mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-06-26 22:02:41 +00:00
SEC-1012: Futher generification. Also changed method signature of ObjectDefinitionSource.getAllConfigAtributes to return a single collection
This commit is contained in:
Luke Taylor
parent
f3b3004085
commit
31375b7212
@ -38,7 +38,7 @@ import java.lang.reflect.Method;
|
||||
public class ObjectIdentityImpl implements ObjectIdentity {
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
private Class javaType;
|
||||
private Class<?> javaType;
|
||||
private Serializable identifier;
|
||||
|
||||
//~ Constructors ===================================================================================================
|
||||
@ -56,7 +56,7 @@ public class ObjectIdentityImpl implements ObjectIdentity {
|
||||
this.identifier = identifier;
|
||||
}
|
||||
|
||||
public ObjectIdentityImpl(Class javaType, Serializable identifier) {
|
||||
public ObjectIdentityImpl(Class<?> javaType, Serializable identifier) {
|
||||
Assert.notNull(javaType, "Java Type required");
|
||||
Assert.notNull(identifier, "identifier required");
|
||||
this.javaType = javaType;
|
||||
@ -131,7 +131,7 @@ public class ObjectIdentityImpl implements ObjectIdentity {
|
||||
return identifier;
|
||||
}
|
||||
|
||||
public Class getJavaType() {
|
||||
public Class<?> getJavaType() {
|
||||
return javaType;
|
||||
}
|
||||
|
||||
|
||||
@ -96,5 +96,5 @@ public interface RunAsManager {
|
||||
*
|
||||
* @return true if the implementation can process the indicated class
|
||||
*/
|
||||
boolean supports(Class clazz);
|
||||
boolean supports(Class<?> clazz);
|
||||
}
|
||||
|
||||
@ -39,15 +39,15 @@ import org.springframework.security.intercept.method.AbstractFallbackMethodDefin
|
||||
*/
|
||||
public class Jsr250MethodDefinitionSource extends AbstractFallbackMethodDefinitionSource {
|
||||
|
||||
protected List<ConfigAttribute> findAttributes(Class clazz) {
|
||||
protected List<ConfigAttribute> findAttributes(Class<?> clazz) {
|
||||
return processAnnotations(clazz.getAnnotations());
|
||||
}
|
||||
|
||||
protected List<ConfigAttribute> findAttributes(Method method, Class targetClass) {
|
||||
protected List<ConfigAttribute> findAttributes(Method method, Class<?> targetClass) {
|
||||
return processAnnotations(AnnotationUtils.getAnnotations(method));
|
||||
}
|
||||
|
||||
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
|
||||
public Collection<ConfigAttribute> getAllConfigAttributes() {
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@ -32,7 +32,7 @@ public class Jsr250Voter implements AccessDecisionVoter {
|
||||
* @param clazz the class.
|
||||
* @return true
|
||||
*/
|
||||
public boolean supports(Class<? extends Object> clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@ -35,15 +35,15 @@ import org.springframework.security.intercept.method.AbstractFallbackMethodDefin
|
||||
*/
|
||||
public class SecuredMethodDefinitionSource extends AbstractFallbackMethodDefinitionSource {
|
||||
|
||||
protected List<ConfigAttribute> findAttributes(Class clazz) {
|
||||
protected List<ConfigAttribute> findAttributes(Class<?> clazz) {
|
||||
return processAnnotation(clazz.getAnnotation(Secured.class));
|
||||
}
|
||||
|
||||
protected List<ConfigAttribute> findAttributes(Method method, Class targetClass) {
|
||||
protected List<ConfigAttribute> findAttributes(Method method, Class<?> targetClass) {
|
||||
return processAnnotation(AnnotationUtils.findAnnotation(method, Secured.class));
|
||||
}
|
||||
|
||||
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
|
||||
public Collection<ConfigAttribute> getAllConfigAttributes() {
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@ -143,6 +143,7 @@ abstract class ConfigUtils {
|
||||
* Bean which holds the list of filters which are maintained in the context and modified by calls to
|
||||
* addHttpFilter. The post processor retrieves these before injecting the list into the FilterChainProxy.
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
public static class FilterChainList {
|
||||
List filters;
|
||||
|
||||
|
||||
@ -96,7 +96,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
|
||||
/**
|
||||
* Checks the filter list for possible errors and logs them
|
||||
*/
|
||||
private void checkFilterStack(List filters) {
|
||||
private void checkFilterStack(List<Filter> filters) {
|
||||
checkForDuplicates(HttpSessionContextIntegrationFilter.class, filters);
|
||||
checkForDuplicates(AuthenticationProcessingFilter.class, filters);
|
||||
checkForDuplicates(SessionFixationProtectionFilter.class, filters);
|
||||
@ -106,13 +106,13 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
|
||||
checkForDuplicates(FilterSecurityInterceptor.class, filters);
|
||||
}
|
||||
|
||||
private void checkForDuplicates(Class clazz, List filters) {
|
||||
private void checkForDuplicates(Class<? extends Filter> clazz, List<Filter> filters) {
|
||||
for (int i=0; i < filters.size(); i++) {
|
||||
Filter f1 = (Filter)filters.get(i);
|
||||
Filter f1 = filters.get(i);
|
||||
if (clazz.isAssignableFrom(f1.getClass())) {
|
||||
// Found the first one, check remaining for another
|
||||
for (int j=i+1; j < filters.size(); j++) {
|
||||
Filter f2 = (Filter)filters.get(j);
|
||||
Filter f2 = filters.get(j);
|
||||
if (clazz.isAssignableFrom(f2.getClass())) {
|
||||
logger.warn("Possible error: Filters at position " + i + " and " + j + " are both " +
|
||||
"instances of " + clazz.getName());
|
||||
@ -130,7 +130,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
|
||||
if (etf.getAuthenticationEntryPoint() instanceof AuthenticationProcessingFilterEntryPoint) {
|
||||
String loginPage =
|
||||
((AuthenticationProcessingFilterEntryPoint)etf.getAuthenticationEntryPoint()).getLoginFormUrl();
|
||||
List filters = fcp.getFilters(loginPage);
|
||||
List<Filter> filters = fcp.getFilters(loginPage);
|
||||
logger.info("Checking whether login URL '" + loginPage + "' is accessible with your configuration");
|
||||
|
||||
if (filters == null || filters.isEmpty()) {
|
||||
@ -148,7 +148,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
|
||||
((FilterSecurityInterceptor)beanFactory.getBean(BeanIds.FILTER_SECURITY_INTERCEPTOR));
|
||||
DefaultFilterInvocationDefinitionSource fids =
|
||||
(DefaultFilterInvocationDefinitionSource) fsi.getObjectDefinitionSource();
|
||||
List<? extends ConfigAttribute> attributes = fids.lookupAttributes(loginPage, "POST");
|
||||
List<ConfigAttribute> attributes = fids.lookupAttributes(loginPage, "POST");
|
||||
|
||||
if (attributes == null) {
|
||||
logger.debug("No access attributes defined for login page URL");
|
||||
|
||||
@ -100,8 +100,8 @@ public class SecurityContextHolder {
|
||||
} else {
|
||||
// Try to load a custom strategy
|
||||
try {
|
||||
Class clazz = Class.forName(strategyName);
|
||||
Constructor customStrategy = clazz.getConstructor(new Class[] {});
|
||||
Class<?> clazz = Class.forName(strategyName);
|
||||
Constructor<?> customStrategy = clazz.getConstructor(new Class[] {});
|
||||
strategy = (SecurityContextHolderStrategy) customStrategy.newInstance(new Object[] {});
|
||||
} catch (Exception ex) {
|
||||
ReflectionUtils.handleReflectionException(ex);
|
||||
|
||||
@ -40,7 +40,7 @@ import org.springframework.util.ClassUtils;
|
||||
public class ExpressionAnnotationMethodDefinitionSource extends AbstractMethodDefinitionSource {
|
||||
private ExpressionParser parser = new SpelExpressionParser();
|
||||
|
||||
public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
|
||||
public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
|
||||
if (method.getDeclaringClass() == Object.class) {
|
||||
return null;
|
||||
}
|
||||
@ -109,7 +109,7 @@ public class ExpressionAnnotationMethodDefinitionSource extends AbstractMethodDe
|
||||
return null;
|
||||
}
|
||||
|
||||
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
|
||||
public Collection<ConfigAttribute> getAllConfigAttributes() {
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@ -35,7 +35,7 @@ public class MethodExpressionVoter implements AccessDecisionVoter {
|
||||
return attribute instanceof AbstractExpressionBasedMethodConfigAttribute;
|
||||
}
|
||||
|
||||
public boolean supports(Class<? extends Object> clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
return clazz.isAssignableFrom(MethodInvocation.class);
|
||||
}
|
||||
|
||||
|
||||
@ -5,6 +5,7 @@ import java.util.List;
|
||||
import org.springframework.expression.EvaluationContext;
|
||||
import org.springframework.security.Authentication;
|
||||
import org.springframework.security.ConfigAttribute;
|
||||
import org.springframework.security.expression.ExpressionUtils;
|
||||
import org.springframework.security.expression.SecurityExpressionHandler;
|
||||
import org.springframework.security.expression.support.DefaultSecurityExpressionHandler;
|
||||
import org.springframework.security.intercept.web.FilterInvocation;
|
||||
@ -14,7 +15,7 @@ import org.springframework.security.vote.AccessDecisionVoter;
|
||||
* Voter which handles web authorisation decisions.
