Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Java5 stuff

This commit is contained in:
Luke Taylor 2008-12-09 18:02:58 +00:00
parent 046456c142
commit 3da68a7a82
18 changed files with 76 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/src/main/java/org/springframework/security/authoritymapping/MapBasedAttributes2GrantedAuthoritiesMapper.java
View File

@ -57,7 +57,7 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper implements Attributes2G
/**
* @param attributes2grantedAuthoritiesMap The attributes2grantedAuthoritiesMap to set.
*/
public void setAttributes2grantedAuthoritiesMap(final Map attributes2grantedAuthoritiesMap) {
public void setAttributes2grantedAuthoritiesMap(final Map<?,?> attributes2grantedAuthoritiesMap) {
Assert.notEmpty(attributes2grantedAuthoritiesMap,"A non-empty attributes2grantedAuthoritiesMap must be supplied");
this.attributes2grantedAuthoritiesMap = preProcessMap(attributes2grantedAuthoritiesMap);

5
core/src/main/java/org/springframework/security/authoritymapping/XmlMappableAttributesRetriever.java
View File

@ -4,7 +4,6 @@ import java.io.FilterInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.StringReader;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
@ -114,11 +113,11 @@ public abstract class XmlMappableAttributesRetriever implements MappableAttribut
}
/**
* @param doc
* The Document from which to read the list of roles
* @param doc The Document from which to read the list of roles
* @return String[] the list of roles.
* @throws JaxenException
*/
@SuppressWarnings("unchecked")
private Set<String> getMappableAttributes(Document doc) {
try {
DOMXPath xpath = new DOMXPath(xpathExpression);

24
core/src/main/java/org/springframework/security/config/RememberMeServicesInjectionBeanPostProcessor.java
View File

@ -15,20 +15,20 @@ import org.springframework.security.ui.rememberme.RememberMeServices;
import org.springframework.util.Assert;
/**
*
*
* @author Luke Taylor
* @version $Id$
* @since 2.0
*/
public class RememberMeServicesInjectionBeanPostProcessor implements BeanPostProcessor, BeanFactoryAware {
private Log logger = LogFactory.getLog(getClass());
private ListableBeanFactory beanFactory;
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
if (bean instanceof AbstractProcessingFilter) {
AbstractProcessingFilter pf = (AbstractProcessingFilter) bean;
if (pf.getRememberMeServices() == null) {
logger.info("Setting RememberMeServices on bean " + beanName);
pf.setRememberMeServices(getRememberMeServices());
@ -38,25 +38,25 @@ public class RememberMeServicesInjectionBeanPostProcessor implements BeanPostPro
// Most of the time a user won't present such a parameter with their BASIC authentication request.
// In the future we might support setting the AbstractRememberMeServices.alwaysRemember = true, but I am reluctant to
// do so because it seems likely to lead to lower security for 99.99% of users if they set the property to true.
BasicProcessingFilter bf = (BasicProcessingFilter) bean;
logger.info("Setting RememberMeServices on bean " + beanName);
logger.info("Setting RememberMeServices on bean " + beanName);
bf.setRememberMeServices(getRememberMeServices());
}
return bean;
}
private RememberMeServices getRememberMeServices() {
Map beans = beanFactory.getBeansOfType(RememberMeServices.class);
Assert.isTrue(beans.size() > 0, "No RememberMeServices configured");
Map<?,?> beans = beanFactory.getBeansOfType(RememberMeServices.class);
Assert.isTrue(beans.size() > 0, "No RememberMeServices configured");
Assert.isTrue(beans.size() == 1, "Use of '<remember-me />' requires a single instance of RememberMeServices " +
"in the application context, but more than one was found.");
"in the application context, but more than one was found.");
return (RememberMeServices) beans.values().toArray()[0];
}
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
return bean;
}

1
core/src/main/java/org/springframework/security/config/SessionRegistryInjectionBeanPostProcessor.java
View File

@ -56,6 +56,7 @@ class SessionRegistryInjectionBeanPostProcessor implements BeanPostProcessor, Be
return bean;
}
@SuppressWarnings("unchecked")
private SessionRegistry getSessionRegistry() {
if (sessionRegistry != null) {
return sessionRegistry;

2
core/src/main/java/org/springframework/security/config/UserDetailsServiceInjectionBeanPostProcessor.java
View File

