Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Tidying up and removing compiler warnings.

This commit is contained in:
Luke Taylor 2008-12-21 16:36:16 +00:00
parent 6003291a68
commit 4a41416c9b
25 changed files with 173 additions and 224 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
acl/src/main/java/org/springframework/security/acls/domain/AclImpl.java
View File

@ -16,8 +16,6 @@ package org.springframework.security.acls.domain;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import org.springframework.security.acls.AccessControlEntry;
@ -329,17 +327,16 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
sb.append("objectIdentity: ").append(this.objectIdentity).append("; ");
sb.append("owner: ").append(this.owner).append("; ");
Iterator iterator = this.aces.iterator();
int count = 0;
while (iterator.hasNext()) {
for (AccessControlEntry ace : aces) {
count++;
if (count == 1) {
sb.append("\r\n");
}
sb.append(iterator.next().toString()).append("\r\n");
sb.append(ace).append("\r\n");
}
if (count == 0) {

29
acl/src/main/java/org/springframework/security/acls/jdbc/JdbcAclService.java
View File

@ -14,30 +14,25 @@
*/
package org.springframework.security.acls.jdbc;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import javax.sql.DataSource;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.RowMapper;
import org.springframework.security.acls.Acl;
import org.springframework.security.acls.AclService;
import org.springframework.security.acls.NotFoundException;
import org.springframework.security.acls.objectidentity.ObjectIdentity;
import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
import org.springframework.security.acls.sid.Sid;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.RowMapper;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import javax.sql.DataSource;
/**

6
acl/src/main/java/org/springframework/security/acls/jdbc/JdbcMutableAclService.java
View File

@ -82,8 +82,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
//~ Methods ========================================================================================================
public MutableAcl createAcl(ObjectIdentity objectIdentity)
throws AlreadyExistsException {
public MutableAcl createAcl(ObjectIdentity objectIdentity) throws AlreadyExistsException {
Assert.notNull(objectIdentity, "Object Identity required");
// Check this object identity hasn't already been persisted
@ -217,8 +216,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
return null;
}
public void deleteAcl(ObjectIdentity objectIdentity, boolean deleteChildren)
throws ChildrenExistException {
public void deleteAcl(ObjectIdentity objectIdentity, boolean deleteChildren) throws ChildrenExistException {
Assert.notNull(objectIdentity, "Object Identity required");
Assert.notNull(objectIdentity.getIdentifier(), "Object Identity doesn't provide an identifier");

92
acl/src/main/resources/org/springframework/security/acls/jdbc/applicationContext-test.xml
View File

