diff --git a/acl/src/main/java/org/springframework/security/acls/objectidentity/ObjectIdentityImpl.java b/acl/src/main/java/org/springframework/security/acls/objectidentity/ObjectIdentityImpl.java index c0821d4109..d12f4fe1c7 100644 --- a/acl/src/main/java/org/springframework/security/acls/objectidentity/ObjectIdentityImpl.java +++ b/acl/src/main/java/org/springframework/security/acls/objectidentity/ObjectIdentityImpl.java @@ -38,7 +38,7 @@ import java.lang.reflect.Method; public class ObjectIdentityImpl implements ObjectIdentity { //~ Instance fields ================================================================================================ - private Class javaType; + private Class javaType; private Serializable identifier; //~ Constructors =================================================================================================== @@ -56,7 +56,7 @@ public class ObjectIdentityImpl implements ObjectIdentity { this.identifier = identifier; } - public ObjectIdentityImpl(Class javaType, Serializable identifier) { + public ObjectIdentityImpl(Class javaType, Serializable identifier) { Assert.notNull(javaType, "Java Type required"); Assert.notNull(identifier, "identifier required"); this.javaType = javaType; @@ -131,7 +131,7 @@ public class ObjectIdentityImpl implements ObjectIdentity { return identifier; } - public Class getJavaType() { + public Class getJavaType() { return javaType; } diff --git a/core/src/main/java/org/springframework/security/RunAsManager.java b/core/src/main/java/org/springframework/security/RunAsManager.java index 84d85569e1..5172a19d31 100644 --- a/core/src/main/java/org/springframework/security/RunAsManager.java +++ b/core/src/main/java/org/springframework/security/RunAsManager.java @@ -96,5 +96,5 @@ public interface RunAsManager { * * @return true if the implementation can process the indicated class */ - boolean supports(Class clazz); + boolean supports(Class clazz); } diff --git a/core/src/main/java/org/springframework/security/annotation/Jsr250MethodDefinitionSource.java b/core/src/main/java/org/springframework/security/annotation/Jsr250MethodDefinitionSource.java index 9285214ad2..5d78086a2a 100644 --- a/core/src/main/java/org/springframework/security/annotation/Jsr250MethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/annotation/Jsr250MethodDefinitionSource.java @@ -39,15 +39,15 @@ import org.springframework.security.intercept.method.AbstractFallbackMethodDefin */ public class Jsr250MethodDefinitionSource extends AbstractFallbackMethodDefinitionSource { - protected List findAttributes(Class clazz) { + protected List findAttributes(Class clazz) { return processAnnotations(clazz.getAnnotations()); } - protected List findAttributes(Method method, Class targetClass) { + protected List findAttributes(Method method, Class targetClass) { return processAnnotations(AnnotationUtils.getAnnotations(method)); } - public Collection> getAllConfigAttributes() { + public Collection getAllConfigAttributes() { return null; } diff --git a/core/src/main/java/org/springframework/security/annotation/Jsr250Voter.java b/core/src/main/java/org/springframework/security/annotation/Jsr250Voter.java index 65c09e43ba..86203ebf9a 100644 --- a/core/src/main/java/org/springframework/security/annotation/Jsr250Voter.java +++ b/core/src/main/java/org/springframework/security/annotation/Jsr250Voter.java @@ -32,7 +32,7 @@ public class Jsr250Voter implements AccessDecisionVoter { * @param clazz the class. * @return true */ - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { return true; } diff --git a/core/src/main/java/org/springframework/security/annotation/SecuredMethodDefinitionSource.java b/core/src/main/java/org/springframework/security/annotation/SecuredMethodDefinitionSource.java index 3ddfe90314..a9792bdec3 100644 --- a/core/src/main/java/org/springframework/security/annotation/SecuredMethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/annotation/SecuredMethodDefinitionSource.java @@ -35,15 +35,15 @@ import org.springframework.security.intercept.method.AbstractFallbackMethodDefin */ public class SecuredMethodDefinitionSource extends AbstractFallbackMethodDefinitionSource { - protected List findAttributes(Class clazz) { + protected List findAttributes(Class clazz) { return processAnnotation(clazz.getAnnotation(Secured.class)); } - protected List findAttributes(Method method, Class targetClass) { + protected List findAttributes(Method method, Class targetClass) { return processAnnotation(AnnotationUtils.findAnnotation(method, Secured.class)); } - public Collection> getAllConfigAttributes() { + public Collection getAllConfigAttributes() { return null; } diff --git a/core/src/main/java/org/springframework/security/config/ConfigUtils.java b/core/src/main/java/org/springframework/security/config/ConfigUtils.java index 2a12b20667..1656d9026a 100644 --- a/core/src/main/java/org/springframework/security/config/ConfigUtils.java +++ b/core/src/main/java/org/springframework/security/config/ConfigUtils.java @@ -143,6 +143,7 @@ abstract class ConfigUtils { * Bean which holds the list of filters which are maintained in the context and modified by calls to * addHttpFilter. The post processor retrieves these before injecting the list into the FilterChainProxy. */ + @SuppressWarnings("unchecked") public static class FilterChainList { List filters; diff --git a/core/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java b/core/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java index 915d244afb..11733d4636 100644 --- a/core/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java +++ b/core/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java @@ -96,7 +96,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac /** * Checks the filter list for possible errors and logs them */ - private void checkFilterStack(List filters) { + private void checkFilterStack(List filters) { checkForDuplicates(HttpSessionContextIntegrationFilter.class, filters); checkForDuplicates(AuthenticationProcessingFilter.class, filters); checkForDuplicates(SessionFixationProtectionFilter.class, filters); @@ -106,13 +106,13 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac checkForDuplicates(FilterSecurityInterceptor.class, filters); } - private void checkForDuplicates(Class clazz, List filters) { + private void checkForDuplicates(Class clazz, List filters) { for (int i=0; i < filters.size(); i++) { - Filter f1 = (Filter)filters.get(i); + Filter f1 = filters.get(i); if (clazz.isAssignableFrom(f1.getClass())) { // Found the first one, check remaining for another for (int j=i+1; j < filters.size(); j++) { - Filter f2 = (Filter)filters.get(j); + Filter f2 = filters.get(j); if (clazz.isAssignableFrom(f2.getClass())) { logger.warn("Possible error: Filters at position " + i + " and " + j + " are both " + "instances of " + clazz.getName()); @@ -130,7 +130,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac if (etf.getAuthenticationEntryPoint() instanceof AuthenticationProcessingFilterEntryPoint) { String loginPage = ((AuthenticationProcessingFilterEntryPoint)etf.getAuthenticationEntryPoint()).getLoginFormUrl(); - List filters = fcp.getFilters(loginPage); + List filters = fcp.getFilters(loginPage); logger.info("Checking whether login URL '" + loginPage + "' is accessible with your configuration"); if (filters == null || filters.isEmpty()) { @@ -148,7 +148,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac ((FilterSecurityInterceptor)beanFactory.getBean(BeanIds.FILTER_SECURITY_INTERCEPTOR)); DefaultFilterInvocationDefinitionSource fids = (DefaultFilterInvocationDefinitionSource) fsi.getObjectDefinitionSource(); - List attributes = fids.lookupAttributes(loginPage, "POST"); + List attributes = fids.lookupAttributes(loginPage, "POST"); if (attributes == null) { logger.debug("No access attributes defined for login page URL"); diff --git a/core/src/main/java/org/springframework/security/context/SecurityContextHolder.java b/core/src/main/java/org/springframework/security/context/SecurityContextHolder.java index 52f2cc6dc8..f8e3580324 100644 --- a/core/src/main/java/org/springframework/security/context/SecurityContextHolder.java +++ b/core/src/main/java/org/springframework/security/context/SecurityContextHolder.java @@ -100,8 +100,8 @@ public class SecurityContextHolder { } else { // Try to load a custom strategy try { - Class clazz = Class.forName(strategyName); - Constructor customStrategy = clazz.getConstructor(new Class[] {}); + Class clazz = Class.forName(strategyName); + Constructor customStrategy = clazz.getConstructor(new Class[] {}); strategy = (SecurityContextHolderStrategy) customStrategy.newInstance(new Object[] {}); } catch (Exception ex) { ReflectionUtils.handleReflectionException(ex); diff --git a/core/src/main/java/org/springframework/security/expression/method/ExpressionAnnotationMethodDefinitionSource.java