|
||||
* @author Luke Taylor
|
||||
* @version $Id$
|
||||
* @since
|
||||
* @since 2.5
|
||||
*/
|
||||
public class WebExpressionVoter implements AccessDecisionVoter {
|
||||
private SecurityExpressionHandler expressionHandler = new DefaultSecurityExpressionHandler();
|
||||
@ -29,9 +30,8 @@ public class WebExpressionVoter implements AccessDecisionVoter {
|
||||
FilterInvocation fi = (FilterInvocation)object;
|
||||
EvaluationContext ctx = expressionHandler.createEvaluationContext(authentication, fi);
|
||||
|
||||
weca.getAuthorizeExpression();
|
||||
|
||||
return 0;
|
||||
return ExpressionUtils.evaluateAsBoolean(weca.getAuthorizeExpression(), ctx) ?
|
||||
ACCESS_GRANTED : ACCESS_DENIED;
|
||||
}
|
||||
|
||||
private WebExpressionConfigAttribute findConfigAttribute(List<ConfigAttribute> attributes) {
|
||||
@ -47,7 +47,7 @@ public class WebExpressionVoter implements AccessDecisionVoter {
|
||||
return attribute instanceof WebExpressionConfigAttribute;
|
||||
}
|
||||
|
||||
public boolean supports(Class<? extends Object> clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
return clazz.isAssignableFrom(FilterInvocation.class);
|
||||
}
|
||||
|
||||
|
||||
@ -136,7 +136,7 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A
|
||||
}
|
||||
|
||||
if (this.validateConfigAttributes) {
|
||||
Collection<List<? extends ConfigAttribute>> attributeDefs = this.obtainObjectDefinitionSource().getAllConfigAttributes();
|
||||
Collection<ConfigAttribute> attributeDefs = this.obtainObjectDefinitionSource().getAllConfigAttributes();
|
||||
|
||||
if (attributeDefs == null) {
|
||||
logger.warn("Could not validate configuration attributes as the ObjectDefinitionSource did not return "
|
||||
@ -144,14 +144,12 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A
|
||||
return;
|
||||
}
|
||||
|
||||
Set unsupportedAttrs = new HashSet();
|
||||
Set<ConfigAttribute> unsupportedAttrs = new HashSet<ConfigAttribute>();
|
||||
|
||||
for (List<? extends ConfigAttribute> def : attributeDefs) {
|
||||
for (ConfigAttribute attr : def) {
|
||||
if (!this.runAsManager.supports(attr) && !this.accessDecisionManager.supports(attr)
|
||||
&& ((this.afterInvocationManager == null) || !this.afterInvocationManager.supports(attr))) {
|
||||
unsupportedAttrs.add(attr);
|
||||
}
|
||||
for (ConfigAttribute attr : attributeDefs) {
|
||||
if (!this.runAsManager.supports(attr) && !this.accessDecisionManager.supports(attr)
|
||||
&& ((this.afterInvocationManager == null) || !this.afterInvocationManager.supports(attr))) {
|
||||
unsupportedAttrs.add(attr);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -53,7 +53,7 @@ public interface ObjectDefinitionSource {
|
||||
*
|
||||
* @return the <code>ConfigAttribute</code>s or <code>null</code> if unsupported
|
||||
*/
|
||||
Collection<List<? extends ConfigAttribute>> getAllConfigAttributes();
|
||||
Collection<ConfigAttribute> getAllConfigAttributes();
|
||||
|
||||
/**
|
||||
* Indicates whether the <code>ObjectDefinitionSource</code> implementation is able to provide
|
||||
@ -63,5 +63,5 @@ public interface ObjectDefinitionSource {
|
||||
*
|
||||
* @return true if the implementation can process the indicated class
|
||||
*/
|
||||
boolean supports(Class clazz);
|
||||
boolean supports(Class<?> clazz);
|
||||
}
|
||||
|
||||
@ -27,7 +27,7 @@ import org.springframework.util.ClassUtils;
|
||||
*/
|
||||
public abstract class AbstractFallbackMethodDefinitionSource extends AbstractMethodDefinitionSource {
|
||||
|
||||
public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
|
||||
public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
|
||||
// The method may be on an interface, but we need attributes from the target class.
|
||||
// If the target class is null, the method will be unchanged.
|
||||
Method specificMethod = ClassUtils.getMostSpecificMethod(method, targetClass);
|
||||
@ -68,7 +68,7 @@ public abstract class AbstractFallbackMethodDefinitionSource extends AbstractMet
|
||||
* @param targetClass the target class for the invocation (may be <code>null</code>)
|
||||
* @return the security metadata (or null if no metadata applies)
|
||||
*/
|
||||
protected abstract List<ConfigAttribute> findAttributes(Method method, Class targetClass);
|
||||
protected abstract List<ConfigAttribute> findAttributes(Method method, Class<?> targetClass);
|
||||
|
||||
/**
|
||||
* Obtains the security metadata registered against the specified class.
