diff --git a/config/src/test/groovy/org/springframework/security/config/http/AbstractHttpConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/AbstractHttpConfigTests.groovy
index 093a38e4df..8f842e382a 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/AbstractHttpConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/AbstractHttpConfigTests.groovy
@@ -6,7 +6,6 @@ import org.springframework.mock.web.MockHttpServletRequest
import org.springframework.mock.web.MockHttpServletResponse
import org.springframework.security.config.AbstractXmlConfigTests
import org.springframework.security.config.BeanIds
-import org.springframework.security.web.FilterChainProxy
import org.springframework.security.web.FilterInvocation
abstract class AbstractHttpConfigTests extends AbstractXmlConfigTests {
diff --git a/config/src/test/groovy/org/springframework/security/config/http/AccessDeniedConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/AccessDeniedConfigTests.groovy
index 7ece6afa8e..7ad7beeef9 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/AccessDeniedConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/AccessDeniedConfigTests.groovy
@@ -26,7 +26,7 @@ class AccessDeniedConfigTests extends AbstractHttpConfigTests {
httpAccessDeniedPage ('noLeadingSlash') { }
createAppContext();
then:
- BeanCreationException e = thrown()
+ thrown(BeanCreationException)
}
def accessDeniedHandlerIsSetCorectly() {
@@ -50,7 +50,7 @@ class AccessDeniedConfigTests extends AbstractHttpConfigTests {
}
createAppContext();
then:
- BeanDefinitionParsingException e = thrown()
+ thrown(BeanDefinitionParsingException)
}
def void accessDeniedHandlerPageAndRefAreMutuallyExclusive() {
@@ -61,7 +61,7 @@ class AccessDeniedConfigTests extends AbstractHttpConfigTests {
createAppContext();
bean('adh', AccessDeniedHandlerImpl)
then:
- BeanDefinitionParsingException e = thrown()
+ thrown(BeanDefinitionParsingException)
}
def httpAccessDeniedPage(String page, Closure c) {
diff --git a/config/src/test/groovy/org/springframework/security/config/http/PlaceHolderAndELConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/PlaceHolderAndELConfigTests.groovy
index d9448a92c9..7e57d9750d 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/PlaceHolderAndELConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/PlaceHolderAndELConfigTests.groovy
@@ -19,7 +19,7 @@ class PlaceHolderAndELConfigTests extends AbstractHttpConfigTests {
def setup() {
// Add a PropertyPlaceholderConfigurer to the context for all the tests
- xml.'b:bean'('class': PropertyPlaceholderConfigurer.class.name)
+ bean(PropertyPlaceholderConfigurer.class.name, PropertyPlaceholderConfigurer.class)
}
def unsecuredPatternSupportsPlaceholderForPattern() {
@@ -151,19 +151,4 @@ class PlaceHolderAndELConfigTests extends AbstractHttpConfigTests {
expect:
getFilter(ExceptionTranslationFilter).accessDeniedHandler.errorPage == '/go-away'
}
-
- def ldapAuthenticationProviderWorksWithPlaceholders() {
- System.setProperty('udp','people')
- System.setProperty('gsf','member')
- xml.'ldap-server'()
- xml.'authentication-manager'{
- 'ldap-authentication-provider'('user-dn-pattern':'uid={0},ou=${udp}','group-search-filter':'${gsf}={0}')
- }
- createAppContext('')
- def provider = this.appContext.getBean(BeanIds.AUTHENTICATION_MANAGER).providers[0];
-
- expect:
- [new MessageFormat("uid={0},ou=people")] == FieldUtils.getFieldValue(provider,"authenticator.userDnFormat");
- "member={0}" == FieldUtils.getFieldValue(provider, "authoritiesPopulator.groupSearchFilter");
- }
}
diff --git a/config/src/test/groovy/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParserTests.groovy b/config/src/test/groovy/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParserTests.groovy
new file mode 100644
index 0000000000..f01ce9c0a6
--- /dev/null
+++ b/config/src/test/groovy/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParserTests.groovy
@@ -0,0 +1,153 @@
+package org.springframework.security.config.ldap
+
+import java.text.MessageFormat
+import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer
+import org.springframework.security.config.AbstractXmlConfigTests
+import org.springframework.security.config.BeanIds
+import org.springframework.security.util.FieldUtils
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
