mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-06-26 13:53:14 +00:00
Moved XML test snippet to ConfigTestUtils class and removed context files from core-tiger tests in favour of in-memory XML
This commit is contained in:
Luke Taylor
parent
c8b22d8e36
commit
3049b933d9
@ -1,12 +1,11 @@
|
|||||||
package org.springframework.security.config;
|
package org.springframework.security.config;
|
||||||
|
|
||||||
import static org.junit.Assert.*;
|
import static org.junit.Assert.assertEquals;
|
||||||
|
|
||||||
import org.junit.After;
|
import org.junit.After;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.springframework.beans.factory.parsing.BeanDefinitionParsingException;
|
import org.springframework.beans.factory.parsing.BeanDefinitionParsingException;
|
||||||
import org.springframework.context.support.AbstractXmlApplicationContext;
|
import org.springframework.context.support.AbstractXmlApplicationContext;
|
||||||
import org.springframework.context.support.ClassPathXmlApplicationContext;
|
|
||||||
import org.springframework.security.AccessDeniedException;
|
import org.springframework.security.AccessDeniedException;
|
||||||
import org.springframework.security.AuthenticationCredentialsNotFoundException;
|
import org.springframework.security.AuthenticationCredentialsNotFoundException;
|
||||||
import org.springframework.security.GrantedAuthority;
|
import org.springframework.security.GrantedAuthority;
|
||||||
@ -19,6 +18,7 @@ import org.springframework.security.util.InMemoryXmlApplicationContext;
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Ben Alex
|
* @author Ben Alex
|
||||||
|
* @author Luke Taylor
|
||||||
* @version $Id$
|
* @version $Id$
|
||||||
*/
|
*/
|
||||||
public class GlobalMethodSecurityBeanDefinitionParserTests {
|
public class GlobalMethodSecurityBeanDefinitionParserTests {
|
||||||
@ -27,9 +27,15 @@ public class GlobalMethodSecurityBeanDefinitionParserTests {
|
|||||||
private BusinessService target;
|
private BusinessService target;
|
||||||
|
|
||||||
public void loadContext() {
|
public void loadContext() {
|
||||||
appContext = new ClassPathXmlApplicationContext("org/springframework/security/config/global-method-security.xml");
|
setContext(
|
||||||
|
"<b:bean id='target' class='org.springframework.security.annotation.BusinessServiceImpl'/>" +
|
||||||
|
"<global-method-security>" +
|
||||||
|
" <protect-pointcut expression='execution(* *.someUser*(..))' access='ROLE_USER'/>" +
|
||||||
|
" <protect-pointcut expression='execution(* *.someAdmin*(..))' access='ROLE_ADMIN'/>" +
|
||||||
|
"</global-method-security>" + ConfigTestUtils.AUTH_PROVIDER_XML
|
||||||
|
);
|
||||||
target = (BusinessService) appContext.getBean("target");
|
target = (BusinessService) appContext.getBean("target");
|
||||||
}
|
}
|
||||||
|
|
||||||
@After
|
@After
|
||||||
public void closeAppContext() {
|
public void closeAppContext() {
|
||||||
@ -41,13 +47,13 @@ public class GlobalMethodSecurityBeanDefinitionParserTests {
|
|||||||
|
|
||||||
@Test(expected=AuthenticationCredentialsNotFoundException.class)
|
@Test(expected=AuthenticationCredentialsNotFoundException.class)
|
||||||
public void targetShouldPreventProtectedMethodInvocationWithNoContext() {
|
public void targetShouldPreventProtectedMethodInvocationWithNoContext() {
|
||||||
loadContext();
|
loadContext();
|
||||||
target.someUserMethod1();
|
target.someUserMethod1();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void targetShouldAllowProtectedMethodInvocationWithCorrectRole() {
|
public void targetShouldAllowProtectedMethodInvocationWithCorrectRole() {
|
||||||
loadContext();
|
loadContext();
|
||||||
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
|
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
|
||||||
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_USER")});
