Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-26 13:53:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1012: Futher generification. Also changed method signature of ObjectDefinitionSource.getAllConfigAtributes to return a single collection

Browse Source
This commit is contained in:
Luke Taylor 2008-11-15 09:35:11 +00:00
parent f3b3004085
commit 31375b7212
45 changed files with 268 additions and 337 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
acl/src/main/java/org/springframework/security/acls/objectidentity/ObjectIdentityImpl.java
View File

@ -38,7 +38,7 @@ import java.lang.reflect.Method;
public class ObjectIdentityImpl implements ObjectIdentity {
//~ Instance fields ================================================================================================
private Class javaType;
private Class<?> javaType;
private Serializable identifier;
//~ Constructors ===================================================================================================
@ -56,7 +56,7 @@ public class ObjectIdentityImpl implements ObjectIdentity {
this.identifier = identifier;
}
public ObjectIdentityImpl(Class javaType, Serializable identifier) {
public ObjectIdentityImpl(Class<?> javaType, Serializable identifier) {
Assert.notNull(javaType, "Java Type required");
Assert.notNull(identifier, "identifier required");
this.javaType = javaType;
@ -131,7 +131,7 @@ public class ObjectIdentityImpl implements ObjectIdentity {
return identifier;
}
public Class getJavaType() {
public Class<?> getJavaType() {
return javaType;
}

2
core/src/main/java/org/springframework/security/RunAsManager.java
View File

@ -96,5 +96,5 @@ public interface RunAsManager {
*
* @return true if the implementation can process the indicated class
*/
boolean supports(Class clazz);
boolean supports(Class<?> clazz);
}

6
core/src/main/java/org/springframework/security/annotation/Jsr250MethodDefinitionSource.java
View File

@ -39,15 +39,15 @@ import org.springframework.security.intercept.method.AbstractFallbackMethodDefin
*/
public class Jsr250MethodDefinitionSource extends AbstractFallbackMethodDefinitionSource {
protected List<ConfigAttribute> findAttributes(Class clazz) {
protected List<ConfigAttribute> findAttributes(Class<?> clazz) {
return processAnnotations(clazz.getAnnotations());
}
protected List<ConfigAttribute> findAttributes(Method method, Class targetClass) {
protected List<ConfigAttribute> findAttributes(Method method, Class<?> targetClass) {
return processAnnotations(AnnotationUtils.getAnnotations(method));
}
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
public Collection<ConfigAttribute> getAllConfigAttributes() {
return null;
}

2
core/src/main/java/org/springframework/security/annotation/Jsr250Voter.java
View File

@ -32,7 +32,7 @@ public class Jsr250Voter implements AccessDecisionVoter {
* @param clazz the class.
* @return true
*/
public boolean supports(Class<? extends Object> clazz) {
public boolean supports(Class<?> clazz) {
return true;
}

6
core/src/main/java/org/springframework/security/annotation/SecuredMethodDefinitionSource.java
View File

@ -35,15 +35,15 @@ import org.springframework.security.intercept.method.AbstractFallbackMethodDefin
*/
public class SecuredMethodDefinitionSource extends AbstractFallbackMethodDefinitionSource {
protected List<ConfigAttribute> findAttributes(Class clazz) {
protected List<ConfigAttribute> findAttributes(Class<?> clazz) {
return processAnnotation(clazz.getAnnotation(Secured.class));
}
protected List<ConfigAttribute> findAttributes(Method method, Class targetClass) {
protected List<ConfigAttribute> findAttributes(Method method, Class<?> targetClass) {
return processAnnotation(AnnotationUtils.findAnnotation(method, Secured.class));
}
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
public Collection<ConfigAttribute> getAllConfigAttributes() {
return null;
}

1
core/src/main/java/org/springframework/security/config/ConfigUtils.java
View File

@ -143,6 +143,7 @@ abstract class ConfigUtils {
* Bean which holds the list of filters which are maintained in the context and modified by calls to
* addHttpFilter. The post processor retrieves these before injecting the list into the FilterChainProxy.
*/
@SuppressWarnings("unchecked")
public static class FilterChainList {
List filters;

12
core/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java
View File

@ -96,7 +96,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
/**
* Checks the filter list for possible errors and logs them
*/
private void checkFilterStack(List filters) {
private void checkFilterStack(List<Filter> filters) {
checkForDuplicates(HttpSessionContextIntegrationFilter.class, filters);
checkForDuplicates(AuthenticationProcessingFilter.class, filters);
checkForDuplicates(SessionFixationProtectionFilter.class, filters);
@ -106,13 +106,13 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
checkForDuplicates(FilterSecurityInterceptor.class, filters);
}
private void checkForDuplicates(Class clazz, List filters) {
private void checkForDuplicates(Class<? extends Filter> clazz, List<Filter> filters) {
for (int i=0; i < filters.size(); i++) {
Filter f1 = (Filter)filters.get(i);
Filter f1 = filters.get(i);
if (clazz.isAssignableFrom(f1.getClass())) {
// Found the first one, check remaining for another
for (int j=i+1; j < filters.size(); j++) {
Filter f2 = (Filter)filters.get(j);
Filter f2 = filters.get(j);
if (clazz.isAssignableFrom(f2.getClass())) {
logger.warn("Possible error: Filters at position " + i + " and " + j + " are both " +
"instances of " + clazz.getName());
@ -130,7 +130,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
if (etf.getAuthenticationEntryPoint() instanceof AuthenticationProcessingFilterEntryPoint) {
String loginPage =
((AuthenticationProcessingFilterEntryPoint)etf.getAuthenticationEntryPoint()).getLoginFormUrl();
List filters = fcp.getFilters(loginPage);
List<Filter> filters = fcp.getFilters(loginPage);
logger.info("Checking whether login URL '" + loginPage + "' is accessible with your configuration");
if (filters == null || filters.isEmpty()) {
@ -148,7 +148,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
((FilterSecurityInterceptor)beanFactory.getBean(BeanIds.FILTER_SECURITY_INTERCEPTOR));
DefaultFilterInvocationDefinitionSource fids =
(DefaultFilterInvocationDefinitionSource) fsi.getObjectDefinitionSource();
List<? extends ConfigAttribute> attributes = fids.lookupAttributes(loginPage, "POST");
List<ConfigAttribute> attributes = fids.lookupAttributes(loginPage, "POST");
if (attributes == null) {
logger.debug("No access attributes defined for login page URL");

4
core/src/main/java/org/springframework/security/context/SecurityContextHolder.java
View File

@ -100,8 +100,8 @@ public class SecurityContextHolder {
} else {
// Try to load a custom strategy
try {
Class clazz = Class.forName(strategyName);
Constructor customStrategy = clazz.getConstructor(new Class[] {});
Class<?> clazz = Class.forName(strategyName);
Constructor<?> customStrategy = clazz.getConstructor(new Class[] {});
strategy = (SecurityContextHolderStrategy) customStrategy.newInstance(new Object[] {});
} catch (Exception ex) {
ReflectionUtils.handleReflectionException(ex);

4
core/src/main/java/org/springframework/security/expression/method/ExpressionAnnotationMethodDefinitionSource.java
View File

