SEC-1964: Handle missing series in JdbcTokenRepositoryImpl
Previously JdbcTokenRepositoryImpl would log an error with a misleading message when the token series was missing. Now JdbcTokenRepositoryImpl logs missing token series at info level with a more informative message.
This commit is contained in:
parent
7f9938c8e2
commit
340534dadb
|
@ -1,6 +1,22 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2002-2012 the original author or authors.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
package org.springframework.security.web.authentication.rememberme;
|
package org.springframework.security.web.authentication.rememberme;
|
||||||
|
|
||||||
import org.springframework.dao.DataAccessException;
|
import org.springframework.dao.DataAccessException;
|
||||||
|
import org.springframework.dao.EmptyResultDataAccessException;
|
||||||
import org.springframework.dao.IncorrectResultSizeDataAccessException;
|
import org.springframework.dao.IncorrectResultSizeDataAccessException;
|
||||||
import org.springframework.jdbc.core.RowMapper;
|
import org.springframework.jdbc.core.RowMapper;
|
||||||
import org.springframework.jdbc.core.SqlParameter;
|
import org.springframework.jdbc.core.SqlParameter;
|
||||||
|
@ -79,7 +95,11 @@ public class JdbcTokenRepositoryImpl extends JdbcDaoSupport implements Persisten
|
||||||
return new PersistentRememberMeToken(rs.getString(1), rs.getString(2), rs.getString(3), rs.getTimestamp(4));
|
return new PersistentRememberMeToken(rs.getString(1), rs.getString(2), rs.getString(3), rs.getTimestamp(4));
|
||||||
}
|
}
|
||||||
}, seriesId);
|
}, seriesId);
|
||||||
} catch(IncorrectResultSizeDataAccessException moreThanOne) {
|
} catch(EmptyResultDataAccessException zeroResults) {
|
||||||
|
if(logger.isInfoEnabled()) {
|
||||||
|
logger.info("Querying token for series '" + seriesId + "' returned no results.", zeroResults);
|
||||||
|
}
|
||||||
|
}catch(IncorrectResultSizeDataAccessException moreThanOne) {
|
||||||
logger.error("Querying token for series '" + seriesId + "' returned more than one value. Series" +
|
logger.error("Querying token for series '" + seriesId + "' returned more than one value. Series" +
|
||||||
" should be unique");
|
" should be unique");
|
||||||
} catch(DataAccessException e) {
|
} catch(DataAccessException e) {
|
||||||
|
|
|
@ -1,25 +1,55 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2002-2012 the original author or authors.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
package org.springframework.security.web.authentication.rememberme;
|
package org.springframework.security.web.authentication.rememberme;
|
||||||
|
|
||||||
import static org.junit.Assert.*;
|
import static org.junit.Assert.*;
|
||||||
|
import static org.mockito.Matchers.any;
|
||||||
|
import static org.mockito.Matchers.eq;
|
||||||
|
import static org.mockito.Mockito.verify;
|
||||||
|
import static org.mockito.Mockito.verifyNoMoreInteractions;
|
||||||
|
import static org.mockito.Mockito.when;
|
||||||
|
|
||||||
import java.sql.Timestamp;
|
import java.sql.Timestamp;
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
|
import org.apache.commons.logging.Log;
|
||||||
import org.junit.After;
|
import org.junit.After;
|
||||||
import org.junit.AfterClass;
|
import org.junit.AfterClass;
|
||||||
import org.junit.Before;
|
import org.junit.Before;
|
||||||
import org.junit.BeforeClass;
|
import org.junit.BeforeClass;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
|
import org.junit.runner.RunWith;
|
||||||
|
import org.mockito.Mock;
|
||||||
|
import org.mockito.runners.MockitoJUnitRunner;
|
||||||
|
import org.springframework.dao.EmptyResultDataAccessException;
|
||||||
import org.springframework.jdbc.core.JdbcTemplate;
|
import org.springframework.jdbc.core.JdbcTemplate;
|
||||||
import org.springframework.jdbc.datasource.SingleConnectionDataSource;
|
import org.springframework.jdbc.datasource.SingleConnectionDataSource;
|
||||||
|
import org.springframework.test.util.ReflectionTestUtils;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Luke Taylor
|
* @author Luke Taylor
|
||||||
*/
|
*/
|
||||||
@SuppressWarnings("unchecked")
|
@SuppressWarnings("unchecked")
|
||||||
|
@RunWith(MockitoJUnitRunner.class)
|
||||||
public class JdbcTokenRepositoryImplTests {
|
public class JdbcTokenRepositoryImplTests {
|
||||||
|
@Mock
|
||||||
|
private Log logger;
|
||||||
|
|
||||||
private static SingleConnectionDataSource dataSource;
|
private static SingleConnectionDataSource dataSource;
|
||||||
private JdbcTokenRepositoryImpl repo;
|
private JdbcTokenRepositoryImpl repo;
|
||||||
private JdbcTemplate template;
|
private JdbcTemplate template;
|
||||||
|
@ -39,6 +69,7 @@ public class JdbcTokenRepositoryImplTests {
|
||||||
@Before
|
@Before
|
||||||
public void populateDatabase() {
|
public void populateDatabase() {
|
||||||
repo = new JdbcTokenRepositoryImpl();
|
repo = new JdbcTokenRepositoryImpl();
|
||||||
|
ReflectionTestUtils.setField(repo, "logger", logger);
|
||||||
repo.setDataSource(dataSource);
|
repo.setDataSource(dataSource);
|
||||||
repo.initDao();
|
repo.initDao();
|
||||||
template = repo.getJdbcTemplate();
|
template = repo.getJdbcTemplate();
|
||||||
|
@ -90,6 +121,19 @@ public class JdbcTokenRepositoryImplTests {
|
||||||
assertNull(repo.getTokenForSeries("joesseries"));
|
assertNull(repo.getTokenForSeries("joesseries"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// SEC-1964
|
||||||
|
@Test
|
||||||
|
public void retrievingTokenWithNoSeriesReturnsNull() {
|
||||||
|
when(logger.isInfoEnabled()).thenReturn(true);
|
||||||
|
|
||||||
|
assertNull(repo.getTokenForSeries("missingSeries"));
|
||||||
|
|
||||||
|
verify(logger).isInfoEnabled();
|
||||||
|
verify(logger).info(eq("Querying token for series 'missingSeries' returned no results."),
|
||||||
|
any(EmptyResultDataAccessException.class));
|
||||||
|
verifyNoMoreInteractions(logger);
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void removingUserTokensDeletesData() {
|
public void removingUserTokensDeletesData() {
|
||||||
template.execute("insert into persistent_logins (series, username, token, last_used) values " +
|
template.execute("insert into persistent_logins (series, username, token, last_used) values " +
|
||||||
|
|
|
@ -13,6 +13,7 @@ dependencies {
|
||||||
|
|
||||||
testCompile project(':spring-security-core').sourceSets.test.output,
|
testCompile project(':spring-security-core').sourceSets.test.output,
|
||||||
'commons-codec:commons-codec:1.3',
|
'commons-codec:commons-codec:1.3',
|
||||||
|
"org.slf4j:jcl-over-slf4j:$slf4jVersion",
|
||||||
"org.springframework:spring-test:$springVersion",
|
"org.springframework:spring-test:$springVersion",
|
||||||
"org.powermock:powermock-core:$powerMockVersion",
|
"org.powermock:powermock-core:$powerMockVersion",
|
||||||
"org.powermock:powermock-api-support:$powerMockVersion",
|
"org.powermock:powermock-api-support:$powerMockVersion",
|
||||||
|
|
Loading…
Reference in New Issue