|
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_USER")});
|
||||||
SecurityContextHolder.getContext().setAuthentication(token);
|
SecurityContextHolder.getContext().setAuthentication(token);
|
||||||
@ -57,7 +63,7 @@ public class GlobalMethodSecurityBeanDefinitionParserTests {
|
|||||||
|
|
||||||
@Test(expected=AccessDeniedException.class)
|
@Test(expected=AccessDeniedException.class)
|
||||||
public void targetShouldPreventProtectedMethodInvocationWithIncorrectRole() {
|
public void targetShouldPreventProtectedMethodInvocationWithIncorrectRole() {
|
||||||
loadContext();
|
loadContext();
|
||||||
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
|
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
|
||||||
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_SOMEOTHERROLE")});
|
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_SOMEOTHERROLE")});
|
||||||
SecurityContextHolder.getContext().setAuthentication(token);
|
SecurityContextHolder.getContext().setAuthentication(token);
|
||||||
@ -70,7 +76,6 @@ public class GlobalMethodSecurityBeanDefinitionParserTests {
|
|||||||
setContext(
|
setContext(
|
||||||
"<b:bean id='myUserService' class='org.springframework.security.config.PostProcessedMockUserDetailsService'/>" +
|
"<b:bean id='myUserService' class='org.springframework.security.config.PostProcessedMockUserDetailsService'/>" +
|
||||||
"<global-method-security />" +
|
"<global-method-security />" +
|
||||||
// "<http auto-config='true'/>" +
|
|
||||||
"<authentication-provider user-service-ref='myUserService'/>" +
|
"<authentication-provider user-service-ref='myUserService'/>" +
|
||||||
"<b:bean id='beanPostProcessor' class='org.springframework.security.config.MockUserServiceBeanPostProcessor'/>"
|
"<b:bean id='beanPostProcessor' class='org.springframework.security.config.MockUserServiceBeanPostProcessor'/>"
|
||||||
);
|
);
|
||||||
@ -85,7 +90,7 @@ public class GlobalMethodSecurityBeanDefinitionParserTests {
|
|||||||
setContext(
|
setContext(
|
||||||
"<global-method-security>" +
|
"<global-method-security>" +
|
||||||
" <protect-pointcut expression='execution(* org.springframework.security.config.*Service.*(..))'" +
|
" <protect-pointcut expression='execution(* org.springframework.security.config.*Service.*(..))'" +
|
||||||
" access='ROLE_SOMETHING' />" +
|
" access='ROLE_SOMETHING' />" +
|
||||||
"</global-method-security>" +
|
"</global-method-security>" +
|
||||||
"<b:bean id='myUserService' class='org.springframework.security.config.PostProcessedMockUserDetailsService'/>" +
|
"<b:bean id='myUserService' class='org.springframework.security.config.PostProcessedMockUserDetailsService'/>" +
|
||||||
"<aop:aspectj-autoproxy />" +
|
"<aop:aspectj-autoproxy />" +
|
||||||
@ -100,7 +105,6 @@ public class GlobalMethodSecurityBeanDefinitionParserTests {
|
|||||||
service.loadUserByUsername("notused");
|
service.loadUserByUsername("notused");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@Test(expected=BeanDefinitionParsingException.class)
|
@Test(expected=BeanDefinitionParsingException.class)
|
||||||
public void duplicateElementCausesError() {
|
public void duplicateElementCausesError() {
|
||||||
setContext(
|
setContext(
|
||||||
|
|||||||
@ -3,7 +3,6 @@ package org.springframework.security.config;
|
|||||||
import org.junit.After;
|
import org.junit.After;
|
||||||
import org.junit.Before;
|
import org.junit.Before;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.springframework.context.support.ClassPathXmlApplicationContext;
|
|
||||||
import org.springframework.security.AccessDeniedException;
|
import org.springframework.security.AccessDeniedException;
|
||||||
import org.springframework.security.AuthenticationCredentialsNotFoundException;
|
import org.springframework.security.AuthenticationCredentialsNotFoundException;
