Removed dataSource null validation

Fixed data source validation
2024-03-13 19:32:07 +05:00 · 2024-03-13 19:32:07 +05:00 · 33ebd5405a
parent 2d2c2d31fa
commit 33ebd5405a
2 changed files with 41 additions and 1 deletions
--- a/config/src/main/java/org/springframework/security/config/authentication/JdbcUserServiceBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/authentication/JdbcUserServiceBeanDefinitionParser.java
@ -42,7 +42,7 @@ public class JdbcUserServiceBeanDefinitionParser extends AbstractUserDetailsServ
 	@Override
 	protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
 		String dataSource = element.getAttribute(ATT_DATA_SOURCE);
-		if (dataSource != null) {
+		if (StringUtils.hasText(dataSource)) {
 			builder.addPropertyReference("dataSource", dataSource);
 		}
 		else {
--- a/config/src/test/java/org/springframework/security/config/authentication/JdbcUserServiceBeanDefinitionParserTests.java
+++ b/config/src/test/java/org/springframework/security/config/authentication/JdbcUserServiceBeanDefinitionParserTests.java
@ -16,10 +16,12 @@

 package org.springframework.security.config.authentication;

+import org.assertj.core.api.Assertions;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.Test;
 import org.w3c.dom.Element;

+import org.springframework.beans.factory.BeanDefinitionStoreException;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.CachingUserDetailsService;
 import org.springframework.security.authentication.ProviderManager;
@ -160,6 +162,44 @@ public class JdbcUserServiceBeanDefinitionParserTests {
 		assertThat(AuthorityUtils.authorityListToSet(rod.getAuthorities())).contains("PREFIX_ROLE_SUPERVISOR");
 	}

+	@Test
+	public void testEmptyDataSourceRef() {
+		// @formatter:off
+		String xml = "<authentication-manager>"
+					+ "  <authentication-provider>"
+					+ "    <jdbc-user-service data-source-ref=''/>"
+					+ "  </authentication-provider>"
+					+ "</authentication-manager>";
+		// @formatter:on
+
+		try {
+			setContext(xml);
+			Assertions.fail("Expected exception due to empty data-source-ref");
+		}
+		catch (BeanDefinitionStoreException ex) {
+			assertThat(ex.getMessage()).contains("data-source-ref is required");
+		}
+	}
+
+	@Test
+	public void testMissingDataSourceRef() {
+		// @formatter:off
+		String xml = "<authentication-manager>"
+					+ "  <authentication-provider>"
+					+ "    <jdbc-user-service/>"
+					+ "  </authentication-provider>"
+					+ "</authentication-manager>";
+		// @formatter:on
+
+		try {
+			setContext(xml);
+			Assertions.fail("Expected exception due to missing data-source-ref");
+		}
+		catch (BeanDefinitionStoreException ex) {
+			assertThat(ex.getMessage()).contains("XML document from").contains("is invalid");
+		}
+	}
+
 	private void setContext(String context) {
 		this.appContext = new InMemoryXmlApplicationContext(context);
 	}