@ -98,7 +98,7 @@ public class UserDetailsServiceInjectionBeanPostProcessor implements BeanPostPro
* if available so should not be used for beans which need to separate the two.
*/
UserDetailsService getUserDetailsService() {
Map beans = beanFactory.getBeansOfType(CachingUserDetailsService.class);
Map<?,?> beans = beanFactory.getBeansOfType(CachingUserDetailsService.class);
if (beans.size() == 0) {
beans = beanFactory.getBeansOfType(UserDetailsService.class);

17
core/src/main/java/org/springframework/security/config/UserServiceBeanDefinitionParser.java
View File

@ -25,20 +25,21 @@ import java.util.Iterator;
public class UserServiceBeanDefinitionParser extends AbstractUserDetailsServiceBeanDefinitionParser {
static final String ATT_PASSWORD = "password";
static final String ATT_NAME = "name";
static final String ELT_USER = "user";
static final String ATT_AUTHORITIES = "authorities";
static final String ATT_PROPERTIES = "properties";
static final String ATT_DISABLED = "disabled";
static final String ATT_NAME = "name";
static final String ELT_USER = "user";
static final String ATT_AUTHORITIES = "authorities";
static final String ATT_PROPERTIES = "properties";
static final String ATT_DISABLED = "disabled";
static final String ATT_LOCKED = "locked";
protected String getBeanClassName(Element element) {
return "org.springframework.security.userdetails.memory.InMemoryDaoImpl";
}
@SuppressWarnings("unchecked")
protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
String userProperties = element.getAttribute(ATT_PROPERTIES);
List userElts = DomUtils.getChildElementsByTagName(element, ELT_USER);
List<Element> userElts = DomUtils.getChildElementsByTagName(element, ELT_USER);
if (StringUtils.hasText(userProperties)) {
@ -57,7 +58,7 @@ public class UserServiceBeanDefinitionParser extends AbstractUserDetailsServiceB
throw new BeanDefinitionStoreException("You must supply user definitions, either with <" + ELT_USER + "> child elements or a " +
"properties file (using the '" + ATT_PROPERTIES + "' attribute)" );
}
UserMap users = new UserMap();
for (Iterator i = userElts.iterator(); i.hasNext();) {
@ -68,7 +69,7 @@ public class UserServiceBeanDefinitionParser extends AbstractUserDetailsServiceB
boolean disabled = "true".equals(userElt.getAttribute(ATT_DISABLED));
users.addUser(new User(userName, password, !disabled, true, true, !locked,
AuthorityUtils.commaSeparatedStringToAuthorityArray(userElt.getAttribute(ATT_AUTHORITIES))));
AuthorityUtils.commaSeparatedStringToAuthorityList(userElt.getAttribute(ATT_AUTHORITIES))));
}
builder.addPropertyValue("userMap", users);

14
core/src/main/java/org/springframework/security/config/X509BeanDefinitionParser.java
View File

@ -29,10 +29,10 @@ public class X509BeanDefinitionParser implements BeanDefinitionParser {
public BeanDefinition parse(Element element, ParserContext parserContext) {
BeanDefinitionBuilder filterBuilder = BeanDefinitionBuilder.rootBeanDefinition(X509PreAuthenticatedProcessingFilter.class);
RootBeanDefinition entryPoint = new RootBeanDefinition(PreAuthenticatedProcessingFilterEntryPoint.class);
RootBeanDefinition entryPoint = new RootBeanDefinition(PreAuthenticatedProcessingFilterEntryPoint.class);
Object source = parserContext.extractSource(element);
filterBuilder.setSource(source);
filterBuilder.getRawBeanDefinition().setSource(source);
entryPoint.setSource(source);
String regex = element.getAttribute(ATT_REGEX);
@ -57,13 +57,13 @@ public class X509BeanDefinitionParser implements BeanDefinitionParser {
provider.getPropertyValues().addPropertyValue("preAuthenticatedUserDetailsService", preAuthUserService);
}
parserContext.getRegistry().registerBeanDefinition(BeanIds.PRE_AUTH_ENTRY_POINT, entryPoint);
parserContext.getRegistry().registerBeanDefinition(BeanIds.PRE_AUTH_ENTRY_POINT, entryPoint);
filterBuilder.addPropertyValue("authenticationManager", new RuntimeBeanReference(BeanIds.AUTHENTICATION_MANAGER));
filterBuilder.addPropertyValue("authenticationManager", new RuntimeBeanReference(BeanIds.AUTHENTICATION_MANAGER));
parserContext.getRegistry().registerBeanDefinition(BeanIds.X509_FILTER, filterBuilder.getBeanDefinition());
ConfigUtils.addHttpFilter(parserContext, new RuntimeBeanReference(BeanIds.X509_FILTER));
parserContext.getRegistry().registerBeanDefinition(BeanIds.X509_FILTER, filterBuilder.getBeanDefinition());
ConfigUtils.addHttpFilter(parserContext, new RuntimeBeanReference(BeanIds.X509_FILTER));
return null;
return null;
}
}