|
||||
@ -82,7 +82,7 @@ public abstract class AbstractFallbackMethodDefinitionSource extends AbstractMet
|
||||
* @param clazz the target class for the invocation (never <code>null</code>)
|
||||
* @return the security metadata (or null if no metadata applies)
|
||||
*/
|
||||
protected abstract List<ConfigAttribute> findAttributes(Class clazz);
|
||||
protected abstract List<ConfigAttribute> findAttributes(Class<?> clazz);
|
||||
|
||||
|
||||
}
|
||||
|
||||
@ -55,10 +55,10 @@ public abstract class AbstractMethodDefinitionSource implements MethodDefinition
|
||||
|
||||
if (object instanceof JoinPoint) {
|
||||
JoinPoint jp = (JoinPoint) object;
|
||||
Class targetClass = jp.getTarget().getClass();
|
||||
Class<?> targetClass = jp.getTarget().getClass();
|
||||
String targetMethodName = jp.getStaticPart().getSignature().getName();
|
||||
Class[] types = ((CodeSignature) jp.getStaticPart().getSignature()).getParameterTypes();
|
||||
Class declaringType = ((CodeSignature) jp.getStaticPart().getSignature()).getDeclaringType();
|
||||
Class<?>[] types = ((CodeSignature) jp.getStaticPart().getSignature()).getParameterTypes();
|
||||
Class<?> declaringType = ((CodeSignature) jp.getStaticPart().getSignature()).getDeclaringType();
|
||||
|
||||
Method method = ClassUtils.getMethodIfAvailable(declaringType, targetMethodName, types);
|
||||
Assert.notNull(method, "Could not obtain target method from JoinPoint: '"+ jp + "'");
|
||||
@ -69,7 +69,7 @@ public abstract class AbstractMethodDefinitionSource implements MethodDefinition
|
||||
throw new IllegalArgumentException("Object must be a non-null MethodInvocation or JoinPoint");
|
||||
}
|
||||
|
||||
public final boolean supports(Class clazz) {
|
||||
public final boolean supports(Class<?> clazz) {
|
||||
return (MethodInvocation.class.isAssignableFrom(clazz) || JoinPoint.class.isAssignableFrom(clazz));
|
||||
}
|
||||
}
|
||||
|
||||
@ -5,7 +5,6 @@ import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
@ -27,7 +26,8 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini
|
||||
private final static List<ConfigAttribute> NULL_CONFIG_ATTRIBUTE = Collections.emptyList();
|
||||
|
||||
private List<MethodDefinitionSource> methodDefinitionSources;
|
||||
private final Map<DefaultCacheKey, List<ConfigAttribute>> attributeCache = new HashMap();
|
||||
private final Map<DefaultCacheKey, List<ConfigAttribute>> attributeCache =
|
||||
new HashMap<DefaultCacheKey, List<ConfigAttribute>>();
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
@ -35,7 +35,7 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini
|
||||
Assert.notEmpty(methodDefinitionSources, "A list of MethodDefinitionSources is required");
|
||||
}
|
||||
|
||||
public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
|
||||
public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
|
||||
DefaultCacheKey cacheKey = new DefaultCacheKey(method, targetClass);
|
||||
synchronized (attributeCache) {
|
||||
List<ConfigAttribute> cached = attributeCache.get(cacheKey);
|
||||
@ -73,12 +73,10 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini
|
||||
}
|
||||
}
|
||||
|
||||
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
|
||||
Set set = new HashSet();
|
||||
Iterator i = methodDefinitionSources.iterator();
|
||||
while (i.hasNext()) {
|
||||
MethodDefinitionSource s = (MethodDefinitionSource) i.next();
|
||||
Collection<List<? extends ConfigAttribute>> attrs = s.getAllConfigAttributes();
|
||||
public Collection<ConfigAttribute> getAllConfigAttributes() {
|
||||
Set<ConfigAttribute> set = new HashSet<ConfigAttribute>();
|
||||
for (MethodDefinitionSource s : methodDefinitionSources) {
|
||||
Collection<ConfigAttribute> attrs = s.getAllConfigAttributes();
|
||||
if (attrs != null) {
|
||||
set.addAll(attrs);
|
||||
}
|
||||
@ -86,6 +84,7 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini
|
||||
return set;
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
public void setMethodDefinitionSources(List methodDefinitionSources) {
|
||||
Assert.notEmpty(methodDefinitionSources, "A list of MethodDefinitionSources is required");
|
||||
this.methodDefinitionSources = methodDefinitionSources;
|
||||
|
||||
@ -19,9 +19,11 @@ import java.lang.reflect.Method;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.springframework.beans.factory.BeanClassLoaderAware;
|
||||
import org.springframework.security.ConfigAttribute;
|
||||
@ -48,10 +50,10 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
|
||||
private ClassLoader beanClassLoader = ClassUtils.getDefaultClassLoader();
|
||||
|
||||
/** Map from RegisteredMethod to ConfigAttribute list */
|
||||
protected Map<RegisteredMethod, List<? extends ConfigAttribute>> methodMap = new HashMap();
|
||||
protected Map<RegisteredMethod, List<ConfigAttribute>> methodMap = new HashMap<RegisteredMethod, List<ConfigAttribute>>();
|
||||
|
||||
/** Map from RegisteredMethod to name pattern used for registration */
|
||||
private Map<RegisteredMethod, String> nameMap = new HashMap();
|
||||
private Map<RegisteredMethod, String> nameMap = new HashMap<RegisteredMethod, String>();
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
@ -71,14 +73,14 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
|
||||
/**
|
||||
* Implementation does not support class-level attributes.
|
||||
*/
|
||||
protected List<ConfigAttribute> findAttributes(Class clazz) {
|
||||
protected List<ConfigAttribute> findAttributes(Class<?> clazz) {
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Will walk the method inheritance tree to find the most specific declaration applicable.
|
||||
*/
|
||||
protected List<ConfigAttribute> findAttributes(Method method, Class targetClass) {
|
||||
protected List<ConfigAttribute> findAttributes(Method method, Class<?> targetClass) {
|
||||
if (targetClass == null) {
|
||||
return null;
|
||||
}
|
||||
@ -105,7 +107,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
|
||||
* @param name type and method name, separated by a dot
|
||||
* @param attr required authorities associated with the method
|
||||
*/
|
||||
public void addSecureMethod(String name, List<? extends ConfigAttribute> attr) {
|
||||
public void addSecureMethod(String name, List<ConfigAttribute> attr) {
|
||||
int lastDotIndex = name.lastIndexOf(".");
|
||||
|
||||
if (lastDotIndex == -1) {
|
||||
@ -129,7 +131,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
|
||||
* @param mappedName mapped method name, which the javaType has declared or inherited
|
||||
* @param attr required authorities associated with the method
|
||||
*/
|
||||
public void addSecureMethod(Class javaType, String mappedName, List<? extends ConfigAttribute> attr) {
|
||||
public void addSecureMethod(Class javaType, String mappedName, List<ConfigAttribute> attr) {
|
||||
String name = javaType.getName() + '.' + mappedName;
|
||||
|
||||
if (logger.isDebugEnabled()) {
|
||||
@ -137,7 +139,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
|
||||
}
|
||||
|
||||
Method[] methods = javaType.getMethods();
|
||||
List matchingMethods = new ArrayList();
|
||||
List<Method> matchingMethods = new ArrayList<Method>();
|
||||
|
||||
for (int i = 0; i < methods.length; i++) {
|
||||
if (methods[i].getName().equals(mappedName) || isMatch(methods[i].getName(), mappedName)) {
|
||||
@ -150,8 +152,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
|
||||
}
|
||||
|
||||
// register all matching methods
|
||||
for (Iterator it = matchingMethods.iterator(); it.hasNext();) {
|
||||
Method method = (Method) it.next();
|
||||
for (Method method : matchingMethods) {
|
||||
RegisteredMethod registeredMethod = new RegisteredMethod(method, javaType);
|
||||
String regMethodName = (String) this.nameMap.get(registeredMethod);
|
||||
|
||||
@ -178,7 +179,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
|
||||
* the existing match will be retained, so that if this method is called for a more general pointcut
|
||||
* it will not override a more specific one which has already been added. This
|
||||
*/
|
||||
public void addSecureMethod(Class javaType, Method method, List<? extends ConfigAttribute> attr) {
|
||||