@ -40,7 +40,7 @@ import org.springframework.util.ClassUtils;
public class ExpressionAnnotationMethodDefinitionSource extends AbstractMethodDefinitionSource {
private ExpressionParser parser = new SpelExpressionParser();
public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
if (method.getDeclaringClass() == Object.class) {
return null;
}
@ -109,7 +109,7 @@ public class ExpressionAnnotationMethodDefinitionSource extends AbstractMethodDe
return null;
}
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
public Collection<ConfigAttribute> getAllConfigAttributes() {
return null;
}

2
core/src/main/java/org/springframework/security/expression/method/MethodExpressionVoter.java
View File

@ -35,7 +35,7 @@ public class MethodExpressionVoter implements AccessDecisionVoter {
return attribute instanceof AbstractExpressionBasedMethodConfigAttribute;
}
public boolean supports(Class<? extends Object> clazz) {
public boolean supports(Class<?> clazz) {
return clazz.isAssignableFrom(MethodInvocation.class);
}

10
core/src/main/java/org/springframework/security/expression/web/WebExpressionVoter.java
View File

@ -5,6 +5,7 @@ import java.util.List;
import org.springframework.expression.EvaluationContext;
import org.springframework.security.Authentication;
import org.springframework.security.ConfigAttribute;
import org.springframework.security.expression.ExpressionUtils;
import org.springframework.security.expression.SecurityExpressionHandler;
import org.springframework.security.expression.support.DefaultSecurityExpressionHandler;
import org.springframework.security.intercept.web.FilterInvocation;
@ -14,7 +15,7 @@ import org.springframework.security.vote.AccessDecisionVoter;
* Voter which handles web authorisation decisions.
* @author Luke Taylor
* @version $Id$
* @since
* @since 2.5
*/
public class WebExpressionVoter implements AccessDecisionVoter {
private SecurityExpressionHandler expressionHandler = new DefaultSecurityExpressionHandler();
@ -29,9 +30,8 @@ public class WebExpressionVoter implements AccessDecisionVoter {
FilterInvocation fi = (FilterInvocation)object;
EvaluationContext ctx = expressionHandler.createEvaluationContext(authentication, fi);
weca.getAuthorizeExpression();
return 0;
return ExpressionUtils.evaluateAsBoolean(weca.getAuthorizeExpression(), ctx) ?
ACCESS_GRANTED : ACCESS_DENIED;
}
private WebExpressionConfigAttribute findConfigAttribute(List<ConfigAttribute> attributes) {
@ -47,7 +47,7 @@ public class WebExpressionVoter implements AccessDecisionVoter {
return attribute instanceof WebExpressionConfigAttribute;
}
public boolean supports(Class<? extends Object> clazz) {
public boolean supports(Class<?> clazz) {
return clazz.isAssignableFrom(FilterInvocation.class);
}

14
core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java
View File

@ -136,7 +136,7 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A
}
if (this.validateConfigAttributes) {
Collection<List<? extends ConfigAttribute>> attributeDefs = this.obtainObjectDefinitionSource().getAllConfigAttributes();
Collection<ConfigAttribute> attributeDefs = this.obtainObjectDefinitionSource().getAllConfigAttributes();
if (attributeDefs == null) {
logger.warn("Could not validate configuration attributes as the ObjectDefinitionSource did not return "
@ -144,14 +144,12 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A
return;
}
Set unsupportedAttrs = new HashSet();
Set<ConfigAttribute> unsupportedAttrs = new HashSet<ConfigAttribute>();
for (List<? extends ConfigAttribute> def : attributeDefs) {
for (ConfigAttribute attr : def) {
if (!this.runAsManager.supports(attr) && !this.accessDecisionManager.supports(attr)
&& ((this.afterInvocationManager == null) || !this.afterInvocationManager.supports(attr))) {
unsupportedAttrs.add(attr);
}
for (ConfigAttribute attr : attributeDefs) {
if (!this.runAsManager.supports(attr) && !this.accessDecisionManager.supports(attr)
&& ((this.afterInvocationManager == null) || !this.afterInvocationManager.supports(attr))) {
unsupportedAttrs.add(attr);
}
}

4
core/src/main/java/org/springframework/security/intercept/ObjectDefinitionSource.java
View File

@ -53,7 +53,7 @@ public interface ObjectDefinitionSource {
*
* @return the <code>ConfigAttribute</code>s or <code>null</code> if unsupported
*/
Collection<List<? extends ConfigAttribute>> getAllConfigAttributes();
Collection<ConfigAttribute> getAllConfigAttributes();
/**
* Indicates whether the <code>ObjectDefinitionSource</code> implementation is able to provide
@ -63,5 +63,5 @@ public interface ObjectDefinitionSource {
*
* @return true if the implementation can process the indicated class
*/
boolean supports(Class clazz);
boolean supports(Class<?> clazz);
}

6
core/src/main/java/org/springframework/security/intercept/method/AbstractFallbackMethodDefinitionSource.java
View File

@ -27,7 +27,7 @@ import org.springframework.util.ClassUtils;
*/
public abstract class AbstractFallbackMethodDefinitionSource extends AbstractMethodDefinitionSource {
public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
// The method may be on an interface, but we need attributes from the target class.
// If the target class is null, the method will be unchanged.
Method specificMethod = ClassUtils.getMostSpecificMethod(method, targetClass);
@ -68,7 +68,7 @@ public abstract class AbstractFallbackMethodDefinitionSource extends AbstractMet
* @param targetClass the target class for the invocation (may be <code>null</code>)
* @return the security metadata (or null if no metadata applies)
*/
protected abstract List<ConfigAttribute> findAttributes(Method method, Class targetClass);
protected abstract List<ConfigAttribute> findAttributes(Method method, Class<?> targetClass);
/**
* Obtains the security metadata registered against the specified class.
@ -82,7 +82,7 @@ public abstract class AbstractFallbackMethodDefinitionSource extends AbstractMet
* @param clazz the target class for the invocation (never <code>null</code>)
* @return the security metadata (or null if no metadata applies)
*/
protected abstract List<ConfigAttribute> findAttributes(Class clazz);
protected abstract List<ConfigAttribute> findAttributes(Class<?> clazz);
}

8
core/src/main/java/org/springframework/security/intercept/method/AbstractMethodDefinitionSource.java
View File

@ -55,10 +55,10 @@ public abstract class AbstractMethodDefinitionSource implements MethodDefinition
if (object instanceof JoinPoint) {
JoinPoint jp = (JoinPoint) object;
Class targetClass = jp.getTarget().getClass();
Class<?> targetClass = jp.getTarget().getClass();
String targetMethodName = jp.getStaticPart().getSignature().getName();
Class[] types = ((CodeSignature) jp.getStaticPart().getSignature()).getParameterTypes();
Class declaringType = ((CodeSignature) jp.getStaticPart().getSignature()).getDeclaringType();
Class<?>[] types = ((CodeSignature) jp.getStaticPart().getSignature()).getParameterTypes();
Class<?> declaringType = ((CodeSignature) jp.getStaticPart().getSignature()).getDeclaringType();
Method method = ClassUtils.getMethodIfAvailable(declaringType, targetMethodName, types);
Assert.notNull(method, "Could not obtain target method from JoinPoint: '"+ jp + "'");
@ -69,7 +69,7 @@ public abstract class AbstractMethodDefinitionSource implements MethodDefinition
throw new IllegalArgumentException("Object must be a non-null MethodInvocation or JoinPoint");
}
public final boolean supports(Class clazz) {
public final boolean supports(Class<?> clazz) {
return (MethodInvocation.class.isAssignableFrom(clazz) || JoinPoint.class.isAssignableFrom(clazz));
}
}

