Moved LDAP placeholder config test into LDAP tests to prevent issues with parallel tests. Converted LdapProviderBDP tests to groovy/spock. Other misc tidying of config tests.

config/src/test/groovy/org/springframework/security/config/http/AbstractHttpConfigTests.groovy

@@ -6,7 +6,6 @@ import org.springframework.mock.web.MockHttpServletRequest
 import org.springframework.mock.web.MockHttpServletResponse
 import org.springframework.security.config.AbstractXmlConfigTests
 import org.springframework.security.config.BeanIds
-import org.springframework.security.web.FilterChainProxy
 import org.springframework.security.web.FilterInvocation
 
 abstract class AbstractHttpConfigTests extends AbstractXmlConfigTests {

config/src/test/groovy/org/springframework/security/config/http/AccessDeniedConfigTests.groovy

@@ -26,7 +26,7 @@ class AccessDeniedConfigTests extends AbstractHttpConfigTests {
         httpAccessDeniedPage ('noLeadingSlash') { }
         createAppContext();
         then:
-        BeanCreationException e = thrown()
+        thrown(BeanCreationException)
     }
 
     def accessDeniedHandlerIsSetCorectly() {
@@ -50,7 +50,7 @@ class AccessDeniedConfigTests extends AbstractHttpConfigTests {
         }
         createAppContext();
         then:
-        BeanDefinitionParsingException e = thrown()
+        thrown(BeanDefinitionParsingException)
     }
 
     def void accessDeniedHandlerPageAndRefAreMutuallyExclusive() {
@@ -61,7 +61,7 @@ class AccessDeniedConfigTests extends AbstractHttpConfigTests {
         createAppContext();
         bean('adh', AccessDeniedHandlerImpl)
         then:
-        BeanDefinitionParsingException e = thrown()
+        thrown(BeanDefinitionParsingException)
     }
 
     def httpAccessDeniedPage(String page, Closure c) {

config/src/test/groovy/org/springframework/security/config/http/PlaceHolderAndELConfigTests.groovy

@@ -19,7 +19,7 @@ class PlaceHolderAndELConfigTests extends AbstractHttpConfigTests {
 
     def setup() {
         // Add a PropertyPlaceholderConfigurer to the context for all the tests
-        xml.'b:bean'('class': PropertyPlaceholderConfigurer.class.name)
+        bean(PropertyPlaceholderConfigurer.class.name, PropertyPlaceholderConfigurer.class)
     }
 
     def unsecuredPatternSupportsPlaceholderForPattern() {
@@ -151,19 +151,4 @@ class PlaceHolderAndELConfigTests extends AbstractHttpConfigTests {
         expect:
         getFilter(ExceptionTranslationFilter).accessDeniedHandler.errorPage == '/go-away'
     }
-    
-    def ldapAuthenticationProviderWorksWithPlaceholders() {
-        System.setProperty('udp','people')
-        System.setProperty('gsf','member')
-        xml.'ldap-server'()
-        xml.'authentication-manager'{
-            'ldap-authentication-provider'('user-dn-pattern':'uid={0},ou=${udp}','group-search-filter':'${gsf}={0}')
-        }
-        createAppContext('')
-        def provider = this.appContext.getBean(BeanIds.AUTHENTICATION_MANAGER).providers[0];
-        
-        expect:
-        [new MessageFormat("uid={0},ou=people")] == FieldUtils.getFieldValue(provider,"authenticator.userDnFormat");
-        "member={0}" == FieldUtils.getFieldValue(provider, "authoritiesPopulator.groupSearchFilter");
-    }
 }

config/src/test/groovy/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParserTests.groovy