@ -10,60 +10,58 @@
-->
<beans>
<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="dataSource"/>
</bean>
<bean id="databaseSeeder" class="org.springframework.security.acls.jdbc.DatabaseSeeder">
<constructor-arg ref="dataSource"/>
<constructor-arg value="classpath:org/springframework/security/acls/jdbc/testData.sql"/>
</bean>
<bean id="aclCache" class="org.springframework.security.acls.jdbc.EhCacheBasedAclCache">
<constructor-arg>
<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager">
<bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
</property>
<property name="cacheName" value="aclCache"/>
</bean>
</constructor-arg>
</bean>
<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="dataSource"/>
</bean>
<bean id="lookupStrategy" class="org.springframework.security.acls.jdbc.BasicLookupStrategy">
<constructor-arg ref="dataSource"/>
<constructor-arg ref="aclCache"/>
<constructor-arg ref="aclAuthorizationStrategy"/>
<constructor-arg>
<bean class="org.springframework.security.acls.domain.ConsoleAuditLogger"/>
</constructor-arg>
</bean>
<bean id="aclCache" class="org.springframework.security.acls.jdbc.EhCacheBasedAclCache">
<constructor-arg>
<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager">
<bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
</property>
<property name="cacheName" value="aclCache"/>
</bean>
</constructor-arg>
</bean>
<bean id="aclAuthorizationStrategy" class="org.springframework.security.acls.domain.AclAuthorizationStrategyImpl">
<constructor-arg>
<list>
<bean class="org.springframework.security.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
<bean class="org.springframework.security.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
<bean class="org.springframework.security.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
</list>
</constructor-arg>
</bean>
<bean id="lookupStrategy" class="org.springframework.security.acls.jdbc.BasicLookupStrategy">
<constructor-arg ref="dataSource"/>
<constructor-arg ref="aclCache"/>
<constructor-arg ref="aclAuthorizationStrategy"/>
<constructor-arg>
<bean class="org.springframework.security.acls.domain.ConsoleAuditLogger"/>
</constructor-arg>
</bean>
<bean id="aclAuthorizationStrategy" class="org.springframework.security.acls.domain.AclAuthorizationStrategyImpl">
<constructor-arg>
<list>
<bean class="org.springframework.security.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
<bean class="org.springframework.security.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
<bean class="org.springframework.security.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
</list>
</constructor-arg>
</bean>
<bean id="aclService" class="org.springframework.security.acls.jdbc.JdbcMutableAclService">
<constructor-arg ref="dataSource"/>
<constructor-arg ref="lookupStrategy"/>
<constructor-arg ref="aclCache"/>
</bean>
<bean id="aclService" class="org.springframework.security.acls.jdbc.JdbcMutableAclService">
<constructor-arg ref="dataSource"/>
<constructor-arg ref="lookupStrategy"/>
<constructor-arg ref="aclCache"/>
</bean>
<bean id="dataSource" class="org.springframework.security.TestDataSource">
<constructor-arg value="acltest" />
</bean>
<bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource" ref="dataSource"/>
</bean>
</beans>

2
acl/src/main/resources/org/springframework/security/acls/jdbc/testData.sql
View File

@ -17,7 +17,7 @@ ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 100) NOT NULL PRIMARY KEY,
CLASS VARCHAR_IGNORECASE(100) NOT NULL,
CONSTRAINT UNIQUE_UK_2 UNIQUE(CLASS));
INSERT INTO ACL_CLASS VALUES (1, 'sample.contact.Contact');
--INSERT INTO ACL_CLASS VALUES (1, 'sample.contact.Contact');
CREATE TABLE ACL_OBJECT_IDENTITY(
ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 100) NOT NULL PRIMARY KEY,

6
acl/src/test/java/org/springframework/security/acls/domain/AccessControlImplEntryTests.java
View File

@ -28,7 +28,7 @@ public class AccessControlImplEntryTests {
public void testConstructorRequiredFields() {
// Check Acl field is present
try {
AccessControlEntry ace = new AccessControlEntryImpl(null, null, new PrincipalSid("johndoe"),
new AccessControlEntryImpl(null, null, new PrincipalSid("johndoe"),
BasePermission.ADMINISTRATION, true, true, true);
fail("It should have thrown IllegalArgumentException");
}
@ -37,7 +37,7 @@ public class AccessControlImplEntryTests {
// Check Sid field is present
try {
AccessControlEntry ace = new AccessControlEntryImpl(null, jmock.mock(Acl.class), null,
new AccessControlEntryImpl(null, jmock.mock(Acl.class), null,
BasePermission.ADMINISTRATION, true, true, true);
fail("It should have thrown IllegalArgumentException");
}
@ -46,7 +46,7 @@ public class AccessControlImplEntryTests {
// Check Permission field is present
try {
AccessControlEntry ace = new AccessControlEntryImpl(null, jmock.mock(Acl.class), new PrincipalSid("johndoe"), null,
new AccessControlEntryImpl(null, jmock.mock(Acl.class), new PrincipalSid("johndoe"), null,
true, true, true);
fail("It should have thrown IllegalArgumentException");
}

2
cas/src/test/java/org/springframework/security/providers/cas/CasAuthenticationProviderTests.java
View File

@ -167,7 +167,7 @@ public class CasAuthenticationProviderTests {
UsernamePasswordAuthenticationToken token =
new UsernamePasswordAuthenticationToken(CasProcessingFilter.CAS_STATEFUL_IDENTIFIER, "");
Authentication result = cap.authenticate(token);
cap.authenticate(token);
}
@Test(expected = BadCredentialsException.class)