public void addSecureMethod(Class javaType, Method method, List<ConfigAttribute> attr) {
|
||||
RegisteredMethod key = new RegisteredMethod(method, javaType);
|
||||
|
||||
if (methodMap.containsKey(key)) {
|
||||
@ -195,7 +196,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
|
||||
* @param method the method to be secured
|
||||
* @param attr required authorities associated with the method
|
||||
*/
|
||||
private void addSecureMethod(RegisteredMethod method, List<? extends ConfigAttribute> attr) {
|
||||
private void addSecureMethod(RegisteredMethod method, List<ConfigAttribute> attr) {
|
||||
Assert.notNull(method, "RegisteredMethod required");
|
||||
Assert.notNull(attr, "Configuration attribute required");
|
||||
if (logger.isInfoEnabled()) {
|
||||
@ -209,8 +210,14 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
|
||||
*
|
||||
* @return the attributes explicitly defined against this bean
|
||||
*/
|
||||
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
|
||||
return methodMap.values();
|
||||
public Collection<ConfigAttribute> getAllConfigAttributes() {
|
||||
Set<ConfigAttribute> allAttributes = new HashSet<ConfigAttribute>();
|
||||
|
||||
for (List<ConfigAttribute> attributeList : methodMap.values()) {
|
||||
allAttributes.addAll(attributeList);
|
||||
}
|
||||
|
||||
return allAttributes;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -30,5 +30,5 @@ import org.springframework.security.intercept.ObjectDefinitionSource;
|
||||
* @version $Id$
|
||||
*/
|
||||
public interface MethodDefinitionSource extends ObjectDefinitionSource {
|
||||
public List<ConfigAttribute> getAttributes(Method method, Class targetClass);
|
||||
public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass);
|
||||
}
|
||||
|
||||
@ -128,9 +128,9 @@ public class MethodDefinitionSourceAdvisor extends AbstractPointcutAdvisor imple
|
||||
*/
|
||||
class InternalMethodInvocation implements MethodInvocation {
|
||||
private Method method;
|
||||
private Class targetClass;
|
||||
private Class<?> targetClass;
|
||||
|
||||
public InternalMethodInvocation(Method method, Class targetClass) {
|
||||
public InternalMethodInvocation(Method method, Class<?> targetClass) {
|
||||
this.method = method;
|
||||
this.targetClass = targetClass;
|
||||
}
|
||||
|
||||
@ -17,7 +17,6 @@ package org.springframework.security.intercept.web;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.LinkedHashMap;
|
||||
@ -142,10 +141,17 @@ public class DefaultFilterInvocationDefinitionSource implements FilterInvocation
|
||||
return methodRequestmap;
|
||||
}
|
||||
|
||||
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
|
||||
return Collections.unmodifiableCollection(getRequestMap().values());
|
||||
public Collection<ConfigAttribute> getAllConfigAttributes() {
|
||||
Set<ConfigAttribute> allAttributes = new HashSet<ConfigAttribute>();
|
||||
|
||||
for(List<ConfigAttribute> attrs : requestMap.values()) {
|
||||
allAttributes.addAll(attrs);
|
||||
}
|
||||
|
||||
return allAttributes;
|
||||
}
|
||||
|
||||
|
||||
public List<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
|
||||
if ((object == null) || !this.supports(object.getClass())) {
|
||||
throw new IllegalArgumentException("Object must be a FilterInvocation");
|
||||
@ -227,7 +233,7 @@ public class DefaultFilterInvocationDefinitionSource implements FilterInvocation
|
||||
return null;
|
||||
}
|
||||
|
||||
public boolean supports(Class clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
return FilterInvocation.class.isAssignableFrom(clazz);
|
||||
}
|
||||
|
||||
|
||||
@ -217,8 +217,8 @@ public class ProviderManager extends AbstractAuthenticationManager implements In
|
||||
|
||||
if (className != null) {
|
||||
try {
|
||||
Class clazz = getClass().getClassLoader().loadClass(className);
|
||||
Constructor constructor = clazz.getConstructor(new Class[] {
|
||||
Class<?> clazz = getClass().getClassLoader().loadClass(className);
|
||||
Constructor<?> constructor = clazz.getConstructor(new Class[] {
|
||||
Authentication.class, AuthenticationException.class
|
||||
});
|
||||
Object obj = constructor.newInstance(new Object[] {authentication, exception});
|
||||
|
||||
@ -41,7 +41,7 @@ public class NullRunAsManager implements RunAsManager {
|
||||
return false;
|
||||
}
|
||||
|
||||
public boolean supports(Class clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
@ -63,7 +63,7 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean {
|
||||
}
|
||||
|
||||
public Authentication buildRunAs(Authentication authentication, Object object, List<ConfigAttribute> config) {
|
||||
List<GrantedAuthority> newAuthorities = new ArrayList();
|
||||
List<GrantedAuthority> newAuthorities = new ArrayList<GrantedAuthority>();
|
||||
|
||||
for(ConfigAttribute attribute : config) {
|
||||
if (this.supports(attribute)) {
|
||||
@ -123,7 +123,7 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean {
|
||||
*
|
||||
* @return alwaus <code>true</code>
|
||||
*/
|
||||
public boolean supports(Class clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
@ -59,7 +59,7 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini
|
||||
Assert.notNull(filterInvocationDefinitionSource, "filterInvocationDefinitionSource must be specified");
|
||||
Assert.notNull(channelDecisionManager, "channelDecisionManager must be specified");
|
||||
|
||||
Collection<List<? extends ConfigAttribute>> attrDefs = this.filterInvocationDefinitionSource.getAllConfigAttributes();
|
||||
Collection<ConfigAttribute> attrDefs = this.filterInvocationDefinitionSource.getAllConfigAttributes();
|
||||
|
||||
if (attrDefs == null) {
|
||||
if (logger.isWarnEnabled()) {
|
||||
@ -70,22 +70,20 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini
|
||||
return;
|
||||
}
|
||||
|
||||
Set set = new HashSet();
|
||||
Set<ConfigAttribute> unsupportedAttributes = new HashSet<ConfigAttribute>();
|
||||
|
||||
for (List<? extends ConfigAttribute> def : attrDefs) {
|
||||
for (ConfigAttribute attr : def) {
|
||||
if (!this.channelDecisionManager.supports(attr)) {
|
||||
set.add(attr);
|
||||
}
|
||||
for (ConfigAttribute attr : attrDefs) {
|
||||
if (!this.channelDecisionManager.supports(attr)) {
|
||||
unsupportedAttributes.add(attr);
|
||||
}
|
||||
}
|
||||
|
||||
if (set.size() == 0) {
|
||||
if (unsupportedAttributes.size() == 0) {
|
||||
if (logger.isInfoEnabled()) {
|
||||
logger.info("Validated configuration attributes");
|
||||
}
|
||||
} else {
|
||||
throw new IllegalArgumentException("Unsupported configuration attributes: " + set.toString());
|
||||
throw new IllegalArgumentException("Unsupported configuration attributes: " + unsupportedAttributes);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -15,18 +15,15 @@
|
||||
|
||||
package org.springframework.security.userdetails.ldap;
|
||||
|
||||
import org.springframework.security.GrantedAuthority;
|
||||
import org.springframework.security.util.AuthorityUtils;
|
||||
import org.springframework.ldap.core.DirContextOperations;
|
||||
import org.springframework.util.Assert;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import javax.naming.Name;
|
||||
import javax.naming.directory.Attributes;
|
||||
import javax.naming.directory.BasicAttributes;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
|
||||
import org.springframework.ldap.core.DirContextOperations;
|
||||
import org.springframework.security.GrantedAuthority;
|
||||
import org.springframework.security.util.AuthorityUtils;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
|
||||
/**
|
||||
@ -128,7 +125,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails {
|
||||
*/
|
||||
public static class Essence {
|
||||
protected LdapUserDetailsImpl instance = createTarget();
|
||||
private List mutableAuthorities = new ArrayList();
|
||||
private List<GrantedAuthority> mutableAuthorities = new ArrayList<GrantedAuthority>();
|
||||
|
||||
public Essence() { }
|
||||
|
||||
@ -159,10 +156,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails {
|
||||
}
|
||||
|
||||
private boolean hasAuthority(GrantedAuthority a) {
|
||||
Iterator authorities = mutableAuthorities.iterator();
|
||||
|
||||
while(authorities.hasNext()) {
|
||||