@@ -0,0 +1,153 @@
+package org.springframework.security.config.ldap
+
+import java.text.MessageFormat
+import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer
+import org.springframework.security.config.AbstractXmlConfigTests
+import org.springframework.security.config.BeanIds
+import org.springframework.security.util.FieldUtils
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
+import org.springframework.context.ApplicationContextException
+import org.springframework.security.core.AuthenticationException
+import org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper
+
+/**
+ * @author Luke Taylor
+ */
+class LdapProviderBeanDefinitionParserTests extends AbstractXmlConfigTests {
+
+    // SEC-1182
+    def multipleProvidersAreSupported() {
+        xml.'ldap-server'(url: 'ldap://blah:389/dc=blah')
+        xml.'authentication-manager'() {
+            'ldap-authentication-provider'('group-search-filter': 'member={0}')
+            'ldap-authentication-provider'('group-search-filter': 'uniqueMember={0}')
+        }
+
+        createAppContext('')
+
+        def providers = appContext.getBean(BeanIds.AUTHENTICATION_MANAGER).providers
+
+        expect:
+
+        providers.size() == 2
+        providers[0].authoritiesPopulator.groupSearchFilter == "member={0}"
+        providers[1].authoritiesPopulator.groupSearchFilter == "uniqueMember={0}"
+    }
+
+
+    def simpleProviderAuthenticatesCorrectly() {
+        xml.'ldap-server'()
+        xml.'authentication-manager'{
+            'ldap-authentication-provider'('group-search-filter':'member={0}')
+        }
+
+        createAppContext('')
+
+        def am = appContext.getBean(BeanIds.AUTHENTICATION_MANAGER)
+
+        when:
+        def auth = am.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword"))
+        def ben =  auth.principal;
+
+        then:
+        ben.authorities.size() == 3
+    }
+
+    def missingServerEltCausesConfigException() {
+        xml.'authentication-manager'{
+            'ldap-authentication-provider'()
+        }
+
+        when:
+        createAppContext('')
+
+        then:
+        thrown(ApplicationContextException)
+    }
+
+    def supportsPasswordComparisonAuthentication() {
+        xml.'ldap-server'()
+        xml.'authentication-manager'{
+            'ldap-authentication-provider'('user-dn-pattern': 'uid={0},ou=people')
+            'password-compare'
+        }
+        createAppContext('')
+        def am = appContext.getBean(BeanIds.AUTHENTICATION_MANAGER)
+
+        when:
+        def auth = am.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword"))
+
+        then:
+        auth != null
+        notThrown(AuthenticationException)
+    }
+
+    def supportsPasswordComparisonAuthenticationWithHashAttribute() {
+        xml.'ldap-server'()
+        xml.'authentication-manager'{
+            'ldap-authentication-provider'('user-dn-pattern': 'uid={0},ou=people') {
+                'password-compare'('password-attribute': 'uid', hash: 'plaintext')
+            }
+        }
+        createAppContext('')
+        def am = appContext.getBean(BeanIds.AUTHENTICATION_MANAGER)
+
+        when:
+        def auth = am.authenticate(new UsernamePasswordAuthenticationToken("ben", "ben"))
+
+        then:
+        auth != null
+        notThrown(AuthenticationException)
+
+    }
+
+    def supportsPasswordComparisonAuthenticationWithPasswordEncoder() {
+        xml.'ldap-server'()
+        xml.'authentication-manager'{
+            'ldap-authentication-provider'('user-dn-pattern': 'uid={0},ou=people') {
+                'password-compare'('password-attribute': 'uid') {
+                    'password-encoder'(hash: 'plaintext')
+                }
+            }
+        }
+
+        createAppContext('')
+        def am = appContext.getBean(BeanIds.AUTHENTICATION_MANAGER)
+
+        when:
+        def auth = am.authenticate(new UsernamePasswordAuthenticationToken("ben", "ben"))
+
+        then:
+        auth != null
+        notThrown(AuthenticationException)
+    }
+
+    def inetOrgContextMapperIsSupported()  {
+        xml.'ldap-server'(url: 'ldap://127.0.0.1:343/dc=springframework,dc=org')
+        xml.'authentication-manager'{
+            'ldap-authentication-provider'('user-details-class' :'inetOrgPerson')
+        }
+        createAppContext('')
+
+        expect:
+        appContext.getBean(BeanIds.AUTHENTICATION_MANAGER).providers[0].userDetailsContextMapper instanceof InetOrgPersonContextMapper
+    }
+
+    def ldapAuthenticationProviderWorksWithPlaceholders() {
+        System.setProperty('udp','people')
+        System.setProperty('gsf','member')
+
+        xml.'ldap-server'()
+        xml.'authentication-manager'{
+            'ldap-authentication-provider'('user-dn-pattern':'uid={0},ou=${udp}','group-search-filter':'${gsf}={0}')
+        }
+        bean(PropertyPlaceholderConfigurer.class.name, PropertyPlaceholderConfigurer.class)
+
+        createAppContext('')
+        def provider = this.appContext.getBean(BeanIds.AUTHENTICATION_MANAGER).providers[0]
+
+        expect:
+        [new MessageFormat("uid={0},ou=people")] == FieldUtils.getFieldValue(provider,"authenticator.userDnFormat")
+        "member={0}" == FieldUtils.getFieldValue(provider, "authoritiesPopulator.groupSearchFilter")
+    }
+}

config/src/test/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParserTests.java