17
core/src/main/java/org/springframework/security/intercept/method/DelegatingMethodDefinitionSource.java
View File

@ -5,7 +5,6 @@ import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
@ -27,7 +26,8 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini
private final static List<ConfigAttribute> NULL_CONFIG_ATTRIBUTE = Collections.emptyList();
private List<MethodDefinitionSource> methodDefinitionSources;
private final Map<DefaultCacheKey, List<ConfigAttribute>> attributeCache = new HashMap();
private final Map<DefaultCacheKey, List<ConfigAttribute>> attributeCache =
new HashMap<DefaultCacheKey, List<ConfigAttribute>>();
//~ Methods ========================================================================================================
@ -35,7 +35,7 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini
Assert.notEmpty(methodDefinitionSources, "A list of MethodDefinitionSources is required");
}
public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
DefaultCacheKey cacheKey = new DefaultCacheKey(method, targetClass);
synchronized (attributeCache) {
List<ConfigAttribute> cached = attributeCache.get(cacheKey);
@ -73,12 +73,10 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini
}
}
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
Set set = new HashSet();
Iterator i = methodDefinitionSources.iterator();
while (i.hasNext()) {
MethodDefinitionSource s = (MethodDefinitionSource) i.next();
Collection<List<? extends ConfigAttribute>> attrs = s.getAllConfigAttributes();
public Collection<ConfigAttribute> getAllConfigAttributes() {
Set<ConfigAttribute> set = new HashSet<ConfigAttribute>();
for (MethodDefinitionSource s : methodDefinitionSources) {
Collection<ConfigAttribute> attrs = s.getAllConfigAttributes();
if (attrs != null) {
set.addAll(attrs);
}
@ -86,6 +84,7 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini
return set;
}
@SuppressWarnings("unchecked")
public void setMethodDefinitionSources(List methodDefinitionSources) {
Assert.notEmpty(methodDefinitionSources, "A list of MethodDefinitionSources is required");
this.methodDefinitionSources = methodDefinitionSources;

33
core/src/main/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSource.java
View File

@ -19,9 +19,11 @@ import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.springframework.beans.factory.BeanClassLoaderAware;
import org.springframework.security.ConfigAttribute;
@ -48,10 +50,10 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
private ClassLoader beanClassLoader = ClassUtils.getDefaultClassLoader();
/** Map from RegisteredMethod to ConfigAttribute list */
protected Map<RegisteredMethod, List<? extends ConfigAttribute>> methodMap = new HashMap();
protected Map<RegisteredMethod, List<ConfigAttribute>> methodMap = new HashMap<RegisteredMethod, List<ConfigAttribute>>();
/** Map from RegisteredMethod to name pattern used for registration */
private Map<RegisteredMethod, String> nameMap = new HashMap();
private Map<RegisteredMethod, String> nameMap = new HashMap<RegisteredMethod, String>();
//~ Methods ========================================================================================================
@ -71,14 +73,14 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
/**
* Implementation does not support class-level attributes.
*/
protected List<ConfigAttribute> findAttributes(Class clazz) {
protected List<ConfigAttribute> findAttributes(Class<?> clazz) {
return null;
}
/**
* Will walk the method inheritance tree to find the most specific declaration applicable.
*/
protected List<ConfigAttribute> findAttributes(Method method, Class targetClass) {
protected List<ConfigAttribute> findAttributes(Method method, Class<?> targetClass) {
if (targetClass == null) {
return null;
}
@ -105,7 +107,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
* @param name type and method name, separated by a dot
* @param attr required authorities associated with the method
*/
public void addSecureMethod(String name, List<? extends ConfigAttribute> attr) {
public void addSecureMethod(String name, List<ConfigAttribute> attr) {
int lastDotIndex = name.lastIndexOf(".");
if (lastDotIndex == -1) {
@ -129,7 +131,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
* @param mappedName mapped method name, which the javaType has declared or inherited
* @param attr required authorities associated with the method
*/
public void addSecureMethod(Class javaType, String mappedName, List<? extends ConfigAttribute> attr) {
public void addSecureMethod(Class javaType, String mappedName, List<ConfigAttribute> attr) {
String name = javaType.getName() + '.' + mappedName;
if (logger.isDebugEnabled()) {
@ -137,7 +139,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
}
Method[] methods = javaType.getMethods();
List matchingMethods = new ArrayList();
List<Method> matchingMethods = new ArrayList<Method>();
for (int i = 0; i < methods.length; i++) {
if (methods[i].getName().equals(mappedName) || isMatch(methods[i].getName(), mappedName)) {
@ -150,8 +152,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
}
// register all matching methods
for (Iterator it = matchingMethods.iterator(); it.hasNext();) {
Method method = (Method) it.next();
for (Method method : matchingMethods) {
RegisteredMethod registeredMethod = new RegisteredMethod(method, javaType);
String regMethodName = (String) this.nameMap.get(registeredMethod);
@ -178,7 +179,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
* the existing match will be retained, so that if this method is called for a more general pointcut
* it will not override a more specific one which has already been added. This
*/
public void addSecureMethod(Class javaType, Method method, List<? extends ConfigAttribute> attr) {
public void addSecureMethod(Class javaType, Method method, List<ConfigAttribute> attr) {
RegisteredMethod key = new RegisteredMethod(method, javaType);
if (methodMap.containsKey(key)) {
@ -195,7 +196,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
* @param method the method to be secured
* @param attr required authorities associated with the method
*/
private void addSecureMethod(RegisteredMethod method, List<? extends ConfigAttribute> attr) {
private void addSecureMethod(RegisteredMethod method, List<ConfigAttribute> attr) {
Assert.notNull(method, "RegisteredMethod required");
Assert.notNull(attr, "Configuration attribute required");
if (logger.isInfoEnabled()) {
@ -209,8 +210,14 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
*
* @return the attributes explicitly defined against this bean
*/
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
return methodMap.values();
public Collection<ConfigAttribute> getAllConfigAttributes() {
Set<ConfigAttribute> allAttributes = new HashSet<ConfigAttribute>();
for (List<ConfigAttribute> attributeList : methodMap.values()) {
allAttributes.addAll(attributeList);
}
return allAttributes;
}
/**

2
core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSource.java
View File

@ -30,5 +30,5 @@ import org.springframework.security.intercept.ObjectDefinitionSource;
* @version $Id$
*/
public interface MethodDefinitionSource extends ObjectDefinitionSource {
public List<ConfigAttribute> getAttributes(Method method, Class targetClass);
public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass);
}

4
core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodDefinitionSourceAdvisor.java
View File

@ -128,9 +128,9 @@ public class MethodDefinitionSourceAdvisor extends AbstractPointcutAdvisor imple
*/
class InternalMethodInvocation implements MethodInvocation {
private Method method;
private Class targetClass;
private Class<?> targetClass;
public InternalMethodInvocation(Method method, Class targetClass) {
public InternalMethodInvocation(Method method, Class<?> targetClass) {
this.method = method;
this.targetClass = targetClass;
}

