDefinitionParserTests.java +++ b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AutoConfigBeanDefinitionParserTests.java @@ -4,12 +4,16 @@ package org.acegisecurity.config; import java.lang.reflect.Field; +import java.util.Map; import junit.framework.TestCase; +import org.acegisecurity.AuthenticationManager; import org.acegisecurity.context.HttpSessionContextIntegrationFilter; import org.acegisecurity.ui.logout.LogoutFilter; import org.acegisecurity.ui.logout.LogoutHandler; +import org.acegisecurity.ui.rememberme.RememberMeServices; +import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter; import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; import org.springframework.context.ApplicationContext; import org.springframework.context.support.ClassPathXmlApplicationContext; @@ -43,21 +47,34 @@ public class AutoConfigBeanDefinitionParserTests extends TestCase { assertFalse(filter.isForceEagerSessionCreation()); assertFalse(filter.isCloneFromHttpSession()); } + - public void testLogoutFilterDefinitionCreatedWithDefaults() throws Exception{ + public void testLogoutFilterDefinitionCreatedWithDefaults() throws Exception { String[] names = bf.getBeanNamesForType(LogoutFilter.class); assertEquals(1, names.length); LogoutFilter filter = (LogoutFilter) context.getBean(names[0]); assertNotNull(filter); - Field logoutSuccessUrl = makeAccessibleAndGetFieldByName(filter.getClass().getDeclaredFields(), "logoutSuccessUrl"); + Field logoutSuccessUrl = makeAccessibleAndGetFieldByName(filter.getClass().getDeclaredFields(), + "logoutSuccessUrl"); String value = (String) logoutSuccessUrl.get(filter); assertEquals("/", value); Field handlers = makeAccessibleAndGetFieldByName(filter.getClass().getDeclaredFields(), "handlers"); assertNotNull(handlers); - LogoutHandler[] handlersArray = (LogoutHandler[])handlers.get(filter); + LogoutHandler[] handlersArray = (LogoutHandler[]) handlers.get(filter); assertEquals(2, handlersArray.length); } - + + public void testExceptionTranslationFilterCreatedwithDefaults() throws Exception { + Map map = bf.getBeansOfType(AuthenticationProcessingFilter.class); + AuthenticationProcessingFilter filter = (AuthenticationProcessingFilter) map.values().iterator().next(); + AuthenticationManager authMgr = filter.getAuthenticationManager(); + assertNotNull(authMgr); + RememberMeServices remMeServices = filter.getRememberMeServices(); + assertNotNull(remMeServices); + assertEquals("/acegilogin.jsp?login_error=1",filter.getAuthenticationFailureUrl()); + assertEquals( "/",filter.getDefaultTargetUrl()); + } + private Field makeAccessibleAndGetFieldByName(Field[] declaredFields, String name) { Field field = null; for (int i = 0, n = declaredFields.length; i < n; i++) {