b/core/src/main/java/org/springframework/security/expression/method/ExpressionAnnotationMethodDefinitionSource.java index 3c7fe59bc1..50fe2beaeb 100644 --- a/core/src/main/java/org/springframework/security/expression/method/ExpressionAnnotationMethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/expression/method/ExpressionAnnotationMethodDefinitionSource.java @@ -40,7 +40,7 @@ import org.springframework.util.ClassUtils; public class ExpressionAnnotationMethodDefinitionSource extends AbstractMethodDefinitionSource { private ExpressionParser parser = new SpelExpressionParser(); - public List getAttributes(Method method, Class targetClass) { + public List getAttributes(Method method, Class targetClass) { if (method.getDeclaringClass() == Object.class) { return null; } @@ -109,7 +109,7 @@ public class ExpressionAnnotationMethodDefinitionSource extends AbstractMethodDe return null; } - public Collection> getAllConfigAttributes() { + public Collection getAllConfigAttributes() { return null; } diff --git a/core/src/main/java/org/springframework/security/expression/method/MethodExpressionVoter.java b/core/src/main/java/org/springframework/security/expression/method/MethodExpressionVoter.java index f7c4d5d86b..691ec03c59 100644 --- a/core/src/main/java/org/springframework/security/expression/method/MethodExpressionVoter.java +++ b/core/src/main/java/org/springframework/security/expression/method/MethodExpressionVoter.java @@ -35,7 +35,7 @@ public class MethodExpressionVoter implements AccessDecisionVoter { return attribute instanceof AbstractExpressionBasedMethodConfigAttribute; } - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { return clazz.isAssignableFrom(MethodInvocation.class); } diff --git a/core/src/main/java/org/springframework/security/expression/web/WebExpressionVoter.java b/core/src/main/java/org/springframework/security/expression/web/WebExpressionVoter.java index a67dc3b9a1..b3d4aeaace 100644 --- a/core/src/main/java/org/springframework/security/expression/web/WebExpressionVoter.java +++ b/core/src/main/java/org/springframework/security/expression/web/WebExpressionVoter.java @@ -5,6 +5,7 @@ import java.util.List; import org.springframework.expression.EvaluationContext; import org.springframework.security.Authentication; import org.springframework.security.ConfigAttribute; +import org.springframework.security.expression.ExpressionUtils; import org.springframework.security.expression.SecurityExpressionHandler; import org.springframework.security.expression.support.DefaultSecurityExpressionHandler; import org.springframework.security.intercept.web.FilterInvocation; @@ -14,7 +15,7 @@ import org.springframework.security.vote.AccessDecisionVoter; * Voter which handles web authorisation decisions. * @author Luke Taylor * @version $Id$ - * @since + * @since 2.5 */ public class WebExpressionVoter implements AccessDecisionVoter { private SecurityExpressionHandler expressionHandler = new DefaultSecurityExpressionHandler(); @@ -29,9 +30,8 @@ public class WebExpressionVoter implements AccessDecisionVoter { FilterInvocation fi = (FilterInvocation)object; EvaluationContext ctx = expressionHandler.createEvaluationContext(authentication, fi); - weca.getAuthorizeExpression(); - - return 0; + return ExpressionUtils.evaluateAsBoolean(weca.getAuthorizeExpression(), ctx) ? + ACCESS_GRANTED : ACCESS_DENIED; } private WebExpressionConfigAttribute findConfigAttribute(List attributes) { @@ -47,7 +47,7 @@ public class WebExpressionVoter implements AccessDecisionVoter { return attribute instanceof WebExpressionConfigAttribute; } - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { return clazz.isAssignableFrom(FilterInvocation.class); } diff --git a/core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java b/core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java index 0c7cc12e48..1a1965350a 100644 --- a/core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java +++ b/core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java @@ -136,7 +136,7 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A } if (this.validateConfigAttributes) { - Collection> attributeDefs = this.obtainObjectDefinitionSource().getAllConfigAttributes(); + Collection attributeDefs = this.obtainObjectDefinitionSource().getAllConfigAttributes(); if (attributeDefs == null) { logger.warn("Could not validate configuration attributes as the ObjectDefinitionSource did not return " @@ -144,14 +144,12 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A return; } - Set unsupportedAttrs = new HashSet(); + Set unsupportedAttrs = new HashSet(); - for (List def : attributeDefs) { - for (ConfigAttribute attr : def) { - if (!this.runAsManager.supports(attr) && !this.accessDecisionManager.supports(attr) - && ((this.afterInvocationManager == null) || !this.afterInvocationManager.supports(attr))) { - unsupportedAttrs.add(attr); - } + for (ConfigAttribute attr : attributeDefs) { + if (!this.runAsManager.supports(attr) && !this.accessDecisionManager.supports(attr) + && ((this.afterInvocationManager == null) || !this.afterInvocationManager.supports(attr))) { + unsupportedAttrs.add(attr); } } diff --git a/core/src/main/java/org/springframework/security/intercept/ObjectDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/ObjectDefinitionSource.java index b51cc06ada..fd6d0d6bf5 100644 --- a/core/src/main/java/org/springframework/security/intercept/ObjectDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/ObjectDefinitionSource.java @@ -53,7 +53,7 @@ public interface ObjectDefinitionSource { * * @return the ConfigAttributes or null if unsupported */ - Collection> getAllConfigAttributes(); + Collection getAllConfigAttributes(); /** * Indicates whether the ObjectDefinitionSource implementation is able to provide @@ -63,5 +63,5 @@ public interface ObjectDefinitionSource { * * @return true if the implementation can process the indicated class */ - boolean supports(Class clazz); + boolean supports(Class clazz); } diff --git a/core/src/main/java/org/springframework/security/intercept/method/AbstractFallbackMethodDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/method/AbstractFallbackMethodDefinitionSource.java index 7f4337fd02..32587eeb10 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/AbstractFallbackMethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/method/AbstractFallbackMethodDefinitionSource.java @@ -27,7 +27,7 @@ import org.springframework.util.ClassUtils; */ public abstract class AbstractFallbackMethodDefinitionSource extends AbstractMethodDefinitionSource { - public List getAttributes(Method method, Class targetClass) { + public List getAttributes(Method method, Class targetClass) { // The method may be on an interface, but we need attributes from the target class. // If the target class is null, the method will be unchanged. Method specificMethod = ClassUtils.getMostSpecificMethod(method, targetClass); @@ -68,7 +68,7 @@ public abstract class AbstractFallbackMethodDefinitionSource extends AbstractMet * @param targetClass the target class for the invocation (may be null) * @return the security metadata (or null if no metadata applies) */ - protected abstract List findAttributes(Method method, Class targetClass); + protected abstract List findAttributes(Method method, Class targetClass); /** * Obtains the security metadata registered against the specified class. @@ -82,7 +82,7 @@ public abstract class AbstractFallbackMethodDefinitionSource extends AbstractMet * @param clazz the target class for the invocation (never null) * @return the security metadata (or null if no metadata applies) */ - protected abstract List findAttributes(Class clazz); + protected abstract List findAttributes(Class clazz); } diff --git a/core/src/main/java/org/springframework/security/intercept/method/AbstractMethodDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/method/AbstractMethodDefinitionSource.java index 8e9f9a2b40..749b7c2f92 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/AbstractMethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/method/AbstractMethodDefinitionSource.java @@ -55,10 +55,10 @@ public abstract class AbstractMethodDefinitionSource implements MethodDefinition if (object instanceof JoinPoint) { JoinPoint jp = (JoinPoint) object; - Class targetClass = jp.getTarget().getClass(); + Class targetClass = jp.getTarget().getClass(); String targetMethodName = jp.getStaticPart().getSignature().getName(); - Class[] types = ((CodeSignature) jp.getStaticPart().getSignature()).getParameterTypes(); - Class declaringType = ((CodeSignature) jp.getStaticPart().getSignature()).getDeclaringType(); + Class[] types = ((CodeSignature) jp.getStaticPart().getSignature()).getParameterTypes(); + Class declaringType = ((CodeSignature) jp.getStaticPart().getSignature()).getDeclaringType(); Method method = ClassUtils.getMethodIfAvailable(declaringType, targetMethodName, types); Assert.notNull(method, "Could not obtain target method from JoinPoint: '"+ jp + "'"); @@ -69,7 +69,7 @@ public abstract class AbstractMethodDefinitionSource implements MethodDefinition throw new IllegalArgumentException("Object must be a non-null MethodInvocation or JoinPoint"); } - public final boolean supports(Class clazz) { + public final boolean supports(Class clazz) { return (MethodInvocation.class.isAssignableFrom(clazz) || JoinPoint.class.isAssignableFrom(clazz)); } } diff --git a/core/src/main/java/org/springframework/security/intercept/method/DelegatingMethodDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/method/DelegatingMethodDefinitionSource.java index 0d6db5b11b..394658da76 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/DelegatingMethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/method/DelegatingMethodDefinitionSource.java @@ -5,7 +5,6 @@ import java.util.Collection; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; -import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Set; @@ -27,7 +26,8 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini private final static List NULL_CONFIG_ATTRIBUTE = Collections.emptyList(); private List methodDefinitionSources; - private final Map> attributeCache = new HashMap(); + private final Map> attributeCache = + new HashMap>(); //~ Methods ======================================================================================================== @@ -35,7 +35,7 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini Assert.notEmpty(methodDefinitionSources, "A list of MethodDefinitionSources is required"); } - public List getAttributes(Method method, Class targetClass) { + public List getAttributes(Method method, Class targetClass) { DefaultCacheKey cacheKey = new DefaultCacheKey(method, targetClass); synchronized (attributeCache) { List cached = attributeCache.get(cacheKey); @@ -73,12 +73,10 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini } } - public Collection> getAllConfigAttributes() { - Set set = new HashSet(); - Iterator i = methodDefinitionSources.iterator(); - while (i.hasNext()) { - MethodDefinitionSource s = (MethodDefinitionSource) i.next(); - Collection> attrs = s.getAllConfigAttributes(); + public Collection getAllConfigAttributes() { + Set set = new HashSet(); + for (MethodDefinitionSource s : methodDefinitionSources) { + Collection attrs = s.getAllConfigAttributes(); if (attrs != null) { set.addAll(attrs); } @@ -86,6 +84,7 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini return set; } + @SuppressWarnings("unchecked") public void setMethodDefinitionSources(List methodDefinitionSources) { Assert.notEmpty(methodDefinitionSources, "A list of MethodDefinitionSources is required"); this.methodDefinitionSources = methodDefinitionSources; diff --git a/core/src/main/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSource.java index 44eea309fb..80a11ae346 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSource.java @@ -19,9 +19,11 @@ import java.lang.reflect.Method; import java.util.ArrayList; import java.util.Collection; import java.util.HashMap; +import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Map; +import java.util.Set; import org.springframework.beans.factory.BeanClassLoaderAware; import org.springframework.security.ConfigAttribute; @@ -48,10 +50,10 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini private ClassLoader beanClassLoader = ClassUtils.getDefaultClassLoader(); /** Map from RegisteredMethod to ConfigAttribute list */ - protected Map> methodMap = new HashMap(); + protected Map> methodMap = new HashMap>(); /** Map from RegisteredMethod to name pattern used for registration */ - private Map nameMap = new HashMap(); + private Map nameMap = new HashMap(); //~ Methods ======================================================================================================== @@ -71,14 +73,14 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini /** * Implementation does not support class-level attributes. */ - protected List findAttributes(Class clazz) { + protected List findAttributes(Class clazz) { return null; } /** * Will walk the method inheritance tree to find the most specific declaration applicable. */ - protected List findAttributes(Method method, Class targetClass) { + protected List findAttributes(Method method, Class targetClass) { if (targetClass == null) { return null; } @@ -105,7 +107,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini * @param name type and method name, separated by a dot * @param attr required authorities associated with the method */ - public void addSecureMethod(String name, List attr) { + public void addSecureMethod(String name, List attr) { int lastDotIndex = name.lastIndexOf("."); if (lastDotIndex == -1) { @@ -129,7 +131,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini * @param mappedName mapped method name, which the javaType has declared or inherited * @param attr required authorities associated with the method */ - public void addSecureMethod(Class javaType, String mappedName, List attr) { + public void addSecureMethod(Class javaType, String mappedName, List attr) { String name = javaType.getName() + '.' + mappedName; if (logger.isDebugEnabled()) { @@ -137,7 +139,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini } Method[] methods = javaType.getMethods(); - List matchingMethods = new ArrayList(); + List matchingMethods = new ArrayList(); for (int i = 0; i < methods.length; i++) { if (methods[i].getName().equals(mappedName) || isMatch(methods[i].getName(), mappedName)) { @@ -150,8 +152,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini } // register all matching methods - for (Iterator it = matchingMethods.iterator(); it.hasNext();) { - Method method = (Method) it.next(); + for (Method method : matchingMethods) { RegisteredMethod registeredMethod = new RegisteredMethod(method, javaType); String regMethodName = (String) this.nameMap.get(registeredMethod); @@ -178,7 +179,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini * the existing match will be retained, so that if this method is called for a more general pointcut * it will not override a more specific one which has already been added. This */ - public void addSecureMethod(Class javaType, Method method, List attr) { + public void addSecureMethod(Class javaType, Method method, List attr) { RegisteredMethod key = new RegisteredMethod(method, javaType); if (methodMap.containsKey(key)) { @@ -195,7 +196,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini * @param method the method to be secured * @param attr required authorities associated with the method */ - private void addSecureMethod(RegisteredMethod method, List attr) { + private void addSecureMethod(RegisteredMethod method, List attr) { Assert.notNull(method, "RegisteredMethod required"); Assert.notNull(attr, "Configuration attribute required"); if (logger.isInfoEnabled()) { @@ -209,8 +210,14 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini * * @return the attributes explicitly defined against this bean */ - public Collection> getAllConfigAttributes() { - return methodMap.values(); + public Collection getAllConfigAttributes() { + Set allAttributes = new HashSet(); + + for (List attributeList : methodMap.values()) { + allAttributes.addAll(attributeList); + } + + return allAttributes; } /** diff --git a/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSource.java index ea928073fd..babaf42ba0 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSource.java @@ -30,5 +30,5 @@ import org.springframework.security.intercept.ObjectDefinitionSource; * @version $Id$ */ public interface MethodDefinitionSource extends ObjectDefinitionSource { - public List getAttributes(Method method, Class targetClass); + public List getAttributes(Method method, Class targetClass); } diff --git a/core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodDefinitionSourceAdvisor.java b/core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodDefinitionSourceAdvisor.java index 2bd503a17a..e070225385 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodDefinitionSourceAdvisor.java +++ b/core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodDefinitionSourceAdvisor.java @@ -128,9 +128,9 @@ public class MethodDefinitionSourceAdvisor extends AbstractPointcutAdvisor imple */ class InternalMethodInvocation implements MethodInvocation { private Method method; - private Class targetClass; + private Class targetClass; - public InternalMethodInvocation(Method method, Class targetClass) { + public InternalMethodInvocation(Method method, Class targetClass) { this.method = method; this.targetClass = targetClass; } diff --git a/core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSource.java index 4bd55efc30..30d43e3903 100644 --- a/core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSource.java @@ -17,7 +17,6 @@ package org.springframework.security.intercept.web; import java.util.Arrays; import java.util.Collection; -import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.LinkedHashMap; @@ -142,10 +141,17 @@ public class DefaultFilterInvocationDefinitionSource implements FilterInvocation return methodRequestmap; } - public Collection> getAllConfigAttributes() { - return Collections.unmodifiableCollection(getRequestMap().values()); + public Collection getAllConfigAttributes() { + Set allAttributes = new HashSet(); + + for(List attrs : requestMap.values()) { + allAttributes.addAll(attrs); + } + + return allAttributes; } + public List getAttributes(Object object) throws IllegalArgumentException { if ((object == null) || !this.supports(object.getClass())) { throw new IllegalArgumentException("Object must be a FilterInvocation"); @@ -227,7 +233,7 @@ public class DefaultFilterInvocationDefinitionSource implements FilterInvocation return null; } - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { return FilterInvocation.class.isAssignableFrom(clazz); } diff --git a/core/src/main/java/org/springframework/security/providers/ProviderManager.java b/core/src/main/java/org/springframework/security/providers/ProviderManager.java index 847be00327..662109c5c4 100644 --- a/core/src/main/java/org/springframework/security/providers/ProviderManager.java +++ b/core/src/main/java/org/springframework/security/providers/ProviderManager.java @@ -217,8 +217,8 @@ public class ProviderManager extends AbstractAuthenticationManager implements In if (className != null) { try { - Class clazz = getClass().getClassLoader().loadClass(className); - Constructor constructor = clazz.getConstructor(new Class[] { + Class clazz = getClass().getClassLoader().loadClass(className); + Constructor constructor = clazz.getConstructor(new Class[] { Authentication.class, AuthenticationException.class }); Object obj = constructor.newInstance(new Object[] {authentication, exception}); diff --git a/core/src/main/java/org/springframework/security/runas/NullRunAsManager.java b/core/src/main/java/org/springframework/security/runas/NullRunAsManager.java index 15ff31d106..a4068ee536 100644 --- a/core/src/main/java/org/springframework/security/runas/NullRunAsManager.java +++ b/core/src/main/java/org/springframework/security/runas/NullRunAsManager.java @@ -41,7 +41,7 @@ public class NullRunAsManager implements RunAsManager { return false; } - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { return true; } } diff --git a/core/src/main/java/org/springframework/security/runas/RunAsManagerImpl.java b/core/src/main/java/org/springframework/security/runas/RunAsManagerImpl.java index df8918b5c1..17b3f3c762 100644 --- a/core/src/main/java/org/springframework/security/runas/RunAsManagerImpl.java +++ b/core/src/main/java/org/springframework/security/runas/RunAsManagerImpl.java @@ -63,7 +63,7 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean { } public Authentication buildRunAs(Authentication authentication, Object object, List config) { - List newAuthorities = new ArrayList(); + List newAuthorities = new ArrayList(); for(ConfigAttribute attribute : config) { if (this.supports(attribute)) { @@ -123,7 +123,7 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean { * * @return alwaus true */ - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { return true; } } diff --git a/core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java b/core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java index 6025f3af87..851a837a30 100644 --- a/core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java +++ b/core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java @@ -59,7 +59,7 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini Assert.notNull(filterInvocationDefinitionSource, "filterInvocationDefinitionSource must be specified"); Assert.notNull(channelDecisionManager, "channelDecisionManager must be specified"); - Collection> attrDefs = this.filterInvocationDefinitionSource.getAllConfigAttributes(); + Collection attrDefs = this.filterInvocationDefinitionSource.getAllConfigAttributes(); if (attrDefs == null) { if (logger.isWarnEnabled()) { @@ -70,22 +70,20 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini return; } - Set set = new HashSet(); + Set unsupportedAttributes = new HashSet(); - for (List def : attrDefs) { - for (ConfigAttribute attr : def) { - if (!this.channelDecisionManager.supports(attr)) { - set.add(attr); - } + for (ConfigAttribute attr : attrDefs) { + if (!this.channelDecisionManager.supports(attr)) { + unsupportedAttributes.add(attr); } } - if (set.size() == 0) { + if (unsupportedAttributes.size() == 0) { if (logger.isInfoEnabled()) { logger.info("Validated configuration attributes"); } } else { - throw new IllegalArgumentException("Unsupported configuration attributes: " + set.toString()); + throw new IllegalArgumentException("Unsupported configuration attributes: " + unsupportedAttributes); } } diff --git a/core/src/main/java/org/springframework/security/userdetails/ldap/LdapUserDetailsImpl.java b/core/src/main/java/org/springframework/security/userdetails/ldap/LdapUserDetailsImpl.java index c75c6f0f08..b38a7f2861 100644 --- a/core/src/main/java/org/springframework/security/userdetails/ldap/LdapUserDetailsImpl.java +++ b/core/src/main/java/org/springframework/security/userdetails/ldap/LdapUserDetailsImpl.java @@ -15,18 +15,15 @@ package org.springframework.security.userdetails.ldap; -import org.springframework.security.GrantedAuthority; -import org.springframework.security.util.AuthorityUtils; -import org.springframework.ldap.core.DirContextOperations; -import org.springframework.util.Assert; +import java.util.ArrayList; +import java.util.List; import javax.naming.Name; -import javax.naming.directory.Attributes; -import javax.naming.directory.BasicAttributes; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Iterator; -import java.util.List; + +import org.springframework.ldap.core.DirContextOperations; +import org.springframework.security.GrantedAuthority; +import org.springframework.security.util.AuthorityUtils; +import org.springframework.util.Assert; /** @@ -128,7 +125,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails { */ public static class Essence { protected LdapUserDetailsImpl instance = createTarget(); - private List mutableAuthorities = new ArrayList(); + private List mutableAuthorities = new ArrayList(); public Essence() { } @@ -159,10 +156,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails { } private boolean hasAuthority(GrantedAuthority a) { - Iterator authorities = mutableAuthorities.iterator(); - - while(authorities.hasNext()) { - GrantedAuthority authority = (GrantedAuthority) authorities.next(); + for (GrantedAuthority authority : mutableAuthorities) { if(authority.equals(a)) { return true; } diff --git a/core/src/main/java/org/springframework/security/util/FilterChainProxy.java b/core/src/main/java/org/springframework/security/util/FilterChainProxy.java index f605cf9afa..2cf6e642c5 100644 --- a/core/src/main/java/org/springframework/security/util/FilterChainProxy.java +++ b/core/src/main/java/org/springframework/security/util/FilterChainProxy.java @@ -26,6 +26,7 @@ import org.springframework.util.Assert; import org.springframework.web.filter.DelegatingFilterProxy; import javax.servlet.*; + import java.io.IOException; import java.util.*; @@ -103,9 +104,9 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo private ApplicationContext applicationContext; /** Map of the original pattern Strings to filter chains */ - private Map uncompiledFilterChainMap; + private Map> uncompiledFilterChainMap; /** Compiled pattern version of the filter chain map */ - private Map filterChainMap; + private Map> filterChainMap; private UrlMatcher matcher = new AntUrlPathMatcher(); private boolean stripQueryStringFromUrls = true; private DefaultFilterInvocationDefinitionSource fids; @@ -127,29 +128,25 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo } public void init(FilterConfig filterConfig) throws ServletException { - Filter[] filters = obtainAllDefinedFilters(); - - for (int i = 0; i < filters.length; i++) { - if (filters[i] != null) { + for (Filter filter : obtainAllDefinedFilters()) { + if (filter != null) { if (logger.isDebugEnabled()) { - logger.debug("Initializing Filter defined in ApplicationContext: '" + filters[i].toString() + "'"); + logger.debug("Initializing Filter defined in ApplicationContext: '" + filter + "'"); } - filters[i].init(filterConfig); + filter.init(filterConfig); } } } public void destroy() { - Filter[] filters = obtainAllDefinedFilters(); - - for (int i = 0; i < filters.length; i++) { - if (filters[i] != null) { + for (Filter filter : obtainAllDefinedFilters()) { + if (filter != null) { if (logger.isDebugEnabled()) { - logger.debug("Destroying Filter defined in ApplicationContext: '" + filters[i].toString() + "'"); + logger.debug("Destroying Filter defined in ApplicationContext: '" + filter + "'"); } - filters[i].destroy(); + filter.destroy(); } } } @@ -158,7 +155,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo throws IOException, ServletException { FilterInvocation fi = new FilterInvocation(request, response, chain); - List filters = getFilters(fi.getRequestUrl()); + List filters = getFilters(fi.getRequestUrl()); if (filters == null || filters.size() == 0) { if (logger.isDebugEnabled()) { @@ -181,7 +178,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo * @param url the request URL * @return an ordered array of Filters defining the filter chain */ - public List getFilters(String url) { + public List getFilters(String url) { if (stripQueryStringFromUrls) { // String query string - see SEC-953 int firstQuestionMarkIndex = url.indexOf("?"); @@ -191,11 +188,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo } } - - Iterator filterChains = filterChainMap.entrySet().iterator(); - - while (filterChains.hasNext()) { - Map.Entry entry = (Map.Entry) filterChains.next(); + for (Map.Entry> entry : filterChainMap.entrySet()) { Object path = entry.getKey(); if (matcher.requiresLowerCaseUrl()) { @@ -213,7 +206,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo } if (matched) { - return (List) entry.getValue(); + return entry.getValue(); } } @@ -230,16 +223,14 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo * each Filter that actually exists in application context, even if a given * Filter is defined multiples times in the filter chain map) */ - protected Filter[] obtainAllDefinedFilters() { - Set allFilters = new LinkedHashSet(); + protected Collection obtainAllDefinedFilters() { + Set allFilters = new LinkedHashSet(); - Iterator it = filterChainMap.values().iterator(); - - while (it.hasNext()) { - allFilters.addAll((List) it.next()); + for (List filters : filterChainMap.values()) { + allFilters.addAll(filters); } - return (Filter[]) new ArrayList(allFilters).toArray(new Filter[0]); + return allFilters; } public void setApplicationContext(ApplicationContext applicationContext) throws BeansException { @@ -266,14 +257,32 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo * the Map used is an instance of LinkedHashMap or an equivalent, rather than a plain HashMap, for * example. * - * @param filterChainMap the map of path Strings to Filter[]s. + * @param filterChainMap the map of path Strings to List<Filter>s. */ + @SuppressWarnings("unchecked") public void setFilterChainMap(Map filterChainMap) { - uncompiledFilterChainMap = new LinkedHashMap(filterChainMap); + checkContents(filterChainMap); + uncompiledFilterChainMap = new LinkedHashMap>(filterChainMap); checkPathOrder(); createCompiledMap(); } + @SuppressWarnings("unchecked") + private void checkContents(Map filterChainMap) { + for (Object key : filterChainMap.keySet()) { + Assert.isInstanceOf(String.class, key, "Path key must be a String but found " + key); + Object filters = filterChainMap.get(key); + Assert.isInstanceOf(List.class, filters, "Value must be a filter list"); + // Check the contents + Iterator filterIterator = ((List)filters).iterator(); + + while (filterIterator.hasNext()) { + Object filter = filterIterator.next(); + Assert.isInstanceOf(Filter.class, filter, "Objects in filter chain must be of type Filter. "); + } + } + } + private void checkPathOrder() { // Check that the universal pattern is listed at the end, if at all String[] paths = (String[]) uncompiledFilterChainMap.keySet().toArray(new String[0]); @@ -289,37 +298,21 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo } private void createCompiledMap() { - Iterator paths = uncompiledFilterChainMap.keySet().iterator(); - filterChainMap = new LinkedHashMap(uncompiledFilterChainMap.size()); + filterChainMap = new LinkedHashMap>(uncompiledFilterChainMap.size()); - while (paths.hasNext()) { - Object path = paths.next(); - Assert.isInstanceOf(String.class, path, "Path pattern must be a String"); - Object compiledPath = matcher.compile((String)path); - Object filters = uncompiledFilterChainMap.get(path); - - Assert.isInstanceOf(List.class, filters); - // Check the contents - Iterator filterIterator = ((List)filters).iterator(); - - while (filterIterator.hasNext()) { - Object filter = filterIterator.next(); - Assert.isInstanceOf(Filter.class, filter, "Objects in filter chain must be of type Filter. "); - } - - filterChainMap.put(compiledPath, filters); + for (String path : uncompiledFilterChainMap.keySet()) { + filterChainMap.put(matcher.compile(path), uncompiledFilterChainMap.get(path)); } } - /** * Returns a copy of the underlying filter chain map. Modifications to the map contents * will not affect the FilterChainProxy state - to change the map call setFilterChainMap. * - * @return the map of path pattern Strings to filter chain arrays (with ordering guaranteed). + * @return the map of path pattern Strings to filter chain lists (with ordering guaranteed). */ - public Map getFilterChainMap() { - return new LinkedHashMap(uncompiledFilterChainMap); + public Map> getFilterChainMap() { + return new LinkedHashMap>(uncompiledFilterChainMap); } public void setMatcher(UrlMatcher matcher) { @@ -353,22 +346,22 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo /** * A FilterChain that records whether or not {@link - * FilterChain#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse)} is called.

This - * FilterChain is used by FilterChainProxy to determine if the next Filter - * should be called or not.

+ * FilterChain#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse)} is called. + *

+ * This FilterChain is used by FilterChainProxy to determine if the next + * Filter should be called or not.

*/ private static class VirtualFilterChain implements FilterChain { private FilterInvocation fi; - private List additionalFilters; + private List additionalFilters; private int currentPosition = 0; - private VirtualFilterChain(FilterInvocation filterInvocation, List additionalFilters) { + private VirtualFilterChain(FilterInvocation filterInvocation, List additionalFilters) { this.fi = filterInvocation; this.additionalFilters = additionalFilters; } - public void doFilter(ServletRequest request, ServletResponse response) - throws IOException, ServletException { + public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { if (currentPosition == additionalFilters.size()) { if (logger.isDebugEnabled()) { logger.debug(fi.getRequestUrl() @@ -379,7 +372,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo } else { currentPosition++; - Filter nextFilter = (Filter) additionalFilters.get(currentPosition - 1); + Filter nextFilter = additionalFilters.get(currentPosition - 1); if (logger.isDebugEnabled()) { logger.debug(fi.getRequestUrl() + " at position " + currentPosition + " of " diff --git a/core/src/main/java/org/springframework/security/util/ThrowableAnalyzer.java b/core/src/main/java/org/springframework/security/util/ThrowableAnalyzer.java index fab60bc62d..e6c393b542 100755 --- a/core/src/main/java/org/springframework/security/util/ThrowableAnalyzer.java +++ b/core/src/main/java/org/springframework/security/util/ThrowableAnalyzer.java @@ -3,16 +3,18 @@ package org.springframework.security.util; import java.lang.reflect.InvocationTargetException; import java.util.ArrayList; import java.util.Comparator; -import java.util.Iterator; import java.util.List; import java.util.Map; +import java.util.Set; import java.util.TreeMap; +import org.springframework.util.Assert; + /** * Handler for analyzing {@link Throwable} instances. * * Can be subclassed to customize its behavior. - * + * * @author Andreas Senft * @since 2.0 * @version $Id$ @@ -21,7 +23,7 @@ public class ThrowableAnalyzer { /** * Default extractor for {@link Throwable} instances. - * + * * @see Throwable#getCause() */ public static final ThrowableCauseExtractor DEFAULT_EXTRACTOR @@ -30,13 +32,13 @@ public class ThrowableAnalyzer { return throwable.getCause(); } }; - + /** * Default extractor for {@link InvocationTargetException} instances. - * + * * @see InvocationTargetException#getTargetException() */ - public static final ThrowableCauseExtractor INVOCATIONTARGET_EXTRACTOR + public static final ThrowableCauseExtractor INVOCATIONTARGET_EXTRACTOR = new ThrowableCauseExtractor() { public Throwable extractCause(Throwable throwable) { verifyThrowableHierarchy(throwable, InvocationTargetException.class); @@ -46,16 +48,14 @@ public class ThrowableAnalyzer { /** * Comparator to order classes ascending according to their hierarchy relation. - * If two classes have a hierarchical relation, the "higher" class is considered + * If two classes have a hierarchical relation, the "higher" class is considered * to be greater by this comparator.