+import org.springframework.context.ApplicationContextException
+import org.springframework.security.core.AuthenticationException
+import org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper
+
+/**
+ * @author Luke Taylor
+ */
+class LdapProviderBeanDefinitionParserTests extends AbstractXmlConfigTests {
+
+ // SEC-1182
+ def multipleProvidersAreSupported() {
+ xml.'ldap-server'(url: 'ldap://blah:389/dc=blah')
+ xml.'authentication-manager'() {
+ 'ldap-authentication-provider'('group-search-filter': 'member={0}')
+ 'ldap-authentication-provider'('group-search-filter': 'uniqueMember={0}')
+ }
+
+ createAppContext('')
+
+ def providers = appContext.getBean(BeanIds.AUTHENTICATION_MANAGER).providers
+
+ expect:
+
+ providers.size() == 2
+ providers[0].authoritiesPopulator.groupSearchFilter == "member={0}"
+ providers[1].authoritiesPopulator.groupSearchFilter == "uniqueMember={0}"
+ }
+
+
+ def simpleProviderAuthenticatesCorrectly() {
+ xml.'ldap-server'()
+ xml.'authentication-manager'{
+ 'ldap-authentication-provider'('group-search-filter':'member={0}')
+ }
+
+ createAppContext('')
+
+ def am = appContext.getBean(BeanIds.AUTHENTICATION_MANAGER)
+
+ when:
+ def auth = am.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword"))
+ def ben = auth.principal;
+
+ then:
+ ben.authorities.size() == 3
+ }
+
+ def missingServerEltCausesConfigException() {
+ xml.'authentication-manager'{
+ 'ldap-authentication-provider'()
+ }
+
+ when:
+ createAppContext('')
+
+ then:
+ thrown(ApplicationContextException)
+ }
+
+ def supportsPasswordComparisonAuthentication() {
+ xml.'ldap-server'()
+ xml.'authentication-manager'{
+ 'ldap-authentication-provider'('user-dn-pattern': 'uid={0},ou=people')
+ 'password-compare'
+ }
+ createAppContext('')
+ def am = appContext.getBean(BeanIds.AUTHENTICATION_MANAGER)
+
+ when:
+ def auth = am.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword"))
+
+ then:
+ auth != null
+ notThrown(AuthenticationException)
+ }
+
+ def supportsPasswordComparisonAuthenticationWithHashAttribute() {
+ xml.'ldap-server'()
+ xml.'authentication-manager'{
+ 'ldap-authentication-provider'('user-dn-pattern': 'uid={0},ou=people') {
+ 'password-compare'('password-attribute': 'uid', hash: 'plaintext')
+ }
+ }
+ createAppContext('')
+ def am = appContext.getBean(BeanIds.AUTHENTICATION_MANAGER)
+
+ when:
+ def auth = am.authenticate(new UsernamePasswordAuthenticationToken("ben", "ben"))
+
+ then:
+ auth != null
+ notThrown(AuthenticationException)
+
+ }
+
+ def supportsPasswordComparisonAuthenticationWithPasswordEncoder() {
+ xml.'ldap-server'()
+ xml.'authentication-manager'{
+ 'ldap-authentication-provider'('user-dn-pattern': 'uid={0},ou=people') {
+ 'password-compare'('password-attribute': 'uid') {
+ 'password-encoder'(hash: 'plaintext')
+ }
+ }
+ }
+
+ createAppContext('')
+ def am = appContext.getBean(BeanIds.AUTHENTICATION_MANAGER)
+
+ when:
+ def auth = am.authenticate(new UsernamePasswordAuthenticationToken("ben", "ben"))
+
+ then:
+ auth != null
+ notThrown(AuthenticationException)
+ }
+
+ def inetOrgContextMapperIsSupported() {
+ xml.'ldap-server'(url: 'ldap://127.0.0.1:343/dc=springframework,dc=org')
+ xml.'authentication-manager'{
+ 'ldap-authentication-provider'('user-details-class' :'inetOrgPerson')
+ }
+ createAppContext('')
+
+ expect:
+ appContext.getBean(BeanIds.AUTHENTICATION_MANAGER).providers[0].userDetailsContextMapper instanceof InetOrgPersonContextMapper
+ }
+
+ def ldapAuthenticationProviderWorksWithPlaceholders() {
+ System.setProperty('udp','people')
+ System.setProperty('gsf','member')
+
+ xml.'ldap-server'()
+ xml.'authentication-manager'{
+ 'ldap-authentication-provider'('user-dn-pattern':'uid={0},ou=${udp}','group-search-filter':'${gsf}={0}')
+ }
+ bean(PropertyPlaceholderConfigurer.class.name, PropertyPlaceholderConfigurer.class)
+
+ createAppContext('')
+ def provider = this.appContext.getBean(BeanIds.AUTHENTICATION_MANAGER).providers[0]
+
+ expect:
+ [new MessageFormat("uid={0},ou=people")] == FieldUtils.getFieldValue(provider,"authenticator.userDnFormat")
+ "member={0}" == FieldUtils.getFieldValue(provider, "authoritiesPopulator.groupSearchFilter")
+ }
+}
diff --git a/config/src/test/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParserTests.java
deleted file mode 100644
index 0468e1934c..0000000000