2
core/src/main/java/org/springframework/security/GrantedAuthority.java
View File

@ -34,7 +34,7 @@ import org.springframework.security.userdetails.UserDetails;
* @author Ben Alex
* @version $Id$
*/
public interface GrantedAuthority extends Serializable, Comparable {
public interface GrantedAuthority extends Serializable, Comparable<GrantedAuthority> {
//~ Methods ========================================================================================================
/**

14
core/src/main/java/org/springframework/security/GrantedAuthorityImpl.java
View File

@ -22,11 +22,11 @@ import org.springframework.util.Assert;
/**
* Basic concrete implementation of a {@link GrantedAuthority}.
*
*
* <p>
* Stores a <code>String</code> representation of an authority granted to the {@link Authentication} object.
* <p>
* If compared to a custom authority which returns null from {@link #getAuthority}, the <tt>compareTo</tt>
* If compared to a custom authority which returns null from {@link #getAuthority}, the <tt>compareTo</tt>
* method will return -1, so the custom authority will take precedence.
*
* @author Ben Alex
@ -73,14 +73,14 @@ public class GrantedAuthorityImpl implements GrantedAuthority, Serializable {
return this.role;
}
public int compareTo(Object o) {
if (o != null && o instanceof GrantedAuthority) {
String rhsRole = ((GrantedAuthority) o).getAuthority();
public int compareTo(GrantedAuthority ga) {
if (ga != null) {
String rhsRole = ga.getAuthority();
if (rhsRole == null) {
return -1;
}
return role.compareTo(rhsRole);
}
return -1;

9
core/src/main/java/org/springframework/security/vote/AffirmativeBased.java
View File

@ -15,13 +15,12 @@
package org.springframework.security.vote;
import java.util.List;
import org.springframework.security.AccessDeniedException;
import org.springframework.security.Authentication;
import org.springframework.security.ConfigAttribute;
import java.util.Iterator;
import java.util.List;
/**
* Simple concrete implementation of {@link org.springframework.security.AccessDecisionManager} that grants access if any
@ -44,11 +43,9 @@ public class AffirmativeBased extends AbstractAccessDecisionManager {
*/
public void decide(Authentication authentication, Object object, List<ConfigAttribute> configAttributes)
throws AccessDeniedException {
Iterator iter = this.getDecisionVoters().iterator();
int deny = 0;
while (iter.hasNext()) {
AccessDecisionVoter voter = (AccessDecisionVoter) iter.next();
for (AccessDecisionVoter voter : getDecisionVoters()) {
int result = voter.vote(authentication, object, configAttributes);
switch (result) {

6
core/src/main/java/org/springframework/security/vote/AuthenticatedVoter.java
View File

@ -15,16 +15,14 @@
package org.springframework.security.vote;
import java.util.List;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationTrustResolver;
import org.springframework.security.AuthenticationTrustResolverImpl;
import org.springframework.security.ConfigAttribute;
import org.springframework.util.Assert;
import java.util.Iterator;
import java.util.List;
/**
* Votes if a {@link ConfigAttribute#getAttribute()} of <code>IS_AUTHENTICATED_FULLY</code> or

39
core/src/main/java/org/springframework/security/vote/LabelBasedAclVoter.java
View File