- * For hierarchically unrelated classes their fully qualified name will be compared. + * For hierarchically unrelated classes their fully qualified name will be compared. */ - private static final Comparator CLASS_HIERARCHY_COMPARATOR = new Comparator() { + private static final Comparator> CLASS_HIERARCHY_COMPARATOR = + new Comparator>() { - public int compare(Object o1, Object o2) { - Class class1 = (Class) o1; - Class class2 = (Class) o2; - + public int compare(Class class1, Class class2) { if (class1.isAssignableFrom(class2)) { return 1; } else if (class2.isAssignableFrom(class1)) { @@ -64,41 +64,37 @@ public class ThrowableAnalyzer { return class1.getName().compareTo(class2.getName()); } } - + }; - + /** * Map of registered cause extractors. * key: Class; value: ThrowableCauseExctractor */ - private final Map extractorMap; - - + private final Map, ThrowableCauseExtractor> extractorMap; + + /** * Creates a new ThrowableAnalyzer instance. */ public ThrowableAnalyzer() { - this.extractorMap = new TreeMap(CLASS_HIERARCHY_COMPARATOR); - + this.extractorMap = new TreeMap, ThrowableCauseExtractor>(CLASS_HIERARCHY_COMPARATOR); + initExtractorMap(); } - + /** * Registers a ThrowableCauseExtractor for the specified type. * Can be used in subclasses overriding {@link #initExtractorMap()}. - * + * * @param throwableType the type (has to be a subclass of Throwable) * @param extractor the associated ThrowableCauseExtractor (not null) - * + * * @throws IllegalArgumentException if one of the arguments is invalid */ - protected final void registerExtractor(Class throwableType, ThrowableCauseExtractor extractor) { - verifyThrowableType(throwableType); - - if (extractor == null) { - throw new IllegalArgumentException("Invalid extractor: null"); - } + protected final void registerExtractor(Class throwableType, ThrowableCauseExtractor extractor) { + Assert.notNull(extractor, "Invalid extractor: null"); this.extractorMap.put(throwableType, extractor); } @@ -116,26 +112,26 @@ public class ThrowableAnalyzer { * However, extractors registered to more specific types are guaranteed to be resolved first. * So in the default case InvocationTargetExceptions will be handled by {@link #INVOCATIONTARGET_EXTRACTOR} * while all other throwables are handled by {@link #DEFAULT_EXTRACTOR}. - * + * * @see #registerExtractor(Class, ThrowableCauseExtractor) */ protected void initExtractorMap() { registerExtractor(InvocationTargetException.class, INVOCATIONTARGET_EXTRACTOR); registerExtractor(Throwable.class, DEFAULT_EXTRACTOR); } - + /** * Returns an array containing the classes for which extractors are registered. * The order of the classes is the order in which comparisons will occur for * resolving a matching extractor. - * + * * @return the types for which extractors are registered */ final Class[] getRegisteredTypes() { - List typeList = new ArrayList(this.extractorMap.keySet()); - return (Class[]) typeList.toArray(new Class[typeList.size()]); + Set> typeList = this.extractorMap.keySet(); + return typeList.toArray(new Class[typeList.size()]); } - + /** * Determines the cause chain of the provided Throwable. * The returned array contains all throwables extracted from the stacktrace, using the registered @@ -143,127 +139,103 @@ public class ThrowableAnalyzer { * The first element is the passed in throwable itself. The following elements * appear in their order downward the stacktrace. *

- * Note: If no {@link ThrowableCauseExtractor} is registered for this instance + * Note: If no {@link ThrowableCauseExtractor} is registered for this instance * then the returned array will always only contain the passed in throwable. - * + * * @param throwable the Throwable to analyze * @return an array of all determined throwables from the stacktrace - * + * * @throws IllegalArgumentException if the throwable is null - * + * * @see #initExtractorMap() */ public final Throwable[] determineCauseChain(Throwable throwable) { if (throwable == null) { throw new IllegalArgumentException("Invalid throwable: null"); } - - List chain = new ArrayList(); + + List chain = new ArrayList(); Throwable currentThrowable = throwable; - + while (currentThrowable != null) { chain.add(currentThrowable); currentThrowable = extractCause(currentThrowable); } - - return (Throwable[]) chain.toArray(new Throwable[chain.size()]); + + return chain.toArray(new Throwable[chain.size()]); } - + /** * Extracts the cause of the given throwable using an appropriate extractor. - * + * * @param throwable the Throwable (not null * @return the cause, may be null if none could be resolved */ private Throwable extractCause(Throwable throwable) { - for (Iterator iter = this.extractorMap.entrySet().iterator(); iter.hasNext(); ) { - Map.Entry entry = (Map.Entry) iter.next(); - - Class throwableType = (Class) entry.getKey(); + for (Map.Entry, ThrowableCauseExtractor> entry : extractorMap.entrySet()) { + Class throwableType = entry.getKey(); if (throwableType.isInstance(throwable)) { ThrowableCauseExtractor extractor = (ThrowableCauseExtractor) entry.getValue(); return extractor.extractCause(throwable); } } - + return null; } - + /** * Returns the first throwable from the passed in array that is assignable to the provided type. * A returned instance is safe to be cast to the specified type. *

* If the passed in array is null or empty this method returns null. - * + * * @param throwableType the type to look for * @param chain the array (will be processed in element order) * @return the found Throwable, null if not found - * - * @throws IllegalArgumentException if the provided type is null + * + * @throws IllegalArgumentException if the provided type is null * or no subclass of Throwable */ - public final Throwable getFirstThrowableOfType(Class throwableType, Throwable[] chain) { - verifyThrowableType(throwableType); - + public final Throwable getFirstThrowableOfType(Class throwableType, Throwable[] chain) { if (chain != null) { for (int i = 0; i < chain.length; ++i) { Throwable t = chain[i]; - + if ((t != null) && throwableType.isInstance(t)) { return t; } } } - + return null; } - - /** - * Convenience method for verifying that the passed in class refers to a valid - * subclass of Throwable. - * - * @param throwableType the type to check - * - * @throws IllegalArgumentException if typeToCheck is either null - * or not assignable to expectedBaseType - */ - private static void verifyThrowableType(Class throwableType) { - if (throwableType == null) { - throw new IllegalArgumentException("Invalid type: null"); - } - if (!Throwable.class.isAssignableFrom(throwableType)) { - throw new IllegalArgumentException("Invalid type: '" - + throwableType.getName() - + "'. Has to be a subclass of '" + Throwable.class.getName() + "'"); - } - } - + /** * Verifies that the provided throwable is a valid subclass of the provided type (or of the type itself). * If expectdBaseType is null, no check will be performed. *

- * Can be used for verification purposes in implementations + * Can be used for verification purposes in implementations * of {@link ThrowableCauseExtractor extractors}. - * + * * @param throwable the Throwable to check * @param expectedBaseType the type to check against - * + * * @throws IllegalArgumentException if throwable is either null * or its type is not assignable to expectedBaseType */ - public static final void verifyThrowableHierarchy(Throwable throwable, Class expectedBaseType) { + public static final void verifyThrowableHierarchy(Throwable throwable, Class expectedBaseType) { if (expectedBaseType == null) { return; } - + if (throwable == null) { throw new IllegalArgumentException("Invalid throwable: null"); } - Class throwableType = throwable.getClass(); - + Class throwableType = throwable.getClass(); + if (!expectedBaseType.isAssignableFrom(throwableType)) { - throw new IllegalArgumentException("Invalid type: '" - + throwableType.getName() + throw new IllegalArgumentException("Invalid type: '" + + throwableType.getName() + "'. Has to be a subclass of '" + expectedBaseType.getName() + "'"); } } diff --git a/core/src/main/java/org/springframework/security/vote/AbstractAclVoter.java b/core/src/main/java/org/springframework/security/vote/AbstractAclVoter.java index 4a2a2bdcec..b0677ad4ba 100644 --- a/core/src/main/java/org/springframework/security/vote/AbstractAclVoter.java +++ b/core/src/main/java/org/springframework/security/vote/AbstractAclVoter.java @@ -33,13 +33,13 @@ import