GrantedAuthority authority = (GrantedAuthority) authorities.next();
|
||||
for (GrantedAuthority authority : mutableAuthorities) {
|
||||
if(authority.equals(a)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -26,6 +26,7 @@ import org.springframework.util.Assert;
|
||||
import org.springframework.web.filter.DelegatingFilterProxy;
|
||||
|
||||
import javax.servlet.*;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.*;
|
||||
|
||||
@ -103,9 +104,9 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
|
||||
|
||||
private ApplicationContext applicationContext;
|
||||
/** Map of the original pattern Strings to filter chains */
|
||||
private Map uncompiledFilterChainMap;
|
||||
private Map<String, List<Filter>> uncompiledFilterChainMap;
|
||||
/** Compiled pattern version of the filter chain map */
|
||||
private Map filterChainMap;
|
||||
private Map<Object, List<Filter>> filterChainMap;
|
||||
private UrlMatcher matcher = new AntUrlPathMatcher();
|
||||
private boolean stripQueryStringFromUrls = true;
|
||||
private DefaultFilterInvocationDefinitionSource fids;
|
||||
@ -127,29 +128,25 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
|
||||
}
|
||||
|
||||
public void init(FilterConfig filterConfig) throws ServletException {
|
||||
Filter[] filters = obtainAllDefinedFilters();
|
||||
|
||||
for (int i = 0; i < filters.length; i++) {
|
||||
if (filters[i] != null) {
|
||||
for (Filter filter : obtainAllDefinedFilters()) {
|
||||
if (filter != null) {
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug("Initializing Filter defined in ApplicationContext: '" + filters[i].toString() + "'");
|
||||
logger.debug("Initializing Filter defined in ApplicationContext: '" + filter + "'");
|
||||
}
|
||||
|
||||
filters[i].init(filterConfig);
|
||||
filter.init(filterConfig);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public void destroy() {
|
||||
Filter[] filters = obtainAllDefinedFilters();
|
||||
|
||||
for (int i = 0; i < filters.length; i++) {
|
||||
if (filters[i] != null) {
|
||||
for (Filter filter : obtainAllDefinedFilters()) {
|
||||
if (filter != null) {
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug("Destroying Filter defined in ApplicationContext: '" + filters[i].toString() + "'");
|
||||
logger.debug("Destroying Filter defined in ApplicationContext: '" + filter + "'");
|
||||
}
|
||||
|
||||
filters[i].destroy();
|
||||
filter.destroy();
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -158,7 +155,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
|
||||
throws IOException, ServletException {
|
||||
|
||||
FilterInvocation fi = new FilterInvocation(request, response, chain);
|
||||
List filters = getFilters(fi.getRequestUrl());
|
||||
List<Filter> filters = getFilters(fi.getRequestUrl());
|
||||
|
||||
if (filters == null || filters.size() == 0) {
|
||||
if (logger.isDebugEnabled()) {
|
||||
@ -181,7 +178,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
|
||||
* @param url the request URL
|
||||
* @return an ordered array of Filters defining the filter chain
|
||||
*/
|
||||
public List getFilters(String url) {
|
||||
public List<Filter> getFilters(String url) {
|
||||
if (stripQueryStringFromUrls) {
|
||||
// String query string - see SEC-953
|
||||
int firstQuestionMarkIndex = url.indexOf("?");
|
||||
@ -191,11 +188,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Iterator filterChains = filterChainMap.entrySet().iterator();
|
||||
|
||||
while (filterChains.hasNext()) {
|
||||
Map.Entry entry = (Map.Entry) filterChains.next();
|
||||
for (Map.Entry<Object, List<Filter>> entry : filterChainMap.entrySet()) {
|
||||
Object path = entry.getKey();
|
||||
|
||||
if (matcher.requiresLowerCaseUrl()) {
|
||||
@ -213,7 +206,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
|
||||
}
|
||||
|
||||
if (matched) {
|
||||
return (List) entry.getValue();
|
||||
return entry.getValue();
|
||||
}
|
||||
}
|
||||
|
||||
@ -230,16 +223,14 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
|
||||
* each <code>Filter</code> that actually exists in application context, even if a given
|
||||
* <code>Filter</code> is defined multiples times in the filter chain map)
|
||||
*/
|
||||
protected Filter[] obtainAllDefinedFilters() {
|
||||
Set allFilters = new LinkedHashSet();
|
||||
protected Collection<Filter> obtainAllDefinedFilters() {
|
||||
Set<Filter> allFilters = new LinkedHashSet<Filter>();
|
||||
|
||||
Iterator it = filterChainMap.values().iterator();
|
||||
|
||||
while (it.hasNext()) {
|
||||
allFilters.addAll((List) it.next());
|
||||
for (List<Filter> filters : filterChainMap.values()) {
|
||||
allFilters.addAll(filters);
|
||||
}
|
||||
|
||||
return (Filter[]) new ArrayList(allFilters).toArray(new Filter[0]);
|
||||
return allFilters;
|
||||
}
|
||||
|
||||
public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
|
||||
@ -266,14 +257,32 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
|
||||
* the Map used is an instance of <tt>LinkedHashMap</tt> or an equivalent, rather than a plain <tt>HashMap</tt>, for
|
||||
* example.
|
||||
*
|
||||
* @param filterChainMap the map of path Strings to <tt>Filter[]</tt>s.
|
||||
* @param filterChainMap the map of path Strings to <tt>List<Filter></tt>s.
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
public void setFilterChainMap(Map filterChainMap) {
|
||||
uncompiledFilterChainMap = new LinkedHashMap(filterChainMap);
|
||||
checkContents(filterChainMap);
|
||||
uncompiledFilterChainMap = new LinkedHashMap<String, List<Filter>>(filterChainMap);
|
||||
checkPathOrder();
|
||||
createCompiledMap();
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
private void checkContents(Map filterChainMap) {
|
||||
for (Object key : filterChainMap.keySet()) {
|
||||
Assert.isInstanceOf(String.class, key, "Path key must be a String but found " + key);
|
||||
Object filters = filterChainMap.get(key);
|
||||
Assert.isInstanceOf(List.class, filters, "Value must be a filter list");
|
||||
// Check the contents
|
||||
Iterator filterIterator = ((List)filters).iterator();
|
||||
|
||||
while (filterIterator.hasNext()) {
|
||||
Object filter = filterIterator.next();
|
||||
Assert.isInstanceOf(Filter.class, filter, "Objects in filter chain must be of type Filter. ");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private void checkPathOrder() {
|
||||
// Check that the universal pattern is listed at the end, if at all
|
||||
String[] paths = (String[]) uncompiledFilterChainMap.keySet().toArray(new String[0]);
|
||||
@ -289,37 +298,21 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
|
||||
}
|
||||
|
||||
private void createCompiledMap() {
|
||||
Iterator paths = uncompiledFilterChainMap.keySet().iterator();
|
||||
filterChainMap = new LinkedHashMap(uncompiledFilterChainMap.size());
|
||||
filterChainMap = new LinkedHashMap<Object, List<Filter>>(uncompiledFilterChainMap.size());
|
||||
|
||||
while (paths.hasNext()) {
|
||||
Object path = paths.next();
|
||||
Assert.isInstanceOf(String.class, path, "Path pattern must be a String");
|
||||
Object compiledPath = matcher.compile((String)path);
|
||||
Object filters = uncompiledFilterChainMap.get(path);
|
||||
|
||||
Assert.isInstanceOf(List.class, filters);
|
||||
// Check the contents
|
||||
Iterator filterIterator = ((List)filters).iterator();
|
||||
|
||||
while (filterIterator.hasNext()) {
|
||||
Object filter = filterIterator.next();
|
||||
Assert.isInstanceOf(Filter.class, filter, "Objects in filter chain must be of type Filter. ");
|
||||
}
|
||||
|
||||
filterChainMap.put(compiledPath, filters);
|
||||
for (String path : uncompiledFilterChainMap.keySet()) {
|
||||
filterChainMap.put(matcher.compile(path), uncompiledFilterChainMap.get(path));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Returns a copy of the underlying filter chain map. Modifications to the map contents
|
||||
* will not affect the FilterChainProxy state - to change the map call <tt>setFilterChainMap</tt>.
|
||||
*
|
||||
* @return the map of path pattern Strings to filter chain arrays (with ordering guaranteed).
|
||||
* @return the map of path pattern Strings to filter chain lists (with ordering guaranteed).