|
||||||
import org.springframework.security.GrantedAuthority;
|
import org.springframework.security.GrantedAuthority;
|
||||||
@ -11,19 +10,23 @@ import org.springframework.security.GrantedAuthorityImpl;
|
|||||||
import org.springframework.security.annotation.BusinessService;
|
import org.springframework.security.annotation.BusinessService;
|
||||||
import org.springframework.security.context.SecurityContextHolder;
|
import org.springframework.security.context.SecurityContextHolder;
|
||||||
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
|
||||||
|
import org.springframework.security.util.InMemoryXmlApplicationContext;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Luke Taylor
|
* @author Luke Taylor
|
||||||
* @version $Id$
|
* @version $Id$
|
||||||
*/
|
*/
|
||||||
public class Jsr250AnnotationDrivenBeanDefinitionParserTests {
|
public class Jsr250AnnotationDrivenBeanDefinitionParserTests {
|
||||||
private ClassPathXmlApplicationContext appContext;
|
private InMemoryXmlApplicationContext appContext;
|
||||||
|
|
||||||
private BusinessService target;
|
private BusinessService target;
|
||||||
|
|
||||||
@Before
|
@Before
|
||||||
public void loadContext() {
|
public void loadContext() {
|
||||||
appContext = new ClassPathXmlApplicationContext("/org/springframework/security/config/jsr250-annotated-method-security.xml");
|
appContext = new InMemoryXmlApplicationContext(
|
||||||
|
"<b:bean id='target' class='org.springframework.security.annotation.Jsr250BusinessServiceImpl'/>" +
|
||||||
|
"<global-method-security jsr250-annotations='enabled'/>" + ConfigTestUtils.AUTH_PROVIDER_XML
|
||||||
|
);
|
||||||
target = (BusinessService) appContext.getBean("target");
|
target = (BusinessService) appContext.getBean("target");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -3,7 +3,6 @@ package org.springframework.security.config;
|
|||||||
import org.junit.After;
|
import org.junit.After;
|
||||||
import org.junit.Before;
|
import org.junit.Before;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.springframework.context.support.ClassPathXmlApplicationContext;
|
|
||||||
import org.springframework.security.AccessDeniedException;
|
import org.springframework.security.AccessDeniedException;
|
||||||
import org.springframework.security.AuthenticationCredentialsNotFoundException;
|
import org.springframework.security.AuthenticationCredentialsNotFoundException;
|
||||||
import org.springframework.security.GrantedAuthority;
|
import org.springframework.security.GrantedAuthority;
|
||||||
@ -11,19 +10,23 @@ import org.springframework.security.GrantedAuthorityImpl;
|
|||||||
import org.springframework.security.annotation.BusinessService;
|
import org.springframework.security.annotation.BusinessService;
|
||||||
import org.springframework.security.context.SecurityContextHolder;
|
import org.springframework.security.context.SecurityContextHolder;
|
||||||
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
|
||||||
|
import org.springframework.security.util.InMemoryXmlApplicationContext;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Ben Alex
|
* @author Ben Alex
|
||||||
* @version $Id$
|
* @version $Id$
|
||||||
*/
|
*/
|
||||||
public class SecuredAnnotationDrivenBeanDefinitionParserTests {
|
public class SecuredAnnotationDrivenBeanDefinitionParserTests {
|
||||||
private ClassPathXmlApplicationContext appContext;
|
private InMemoryXmlApplicationContext appContext;
|
||||||
|
|
||||||
private BusinessService target;
|
private BusinessService target;
|
||||||
|
|
||||||
@Before
|
@Before
|
||||||
public void loadContext() {
|
public void loadContext() {
|
||||||
appContext = new ClassPathXmlApplicationContext("org/springframework/security/config/secured-annotated-method-security.xml");
|
appContext = new InMemoryXmlApplicationContext(
|
||||||
|