org.springframework.util.Assert; public abstract class AbstractAclVoter implements AccessDecisionVoter { //~ Instance fields ================================================================================================ - private Class processDomainObjectClass; + private Class processDomainObjectClass; //~ Methods ======================================================================================================== protected Object getDomainObjectInstance(Object secureObject) { Object[] args; - Class[] params; + Class[] params; if (secureObject instanceof MethodInvocation) { MethodInvocation invocation = (MethodInvocation) secureObject; @@ -61,11 +61,11 @@ public abstract class AbstractAclVoter implements AccessDecisionVoter { + " did not provide any argument of type: " + processDomainObjectClass); } - public Class getProcessDomainObjectClass() { + public Class getProcessDomainObjectClass() { return processDomainObjectClass; } - public void setProcessDomainObjectClass(Class processDomainObjectClass) { + public void setProcessDomainObjectClass(Class processDomainObjectClass) { Assert.notNull(processDomainObjectClass, "processDomainObjectClass cannot be set to null"); this.processDomainObjectClass = processDomainObjectClass; } @@ -78,7 +78,7 @@ public abstract class AbstractAclVoter implements AccessDecisionVoter { * * @return true if the secure object is MethodInvocation, false otherwise */ - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { if (MethodInvocation.class.isAssignableFrom(clazz)) { return true; } else if (JoinPoint.class.isAssignableFrom(clazz)) { diff --git a/core/src/main/java/org/springframework/security/vote/AccessDecisionVoter.java b/core/src/main/java/org/springframework/security/vote/AccessDecisionVoter.java index 5e002b59bf..e79e622a93 100644 --- a/core/src/main/java/org/springframework/security/vote/AccessDecisionVoter.java +++ b/core/src/main/java/org/springframework/security/vote/AccessDecisionVoter.java @@ -63,7 +63,7 @@ public interface AccessDecisionVoter { * * @return true if the implementation can process the indicated class */ - boolean supports(Class clazz); + boolean supports(Class clazz); /** * Indicates whether or not access is granted. diff --git a/core/src/main/java/org/springframework/security/vote/AuthenticatedVoter.java b/core/src/main/java/org/springframework/security/vote/AuthenticatedVoter.java index 004c2f5c45..7afc69f090 100644 --- a/core/src/main/java/org/springframework/security/vote/AuthenticatedVoter.java +++ b/core/src/main/java/org/springframework/security/vote/AuthenticatedVoter.java @@ -83,7 +83,7 @@ public class AuthenticatedVoter implements AccessDecisionVoter { * * @return always true */ - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { return true; } diff --git a/core/src/main/java/org/springframework/security/vote/RoleVoter.java b/core/src/main/java/org/springframework/security/vote/RoleVoter.java index 81fb54f777..5d875cf3c7 100644 --- a/core/src/main/java/org/springframework/security/vote/RoleVoter.java +++ b/core/src/main/java/org/springframework/security/vote/RoleVoter.java @@ -88,7 +88,7 @@ public class RoleVoter implements AccessDecisionVoter { * * @return always true */ - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { return true; } diff --git a/core/src/test/java/org/springframework/security/MockRunAsManager.java b/core/src/test/java/org/springframework/security/MockRunAsManager.java index 436a04fa05..7847794163 100644 --- a/core/src/test/java/org/springframework/security/MockRunAsManager.java +++ b/core/src/test/java/org/springframework/security/MockRunAsManager.java @@ -54,7 +54,7 @@ public class MockRunAsManager implements RunAsManager { } } - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { return true; } } diff --git a/core/src/test/java/org/springframework/security/authoritymapping/MapBasedAttributes2GrantedAuthoritiesMapperTest.java b/core/src/test/java/org/springframework/security/authoritymapping/MapBasedAttributes2GrantedAuthoritiesMapperTest.java index 136d65896f..a224c82383 100755 --- a/core/src/test/java/org/springframework/security/authoritymapping/MapBasedAttributes2GrantedAuthoritiesMapperTest.java +++ b/core/src/test/java/org/springframework/security/authoritymapping/MapBasedAttributes2GrantedAuthoritiesMapperTest.java @@ -18,6 +18,7 @@ import org.springframework.security.GrantedAuthorityImpl; * * @author Ruud Senden */ +@SuppressWarnings("unchecked") public class MapBasedAttributes2GrantedAuthoritiesMapperTest { protected void setUp() throws Exception { diff --git a/core/src/test/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSourceTests.java b/core/src/test/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSourceTests.java index 7225e3d016..d1ba7b23c4 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSourceTests.java +++ b/core/src/test/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSourceTests.java @@ -1,9 +1,8 @@ package org.springframework.security.intercept.method; -import static org.junit.Assert.*; +import static org.junit.Assert.assertEquals; import java.lang.reflect.Method; -import java.util.Arrays; import java.util.List; import org.junit.Before; @@ -18,8 +17,8 @@ import org.springframework.security.SecurityConfig; * @since 2.0.4 */ public class MapBasedMethodDefinitionSourceTests { - private final List ROLE_A = Arrays.asList(new SecurityConfig("ROLE_A")); - private final List ROLE_B = Arrays.asList(new SecurityConfig("ROLE_B")); + private final List ROLE_A = SecurityConfig.createList("ROLE_A"); + private final List ROLE_B = SecurityConfig.createList("ROLE_B"); private MapBasedMethodDefinitionSource mds; private Method someMethodString; private Method someMethodInteger; diff --git a/core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java b/core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java index 16423b40cb..963264b32a 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java @@ -147,14 +147,8 @@ public class MethodDefinitionSourceEditorTests extends TestCase { MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue(); Iterator iter = map.getAllConfigAttributes().iterator(); - int counter = 0; - while (iter.hasNext()) { - iter.next(); - counter++; - } - - assertEquals(3, counter); + assertEquals(5, map.getAllConfigAttributes().size()); } public void testMultiMethodParsing() { diff --git a/core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java b/core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java index cc0601c638..3d5bd897bf 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java +++ b/core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java @@ -16,6 +16,7 @@ package org.springframework.security.intercept.method; import java.lang.reflect.Method; +import java.util.ArrayList; import java.util.Collection; import java.util.List; import java.util.Vector; @@ -34,35 +35,29 @@ import org.springframework.security.SecurityConfig; public class MockMethodDefinitionSource implements MethodDefinitionSource { //~ Instance fields ================================================================================================ - private List list; + private List list; private boolean returnACollection; //~ Constructors =================================================================================================== public MockMethodDefinitionSource(boolean includeInvalidAttributes, boolean returnACollectionWhenRequested) { returnACollection = returnACollectionWhenRequested; - list = new Vector(); - - List def1 = SecurityConfig.createList("MOCK_LOWER"); - list.add(def1); + list = new ArrayList(); if (includeInvalidAttributes) { - List def2 = SecurityConfig.createList("MOCK_LOWER","INVALID_ATTRIBUTE"); - list.add(def2); + list.addAll(SecurityConfig.createList("MOCK_LOWER","INVALID_ATTRIBUTE")); } - List def3 = SecurityConfig.createList("MOCK_UPPER", "RUN_AS_"); - list.add(def3); + list.addAll(SecurityConfig.createList("MOCK_LOWER", "MOCK_UPPER", "RUN_AS_")); if (includeInvalidAttributes) { - List def4 = SecurityConfig.createList("MOCK_SOMETHING", "ANOTHER_INVALID"); - list.add(def4); + list.addAll(SecurityConfig.createList("MOCK_SOMETHING", "ANOTHER_INVALID")); } } //~ Methods ======================================================================================================== - public Collection> getAllConfigAttributes() { + public Collection getAllConfigAttributes() { if (returnACollection) { return list; } else { @@ -74,11 +69,11 @@ public class