--- a/config/src/test/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParserTests.java
+++ /dev/null
@@ -1,143 +0,0 @@
-package org.springframework.security.config.ldap;
-
-import static org.junit.Assert.*;
-import static org.springframework.security.config.ldap.LdapProviderBeanDefinitionParser.*;
-
-import org.junit.After;
-import org.junit.Test;
-import org.springframework.context.ApplicationContextException;
-import org.springframework.security.authentication.ProviderManager;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.config.BeanIds;
-import org.springframework.security.config.util.InMemoryXmlApplicationContext;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.ldap.authentication.BindAuthenticator;
-import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
-import org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator;
-import org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper;
-import org.springframework.security.ldap.userdetails.LdapUserDetailsImpl;
-import org.springframework.security.util.FieldUtils;
-
-
-/**
- * @author Luke Taylor
- */
-public class LdapProviderBeanDefinitionParserTests {
- InMemoryXmlApplicationContext appCtx;
-
- @After
- public void closeAppContext() {
- if (appCtx != null) {
- appCtx.close();
- appCtx = null;
- }
- }
-
- @Test
- public void beanClassNamesAreCorrect() throws Exception {
- assertEquals(PROVIDER_CLASS, LdapAuthenticationProvider.class.getName());
- assertEquals(BIND_AUTH_CLASS, BindAuthenticator.class.getName());
- assertEquals(PASSWD_AUTH_CLASS, PasswordComparisonAuthenticator.class.getName());
- }
-
- // SEC-1182
- @Test
- public void multipleProvidersAreSupported() throws Exception {
- setContext("" +
- "" +
- " " +
- " " +
- "");
-
- ProviderManager authManager = (ProviderManager) appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER);
-
- assertEquals(2, authManager.getProviders().size());
- assertEquals("member={0}", FieldUtils.getFieldValue(authManager.getProviders().get(0), "authoritiesPopulator.groupSearchFilter"));
- assertEquals("uniqueMember={0}", FieldUtils.getFieldValue(authManager.getProviders().get(1), "authoritiesPopulator.groupSearchFilter"));
- }
-
- @Test
- public void simpleProviderAuthenticatesCorrectly() {
- setContext("" +
- "" +
- " " +
- "");
-
- LdapAuthenticationProvider provider = getProvider();
- Authentication auth = provider.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword"));
- LdapUserDetailsImpl ben = (LdapUserDetailsImpl) auth.getPrincipal();
-
- assertEquals(3, ben.getAuthorities().size());
- }
-
- @Test(expected = ApplicationContextException.class)
- public void missingServerEltCausesConfigException() {
- setContext(
- "" +
- " " +
- "");
- }
-
- @Test
- public void supportsPasswordComparisonAuthentication() {
- setContext(" " +
- "" +
- "" +
- " " +
- ""+
- "");
- LdapAuthenticationProvider provider = getProvider();
- provider.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword"));
- }
-
-
- @Test
- public void supportsPasswordComparisonAuthenticationWithHashAttribute() {
- setContext(" " +
- "" +
- "" +
- " " +
- "" +
- "");
- LdapAuthenticationProvider provider = getProvider();
- provider.authenticate(new UsernamePasswordAuthenticationToken("ben", "ben"));
- }
-
- @Test
- public void supportsPasswordComparisonAuthenticationWithPasswordEncoder() {
- setContext(" " +
- "" +
- "" +
- " " +
- " " +
- " " +
- "" +
- "");
- LdapAuthenticationProvider provider = getProvider();
- provider.authenticate(new UsernamePasswordAuthenticationToken("ben", "ben"));
- }
-
- @Test
- public void inetOrgContextMapperIsSupported() throws Exception {
- setContext(
- "" +
- "" +
- " " +
- "");
- LdapAuthenticationProvider provider = getProvider();
- assertTrue(FieldUtils.getFieldValue(provider, "userDetailsContextMapper") instanceof InetOrgPersonContextMapper);
- }
-
- private void setContext(String context) {
- appCtx = new InMemoryXmlApplicationContext(context);
- }
-
- private LdapAuthenticationProvider getProvider() {
- ProviderManager authManager = (ProviderManager) appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER);
-
- assertEquals(1, authManager.getProviders().size());
-
- LdapAuthenticationProvider provider = (LdapAuthenticationProvider) authManager.getProviders().get(0);
- return provider;
- }
-}