|
||||
*/
|
||||
public Map getFilterChainMap() {
|
||||
return new LinkedHashMap(uncompiledFilterChainMap);
|
||||
public Map<String, List<Filter>> getFilterChainMap() {
|
||||
return new LinkedHashMap<String, List<Filter>>(uncompiledFilterChainMap);
|
||||
}
|
||||
|
||||
public void setMatcher(UrlMatcher matcher) {
|
||||
@ -353,22 +346,22 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
|
||||
|
||||
/**
|
||||
* A <code>FilterChain</code> that records whether or not {@link
|
||||
* FilterChain#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse)} is called.<p>This
|
||||
* <code>FilterChain</code> is used by <code>FilterChainProxy</code> to determine if the next <code>Filter</code>
|
||||
* should be called or not.</p>
|
||||
* FilterChain#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse)} is called.
|
||||
* <p>
|
||||
* This <code>FilterChain</code> is used by <code>FilterChainProxy</code> to determine if the next
|
||||
* <code>Filter</code> should be called or not.</p>
|
||||
*/
|
||||
private static class VirtualFilterChain implements FilterChain {
|
||||
private FilterInvocation fi;
|
||||
private List additionalFilters;
|
||||
private List<Filter> additionalFilters;
|
||||
private int currentPosition = 0;
|
||||
|
||||
private VirtualFilterChain(FilterInvocation filterInvocation, List additionalFilters) {
|
||||
private VirtualFilterChain(FilterInvocation filterInvocation, List<Filter> additionalFilters) {
|
||||
this.fi = filterInvocation;
|
||||
this.additionalFilters = additionalFilters;
|
||||
}
|
||||
|
||||
public void doFilter(ServletRequest request, ServletResponse response)
|
||||
throws IOException, ServletException {
|
||||
public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
|
||||
if (currentPosition == additionalFilters.size()) {
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug(fi.getRequestUrl()
|
||||
@ -379,7 +372,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
|
||||
} else {
|
||||
currentPosition++;
|
||||
|
||||
Filter nextFilter = (Filter) additionalFilters.get(currentPosition - 1);
|
||||
Filter nextFilter = additionalFilters.get(currentPosition - 1);
|
||||
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug(fi.getRequestUrl() + " at position " + currentPosition + " of "
|
||||
|
||||
@ -3,11 +3,13 @@ package org.springframework.security.util;
|
||||
import java.lang.reflect.InvocationTargetException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Comparator;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.TreeMap;
|
||||
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
/**
|
||||
* Handler for analyzing {@link Throwable} instances.
|
||||
*
|
||||
@ -50,12 +52,10 @@ public class ThrowableAnalyzer {
|
||||
* to be greater by this comparator.<br>
|
||||
* For hierarchically unrelated classes their fully qualified name will be compared.
|
||||
*/
|
||||
private static final Comparator CLASS_HIERARCHY_COMPARATOR = new Comparator() {
|
||||
|
||||
public int compare(Object o1, Object o2) {
|
||||
Class class1 = (Class) o1;
|
||||
Class class2 = (Class) o2;
|
||||
private static final Comparator<Class<? extends Throwable>> CLASS_HIERARCHY_COMPARATOR =
|
||||
new Comparator<Class<? extends Throwable>>() {
|
||||
|
||||
public int compare(Class<? extends Throwable> class1, Class<? extends Throwable> class2) {
|
||||
if (class1.isAssignableFrom(class2)) {
|
||||
return 1;
|
||||
} else if (class2.isAssignableFrom(class1)) {
|
||||
@ -72,14 +72,14 @@ public class ThrowableAnalyzer {
|
||||
* Map of registered cause extractors.
|
||||
* key: Class<Throwable>; value: ThrowableCauseExctractor
|
||||
*/
|
||||
private final Map extractorMap;
|
||||
private final Map<Class<? extends Throwable>, ThrowableCauseExtractor> extractorMap;
|
||||
|
||||
|
||||
/**
|
||||
* Creates a new <code>ThrowableAnalyzer</code> instance.
|
||||
*/
|
||||
public ThrowableAnalyzer() {
|
||||
this.extractorMap = new TreeMap(CLASS_HIERARCHY_COMPARATOR);
|
||||
this.extractorMap = new TreeMap<Class<? extends Throwable>, ThrowableCauseExtractor>(CLASS_HIERARCHY_COMPARATOR);
|
||||
|
||||
initExtractorMap();
|
||||
}
|
||||
@ -93,12 +93,8 @@ public class ThrowableAnalyzer {
|
||||
*
|
||||
* @throws IllegalArgumentException if one of the arguments is invalid
|
||||
*/
|
||||
protected final void registerExtractor(Class throwableType, ThrowableCauseExtractor extractor) {
|
||||
verifyThrowableType(throwableType);
|
||||
|
||||
if (extractor == null) {
|
||||
throw new IllegalArgumentException("Invalid extractor: null");
|
||||
}
|
||||
protected final void registerExtractor(Class<? extends Throwable> throwableType, ThrowableCauseExtractor extractor) {
|
||||
Assert.notNull(extractor, "Invalid extractor: null");
|
||||
|
||||
this.extractorMap.put(throwableType, extractor);
|
||||
}
|
||||
@ -132,8 +128,8 @@ public class ThrowableAnalyzer {
|
||||
* @return the types for which extractors are registered
|
||||
*/
|
||||
final Class[] getRegisteredTypes() {
|
||||
List typeList = new ArrayList(this.extractorMap.keySet());
|
||||
return (Class[]) typeList.toArray(new Class[typeList.size()]);
|
||||
Set<Class<? extends Throwable>> typeList = this.extractorMap.keySet();
|
||||
return typeList.toArray(new Class[typeList.size()]);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -158,7 +154,7 @@ public class ThrowableAnalyzer {
|
||||
throw new IllegalArgumentException("Invalid throwable: null");
|
||||
}
|
||||
|
||||
List chain = new ArrayList();
|
||||
List<Throwable> chain = new ArrayList<Throwable>();
|
||||
Throwable currentThrowable = throwable;
|
||||
|
||||
while (currentThrowable != null) {
|
||||
@ -166,7 +162,7 @@ public class ThrowableAnalyzer {
|
||||
currentThrowable = extractCause(currentThrowable);
|
||||
}
|
||||
|
||||
return (Throwable[]) chain.toArray(new Throwable[chain.size()]);
|
||||
return chain.toArray(new Throwable[chain.size()]);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -176,10 +172,8 @@ public class ThrowableAnalyzer {
|
||||
* @return the cause, may be <code>null</code> if none could be resolved
|
||||
*/
|
||||
private Throwable extractCause(Throwable throwable) {
|
||||
for (Iterator iter = this.extractorMap.entrySet().iterator(); iter.hasNext(); ) {
|
||||
Map.Entry entry = (Map.Entry) iter.next();
|
||||
|
||||
Class throwableType = (Class) entry.getKey();
|
||||
for (Map.Entry<Class<? extends Throwable>, ThrowableCauseExtractor> entry : extractorMap.entrySet()) {
|
||||
Class<? extends Throwable> throwableType = entry.getKey();
|
||||
if (throwableType.isInstance(throwable)) {
|
||||
ThrowableCauseExtractor extractor = (ThrowableCauseExtractor) entry.getValue();
|
||||
return extractor.extractCause(throwable);
|
||||
@ -202,9 +196,7 @@ public class ThrowableAnalyzer {
|
||||
* @throws IllegalArgumentException if the provided type is <code>null</code>
|
||||
* or no subclass of <code>Throwable</code>
|
||||
*/
|
||||
public final Throwable getFirstThrowableOfType(Class throwableType, Throwable[] chain) {
|
||||
verifyThrowableType(throwableType);
|
||||
|
||||
public final Throwable getFirstThrowableOfType(Class<? extends Throwable> throwableType, Throwable[] chain) {
|
||||
if (chain != null) {
|
||||
for (int i = 0; i < chain.length; ++i) {
|
||||
Throwable t = chain[i];
|
||||
@ -218,26 +210,6 @@ public class ThrowableAnalyzer {
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Convenience method for verifying that the passed in class refers to a valid
|
||||
* subclass of <code>Throwable</code>.