14
core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSource.java
View File

@ -17,7 +17,6 @@ package org.springframework.security.intercept.web;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedHashMap;
@ -142,10 +141,17 @@ public class DefaultFilterInvocationDefinitionSource implements FilterInvocation
return methodRequestmap;
}
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
return Collections.unmodifiableCollection(getRequestMap().values());
public Collection<ConfigAttribute> getAllConfigAttributes() {
Set<ConfigAttribute> allAttributes = new HashSet<ConfigAttribute>();
for(List<ConfigAttribute> attrs : requestMap.values()) {
allAttributes.addAll(attrs);
}
return allAttributes;
}
public List<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
if ((object == null) || !this.supports(object.getClass())) {
throw new IllegalArgumentException("Object must be a FilterInvocation");
@ -227,7 +233,7 @@ public class DefaultFilterInvocationDefinitionSource implements FilterInvocation
return null;
}
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
return FilterInvocation.class.isAssignableFrom(clazz);
}

4
core/src/main/java/org/springframework/security/providers/ProviderManager.java
View File

@ -217,8 +217,8 @@ public class ProviderManager extends AbstractAuthenticationManager implements In
if (className != null) {
try {
Class clazz = getClass().getClassLoader().loadClass(className);
Constructor constructor = clazz.getConstructor(new Class[] {
Class<?> clazz = getClass().getClassLoader().loadClass(className);
Constructor<?> constructor = clazz.getConstructor(new Class[] {
Authentication.class, AuthenticationException.class
});
Object obj = constructor.newInstance(new Object[] {authentication, exception});

2
core/src/main/java/org/springframework/security/runas/NullRunAsManager.java
View File

@ -41,7 +41,7 @@ public class NullRunAsManager implements RunAsManager {
return false;
}
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
return true;
}
}

4
core/src/main/java/org/springframework/security/runas/RunAsManagerImpl.java
View File

@ -63,7 +63,7 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean {
}
public Authentication buildRunAs(Authentication authentication, Object object, List<ConfigAttribute> config) {
List<GrantedAuthority> newAuthorities = new ArrayList();
List<GrantedAuthority> newAuthorities = new ArrayList<GrantedAuthority>();
for(ConfigAttribute attribute : config) {
if (this.supports(attribute)) {
@ -123,7 +123,7 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean {
*
* @return alwaus <code>true</code>
*/
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
return true;
}
}

16
core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java
View File

@ -59,7 +59,7 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini
Assert.notNull(filterInvocationDefinitionSource, "filterInvocationDefinitionSource must be specified");
Assert.notNull(channelDecisionManager, "channelDecisionManager must be specified");
Collection<List<? extends ConfigAttribute>> attrDefs = this.filterInvocationDefinitionSource.getAllConfigAttributes();
Collection<ConfigAttribute> attrDefs = this.filterInvocationDefinitionSource.getAllConfigAttributes();
if (attrDefs == null) {
if (logger.isWarnEnabled()) {
@ -70,22 +70,20 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini
return;
}
Set set = new HashSet();
Set<ConfigAttribute> unsupportedAttributes = new HashSet<ConfigAttribute>();
for (List<? extends ConfigAttribute> def : attrDefs) {
for (ConfigAttribute attr : def) {
if (!this.channelDecisionManager.supports(attr)) {
set.add(attr);
}
for (ConfigAttribute attr : attrDefs) {
if (!this.channelDecisionManager.supports(attr)) {
unsupportedAttributes.add(attr);
}
}
if (set.size() == 0) {
if (unsupportedAttributes.size() == 0) {
if (logger.isInfoEnabled()) {
logger.info("Validated configuration attributes");
}
} else {
throw new IllegalArgumentException("Unsupported configuration attributes: " + set.toString());
throw new IllegalArgumentException("Unsupported configuration attributes: " + unsupportedAttributes);
}
}

24
core/src/main/java/org/springframework/security/userdetails/ldap/LdapUserDetailsImpl.java
View File

@ -15,18 +15,15 @@
package org.springframework.security.userdetails.ldap;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.util.AuthorityUtils;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.util.Assert;
import java.util.ArrayList;
import java.util.List;
import javax.naming.Name;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttributes;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.util.AuthorityUtils;
import org.springframework.util.Assert;
/**
@ -128,7 +125,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails {
*/
public static class Essence {
protected LdapUserDetailsImpl instance = createTarget();
private List mutableAuthorities = new ArrayList();
private List<GrantedAuthority> mutableAuthorities = new ArrayList<GrantedAuthority>();
public Essence() { }
@ -159,10 +156,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails {
}
private boolean hasAuthority(GrantedAuthority a) {
Iterator authorities = mutableAuthorities.iterator();
while(authorities.hasNext()) {
GrantedAuthority authority = (GrantedAuthority) authorities.next();
for (GrantedAuthority authority : mutableAuthorities) {
if(authority.equals(a)) {
return true;
}

115
core/src/main/java/org/springframework/security/util/FilterChainProxy.java
View File

