SEC-393: More elegantly deal with setProviders(List) type safety enforcement.

2025-06-25 13:32:30 +00:00 · 2006-11-16 02:15:43 +00:00 · 2006-11-16 02:15:43 +00:00 · 2984913051
commit 2984913051
parent 5e819af782
1 changed files with 2 additions and 11 deletions
--- a/core/src/main/java/org/acegisecurity/providers/ProviderManager.java
+++ b/core/src/main/java/org/acegisecurity/providers/ProviderManager.java
@ -273,17 +273,8 @@ public class ProviderManager extends AbstractAuthenticationManager implements In
        Iterator iter = newList.iterator();

        while (iter.hasNext()) {
-            Object currentObject = null;
-
-            try {
-                currentObject = iter.next();
-
-                //TODO bad idea, should use assignable from or instance of 
-                AuthenticationProvider attemptToCast = (AuthenticationProvider) currentObject;
-            } catch (ClassCastException cce) {
-                throw new IllegalArgumentException("AuthenticationProvider " + currentObject.getClass().getName()
-                    + " must implement AuthenticationProvider");
-            }
+            Object currentObject = iter.next();
+            Assert.isInstanceOf(AuthenticationProvider.class, currentObject, "Can only provide AuthenticationProvider instances");
        }

        this.providers = newList;