@ -14,21 +14,17 @@
*/
package org.springframework.security.vote;
import org.springframework.security.Authentication;
import org.springframework.security.ConfigAttribute;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.aopalliance.intercept.MethodInvocation;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.Authentication;
import org.springframework.security.ConfigAttribute;
import org.springframework.util.Assert;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import java.util.Map;
/**
* <p>This Acl voter will evaluate methods based on labels applied to incoming arguments. It will only check
@ -57,7 +53,7 @@ public class LabelBasedAclVoter extends AbstractAclVoter {
//~ Instance fields ================================================================================================
private Map labelMap = null;
private Map<String, List<String>> labelMap = null;
private String attributeIndicatingLabeledOperation = null;
private boolean allowAccessIfNoAttributesAreLabeled = true;
@ -136,7 +132,7 @@ public class LabelBasedAclVoter extends AbstractAclVoter {
* @param labelMap a map structured as in the above example.
*
*/
public void setLabelMap(Map labelMap) {
public void setLabelMap(Map<String, List<String>> labelMap) {
this.labelMap = labelMap;
}
@ -144,10 +140,6 @@ public class LabelBasedAclVoter extends AbstractAclVoter {
* This acl voter will only evaluate labeled methods if they are marked in the security interceptor's
* configuration with the attribute stored in attributeIndicatingLabeledOperation.
*
* @param attribute DOCUMENT ME!
*
* @return DOCUMENT ME!
*
* @see org.springframework.security.vote.AbstractAclVoter
* @see org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor
*/
@ -166,8 +158,7 @@ public class LabelBasedAclVoter extends AbstractAclVoter {
}
/**
* Vote on whether or not the user has all the labels necessary to match the method argument's labeled
* data.
* Vote on whether or not the user has all the labels necessary to match the method argument's labeled data.
*
* @return ACCESS_ABSTAIN, ACCESS_GRANTED, or ACCESS_DENIED.
*/
@ -178,13 +169,13 @@ public class LabelBasedAclVoter extends AbstractAclVoter {
logger.debug("==========================================================");
}
if (this.supports((ConfigAttribute) attributes.iterator().next())) {
if (this.supports(attributes.iterator().next())) {
result = ACCESS_DENIED;
/* Parse out the user's labels by examining the security context, and checking
* for matches against the label map.
*/
List userLabels = new Vector();
List<String> userLabels = new ArrayList<String>();
for (int i = 0; i < authentication.getAuthorities().size(); i++) {
String userLabel = authentication.getAuthorities().get(i).getAuthority();
@ -211,19 +202,15 @@ public class LabelBasedAclVoter extends AbstractAclVoter {
logger.debug("Argument[" + j + "/" + invocation.getArguments()[j].getClass().getName()
+ "] has a data label of " + argumentDataLabel);
List validDataLabels = new Vector();
List<String> validDataLabels = new ArrayList<String>();
for (int i = 0; i < userLabels.size(); i++) {
validDataLabels.addAll((List) labelMap.get(userLabels.get(i)));
validDataLabels.addAll(labelMap.get(userLabels.get(i)));
}
logger.debug("The valid labels for user label " + userLabels + " are " + validDataLabels);
Iterator dataLabelIter = validDataLabels.iterator();
while (dataLabelIter.hasNext()) {
String validDataLabel = (String) dataLabelIter.next();
for (String validDataLabel : validDataLabels) {
if (argumentDataLabel.equals(validDataLabel)) {
logger.debug(userLabels + " maps to " + validDataLabel + " which matches the argument");
matched = true;

1
core/src/main/java/org/springframework/security/vote/RoleVoter.java
View File

@ -15,7 +15,6 @@
package org.springframework.security.vote;
import java.util.Iterator;
import java.util.List;
import org.springframework.security.Authentication;

14
core/src/main/resources/org/springframework/security/config/spring-security.xsl
View File

@ -3,7 +3,7 @@
<!--
XSL to manipulate trang's output XSD file. Contributed by Brian Ewins.
$Id$
$Id$
-->
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:xs="http://www.w3.org/2001/XMLSchema" version="1.0">
@ -20,19 +20,19 @@
<xsl:for-each select="/xs:schema/xs:element[@name=substring-after(current()/@ref, ':')]">
<xsl:copy>
<xsl:apply-templates select="$node/@*[local-name() != 'ref']"/>
<xsl:apply-templates select="@*|*"/>
<xsl:apply-templates select="@*|*"/>
</xsl:copy>
</xsl:for-each>
</xsl:for-each>
</xsl:when>
<!-- Ignore global elements which have been inlined -->
<xsl:when test="contains($elts-to-inline, concat(',',@name,','))">
</xsl:when>
<xsl:otherwise>
<xsl:copy>
<xsl:apply-templates select="@*|*"/>
</xsl:copy>
</xsl:otherwise>
</xsl:otherwise>
</xsl:choose>
</xsl:template>
@ -42,5 +42,5 @@
<xsl:apply-templates select="text()|@*|*"/>
</xsl:copy>
</xsl:template>
</xsl:stylesheet>
</xsl:stylesheet>