@ -26,6 +26,7 @@ import org.springframework.util.Assert;
import org.springframework.web.filter.DelegatingFilterProxy;
import javax.servlet.*;
import java.io.IOException;
import java.util.*;
@ -103,9 +104,9 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
private ApplicationContext applicationContext;
/** Map of the original pattern Strings to filter chains */
private Map uncompiledFilterChainMap;
private Map<String, List<Filter>> uncompiledFilterChainMap;
/** Compiled pattern version of the filter chain map */
private Map filterChainMap;
private Map<Object, List<Filter>> filterChainMap;
private UrlMatcher matcher = new AntUrlPathMatcher();
private boolean stripQueryStringFromUrls = true;
private DefaultFilterInvocationDefinitionSource fids;
@ -127,29 +128,25 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
}
public void init(FilterConfig filterConfig) throws ServletException {
Filter[] filters = obtainAllDefinedFilters();
for (int i = 0; i < filters.length; i++) {
if (filters[i] != null) {
for (Filter filter : obtainAllDefinedFilters()) {
if (filter != null) {
if (logger.isDebugEnabled()) {
logger.debug("Initializing Filter defined in ApplicationContext: '" + filters[i].toString() + "'");
logger.debug("Initializing Filter defined in ApplicationContext: '" + filter + "'");
}
filters[i].init(filterConfig);
filter.init(filterConfig);
}
}
}
public void destroy() {
Filter[] filters = obtainAllDefinedFilters();
for (int i = 0; i < filters.length; i++) {
if (filters[i] != null) {
for (Filter filter : obtainAllDefinedFilters()) {
if (filter != null) {
if (logger.isDebugEnabled()) {
logger.debug("Destroying Filter defined in ApplicationContext: '" + filters[i].toString() + "'");
logger.debug("Destroying Filter defined in ApplicationContext: '" + filter + "'");
}
filters[i].destroy();
filter.destroy();
}
}
}
@ -158,7 +155,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
throws IOException, ServletException {
FilterInvocation fi = new FilterInvocation(request, response, chain);
List filters = getFilters(fi.getRequestUrl());
List<Filter> filters = getFilters(fi.getRequestUrl());
if (filters == null || filters.size() == 0) {
if (logger.isDebugEnabled()) {
@ -181,7 +178,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
* @param url the request URL
* @return an ordered array of Filters defining the filter chain
*/
public List getFilters(String url) {
public List<Filter> getFilters(String url) {
if (stripQueryStringFromUrls) {
// String query string - see SEC-953
int firstQuestionMarkIndex = url.indexOf("?");
@ -191,11 +188,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
}
}
Iterator filterChains = filterChainMap.entrySet().iterator();
while (filterChains.hasNext()) {
Map.Entry entry = (Map.Entry) filterChains.next();
for (Map.Entry<Object, List<Filter>> entry : filterChainMap.entrySet()) {
Object path = entry.getKey();
if (matcher.requiresLowerCaseUrl()) {
@ -213,7 +206,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
}
if (matched) {
return (List) entry.getValue();
return entry.getValue();
}
}
@ -230,16 +223,14 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
* each <code>Filter</code> that actually exists in application context, even if a given
* <code>Filter</code> is defined multiples times in the filter chain map)
*/
protected Filter[] obtainAllDefinedFilters() {
Set allFilters = new LinkedHashSet();
protected Collection<Filter> obtainAllDefinedFilters() {
Set<Filter> allFilters = new LinkedHashSet<Filter>();
Iterator it = filterChainMap.values().iterator();
while (it.hasNext()) {
allFilters.addAll((List) it.next());
for (List<Filter> filters : filterChainMap.values()) {
allFilters.addAll(filters);
}
return (Filter[]) new ArrayList(allFilters).toArray(new Filter[0]);
return allFilters;
}
public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
@ -266,14 +257,32 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
* the Map used is an instance of <tt>LinkedHashMap</tt> or an equivalent, rather than a plain <tt>HashMap</tt>, for
* example.
*
* @param filterChainMap the map of path Strings to <tt>Filter[]</tt>s.
* @param filterChainMap the map of path Strings to <tt>List&lt;Filter&gt;</tt>s.
*/
@SuppressWarnings("unchecked")
public void setFilterChainMap(Map filterChainMap) {
uncompiledFilterChainMap = new LinkedHashMap(filterChainMap);
checkContents(filterChainMap);
uncompiledFilterChainMap = new LinkedHashMap<String, List<Filter>>(filterChainMap);
checkPathOrder();
createCompiledMap();
}
@SuppressWarnings("unchecked")
private void checkContents(Map filterChainMap) {
for (Object key : filterChainMap.keySet()) {
Assert.isInstanceOf(String.class, key, "Path key must be a String but found " + key);
Object filters = filterChainMap.get(key);
Assert.isInstanceOf(List.class, filters, "Value must be a filter list");
// Check the contents
Iterator filterIterator = ((List)filters).iterator();
while (filterIterator.hasNext()) {
Object filter = filterIterator.next();
Assert.isInstanceOf(Filter.class, filter, "Objects in filter chain must be of type Filter. ");
}
}
}
private void checkPathOrder() {
// Check that the universal pattern is listed at the end, if at all
String[] paths = (String[]) uncompiledFilterChainMap.keySet().toArray(new String[0]);
@ -289,37 +298,21 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
}
private void createCompiledMap() {
Iterator paths = uncompiledFilterChainMap.keySet().iterator();
filterChainMap = new LinkedHashMap(uncompiledFilterChainMap.size());
filterChainMap = new LinkedHashMap<Object, List<Filter>>(uncompiledFilterChainMap.size());
while (paths.hasNext()) {
Object path = paths.next();
Assert.isInstanceOf(String.class, path, "Path pattern must be a String");
Object compiledPath = matcher.compile((String)path);
Object filters = uncompiledFilterChainMap.get(path);
Assert.isInstanceOf(List.class, filters);
// Check the contents
Iterator filterIterator = ((List)filters).iterator();
while (filterIterator.hasNext()) {
Object filter = filterIterator.next();
Assert.isInstanceOf(Filter.class, filter, "Objects in filter chain must be of type Filter. ");
}
filterChainMap.put(compiledPath, filters);
for (String path : uncompiledFilterChainMap.keySet()) {
filterChainMap.put(matcher.compile(path), uncompiledFilterChainMap.get(path));
}
}
/**
* Returns a copy of the underlying filter chain map. Modifications to the map contents
* will not affect the FilterChainProxy state - to change the map call <tt>setFilterChainMap</tt>.
*
* @return the map of path pattern Strings to filter chain arrays (with ordering guaranteed).
* @return the map of path pattern Strings to filter chain lists (with ordering guaranteed).
*/
public Map getFilterChainMap() {
return new LinkedHashMap(uncompiledFilterChainMap);
public Map<String, List<Filter>> getFilterChainMap() {
return new LinkedHashMap<String, List<Filter>>(uncompiledFilterChainMap);
}
public void setMatcher(UrlMatcher matcher) {
@ -353,22 +346,22 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
/**
* A <code>FilterChain</code> that records whether or not {@link
* FilterChain#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse)} is called.<p>This
* <code>FilterChain</code> is used by <code>FilterChainProxy</code> to determine if the next <code>Filter</code>
* should be called or not.</p>
* FilterChain#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse)} is called.
* <p>
* This <code>FilterChain</code> is used by <code>FilterChainProxy</code> to determine if the next
* <code>Filter</code> should be called or not.</p>
*/
private static class VirtualFilterChain implements FilterChain {
private FilterInvocation fi;
private List additionalFilters;
private List<Filter> additionalFilters;
private int currentPosition = 0;
private VirtualFilterChain(FilterInvocation filterInvocation, List additionalFilters) {
private VirtualFilterChain(FilterInvocation filterInvocation, List<Filter> additionalFilters) {
this.fi = filterInvocation;
this.additionalFilters = additionalFilters;
}
public void doFilter(ServletRequest request, ServletResponse response)
throws IOException, ServletException {
public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
if (currentPosition == additionalFilters.size()) {
if (logger.isDebugEnabled()) {
logger.debug(fi.getRequestUrl()
@ -379,7 +372,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
} else {
currentPosition++;
Filter nextFilter = (Filter) additionalFilters.get(currentPosition - 1);
Filter nextFilter = additionalFilters.get(currentPosition - 1);
if (logger.isDebugEnabled()) {
logger.debug(fi.getRequestUrl() + " at position " + currentPosition + " of "

152
core/src/main/java/org/springframework/security/util/ThrowableAnalyzer.java
View File