@@ -1,143 +0,0 @@
-package org.springframework.security.config.ldap;
-
-import static org.junit.Assert.*;
-import static org.springframework.security.config.ldap.LdapProviderBeanDefinitionParser.*;
-
-import org.junit.After;
-import org.junit.Test;
-import org.springframework.context.ApplicationContextException;
-import org.springframework.security.authentication.ProviderManager;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.config.BeanIds;
-import org.springframework.security.config.util.InMemoryXmlApplicationContext;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.ldap.authentication.BindAuthenticator;
-import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
-import org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator;
-import org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper;
-import org.springframework.security.ldap.userdetails.LdapUserDetailsImpl;
-import org.springframework.security.util.FieldUtils;
-
-
-/**
- * @author Luke Taylor
- */
-public class LdapProviderBeanDefinitionParserTests {
-    InMemoryXmlApplicationContext appCtx;
-
-    @After
-    public void closeAppContext() {
-        if (appCtx != null) {
-            appCtx.close();
-            appCtx = null;
-        }
-    }
-
-    @Test
-    public void beanClassNamesAreCorrect() throws Exception {
-        assertEquals(PROVIDER_CLASS, LdapAuthenticationProvider.class.getName());
-        assertEquals(BIND_AUTH_CLASS, BindAuthenticator.class.getName());
-        assertEquals(PASSWD_AUTH_CLASS, PasswordComparisonAuthenticator.class.getName());
-    }
-
-    // SEC-1182
-    @Test
-    public void multipleProvidersAreSupported() throws Exception {
-        setContext("<ldap-server url='ldap://blah:389/dc=blah'/>" +
-                "<authentication-manager>" +
-                "   <ldap-authentication-provider group-search-filter='member={0}' />" +
-                "   <ldap-authentication-provider group-search-filter='uniqueMember={0}' />" +
-                "</authentication-manager>");
-
-        ProviderManager authManager = (ProviderManager) appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER);
-
-        assertEquals(2, authManager.getProviders().size());
-        assertEquals("member={0}", FieldUtils.getFieldValue(authManager.getProviders().get(0), "authoritiesPopulator.groupSearchFilter"));
-        assertEquals("uniqueMember={0}", FieldUtils.getFieldValue(authManager.getProviders().get(1), "authoritiesPopulator.groupSearchFilter"));
-    }
-
-    @Test
-    public void simpleProviderAuthenticatesCorrectly() {
-        setContext("<ldap-server />" +
-                "<authentication-manager>" +
-                "   <ldap-authentication-provider group-search-filter='member={0}' />" +
-                "</authentication-manager>");
-
-        LdapAuthenticationProvider provider = getProvider();
-        Authentication auth = provider.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword"));
-        LdapUserDetailsImpl ben = (LdapUserDetailsImpl) auth.getPrincipal();
-
-        assertEquals(3, ben.getAuthorities().size());
-    }
-
-    @Test(expected = ApplicationContextException.class)
-    public void missingServerEltCausesConfigException() {
-        setContext(
-                "<authentication-manager>" +
-                "   <ldap-authentication-provider />" +
-                "</authentication-manager>");
-    }
-
-    @Test
-    public void supportsPasswordComparisonAuthentication() {
-        setContext("<ldap-server /> " +
-                "<authentication-manager>" +
-                "<ldap-authentication-provider user-dn-pattern='uid={0},ou=people'>" +
-                "    <password-compare />" +
-                "</ldap-authentication-provider>"+
-                "</authentication-manager>");
-        LdapAuthenticationProvider provider = getProvider();
-        provider.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword"));
-    }
-
-
-    @Test
-    public void supportsPasswordComparisonAuthenticationWithHashAttribute() {
-        setContext("<ldap-server /> " +
-                "<authentication-manager>" +
-                "<ldap-authentication-provider user-dn-pattern='uid={0},ou=people'>" +
-                "    <password-compare password-attribute='uid' hash='plaintext'/>" +
-                "</ldap-authentication-provider>" +
-                "</authentication-manager>");
-        LdapAuthenticationProvider provider = getProvider();
-        provider.authenticate(new UsernamePasswordAuthenticationToken("ben", "ben"));
-    }
-
-    @Test
-    public void supportsPasswordComparisonAuthenticationWithPasswordEncoder() {
-        setContext("<ldap-server /> " +
-                "<authentication-manager>" +
-                "<ldap-authentication-provider user-dn-pattern='uid={0},ou=people'>" +
-                "    <password-compare password-attribute='uid'>" +
-                "        <password-encoder hash='plaintext'/>" +
-                "    </password-compare>" +
-                "</ldap-authentication-provider>" +
-                "</authentication-manager>");
-        LdapAuthenticationProvider provider = getProvider();
-        provider.authenticate(new UsernamePasswordAuthenticationToken("ben", "ben"));
-    }
-
-    @Test
-    public void inetOrgContextMapperIsSupported() throws Exception {
-        setContext(
-                "<ldap-server id='someServer' url='ldap://127.0.0.1:343/dc=springframework,dc=org'/>" +
-                "<authentication-manager>" +
-                "    <ldap-authentication-provider user-details-class='inetOrgPerson'/>" +
-                "</authentication-manager>");
-        LdapAuthenticationProvider provider = getProvider();
-        assertTrue(FieldUtils.getFieldValue(provider, "userDetailsContextMapper") instanceof InetOrgPersonContextMapper);
-    }
-
-    private void setContext(String context) {
-        appCtx = new InMemoryXmlApplicationContext(context);
-    }
-
-    private LdapAuthenticationProvider getProvider() {
-        ProviderManager authManager = (ProviderManager) appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER);
-
-        assertEquals(1, authManager.getProviders().size());
-
-        LdapAuthenticationProvider provider = (LdapAuthenticationProvider) authManager.getProviders().get(0);
-        return provider;
-    }
-}