|
||||
*
|
||||
* @param throwableType the type to check
|
||||
*
|
||||
* @throws IllegalArgumentException if <code>typeToCheck</code> is either <code>null</code>
|
||||
* or not assignable to <code>expectedBaseType</code>
|
||||
*/
|
||||
private static void verifyThrowableType(Class throwableType) {
|
||||
if (throwableType == null) {
|
||||
throw new IllegalArgumentException("Invalid type: null");
|
||||
}
|
||||
if (!Throwable.class.isAssignableFrom(throwableType)) {
|
||||
throw new IllegalArgumentException("Invalid type: '"
|
||||
+ throwableType.getName()
|
||||
+ "'. Has to be a subclass of '" + Throwable.class.getName() + "'");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Verifies that the provided throwable is a valid subclass of the provided type (or of the type itself).
|
||||
* If <code>expectdBaseType</code> is <code>null</code>, no check will be performed.
|
||||
@ -251,7 +223,7 @@ public class ThrowableAnalyzer {
|
||||
* @throws IllegalArgumentException if <code>throwable</code> is either <code>null</code>
|
||||
* or its type is not assignable to <code>expectedBaseType</code>
|
||||
*/
|
||||
public static final void verifyThrowableHierarchy(Throwable throwable, Class expectedBaseType) {
|
||||
public static final void verifyThrowableHierarchy(Throwable throwable, Class<? extends Throwable> expectedBaseType) {
|
||||
if (expectedBaseType == null) {
|
||||
return;
|
||||
}
|
||||
@ -259,7 +231,7 @@ public class ThrowableAnalyzer {
|
||||
if (throwable == null) {
|
||||
throw new IllegalArgumentException("Invalid throwable: null");
|
||||
}
|
||||
Class throwableType = throwable.getClass();
|
||||
Class<? extends Throwable> throwableType = throwable.getClass();
|
||||
|
||||
if (!expectedBaseType.isAssignableFrom(throwableType)) {
|
||||
throw new IllegalArgumentException("Invalid type: '"
|
||||
|
||||
@ -33,13 +33,13 @@ import org.springframework.util.Assert;
|
||||
public abstract class AbstractAclVoter implements AccessDecisionVoter {
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
private Class processDomainObjectClass;
|
||||
private Class<?> processDomainObjectClass;
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
protected Object getDomainObjectInstance(Object secureObject) {
|
||||
Object[] args;
|
||||
Class[] params;
|
||||
Class<?>[] params;
|
||||
|
||||
if (secureObject instanceof MethodInvocation) {
|
||||
MethodInvocation invocation = (MethodInvocation) secureObject;
|
||||
@ -61,11 +61,11 @@ public abstract class AbstractAclVoter implements AccessDecisionVoter {
|
||||
+ " did not provide any argument of type: " + processDomainObjectClass);
|
||||
}
|
||||
|
||||
public Class getProcessDomainObjectClass() {
|
||||
public Class<?> getProcessDomainObjectClass() {
|
||||
return processDomainObjectClass;
|
||||
}
|
||||
|
||||
public void setProcessDomainObjectClass(Class processDomainObjectClass) {
|
||||
public void setProcessDomainObjectClass(Class<?> processDomainObjectClass) {
|
||||
Assert.notNull(processDomainObjectClass, "processDomainObjectClass cannot be set to null");
|
||||
this.processDomainObjectClass = processDomainObjectClass;
|
||||
}
|
||||
@ -78,7 +78,7 @@ public abstract class AbstractAclVoter implements AccessDecisionVoter {
|
||||
*
|
||||
* @return <code>true</code> if the secure object is <code>MethodInvocation</code>, <code>false</code> otherwise
|
||||
*/
|
||||
public boolean supports(Class<? extends Object> clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
if (MethodInvocation.class.isAssignableFrom(clazz)) {
|
||||
return true;
|
||||
} else if (JoinPoint.class.isAssignableFrom(clazz)) {
|
||||
|
||||
@ -63,7 +63,7 @@ public interface AccessDecisionVoter {
|
||||
*
|
||||
* @return true if the implementation can process the indicated class
|
||||
*/
|
||||
boolean supports(Class<? extends Object> clazz);
|
||||
boolean supports(Class<?> clazz);
|
||||
|
||||
/**
|
||||
* Indicates whether or not access is granted.
|
||||
|
||||
@ -83,7 +83,7 @@ public class AuthenticatedVoter implements AccessDecisionVoter {
|
||||
*
|
||||
* @return always <code>true</code>
|
||||
*/
|
||||
public boolean supports(Class<? extends Object> clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@ -88,7 +88,7 @@ public class RoleVoter implements AccessDecisionVoter {
|
||||
*
|
||||
* @return always <code>true</code>
|
||||
*/
|
||||
public boolean supports(Class<? extends Object> clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@ -54,7 +54,7 @@ public class MockRunAsManager implements RunAsManager {
|
||||
}
|
||||
}
|
||||
|
||||
public boolean supports(Class clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
@ -18,6 +18,7 @@ import org.springframework.security.GrantedAuthorityImpl;
|
||||
*
|
||||
* @author Ruud Senden
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
public class MapBasedAttributes2GrantedAuthoritiesMapperTest {
|
||||
|
||||
protected void setUp() throws Exception {
|
||||
|
||||
@ -1,9 +1,8 @@
|
||||
package org.springframework.security.intercept.method;
|
||||
|
||||
import static org.junit.Assert.*;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
|
||||
import org.junit.Before;
|
||||
@ -18,8 +17,8 @@ import org.springframework.security.SecurityConfig;
|
||||
* @since 2.0.4
|
||||
*/
|
||||
public class MapBasedMethodDefinitionSourceTests {
|
||||
private final List<? extends ConfigAttribute> ROLE_A = Arrays.asList(new SecurityConfig("ROLE_A"));
|
||||
private final List<? extends ConfigAttribute> ROLE_B = Arrays.asList(new SecurityConfig("ROLE_B"));
|
||||
private final List<ConfigAttribute> ROLE_A = SecurityConfig.createList("ROLE_A");
|
||||
private final List<ConfigAttribute> ROLE_B = SecurityConfig.createList("ROLE_B");
|
||||
private MapBasedMethodDefinitionSource mds;
|
||||
private Method someMethodString;
|
||||
private Method someMethodInteger;
|
||||
|
||||
@ -147,14 +147,8 @@ public class MethodDefinitionSourceEditorTests extends TestCase {
|
||||
|
||||
MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue();
|
||||
Iterator iter = map.getAllConfigAttributes().iterator();
|
||||
int counter = 0;
|
||||
|
||||
while (iter.hasNext()) {
|
||||
iter.next();
|
||||
counter++;
|
||||
}
|
||||
|
||||
assertEquals(3, counter);
|
||||
assertEquals(5, map.getAllConfigAttributes().size());
|
||||
}
|
||||
|
||||
public void testMultiMethodParsing() {
|
||||
|
||||
@ -16,6 +16,7 @@
|
||||
package org.springframework.security.intercept.method;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.Vector;
|
||||
@ -34,35 +35,29 @@ import org.springframework.security.SecurityConfig;
|
||||
public class MockMethodDefinitionSource implements MethodDefinitionSource {
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
private List list;
|
||||
private List<ConfigAttribute> list;
|
||||
private boolean returnACollection;
|
||||
|
||||
//~ Constructors ===================================================================================================
|
||||
|
||||
public MockMethodDefinitionSource(boolean includeInvalidAttributes, boolean returnACollectionWhenRequested) {
|
||||
returnACollection = returnACollectionWhenRequested;
|
||||
list = new Vector();
|
||||
|
||||
List<? extends ConfigAttribute> def1 = SecurityConfig.createList("MOCK_LOWER");
|
||||