@ -3,16 +3,18 @@ package org.springframework.security.util;
import java.lang.reflect.InvocationTargetException;
import java.util.ArrayList;
import java.util.Comparator;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TreeMap;
import org.springframework.util.Assert;
/**
* Handler for analyzing {@link Throwable} instances.
*
* Can be subclassed to customize its behavior.
*
*
* @author Andreas Senft
* @since 2.0
* @version $Id$
@ -21,7 +23,7 @@ public class ThrowableAnalyzer {
/**
* Default extractor for {@link Throwable} instances.
*
*
* @see Throwable#getCause()
*/
public static final ThrowableCauseExtractor DEFAULT_EXTRACTOR
@ -30,13 +32,13 @@ public class ThrowableAnalyzer {
return throwable.getCause();
}
};
/**
* Default extractor for {@link InvocationTargetException} instances.
*
*
* @see InvocationTargetException#getTargetException()
*/
public static final ThrowableCauseExtractor INVOCATIONTARGET_EXTRACTOR
public static final ThrowableCauseExtractor INVOCATIONTARGET_EXTRACTOR
= new ThrowableCauseExtractor() {
public Throwable extractCause(Throwable throwable) {
verifyThrowableHierarchy(throwable, InvocationTargetException.class);
@ -46,16 +48,14 @@ public class ThrowableAnalyzer {
/**
* Comparator to order classes ascending according to their hierarchy relation.
* If two classes have a hierarchical relation, the "higher" class is considered
* If two classes have a hierarchical relation, the "higher" class is considered
* to be greater by this comparator.<br>
* For hierarchically unrelated classes their fully qualified name will be compared.
* For hierarchically unrelated classes their fully qualified name will be compared.
*/
private static final Comparator CLASS_HIERARCHY_COMPARATOR = new Comparator() {
private static final Comparator<Class<? extends Throwable>> CLASS_HIERARCHY_COMPARATOR =
new Comparator<Class<? extends Throwable>>() {
public int compare(Object o1, Object o2) {
Class class1 = (Class) o1;
Class class2 = (Class) o2;
public int compare(Class<? extends Throwable> class1, Class<? extends Throwable> class2) {
if (class1.isAssignableFrom(class2)) {
return 1;
} else if (class2.isAssignableFrom(class1)) {
@ -64,41 +64,37 @@ public class ThrowableAnalyzer {
return class1.getName().compareTo(class2.getName());
}
}
};
/**
* Map of registered cause extractors.
* key: Class<Throwable>; value: ThrowableCauseExctractor
*/
private final Map extractorMap;
private final Map<Class<? extends Throwable>, ThrowableCauseExtractor> extractorMap;
/**
* Creates a new <code>ThrowableAnalyzer</code> instance.
*/
public ThrowableAnalyzer() {
this.extractorMap = new TreeMap(CLASS_HIERARCHY_COMPARATOR);
this.extractorMap = new TreeMap<Class<? extends Throwable>, ThrowableCauseExtractor>(CLASS_HIERARCHY_COMPARATOR);
initExtractorMap();
}
/**
* Registers a <code>ThrowableCauseExtractor</code> for the specified type.
* <i>Can be used in subclasses overriding {@link #initExtractorMap()}.</i>
*
*
* @param throwableType the type (has to be a subclass of <code>Throwable</code>)
* @param extractor the associated <code>ThrowableCauseExtractor</code> (not <code>null</code>)
*
*
* @throws IllegalArgumentException if one of the arguments is invalid
*/
protected final void registerExtractor(Class throwableType, ThrowableCauseExtractor extractor) {
verifyThrowableType(throwableType);
if (extractor == null) {
throw new IllegalArgumentException("Invalid extractor: null");
}
protected final void registerExtractor(Class<? extends Throwable> throwableType, ThrowableCauseExtractor extractor) {
Assert.notNull(extractor, "Invalid extractor: null");
this.extractorMap.put(throwableType, extractor);
}
@ -116,26 +112,26 @@ public class ThrowableAnalyzer {
* However, extractors registered to more specific types are guaranteed to be resolved first.
* So in the default case InvocationTargetExceptions will be handled by {@link #INVOCATIONTARGET_EXTRACTOR}
* while all other throwables are handled by {@link #DEFAULT_EXTRACTOR}.
*
*
* @see #registerExtractor(Class, ThrowableCauseExtractor)
*/
protected void initExtractorMap() {
registerExtractor(InvocationTargetException.class, INVOCATIONTARGET_EXTRACTOR);
registerExtractor(Throwable.class, DEFAULT_EXTRACTOR);
}
/**
* Returns an array containing the classes for which extractors are registered.
* The order of the classes is the order in which comparisons will occur for
* resolving a matching extractor.
*
*
* @return the types for which extractors are registered
*/
final Class[] getRegisteredTypes() {
List typeList = new ArrayList(this.extractorMap.keySet());
return (Class[]) typeList.toArray(new Class[typeList.size()]);
Set<Class<? extends Throwable>> typeList = this.extractorMap.keySet();
return typeList.toArray(new Class[typeList.size()]);
}
/**
* Determines the cause chain of the provided <code>Throwable</code>.
* The returned array contains all throwables extracted from the stacktrace, using the registered
@ -143,127 +139,103 @@ public class ThrowableAnalyzer {
* The first element is the passed in throwable itself. The following elements
* appear in their order downward the stacktrace.
* <p>
* Note: If no {@link ThrowableCauseExtractor} is registered for this instance
* Note: If no {@link ThrowableCauseExtractor} is registered for this instance
* then the returned array will always only contain the passed in throwable.
*
*
* @param throwable the <code>Throwable</code> to analyze
* @return an array of all determined throwables from the stacktrace
*
*
* @throws IllegalArgumentException if the throwable is <code>null</code>
*
*
* @see #initExtractorMap()
*/
public final Throwable[] determineCauseChain(Throwable throwable) {
if (throwable == null) {
throw new IllegalArgumentException("Invalid throwable: null");
}
List chain = new ArrayList();
List<Throwable> chain = new ArrayList<Throwable>();
Throwable currentThrowable = throwable;
while (currentThrowable != null) {
chain.add(currentThrowable);
currentThrowable = extractCause(currentThrowable);
}
return (Throwable[]) chain.toArray(new Throwable[chain.size()]);
return chain.toArray(new Throwable[chain.size()]);
}
/**
* Extracts the cause of the given throwable using an appropriate extractor.
*
*
* @param throwable the <code>Throwable</code> (not <code>null</code>
* @return the cause, may be <code>null</code> if none could be resolved
*/
private Throwable extractCause(Throwable throwable) {
for (Iterator iter = this.extractorMap.entrySet().iterator(); iter.hasNext(); ) {
Map.Entry entry = (Map.Entry) iter.next();
Class throwableType = (Class) entry.getKey();
for (Map.Entry<Class<? extends Throwable>, ThrowableCauseExtractor> entry : extractorMap.entrySet()) {
Class<? extends Throwable> throwableType = entry.getKey();
if (throwableType.isInstance(throwable)) {
ThrowableCauseExtractor extractor = (ThrowableCauseExtractor) entry.getValue();
return extractor.extractCause(throwable);
}
}
return null;
}
/**
* Returns the first throwable from the passed in array that is assignable to the provided type.
* A returned instance is safe to be cast to the specified type.
* <p>
* If the passed in array is null or empty this method returns <code>null</code>.
*
*
* @param throwableType the type to look for
* @param chain the array (will be processed in element order)
* @return the found <code>Throwable</code>, <code>null</code> if not found
*
* @throws IllegalArgumentException if the provided type is <code>null</code>
*
* @throws IllegalArgumentException if the provided type is <code>null</code>
* or no subclass of <code>Throwable</code>
*/
public final Throwable getFirstThrowableOfType(Class throwableType, Throwable[] chain) {
verifyThrowableType(throwableType);
public final Throwable getFirstThrowableOfType(Class<? extends Throwable> throwableType, Throwable[] chain) {
if (chain != null) {
for (int i = 0; i < chain.length; ++i) {
Throwable t = chain[i];
if ((t != null) && throwableType.isInstance(t)) {
return t;
}
}
}
return null;
}
/**
* Convenience method for verifying that the passed in class refers to a valid
* subclass of <code>Throwable</code>.
*
* @param throwableType the type to check
*
* @throws IllegalArgumentException if <code>typeToCheck</code> is either <code>null</code>
* or not assignable to <code>expectedBaseType</code>
*/
private static void verifyThrowableType(Class throwableType) {
if (throwableType == null) {
throw new IllegalArgumentException("Invalid type: null");
}
if (!Throwable.class.isAssignableFrom(throwableType)) {
throw new IllegalArgumentException("Invalid type: '"
+ throwableType.getName()
+ "'. Has to be a subclass of '" + Throwable.class.getName() + "'");
}
}
/**
* Verifies that the provided throwable is a valid subclass of the provided type (or of the type itself).
* If <code>expectdBaseType</code> is <code>null</code>, no check will be performed.
* <p>
* Can be used for verification purposes in implementations
* Can be used for verification purposes in implementations
* of {@link ThrowableCauseExtractor extractors}.
*
*
* @param throwable the <code>Throwable</code> to check
* @param expectedBaseType the type to check against
*
*
* @throws IllegalArgumentException if <code>throwable</code> is either <code>null</code>
* or its type is not assignable to <code>expectedBaseType</code>
*/
public static final void verifyThrowableHierarchy(Throwable throwable, Class expectedBaseType) {
public static final void verifyThrowableHierarchy(Throwable throwable, Class<? extends Throwable> expectedBaseType) {
if (expectedBaseType == null) {
return;
}
if (throwable == null) {
throw new IllegalArgumentException("Invalid throwable: null");
}
Class throwableType = throwable.getClass();
Class<? extends Throwable> throwableType = throwable.getClass();
if (!expectedBaseType.isAssignableFrom(throwableType)) {
throw new IllegalArgumentException("Invalid type: '"
+ throwableType.getName()
throw new IllegalArgumentException("Invalid type: '"
+ throwableType.getName()
+ "'. Has to be a subclass of '" + expectedBaseType.getName() + "'");
}
}