"<b:bean id='target' class='org.springframework.security.annotation.Jsr250BusinessServiceImpl'/>" +
|
||||||
|
"<global-method-security secured-annotations='enabled'/>" + ConfigTestUtils.AUTH_PROVIDER_XML
|
||||||
|
);
|
||||||
target = (BusinessService) appContext.getBean("target");
|
target = (BusinessService) appContext.getBean("target");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -1,23 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<b:beans xmlns="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:b="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<b:bean id="target" class="org.springframework.security.annotation.BusinessServiceImpl"/>
|
|
||||||
|
|
||||||
<global-method-security>
|
|
||||||
<protect-pointcut expression="execution(* *.someUser*(..))" access="ROLE_USER"/>
|
|
||||||
<protect-pointcut expression="execution(* *.someAdmin*(..))" access="ROLE_ADMIN"/>
|
|
||||||
</global-method-security>
|
|
||||||
|
|
||||||
<authentication-provider>
|
|
||||||
<user-service>
|
|
||||||
<user name="bob" password="bobspassword" authorities="ROLE_A,ROLE_B" />
|
|
||||||
<user name="bill" password="billspassword" authorities="ROLE_A,ROLE_B,AUTH_OTHER" />
|
|
||||||
</user-service>
|
|
||||||
</authentication-provider>
|
|
||||||
|
|
||||||
</b:beans>
|
|
||||||
@ -1,20 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<b:beans xmlns="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:b="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<b:bean id="target" class="org.springframework.security.annotation.Jsr250BusinessServiceImpl"/>
|
|
||||||
|
|
||||||
<global-method-security jsr250-annotations="enabled"/>
|
|
||||||
|
|
||||||
<authentication-provider>
|
|
||||||
<user-service>
|
|
||||||
<user name="bob" password="bobspassword" authorities="ROLE_A,ROLE_B" />
|
|
||||||
<user name="bill" password="billspassword" authorities="ROLE_A,ROLE_B,AUTH_OTHER" />
|
|
||||||
</user-service>
|
|
||||||
</authentication-provider>
|
|
||||||
|
|
||||||
</b:beans>
|
|
||||||
@ -1,20 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
|
|
||||||
<b:beans xmlns="http://www.springframework.org/schema/security"
|
|
||||||
xmlns:b="http://www.springframework.org/schema/beans"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
|
||||||
|
|
||||||
<b:bean id="target" class="org.springframework.security.annotation.Jsr250BusinessServiceImpl"/>
|
|
||||||
|
|
||||||
<global-method-security secured-annotations="enabled"/>
|
|
||||||
|
|
||||||
<authentication-provider>
|
|
||||||
<user-service>
|
|
||||||
<user name="bob" password="bobspassword" authorities="ROLE_A,ROLE_B" />
|
|
||||||
<user name="bill" password="billspassword" authorities="ROLE_A,ROLE_B,AUTH_OTHER" />
|
|
||||||
</user-service>
|
|
||||||
</authentication-provider>
|
|
||||||
|
|
||||||
</b:beans>
|
|
||||||
@ -0,0 +1,14 @@
|
|||||||
|
package org.springframework.security.config;
|
||||||
|
|
||||||
|
public abstract class ConfigTestUtils {
|
||||||
|
public static final String AUTH_PROVIDER_XML =
|
||||||
|
" <authentication-provider>" +
|
||||||
|
" <user-service id='us'>" +
|
||||||
|
" <user name='bob' password='bobspassword' authorities='ROLE_A,ROLE_B' />" +
|
||||||
|
" <user name='bill' password='billspassword' authorities='ROLE_A,ROLE_B,AUTH_OTHER' />" +
|
||||||
|
" </user-service>" +
|
||||||
|
" </authentication-provider>";
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
@ -27,7 +27,7 @@ public class CustomAfterInvocationProviderBeanDefinitionDecoratorTests {
|
|||||||
"<b:bean id='aip' class='org.springframework.security.config.MockAfterInvocationProvider'>" +
|
"<b:bean id='aip' class='org.springframework.security.config.MockAfterInvocationProvider'>" +
|
||||||
" <custom-after-invocation-provider />" +
|
" <custom-after-invocation-provider />" +
|
||||||
"</b:bean>" +
|