list.add(def1);
|
||||
list = new ArrayList<ConfigAttribute>();
|
||||
|
||||
if (includeInvalidAttributes) {
|
||||
List<? extends ConfigAttribute> def2 = SecurityConfig.createList("MOCK_LOWER","INVALID_ATTRIBUTE");
|
||||
list.add(def2);
|
||||
list.addAll(SecurityConfig.createList("MOCK_LOWER","INVALID_ATTRIBUTE"));
|
||||
}
|
||||
|
||||
List<? extends ConfigAttribute> def3 = SecurityConfig.createList("MOCK_UPPER", "RUN_AS_");
|
||||
list.add(def3);
|
||||
list.addAll(SecurityConfig.createList("MOCK_LOWER", "MOCK_UPPER", "RUN_AS_"));
|
||||
|
||||
if (includeInvalidAttributes) {
|
||||
List<? extends ConfigAttribute> def4 = SecurityConfig.createList("MOCK_SOMETHING", "ANOTHER_INVALID");
|
||||
list.add(def4);
|
||||
list.addAll(SecurityConfig.createList("MOCK_SOMETHING", "ANOTHER_INVALID"));
|
||||
}
|
||||
}
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
|
||||
public Collection<ConfigAttribute> getAllConfigAttributes() {
|
||||
if (returnACollection) {
|
||||
return list;
|
||||
} else {
|
||||
@ -74,11 +69,11 @@ public class MockMethodDefinitionSource implements MethodDefinitionSource {
|
||||
throw new UnsupportedOperationException("mock method not implemented");
|
||||
}
|
||||
|
||||
public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
|
||||
public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
|
||||
throw new UnsupportedOperationException("mock method not implemented");
|
||||
}
|
||||
|
||||
public boolean supports(Class clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
return (MethodInvocation.class.isAssignableFrom(clazz) || JoinPoint.class.isAssignableFrom(clazz));
|
||||
}
|
||||
|
||||
|
||||
@ -5,6 +5,7 @@ import java.lang.reflect.Method;
|
||||
|
||||
import org.aopalliance.intercept.MethodInvocation;
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
public class MockMethodInvocation implements MethodInvocation {
|
||||
private Method method;
|
||||
private Object targetObject;
|
||||
|
||||
@ -440,15 +440,15 @@ public class MethodSecurityInterceptorTests extends TestCase {
|
||||
}
|
||||
|
||||
private class MockObjectDefinitionSourceWhichOnlySupportsStrings implements MethodDefinitionSource {
|
||||
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
|
||||
public Collection<ConfigAttribute> getAllConfigAttributes() {
|
||||
return null;
|
||||
}
|
||||
|
||||
public List<ConfigAttribute> getAttributes(Method method, Class targetClass) {
|
||||
public List<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
|
||||
throw new UnsupportedOperationException("mock method not implemented");
|
||||
}
|
||||
|
||||
public boolean supports(Class clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
if (String.class.isAssignableFrom(clazz)) {
|
||||
return true;
|
||||
} else {
|
||||
@ -466,7 +466,7 @@ public class MethodSecurityInterceptorTests extends TestCase {
|
||||
throw new UnsupportedOperationException("mock method not implemented");
|
||||
}
|
||||
|
||||
public boolean supports(Class clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
if (String.class.isAssignableFrom(clazz)) {
|
||||
return true;
|
||||
} else {
|
||||
|
||||
@ -108,7 +108,7 @@ public class LdapAuthenticationProviderTests extends TestCase {
|
||||
assertEquals("ben", user.getUsername());
|
||||
assertEquals("ben", populator.getRequestedUsername());
|
||||
|
||||
ArrayList authorities = new ArrayList();
|
||||
ArrayList<String> authorities = new ArrayList<String>();
|
||||
authorities.add(user.getAuthorities().get(0).getAuthority());
|
||||
authorities.add(user.getAuthorities().get(1).getAuthority());
|
||||
|
||||
|
||||
@ -70,7 +70,7 @@ public class RunAsUserTokenTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testNoArgConstructorDoesntExist() {
|
||||
Class clazz = RunAsUserToken.class;
|
||||
Class<RunAsUserToken> clazz = RunAsUserToken.class;
|
||||
|
||||
try {
|
||||
clazz.getDeclaredConstructor((Class[]) null);
|
||||
|
||||
@ -15,28 +15,24 @@
|
||||
|
||||
package org.springframework.security.securechannel;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
import org.springframework.security.ConfigAttribute;
|
||||
import org.springframework.security.SecurityConfig;
|
||||
|
||||
import org.springframework.security.intercept.web.FilterInvocation;
|
||||
import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;
|
||||
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.Vector;
|
||||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.ConfigAttribute;
|
||||
import org.springframework.security.SecurityConfig;
|
||||
import org.springframework.security.intercept.web.FilterInvocation;
|
||||
import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link ChannelProcessingFilter}.
|
||||
@ -266,18 +262,15 @@ public class ChannelProcessingFilterTests extends TestCase {
|
||||
}
|
||||
}
|
||||
|
||||
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
|
||||
public Collection<ConfigAttribute> getAllConfigAttributes() {
|
||||
if (!provideIterator) {
|
||||
return null;
|
||||
}
|
||||
|
||||
List list = new Vector();
|
||||
list.add(toReturn);
|
||||
|
||||
return list;
|
||||
return toReturn;
|
||||
}
|
||||
|
||||
public boolean supports(Class clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
@ -5,10 +5,11 @@ import java.lang.reflect.InvocationTargetException;
|
||||
import junit.framework.TestCase;
|
||||
|
||||
/**
|
||||
* Testcases for {@link ThrowableAnalyzer}.
|
||||
* Test cases for {@link ThrowableAnalyzer}.
|
||||
*
|
||||
* @author Andreas Senft
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
public class ThrowableAnalyzerTests extends TestCase {
|
||||
|
||||
/**
|
||||
@ -101,27 +102,6 @@ public class ThrowableAnalyzerTests extends TestCase {
|
||||
super.tearDown();
|
||||
}
|
||||
|
||||
|
||||
public void testRegisterExtractorWithInvalidClass() {
|
||||
try {
|
||||
new ThrowableAnalyzer() {
|
||||
|
||||
/**
|
||||
* @see org.springframework.security.util.ThrowableAnalyzer#initExtractorMap()
|
||||
*/
|
||||
@Override
|
||||
protected void initExtractorMap() {
|
||||
// Object is no subclass of Throwable
|
||||
super.registerExtractor(Object.class, DEFAULT_EXTRACTOR);
|
||||
}
|
||||
};
|
||||
|
||||
fail("IllegalArgumentExpected");
|
||||
} catch (IllegalArgumentException e) {
|
||||
// ok
|
||||
}
|
||||
}
|
||||
|
||||
public void testRegisterExtractorWithInvalidExtractor() {
|
||||
try {
|
||||
new ThrowableAnalyzer() {
|
||||
|
||||
@ -152,7 +152,7 @@ public class AbstractAccessDecisionManagerTests extends TestCase {
|
||||
}
|
||||
|
||||
private class MockStringOnlyVoter implements AccessDecisionVoter {
|
||||
public boolean supports(Class<? extends Object> clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
if (String.class.isAssignableFrom(clazz)) {
|
||||
return true;
|
||||
} else {
|
||||
|
||||
@ -47,7 +47,7 @@ public class DenyAgainVoter implements AccessDecisionVoter {
|
||||
}
|
||||
}
|
||||
|
||||
public boolean supports(Class<? extends Object> clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@ -41,7 +41,7 @@ public class DenyVoter implements AccessDecisionVoter {
|
||||
}
|
||||
}
|
||||
|
||||
public boolean supports(Class<? extends Object> clazz) {
|
||||
public boolean supports(Class<?> clazz) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user