10
core/src/main/java/org/springframework/security/vote/AbstractAclVoter.java
View File

@ -33,13 +33,13 @@ import org.springframework.util.Assert;
public abstract class AbstractAclVoter implements AccessDecisionVoter {
//~ Instance fields ================================================================================================
private Class processDomainObjectClass;
private Class<?> processDomainObjectClass;
//~ Methods ========================================================================================================
protected Object getDomainObjectInstance(Object secureObject) {
Object[] args;
Class[] params;
Class<?>[] params;
if (secureObject instanceof MethodInvocation) {
MethodInvocation invocation = (MethodInvocation) secureObject;
@ -61,11 +61,11 @@ public abstract class AbstractAclVoter implements AccessDecisionVoter {
+ " did not provide any argument of type: " + processDomainObjectClass);
}
public Class getProcessDomainObjectClass() {
public Class<?> getProcessDomainObjectClass() {
return processDomainObjectClass;
}
public void setProcessDomainObjectClass(Class processDomainObjectClass) {
public void setProcessDomainObjectClass(Class<?> processDomainObjectClass) {
Assert.notNull(processDomainObjectClass, "processDomainObjectClass cannot be set to null");
this.processDomainObjectClass = processDomainObjectClass;
}
@ -78,7 +78,7 @@ public abstract class AbstractAclVoter implements AccessDecisionVoter {
*
* @return <code>true</code> if the secure object is <code>MethodInvocation</code>, <code>false</code> otherwise
*/
public boolean supports(Class<? extends Object> clazz) {
public boolean supports(Class<?> clazz) {
if (MethodInvocation.class.isAssignableFrom(clazz)) {
return true;
} else if (JoinPoint.class.isAssignableFrom(clazz)) {

2
core/src/main/java/org/springframework/security/vote/AccessDecisionVoter.java
View File

@ -63,7 +63,7 @@ public interface AccessDecisionVoter {
*
* @return true if the implementation can process the indicated class
*/
boolean supports(Class<? extends Object> clazz);
boolean supports(Class<?> clazz);
/**
* Indicates whether or not access is granted.

2
core/src/main/java/org/springframework/security/vote/AuthenticatedVoter.java
View File

@ -83,7 +83,7 @@ public class AuthenticatedVoter implements AccessDecisionVoter {
*
* @return always <code>true</code>
*/
public boolean supports(Class<? extends Object> clazz) {
public boolean supports(Class<?> clazz) {
return true;
}

2
core/src/main/java/org/springframework/security/vote/RoleVoter.java
View File

@ -88,7 +88,7 @@ public class RoleVoter implements AccessDecisionVoter {
*
* @return always <code>true</code>
*/
public boolean supports(Class<? extends Object> clazz) {
public boolean supports(Class<?> clazz) {
return true;
}

2
core/src/test/java/org/springframework/security/MockRunAsManager.java
View File

@ -54,7 +54,7 @@ public class MockRunAsManager implements RunAsManager {
}
}
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
return true;
}
}

1
core/src/test/java/org/springframework/security/authoritymapping/MapBasedAttributes2GrantedAuthoritiesMapperTest.java
View File

@ -18,6 +18,7 @@ import org.springframework.security.GrantedAuthorityImpl;
*
* @author Ruud Senden
*/
@SuppressWarnings("unchecked")
public class MapBasedAttributes2GrantedAuthoritiesMapperTest {
protected void setUp() throws Exception {

7
core/src/test/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSourceTests.java
View File

@ -1,9 +1,8 @@
package org.springframework.security.intercept.method;
import static org.junit.Assert.*;
import static org.junit.Assert.assertEquals;
import java.lang.reflect.Method;
import java.util.Arrays;
import java.util.List;
import org.junit.Before;
@ -18,8 +17,8 @@ import org.springframework.security.SecurityConfig;
* @since 2.0.4
*/
public class MapBasedMethodDefinitionSourceTests {
private final List<? extends ConfigAttribute> ROLE_A = Arrays.asList(new SecurityConfig("ROLE_A"));
private final List<? extends ConfigAttribute> ROLE_B = Arrays.asList(new SecurityConfig("ROLE_B"));
private final List<ConfigAttribute> ROLE_A = SecurityConfig.createList("ROLE_A");
private final List<ConfigAttribute> ROLE_B = SecurityConfig.createList("ROLE_B");
private MapBasedMethodDefinitionSource mds;
private Method someMethodString;
private Method someMethodInteger;

8
core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java
View File

@ -147,14 +147,8 @@ public class MethodDefinitionSourceEditorTests extends TestCase {
MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue();
Iterator iter = map.getAllConfigAttributes().iterator();
int counter = 0;
while (iter.hasNext()) {
iter.next();
counter++;
}
assertEquals(3, counter);
assertEquals(5, map.getAllConfigAttributes().size());
}
public void testMultiMethodParsing() {