"</b:bean>" +
|
||||||
HttpSecurityBeanDefinitionParserTests.AUTH_PROVIDER_XML
|
ConfigTestUtils.AUTH_PROVIDER_XML
|
||||||
);
|
);
|
||||||
|
|
||||||
MethodSecurityInterceptor msi = (MethodSecurityInterceptor) appContext.getBean(BeanIds.METHOD_SECURITY_INTERCEPTOR);
|
MethodSecurityInterceptor msi = (MethodSecurityInterceptor) appContext.getBean(BeanIds.METHOD_SECURITY_INTERCEPTOR);
|
||||||
|
|||||||
@ -39,7 +39,7 @@ public class FilterInvocationDefinitionSourceParserTests {
|
|||||||
setContext(
|
setContext(
|
||||||
"<filter-invocation-definition-source id='fids'>" +
|
"<filter-invocation-definition-source id='fids'>" +
|
||||||
" <intercept-url pattern='/**' access='ROLE_A'/>" +
|
" <intercept-url pattern='/**' access='ROLE_A'/>" +
|
||||||
"</filter-invocation-definition-source>");
|
"</filter-invocation-definition-source>");
|
||||||
DefaultFilterInvocationDefinitionSource fids = (DefaultFilterInvocationDefinitionSource) appContext.getBean("fids");
|
DefaultFilterInvocationDefinitionSource fids = (DefaultFilterInvocationDefinitionSource) appContext.getBean("fids");
|
||||||
ConfigAttributeDefinition cad = fids.getAttributes(createFilterInvocation("/anything", "GET"));
|
ConfigAttributeDefinition cad = fids.getAttributes(createFilterInvocation("/anything", "GET"));
|
||||||
assertTrue(cad.contains(new SecurityConfig("ROLE_A")));
|
assertTrue(cad.contains(new SecurityConfig("ROLE_A")));
|
||||||
@ -57,7 +57,7 @@ public class FilterInvocationDefinitionSourceParserTests {
|
|||||||
" <intercept-url pattern='/**' access='ROLE_USER'/>" +
|
" <intercept-url pattern='/**' access='ROLE_USER'/>" +
|
||||||
" </filter-invocation-definition-source>" +
|
" </filter-invocation-definition-source>" +
|
||||||
" </b:property>" +
|
" </b:property>" +
|
||||||
"</b:bean>" + HttpSecurityBeanDefinitionParserTests.AUTH_PROVIDER_XML);
|
"</b:bean>" + ConfigTestUtils.AUTH_PROVIDER_XML);
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,6 +1,7 @@
|
|||||||
package org.springframework.security.config;
|
package org.springframework.security.config;
|
||||||
|
|
||||||
import static org.junit.Assert.*;
|
import static org.junit.Assert.*;
|
||||||
|
import static org.springframework.security.config.ConfigTestUtils.*;
|
||||||
|
|
||||||
import java.lang.reflect.Method;
|
import java.lang.reflect.Method;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
@ -56,13 +57,7 @@ import org.springframework.util.ReflectionUtils;
|
|||||||
*/
|
*/
|
||||||
public class HttpSecurityBeanDefinitionParserTests {
|
public class HttpSecurityBeanDefinitionParserTests {
|
||||||
private AbstractXmlApplicationContext appContext;
|
private AbstractXmlApplicationContext appContext;
|
||||||
static final String AUTH_PROVIDER_XML =
|
|
||||||
" <authentication-provider>" +
|
|
||||||
" <user-service id='us'>" +
|
|
||||||
" <user name='bob' password='bobspassword' authorities='ROLE_A,ROLE_B' />" +
|
|
||||||
" <user name='bill' password='billspassword' authorities='ROLE_A,ROLE_B,AUTH_OTHER' />" +
|
|
||||||
" </user-service>" +
|
|
||||||
" </authentication-provider>";
|
|
||||||
|
|
||||||
@After
|
@After
|
||||||
public void closeAppContext() {
|
public void closeAppContext() {
|
||||||
@ -379,7 +374,7 @@ public class HttpSecurityBeanDefinitionParserTests {
|
|||||||
AUTH_PROVIDER_XML);
|
AUTH_PROVIDER_XML);
|
||||||
|
|
||||||
assertEquals(5000, FieldUtils.getFieldValue(appContext.getBean(BeanIds.REMEMBER_ME_SERVICES),
|
assertEquals(5000, FieldUtils.getFieldValue(appContext.getBean(BeanIds.REMEMBER_ME_SERVICES),
|
||||||
"tokenValiditySeconds"));
|
"tokenValiditySeconds"));
|
||||||
// SEC-909
|
// SEC-909
|
||||||
LogoutHandler[] logoutHandlers = (LogoutHandler[]) FieldUtils.getFieldValue(appContext.getBean(BeanIds.LOGOUT_FILTER), "handlers");
|