MockMethodDefinitionSource implements MethodDefinitionSource { throw new UnsupportedOperationException("mock method not implemented"); } - public List getAttributes(Method method, Class targetClass) { + public List getAttributes(Method method, Class targetClass) { throw new UnsupportedOperationException("mock method not implemented"); } - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { return (MethodInvocation.class.isAssignableFrom(clazz) || JoinPoint.class.isAssignableFrom(clazz)); } diff --git a/core/src/test/java/org/springframework/security/intercept/method/MockMethodInvocation.java b/core/src/test/java/org/springframework/security/intercept/method/MockMethodInvocation.java index 475dabb2c6..fd83357807 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/MockMethodInvocation.java +++ b/core/src/test/java/org/springframework/security/intercept/method/MockMethodInvocation.java @@ -5,6 +5,7 @@ import java.lang.reflect.Method; import org.aopalliance.intercept.MethodInvocation; +@SuppressWarnings("unchecked") public class MockMethodInvocation implements MethodInvocation { private Method method; private Object targetObject; diff --git a/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorTests.java b/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorTests.java index ed1b375300..08d0ac59de 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorTests.java @@ -440,15 +440,15 @@ public class MethodSecurityInterceptorTests extends TestCase { } private class MockObjectDefinitionSourceWhichOnlySupportsStrings implements MethodDefinitionSource { - public Collection> getAllConfigAttributes() { + public Collection getAllConfigAttributes() { return null; } - public List getAttributes(Method method, Class targetClass) { + public List getAttributes(Method method, Class targetClass) { throw new UnsupportedOperationException("mock method not implemented"); } - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { if (String.class.isAssignableFrom(clazz)) { return true; } else { @@ -466,7 +466,7 @@ public class MethodSecurityInterceptorTests extends TestCase { throw new UnsupportedOperationException("mock method not implemented"); } - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { if (String.class.isAssignableFrom(clazz)) { return true; } else { diff --git a/core/src/test/java/org/springframework/security/providers/ldap/LdapAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/providers/ldap/LdapAuthenticationProviderTests.java index 3e7244d92d..18e03fb7ea 100644 --- a/core/src/test/java/org/springframework/security/providers/ldap/LdapAuthenticationProviderTests.java +++ b/core/src/test/java/org/springframework/security/providers/ldap/LdapAuthenticationProviderTests.java @@ -108,7 +108,7 @@ public class LdapAuthenticationProviderTests extends TestCase { assertEquals("ben", user.getUsername()); assertEquals("ben", populator.getRequestedUsername()); - ArrayList authorities = new ArrayList(); + ArrayList authorities = new ArrayList(); authorities.add(user.getAuthorities().get(0).getAuthority()); authorities.add(user.getAuthorities().get(1).getAuthority()); diff --git a/core/src/test/java/org/springframework/security/runas/RunAsUserTokenTests.java b/core/src/test/java/org/springframework/security/runas/RunAsUserTokenTests.java index ebcc61ca19..17fbcda8f8 100644 --- a/core/src/test/java/org/springframework/security/runas/RunAsUserTokenTests.java +++ b/core/src/test/java/org/springframework/security/runas/RunAsUserTokenTests.java @@ -70,7 +70,7 @@ public class RunAsUserTokenTests extends TestCase { } public void testNoArgConstructorDoesntExist() { - Class clazz = RunAsUserToken.class; + Class clazz = RunAsUserToken.class; try { clazz.getDeclaredConstructor((Class[]) null); diff --git a/core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java b/core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java index b5d1696d80..1044f68381 100644 --- a/core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java +++ b/core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java @@ -15,28 +15,24 @@ package org.springframework.security.securechannel; -import junit.framework.TestCase; - -import org.springframework.security.ConfigAttribute; -import org.springframework.security.SecurityConfig; - -import org.springframework.security.intercept.web.FilterInvocation; -import org.springframework.security.intercept.web.FilterInvocationDefinitionSource; - -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; - import java.io.IOException; - import java.util.Collection; import java.util.List; -import java.util.Vector; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; +import junit.framework.TestCase; + +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.security.ConfigAttribute; +import org.springframework.security.SecurityConfig; +import org.springframework.security.intercept.web.FilterInvocation; +import org.springframework.security.intercept.web.FilterInvocationDefinitionSource; + /** * Tests {@link ChannelProcessingFilter}. @@ -266,18 +262,15 @@ public class ChannelProcessingFilterTests extends TestCase { } } - public Collection> getAllConfigAttributes() { + public Collection getAllConfigAttributes() { if (!provideIterator) { return null; } - List list = new Vector(); - list.add(toReturn); - - return list; + return toReturn; } - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { return true; } } diff --git a/core/src/test/java/org/springframework/security/util/ThrowableAnalyzerTests.java b/core/src/test/java/org/springframework/security/util/ThrowableAnalyzerTests.java index 0392638483..747f7a78f0 100644 --- a/core/src/test/java/org/springframework/security/util/ThrowableAnalyzerTests.java +++ b/core/src/test/java/org/springframework/security/util/ThrowableAnalyzerTests.java @@ -5,10 +5,11 @@ import java.lang.reflect.InvocationTargetException; import junit.framework.TestCase; /** - * Testcases for {@link ThrowableAnalyzer}. + * Test cases for {@link ThrowableAnalyzer}. * * @author Andreas Senft */ +@SuppressWarnings("unchecked") public class ThrowableAnalyzerTests extends TestCase { /** @@ -101,27 +102,6 @@ public class ThrowableAnalyzerTests extends TestCase { super.tearDown(); } - - public void testRegisterExtractorWithInvalidClass() { - try { - new ThrowableAnalyzer() { - - /** - * @see org.springframework.security.util.ThrowableAnalyzer#initExtractorMap() - */ - @Override - protected void initExtractorMap() { - // Object is no subclass of Throwable - super.registerExtractor(Object.class, DEFAULT_EXTRACTOR); - } - }; - - fail("IllegalArgumentExpected"); - } catch (IllegalArgumentException e) { - // ok - } - } - public void testRegisterExtractorWithInvalidExtractor() { try { new ThrowableAnalyzer() { diff --git a/core/src/test/java/org/springframework/security/vote/AbstractAccessDecisionManagerTests.java b/core/src/test/java/org/springframework/security/vote/AbstractAccessDecisionManagerTests.java index 174002a2c3..139a707ff0 100644 --- a/core/src/test/java/org/springframework/security/vote/AbstractAccessDecisionManagerTests.java +++ b/core/src/test/java/org/springframework/security/vote/AbstractAccessDecisionManagerTests.java @@ -152,7 +152,7 @@ public class AbstractAccessDecisionManagerTests extends TestCase { } private class MockStringOnlyVoter implements AccessDecisionVoter { - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { if (String.class.isAssignableFrom(clazz)) { return true; } else { diff --git a/core/src/test/java/org/springframework/security/vote/DenyAgainVoter.java b/core/src/test/java/org/springframework/security/vote/DenyAgainVoter.java index 3d0363e910..983a7e9dc4 100644 --- a/core/src/test/java/org/springframework/security/vote/DenyAgainVoter.java +++ b/core/src/test/java/org/springframework/security/vote/DenyAgainVoter.java @@ -47,7 +47,7 @@ public class DenyAgainVoter implements AccessDecisionVoter { } } - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { return true; } diff --git a/core/src/test/java/org/springframework/security/vote/DenyVoter.java b/core/src/test/java/org/springframework/security/vote/DenyVoter.java index 0c16046485..18886cc4cc 100644 --- a/core/src/test/java/org/springframework/security/vote/DenyVoter.java +++ b/core/src/test/java/org/springframework/security/vote/DenyVoter.java @@ -41,7 +41,7 @@ public class DenyVoter implements AccessDecisionVoter { } } - public boolean supports(Class clazz) { + public boolean supports(Class clazz) { return true; }