2
core/src/main/java/org/springframework/security/expression/support/SecurityExpressionRoot.java
View File

@ -42,7 +42,7 @@ abstract class SecurityExpressionRoot {
}
public final boolean hasAnyRole(String... roles) {
Set<String> roleSet = AuthorityUtils.authorityArrayToSet(authentication.getAuthorities());
Set<String> roleSet = AuthorityUtils.authorityListToSet(authentication.getAuthorities());
for (String role : roles) {
if (roleSet.contains(role)) {

3
core/src/main/java/org/springframework/security/providers/anonymous/AnonymousAuthenticationToken.java
View File

@ -39,6 +39,9 @@ public class AnonymousAuthenticationToken extends AbstractAuthenticationToken im
//~ Constructors ===================================================================================================
/**
* @deprecated use the second constructor
*/
public AnonymousAuthenticationToken(String key, Object principal, GrantedAuthority[] authorities) {
this(key, principal, Arrays.asList(authorities));
}

2
core/src/main/java/org/springframework/security/userdetails/jdbc/JdbcUserDetailsManager.java
View File

@ -243,7 +243,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
Assert.notNull(authorities);
logger.debug("Creating new group '" + groupName + "' with authorities " +
AuthorityUtils.authorityArrayToSet(authorities));
AuthorityUtils.authorityListToSet(authorities));
getJdbcTemplate().update(insertGroupSql, new String[] {groupName});

18
core/src/main/java/org/springframework/security/userdetails/memory/UserAttribute.java
View File

@ -15,14 +15,13 @@
package org.springframework.security.userdetails.memory;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
/**
* Used by {@link InMemoryDaoImpl} to temporarily store the attributes associated with a user.
@ -37,21 +36,14 @@ public class UserAttribute {
private String password;
private boolean enabled = true;
//~ Constructors ===================================================================================================
public UserAttribute() {
}
//~ Methods ========================================================================================================
public void addAuthority(GrantedAuthority newAuthority) {
this.authorities.add(newAuthority);
}
public GrantedAuthority[] getAuthorities() {
GrantedAuthority[] toReturn = {new GrantedAuthorityImpl("demo")};
return this.authorities.toArray(toReturn);
public List<GrantedAuthority> getAuthorities() {
return this.authorities;
}
/**

13
core/src/main/java/org/springframework/security/util/AuthorityUtils.java
View File

@ -61,22 +61,15 @@ public abstract class AuthorityUtils {
* @param authorityString the comma-separated string
* @return the authorities created by tokenizing the string
*/
public static GrantedAuthority[] commaSeparatedStringToAuthorityArray(String authorityString) {
String[] authorityStrings = StringUtils.tokenizeToStringArray(authorityString, ",");
GrantedAuthority[] authorities = new GrantedAuthority[authorityStrings.length];
for (int i=0; i < authorityStrings.length; i++) {
authorities[i] = new GrantedAuthorityImpl(authorityStrings[i]);
}
return authorities;
public static List<GrantedAuthority> commaSeparatedStringToAuthorityList(String authorityString) {
return createAuthorityList(StringUtils.tokenizeToStringArray(authorityString, ","));
}
/**
* Converts an array of GrantedAuthority objects to a Set.
* @return a Set of the Strings obtained from each call to GrantedAuthority.getAuthority()
*/
public static Set<String> authorityArrayToSet(List<GrantedAuthority> authorities) {
public static Set<String> authorityListToSet(List<GrantedAuthority> authorities) {
Set<String> set = new HashSet<String>(authorities.size());
for (GrantedAuthority authority: authorities) {

2
core/src/test/java/org/springframework/security/config/JdbcUserServiceBeanDefinitionParserTests.java
View File