18
core/src/test/java/org/springframework/security/GrantedAuthorityImplTests.java
View File

@ -27,7 +27,7 @@ import org.junit.Test;
* @version $Id$
*/
public class GrantedAuthorityImplTests {
@Test
public void equalsBehavesAsExpected() throws Exception {
GrantedAuthorityImpl auth1 = new GrantedAuthorityImpl("TEST");
@ -62,32 +62,32 @@ public class GrantedAuthorityImplTests {
@Test
public void compareToGrantedAuthorityWithSameValueReturns0() {
assertEquals(0, new GrantedAuthorityImpl("TEST").compareTo(new MockGrantedAuthority("TEST")));
}
}
@Test
public void compareToNullReturnsNegativeOne() {
assertEquals(-1, new GrantedAuthorityImpl("TEST").compareTo(null));
}
}
/* SEC-899 */
@Test
public void compareToHandlesCustomAuthorityWhichReturnsNullFromGetAuthority() {
assertEquals(-1, new GrantedAuthorityImpl("TEST").compareTo(new MockGrantedAuthority()));
}
}
//~ Inner Classes ==================================================================================================
private class MockGrantedAuthority implements GrantedAuthority {
private String role;
public MockGrantedAuthority() {
}
}
public MockGrantedAuthority(String role) {
this.role = role;
}
public int compareTo(Object o) {
public int compareTo(GrantedAuthority o) {
throw new UnsupportedOperationException();
}

40
core/src/test/java/org/springframework/security/vote/LabelBasedAclVoterTests.java
View File

@ -15,34 +15,37 @@
package org.springframework.security.vote;
import org.springframework.security.AccessDeniedException;
import org.springframework.security.AuthenticationManager;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.test.AbstractDependencyInjectionSpringContextTests;
import static org.junit.Assert.*;
import java.util.List;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.AccessDeniedException;
import org.springframework.security.AuthenticationManager;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
/**
*
*
* @author Greg Turnquist
* @version $Id$
*/
public class LabelBasedAclVoterTests extends AbstractDependencyInjectionSpringContextTests {
@ContextConfiguration(locations={"/org/springframework/security/vote/labelBasedSecurityApplicationContext.xml"})
@RunWith(SpringJUnit4ClassRunner.class)
public class LabelBasedAclVoterTests {
//~ Instance fields ================================================================================================
@Autowired
private SampleService sampleService = null;
//~ Methods ========================================================================================================
@Autowired
private AuthenticationManager authenticationManager;
protected String[] getConfigLocations() {
return new String[] {"org/springframework/security/vote/labelBasedSecurityApplicationContext.xml"};
}
//~ Methods ========================================================================================================
public SampleService getSampleService() {
return sampleService;
@ -54,11 +57,10 @@ public class LabelBasedAclVoterTests extends AbstractDependencyInjectionSpringCo
private void setupContext(String username, String password) {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
AuthenticationManager authenticationManager = (AuthenticationManager) applicationContext.getBean(
"authenticationManager");
SecurityContextHolder.getContext().setAuthentication(authenticationManager.authenticate(token));
}
@Test
public void testDoingSomethingForBlueUser() {
setupContext("blueuser", "password");
@ -98,6 +100,7 @@ public class LabelBasedAclVoterTests extends AbstractDependencyInjectionSpringCo
sampleService.doSomethingOnThis(block3, block3);
}
@Test
public void testDoingSomethingForMultiUser() {
setupContext("multiuser", "password4");
@ -115,6 +118,7 @@ public class LabelBasedAclVoterTests extends AbstractDependencyInjectionSpringCo
sampleService.doSomethingOnThis(block3, block3);
}
@Test
public void testDoingSomethingForOrangeUser() {
setupContext("orangeuser", "password3");
@ -154,6 +158,7 @@ public class LabelBasedAclVoterTests extends AbstractDependencyInjectionSpringCo
sampleService.doSomethingOnThis(block3, block3);
}
@Test
public void testDoingSomethingForSuperUser() {
setupContext("superuser", "password2");
@ -171,6 +176,7 @@ public class LabelBasedAclVoterTests extends AbstractDependencyInjectionSpringCo
sampleService.doSomethingOnThis(block3, block3);
}
@Test
public void testSampleBlockOfDataPOJO() {
SampleBlockOfData block = new SampleBlockOfData();
block.setId("ID-ABC");