LogoutHandler[] logoutHandlers = (LogoutHandler[]) FieldUtils.getFieldValue(appContext.getBean(BeanIds.LOGOUT_FILTER), "handlers");
|
||||||
assertEquals(2, logoutHandlers.length);
|
assertEquals(2, logoutHandlers.length);
|
||||||
@ -393,7 +388,7 @@ public class HttpSecurityBeanDefinitionParserTests {
|
|||||||
" <remember-me key='ourkey' token-validity-seconds='10000' />" +
|
" <remember-me key='ourkey' token-validity-seconds='10000' />" +
|
||||||
"</http>" + AUTH_PROVIDER_XML);
|
"</http>" + AUTH_PROVIDER_XML);
|
||||||
assertEquals(10000, FieldUtils.getFieldValue(appContext.getBean(BeanIds.REMEMBER_ME_SERVICES),
|
assertEquals(10000, FieldUtils.getFieldValue(appContext.getBean(BeanIds.REMEMBER_ME_SERVICES),
|
||||||
"tokenValiditySeconds"));
|
"tokenValiditySeconds"));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@ -441,11 +436,11 @@ public class HttpSecurityBeanDefinitionParserTests {
|
|||||||
AUTH_PROVIDER_XML);
|
AUTH_PROVIDER_XML);
|
||||||
Object sessionRegistry = appContext.getBean("seshRegistry");
|
Object sessionRegistry = appContext.getBean("seshRegistry");
|
||||||
Object sessionRegistryFromFilter = FieldUtils.getFieldValue(
|
Object sessionRegistryFromFilter = FieldUtils.getFieldValue(
|
||||||
appContext.getBean(BeanIds.CONCURRENT_SESSION_FILTER),"sessionRegistry");
|
appContext.getBean(BeanIds.CONCURRENT_SESSION_FILTER),"sessionRegistry");
|
||||||
Object sessionRegistryFromController = FieldUtils.getFieldValue(
|
Object sessionRegistryFromController = FieldUtils.getFieldValue(
|
||||||
appContext.getBean(BeanIds.CONCURRENT_SESSION_CONTROLLER),"sessionRegistry");
|
appContext.getBean(BeanIds.CONCURRENT_SESSION_CONTROLLER),"sessionRegistry");
|
||||||
Object sessionRegistryFromFixationFilter = FieldUtils.getFieldValue(
|
Object sessionRegistryFromFixationFilter = FieldUtils.getFieldValue(
|
||||||
appContext.getBean(BeanIds.SESSION_FIXATION_PROTECTION_FILTER),"sessionRegistry");
|
appContext.getBean(BeanIds.SESSION_FIXATION_PROTECTION_FILTER),"sessionRegistry");
|
||||||
|
|
||||||
assertSame(sessionRegistry, sessionRegistryFromFilter);
|
assertSame(sessionRegistry, sessionRegistryFromFilter);
|
||||||
assertSame(sessionRegistry, sessionRegistryFromController);
|
assertSame(sessionRegistry, sessionRegistryFromController);
|
||||||
@ -493,16 +488,16 @@ public class HttpSecurityBeanDefinitionParserTests {
|
|||||||
req.setSession(new MockHttpSession());
|
req.setSession(new MockHttpSession());
|
||||||
auth.setDetails(new WebAuthenticationDetails(req));
|
auth.setDetails(new WebAuthenticationDetails(req));
|
||||||
try {
|
try {
|
||||||
seshController.checkAuthenticationAllowed(auth);
|
seshController.checkAuthenticationAllowed(auth);
|
||||||
} catch (ConcurrentLoginException e) {
|
} catch (ConcurrentLoginException e) {
|
||||||
fail("First login should be allowed");
|
fail("First login should be allowed");
|
||||||
}
|
}
|
||||||
seshController.registerSuccessfulAuthentication(auth);
|
seshController.registerSuccessfulAuthentication(auth);
|
||||||
req.setSession(new MockHttpSession());
|
req.setSession(new MockHttpSession());
|
||||||
try {
|
try {
|
||||||
seshController.checkAuthenticationAllowed(auth);
|
seshController.checkAuthenticationAllowed(auth);
|
||||||
} catch (ConcurrentLoginException e) {
|
} catch (ConcurrentLoginException e) {
|
||||||
fail("Second login should be allowed");
|
fail("Second login should be allowed");
|
||||||
}
|
}
|
||||||
auth.setDetails(new WebAuthenticationDetails(req));
|
auth.setDetails(new WebAuthenticationDetails(req));
|
||||||
seshController.registerSuccessfulAuthentication(auth);
|
seshController.registerSuccessfulAuthentication(auth);
|
||||||
|
|||||||
@ -14,6 +14,7 @@ import org.springframework.security.util.InMemoryXmlApplicationContext;
|
|||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* @author Luke Taylor
|
* @author Luke Taylor
|
||||||
