From 2996d67b061808716f62bd76438294704df5e2a8 Mon Sep 17 00:00:00 2001
From: Ben Alex <ben.alex@springsource.com>
Date: Wed, 21 Jul 2004 02:04:42 +0000
Subject: [PATCH] Fix bug related to detecting incorrect use of SecureContext
 property.

---
 .../ui/AbstractIntegrationFilter.java         |  2 +-
 .../ui/AbstractIntegrationFilterTests.java    | 32 ++++++++++++++++---
 2 files changed, 29 insertions(+), 5 deletions(-)

diff --git a/core/src/main/java/org/acegisecurity/ui/AbstractIntegrationFilter.java b/core/src/main/java/org/acegisecurity/ui/AbstractIntegrationFilter.java
index 37d332281d..6e96af6a8e 100644
--- a/core/src/main/java/org/acegisecurity/ui/AbstractIntegrationFilter.java
+++ b/core/src/main/java/org/acegisecurity/ui/AbstractIntegrationFilter.java
@@ -100,7 +100,7 @@ public abstract class AbstractIntegrationFilter implements InitializingBean,
 
     public void afterPropertiesSet() throws Exception {
         if ((this.secureContext == null)
-            || (!this.secureContext.isAssignableFrom(SecureContext.class))) {
+            || (!SecureContext.class.isAssignableFrom(this.secureContext))) {
             throw new IllegalArgumentException(
                 "secureContext must be defined and implement SecureContext");
         }
diff --git a/core/src/test/java/org/acegisecurity/ui/AbstractIntegrationFilterTests.java b/core/src/test/java/org/acegisecurity/ui/AbstractIntegrationFilterTests.java
index b055f98936..247e45e5e3 100644
--- a/core/src/test/java/org/acegisecurity/ui/AbstractIntegrationFilterTests.java
+++ b/core/src/test/java/org/acegisecurity/ui/AbstractIntegrationFilterTests.java
@@ -152,13 +152,26 @@ public class AbstractIntegrationFilterTests extends TestCase {
         }
     }
 
-    public void testSecureContextSettersGetters() throws Exception {
+    public void testRejectsInvalidSecureContextClass()
+        throws Exception {
         MockAbstractIntegrationFilterImpl filter = new MockAbstractIntegrationFilterImpl(null);
 
-        // check the default
-        assertEquals(SecureContextImpl.class, filter.getSecureContext());
+        // Test rejects classes not implementing SecureContext
+        filter.setSecureContext(String.class);
 
-        // check null causes exception
+        try {
+            filter.afterPropertiesSet();
+            fail("Should have thrown IllegalArgumentException");
+        } catch (IllegalArgumentException expected) {
+            assertTrue(true);
+        }
+
+        // Test accepts classes implementing SecureContext
+        filter.setSecureContext(SecureContextImpl.class);
+        filter.afterPropertiesSet();
+        assertTrue(true);
+
+        // Test rejects null
         filter.setSecureContext(null);
 
         try {
@@ -169,6 +182,17 @@ public class AbstractIntegrationFilterTests extends TestCase {
         }
     }
 
+    public void testSecureContextSettersGetters() throws Exception {
+        MockAbstractIntegrationFilterImpl filter = new MockAbstractIntegrationFilterImpl(null);
+
+        // check the default
+        assertEquals(SecureContextImpl.class, filter.getSecureContext());
+
+        // check the setter
+        filter.setSecureContext(null);
+        assertNull(filter.getSecureContext());
+    }
+
     public void testSuccessWhenConcreteClassReturnsValidAuthenticationObject()
         throws Exception {
         PrincipalAcegiUserToken principal = new PrincipalAcegiUserToken("key",