23
core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java
View File

@ -16,6 +16,7 @@
package org.springframework.security.intercept.method;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Vector;
@ -34,35 +35,29 @@ import org.springframework.security.SecurityConfig;
public class MockMethodDefinitionSource implements MethodDefinitionSource {
//~ Instance fields ================================================================================================
private List list;
private List<ConfigAttribute> list;
private boolean returnACollection;
//~ Constructors ===================================================================================================
public MockMethodDefinitionSource(boolean includeInvalidAttributes, boolean returnACollectionWhenRequested) {
returnACollection = returnACollectionWhenRequested;
list = new Vector();
List<? extends ConfigAttribute> def1 = SecurityConfig.createList("MOCK_LOWER");
list.add(def1);
list = new ArrayList<ConfigAttribute>();
if (includeInvalidAttributes) {
List<? extends ConfigAttribute> def2 = SecurityConfig.createList("MOCK_LOWER","INVALID_ATTRIBUTE");
list.add(def2);
list.addAll(SecurityConfig.createList("MOCK_LOWER","INVALID_ATTRIBUTE"));
}
List<? extends ConfigAttribute> def3 = SecurityConfig.createList("MOCK_UPPER", "RUN_AS_");
list.add(def3);
list.addAll(SecurityConfig.createList("MOCK_LOWER", "MOCK_UPPER", "RUN_AS_"));
if (includeInvalidAttributes) {
List<? extends ConfigAttribute> def4 = SecurityConfig.createList("MOCK_SOMETHING", "ANOTHER_INVALID");
list.add(def4);
list.addAll(SecurityConfig.createList("MOCK_SOMETHING", "ANOTHER_INVALID"));
}
}
//~ Methods ========================================================================================================
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
public Collection<ConfigAttribute> getAllConfigAttributes() {
if (returnACollection) {
return list;
} else {
@ -74,11 +69,11 @@ public class MockMethodDefinitionSource implements MethodDefinitionSource {
throw new UnsupportedOperationException("mock method not implemented");
}
public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
throw new UnsupportedOperationException("mock method not implemented");
}
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
return (MethodInvocation.class.isAssignableFrom(clazz) || JoinPoint.class.isAssignableFrom(clazz));
}

1
core/src/test/java/org/springframework/security/intercept/method/MockMethodInvocation.java
View File

@ -5,6 +5,7 @@ import java.lang.reflect.Method;
import org.aopalliance.intercept.MethodInvocation;
@SuppressWarnings("unchecked")
public class MockMethodInvocation implements MethodInvocation {
private Method method;
private Object targetObject;

8
core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorTests.java
View File

@ -440,15 +440,15 @@ public class MethodSecurityInterceptorTests extends TestCase {
}
private class MockObjectDefinitionSourceWhichOnlySupportsStrings implements MethodDefinitionSource {
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
public Collection<ConfigAttribute> getAllConfigAttributes() {
return null;
}
public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
throw new UnsupportedOperationException("mock method not implemented");
}
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
if (String.class.isAssignableFrom(clazz)) {
return true;
} else {
@ -466,7 +466,7 @@ public class MethodSecurityInterceptorTests extends TestCase {
throw new UnsupportedOperationException("mock method not implemented");
}
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
if (String.class.isAssignableFrom(clazz)) {
return true;
} else {

2
core/src/test/java/org/springframework/security/providers/ldap/LdapAuthenticationProviderTests.java
View File

@ -108,7 +108,7 @@ public class LdapAuthenticationProviderTests extends TestCase {
assertEquals("ben", user.getUsername());
assertEquals("ben", populator.getRequestedUsername());
ArrayList authorities = new ArrayList();
ArrayList<String> authorities = new ArrayList<String>();
authorities.add(user.getAuthorities().get(0).getAuthority());
authorities.add(user.getAuthorities().get(1).getAuthority());

2
core/src/test/java/org/springframework/security/runas/RunAsUserTokenTests.java
View File

@ -70,7 +70,7 @@ public class RunAsUserTokenTests extends TestCase {
}
public void testNoArgConstructorDoesntExist() {
Class clazz = RunAsUserToken.class;
Class<RunAsUserToken> clazz = RunAsUserToken.class;
try {
clazz.getDeclaredConstructor((Class[]) null);

31
core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java
View File

@ -15,28 +15,24 @@
package org.springframework.security.securechannel;
import junit.framework.TestCase;
import org.springframework.security.ConfigAttribute;
import org.springframework.security.SecurityConfig;
import org.springframework.security.intercept.web.FilterInvocation;
import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import java.io.IOException;
import java.util.Collection;
import java.util.List;
import java.util.Vector;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import junit.framework.TestCase;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.ConfigAttribute;
import org.springframework.security.SecurityConfig;
import org.springframework.security.intercept.web.FilterInvocation;
import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;
/**
* Tests {@link ChannelProcessingFilter}.
@ -266,18 +262,15 @@ public class ChannelProcessingFilterTests extends TestCase {
}
}
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
public Collection<ConfigAttribute> getAllConfigAttributes() {
if (!provideIterator) {
return null;
}
List list = new Vector();
list.add(toReturn);
return list;
return toReturn;
}
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
return true;
}
}

24
core/src/test/java/org/springframework/security/util/ThrowableAnalyzerTests.java
View File

@ -5,10 +5,11 @@ import java.lang.reflect.InvocationTargetException;
import junit.framework.TestCase;
/**
* Testcases for {@link ThrowableAnalyzer}.
* Test cases for {@link ThrowableAnalyzer}.
*
* @author Andreas Senft
*/
@SuppressWarnings("unchecked")
public class ThrowableAnalyzerTests extends TestCase {
/**
@ -101,27 +102,6 @@ public class ThrowableAnalyzerTests extends TestCase {
super.tearDown();
}
public void testRegisterExtractorWithInvalidClass() {
try {
new ThrowableAnalyzer() {
/**
* @see org.springframework.security.util.ThrowableAnalyzer#initExtractorMap()
*/
@Override
protected void initExtractorMap() {
// Object is no subclass of Throwable
super.registerExtractor(Object.class, DEFAULT_EXTRACTOR);
}
};
fail("IllegalArgumentExpected");
} catch (IllegalArgumentException e) {
// ok
}
}
public void testRegisterExtractorWithInvalidExtractor() {
try {
new ThrowableAnalyzer() {

2
core/src/test/java/org/springframework/security/vote/AbstractAccessDecisionManagerTests.java
View File

@ -152,7 +152,7 @@ public class AbstractAccessDecisionManagerTests extends TestCase {
}
private class MockStringOnlyVoter implements AccessDecisionVoter {
public boolean supports(Class<? extends Object> clazz) {
public boolean supports(Class<?> clazz) {
if (String.class.isAssignableFrom(clazz)) {
return true;
} else {

2
core/src/test/java/org/springframework/security/vote/DenyAgainVoter.java
View File

@ -47,7 +47,7 @@ public class DenyAgainVoter implements AccessDecisionVoter {
}
}
public boolean supports(Class<? extends Object> clazz) {
public boolean supports(Class<?> clazz) {
return true;
}

2
core/src/test/java/org/springframework/security/vote/DenyVoter.java
View File

@ -41,7 +41,7 @@ public class DenyVoter implements AccessDecisionVoter {
}
}
public boolean supports(Class<? extends Object> clazz) {
public boolean supports(Class<?> clazz) {
return true;
}