|
* $Id$
|
||||||
*/
|
*/
|
||||||
public class SessionRegistryInjectionBeanPostProcessorTests {
|
public class SessionRegistryInjectionBeanPostProcessorTests {
|
||||||
private AbstractXmlApplicationContext appContext;
|
private AbstractXmlApplicationContext appContext;
|
||||||
@ -36,13 +37,13 @@ public class SessionRegistryInjectionBeanPostProcessorTests {
|
|||||||
"<http auto-config='true'/>" +
|
"<http auto-config='true'/>" +
|
||||||
"<b:bean id='sc' class='org.springframework.security.concurrent.ConcurrentSessionControllerImpl'>" +
|
"<b:bean id='sc' class='org.springframework.security.concurrent.ConcurrentSessionControllerImpl'>" +
|
||||||
" <b:property name='sessionRegistry'>" +
|
" <b:property name='sessionRegistry'>" +
|
||||||
" <b:bean class='org.springframework.security.concurrent.SessionRegistryImpl'/>" +
|
" <b:bean class='org.springframework.security.concurrent.SessionRegistryImpl'/>" +
|
||||||
" </b:property>" +
|
" </b:property>" +
|
||||||
"</b:bean>" +
|
"</b:bean>" +
|
||||||
"<authentication-manager alias='authManager' session-controller-ref='sc'/>" +
|
"<authentication-manager alias='authManager' session-controller-ref='sc'/>" +
|
||||||
HttpSecurityBeanDefinitionParserTests.AUTH_PROVIDER_XML);
|
ConfigTestUtils.AUTH_PROVIDER_XML);
|
||||||
assertNotNull(FieldUtils.getFieldValue(appContext.getBean(BeanIds.SESSION_FIXATION_PROTECTION_FILTER), "sessionRegistry"));
|
assertNotNull(FieldUtils.getFieldValue(appContext.getBean(BeanIds.SESSION_FIXATION_PROTECTION_FILTER), "sessionRegistry"));
|
||||||
assertNotNull(FieldUtils.getFieldValue(appContext.getBean(BeanIds.FORM_LOGIN_FILTER), "sessionRegistry"));
|
assertNotNull(FieldUtils.getFieldValue(appContext.getBean(BeanIds.FORM_LOGIN_FILTER), "sessionRegistry"));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@ -52,15 +53,15 @@ public class SessionRegistryInjectionBeanPostProcessorTests {
|
|||||||
"<b:bean id='sc' class='org.springframework.security.config.SessionRegistryInjectionBeanPostProcessorTests$MockConcurrentSessionController'/>" +
|
"<b:bean id='sc' class='org.springframework.security.config.SessionRegistryInjectionBeanPostProcessorTests$MockConcurrentSessionController'/>" +
|
||||||
"<b:bean id='sessionRegistry' class='org.springframework.security.concurrent.SessionRegistryImpl'/>" +
|
"<b:bean id='sessionRegistry' class='org.springframework.security.concurrent.SessionRegistryImpl'/>" +
|
||||||
"<authentication-manager alias='authManager' session-controller-ref='sc'/>" +
|
"<authentication-manager alias='authManager' session-controller-ref='sc'/>" +
|
||||||
HttpSecurityBeanDefinitionParserTests.AUTH_PROVIDER_XML);
|
ConfigTestUtils.AUTH_PROVIDER_XML);
|
||||||
assertNotNull(FieldUtils.getFieldValue(appContext.getBean(BeanIds.SESSION_FIXATION_PROTECTION_FILTER), "sessionRegistry"));
|
assertNotNull(FieldUtils.getFieldValue(appContext.getBean(BeanIds.SESSION_FIXATION_PROTECTION_FILTER), "sessionRegistry"));
|
||||||
assertNotNull(FieldUtils.getFieldValue(appContext.getBean(BeanIds.FORM_LOGIN_FILTER), "sessionRegistry"));
|
assertNotNull(FieldUtils.getFieldValue(appContext.getBean(BeanIds.FORM_LOGIN_FILTER), "sessionRegistry"));
|
||||||
}
|
}
|
||||||
|
|
||||||
public static class MockConcurrentSessionController implements ConcurrentSessionController {
|
public static class MockConcurrentSessionController implements ConcurrentSessionController {
|
||||||
public void checkAuthenticationAllowed(Authentication request) throws AuthenticationException {
|
public void checkAuthenticationAllowed(Authentication request) throws AuthenticationException {
|
||||||
}
|
}
|
||||||
public void registerSuccessfulAuthentication(Authentication authentication) {
|
public void registerSuccessfulAuthentication(Authentication authentication) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user