@ -116,7 +116,7 @@ public class JdbcUserServiceBeanDefinitionParserTests {
setContext("<jdbc-user-service id='myUserService' role-prefix='PREFIX_' data-source-ref='dataSource'/>" + DATA_SOURCE);
JdbcUserDetailsManager mgr = (JdbcUserDetailsManager) appContext.getBean("myUserService");
UserDetails rod = mgr.loadUserByUsername("rod");
assertTrue(AuthorityUtils.authorityArrayToSet(rod.getAuthorities()).contains("PREFIX_ROLE_SUPERVISOR"));
assertTrue(AuthorityUtils.authorityListToSet(rod.getAuthorities()).contains("PREFIX_ROLE_SUPERVISOR"));
}

8
core/src/test/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParserTests.java
View File

@ -41,7 +41,7 @@ public class LdapUserServiceBeanDefinitionParserTests {
UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS");
UserDetails ben = uds.loadUserByUsername("ben");
Set authorities = AuthorityUtils.authorityArrayToSet(ben.getAuthorities());
Set authorities = AuthorityUtils.authorityListToSet(ben.getAuthorities());
assertEquals(3, authorities.size());
assertTrue(authorities.contains("ROLE_DEVELOPERS"));
}
@ -71,11 +71,11 @@ public class LdapUserServiceBeanDefinitionParserTests {
UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS");
UserDetails ben = uds.loadUserByUsername("ben");
assertTrue(AuthorityUtils.authorityArrayToSet(ben.getAuthorities()).contains("PREFIX_DEVELOPERS"));
assertTrue(AuthorityUtils.authorityListToSet(ben.getAuthorities()).contains("PREFIX_DEVELOPERS"));
uds = (UserDetailsService) appCtx.getBean("ldapUDSNoPrefix");
ben = uds.loadUserByUsername("ben");
assertTrue(AuthorityUtils.authorityArrayToSet(ben.getAuthorities()).contains("DEVELOPERS"));
assertTrue(AuthorityUtils.authorityListToSet(ben.getAuthorities()).contains("DEVELOPERS"));
}
@ -87,7 +87,7 @@ public class LdapUserServiceBeanDefinitionParserTests {
UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS");
UserDetails ben = uds.loadUserByUsername("ben");
Set authorities = AuthorityUtils.authorityArrayToSet(ben.getAuthorities());
Set authorities = AuthorityUtils.authorityListToSet(ben.getAuthorities());
assertEquals(3, authorities.size());
assertTrue(authorities.contains(new GrantedAuthorityImpl("ROLE_DEVELOPER")));

3
core/src/test/java/org/springframework/security/ldap/SpringSecurityAuthenticationSourceTests.java
View File

@ -36,8 +36,7 @@ public class SpringSecurityAuthenticationSourceTests {
AuthenticationSource source = new SpringSecurityAuthenticationSource();
SecurityContextHolder.getContext().setAuthentication(
new AnonymousAuthenticationToken("key", "anonUser",
AuthorityUtils.commaSeparatedStringToAuthorityArray("ignored")));
new AnonymousAuthenticationToken("key", "anonUser", AuthorityUtils.createAuthorityList("ignored")));
assertEquals("", source.getPrincipal());
}

2
core/src/test/java/org/springframework/security/userdetails/ldap/LdapUserDetailsServiceTests.java
View File

@ -44,7 +44,7 @@ public class LdapUserDetailsServiceTests {
UserDetails user = service.loadUserByUsername("doesntmatterwegetjoeanyway");
Set authorities = AuthorityUtils.authorityArrayToSet(user.getAuthorities());
Set authorities = AuthorityUtils.authorityListToSet(user.getAuthorities());
assertEquals(1, authorities.size());
assertTrue(authorities.contains("ROLE_FROM_POPULATOR"));
}

43
core/src/test/java/org/springframework/security/userdetails/memory/UserAttributeEditorTests.java
View File

@ -28,25 +28,6 @@ import org.springframework.security.userdetails.memory.UserAttributeEditor;
* @version $Id$
*/
public class UserAttributeEditorTests extends TestCase {
//~ Constructors ===================================================================================================
public UserAttributeEditorTests() {
super();
}
public UserAttributeEditorTests(String arg0) {
super(arg0);
}
//~ Methods ========================================================================================================
public static void main(String[] args) {
junit.textui.TestRunner.run(UserAttributeEditorTests.class);
}
public final void setUp() throws Exception {
super.setUp();
}
public void testCorrectOperationWithTrailingSpaces() {
UserAttributeEditor editor = new UserAttributeEditor();
@ -54,9 +35,9 @@ public class UserAttributeEditorTests extends TestCase {
UserAttribute user = (UserAttribute) editor.getValue();
assertEquals("password", user.getPassword());
assertEquals(2, user.getAuthorities().length);
assertEquals("ROLE_ONE", user.getAuthorities()[0].getAuthority());
assertEquals("ROLE_TWO", user.getAuthorities()[1].getAuthority());
assertEquals(2, user.getAuthorities().size());
assertEquals("ROLE_ONE", user.getAuthorities().get(0).getAuthority());
assertEquals("ROLE_TWO", user.getAuthorities().get(1).getAuthority());
}
public void testCorrectOperationWithoutEnabledDisabledKeyword() {
@ -67,9 +48,9 @@ public class UserAttributeEditorTests extends TestCase {
assertTrue(user.isValid());
assertTrue(user.isEnabled()); // default
assertEquals("password", user.getPassword());
assertEquals(2, user.getAuthorities().length);
assertEquals("ROLE_ONE", user.getAuthorities()[0].getAuthority());
assertEquals("ROLE_TWO", user.getAuthorities()[1].getAuthority());
assertEquals(2, user.getAuthorities().size());
assertEquals("ROLE_ONE", user.getAuthorities().get(0).getAuthority());
assertEquals("ROLE_TWO", user.getAuthorities().get(1).getAuthority());
}
public void testDisabledKeyword() {
@ -80,9 +61,9 @@ public class UserAttributeEditorTests extends TestCase {
assertTrue(user.isValid());
assertTrue(!user.isEnabled());
assertEquals("password", user.getPassword());
assertEquals(2, user.getAuthorities().length);
assertEquals("ROLE_ONE", user.getAuthorities()[0].getAuthority());
assertEquals("ROLE_TWO", user.getAuthorities()[1].getAuthority());
assertEquals(2, user.getAuthorities().size());
assertEquals("ROLE_ONE", user.getAuthorities().get(0).getAuthority());
assertEquals("ROLE_TWO", user.getAuthorities().get(1).getAuthority());
}
public void testEmptyStringReturnsNull() {
@ -101,9 +82,9 @@ public class UserAttributeEditorTests extends TestCase {
assertTrue(user.isValid());
assertTrue(user.isEnabled());
assertEquals("password", user.getPassword());
assertEquals(2, user.getAuthorities().length);
assertEquals("ROLE_ONE", user.getAuthorities()[0].getAuthority());
assertEquals("ROLE_TWO", user.getAuthorities()[1].getAuthority());
assertEquals(2, user.getAuthorities().size());
assertEquals("ROLE_ONE", user.getAuthorities().get(0).getAuthority());
assertEquals("ROLE_TWO", user.getAuthorities().get(1).getAuthority());
}
public void testMalformedStringReturnsNull() {

25
core/src/test/java/org/springframework/security/util/AuthorityUtilsTests.java
View File

@ -1,18 +1,17 @@
package org.springframework.security.util;
import static org.junit.Assert.*;
import java.util.List;
import java.util.Set;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.junit.After;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import org.junit.Before;
import org.junit.Test;
import java.util.Arrays;
import java.util.Set;
/**
* @author Luke Taylor
* @version $Id$
@ -48,10 +47,10 @@ public class AuthorityUtilsTests {
@Test
public void commaSeparatedStringIsParsedCorrectly() {
GrantedAuthority[] authorityArray =
AuthorityUtils.commaSeparatedStringToAuthorityArray(" ROLE_A, B, C, ROLE_D, E ");
List<GrantedAuthority> authorityArray =
AuthorityUtils.commaSeparatedStringToAuthorityList(" ROLE_A, B, C, ROLE_D, E ");
Set authorities = AuthorityUtils.authorityArrayToSet(Arrays.asList(authorityArray));
Set<String> authorities = AuthorityUtils.authorityListToSet(authorityArray);
assertTrue(authorities.contains("B"));
assertTrue(authorities.contains("C"));
@ -59,6 +58,4 @@ public class AuthorityUtilsTests {
assertTrue(authorities.contains("ROLE_A"));
assertTrue(authorities.contains("ROLE_D"));
}
}