2
itest/context/src/main/java/org/springframework/security/integration/UserDetailsServiceImpl.java
View File

@ -5,7 +5,7 @@ import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.transaction.annotation.Transactional;
public class UserDetailsServiceImpl implements UserDetailsService{
public class UserDetailsServiceImpl implements UserDetailsService {
private UserRepository userRepository;

8
itest/context/src/test/java/org/springframework/security/performance/FilterChainPerformanceTests.java
View File

@ -1,11 +1,8 @@
package org.springframework.security.performance;
import static org.junit.Assert.*;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpSession;
import org.junit.After;
@ -19,7 +16,6 @@ import org.springframework.mock.web.MockFilterChain;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.mock.web.MockHttpSession;
import org.springframework.security.Authentication;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.context.HttpSessionSecurityContextRepository;
@ -30,8 +26,6 @@ import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.util.StopWatch;
import edu.emory.mathcs.backport.java.util.Arrays;
/**
*
* @author Luke Taylor

30
samples/contacts/src/main/java/sample/contact/AddPermissionController.java
View File

@ -14,31 +14,25 @@
*/
package sample.contact;
import org.springframework.security.acls.Permission;
import org.springframework.security.acls.domain.BasePermission;
import org.springframework.security.acls.sid.PrincipalSid;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.dao.DataAccessException;
import org.springframework.util.Assert;
import org.springframework.validation.BindException;
import org.springframework.web.bind.ServletRequestUtils;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.SimpleFormController;
import org.springframework.web.servlet.view.RedirectView;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.dao.DataAccessException;
import org.springframework.security.acls.Permission;
import org.springframework.security.acls.domain.BasePermission;
import org.springframework.security.acls.sid.PrincipalSid;
import org.springframework.util.Assert;
import org.springframework.validation.BindException;
import org.springframework.web.bind.ServletRequestUtils;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.SimpleFormController;
import org.springframework.web.servlet.view.RedirectView;
/**
* Controller for adding an ACL permission.

24
samples/contacts/src/main/java/sample/contact/AdminPermissionController.java
View File

@ -14,20 +14,7 @@
*/
package sample.contact;
import org.springframework.security.acls.Acl;
import org.springframework.security.acls.AclService;
import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
import org.springframework.web.bind.ServletRequestUtils;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.Controller;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
@ -35,6 +22,15 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.acls.Acl;
import org.springframework.security.acls.AclService;
import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
import org.springframework.util.Assert;
import org.springframework.web.bind.ServletRequestUtils;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.Controller;
/**
* Controller for "administer" index page.
@ -62,7 +58,7 @@ public class AdminPermissionController implements Controller, InitializingBean {
Contact contact = contactManager.getById(new Long(id));
Acl acl = aclService.readAclById(new ObjectIdentityImpl(contact));
Map model = new HashMap();
Map<String, Object> model = new HashMap<String, Object>(2);
model.put("contact", contact);
model.put("acl", acl);

26
samples/contacts/src/main/java/sample/contact/DataSourcePopulator.java
View File

@ -14,10 +14,13 @@
*/
package sample.contact;
import org.springframework.security.Authentication;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import java.util.Random;
import javax.sql.DataSource;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.security.Authentication;
import org.springframework.security.acls.MutableAcl;
import org.springframework.security.acls.MutableAclService;
import org.springframework.security.acls.Permission;
@ -26,26 +29,15 @@ import org.springframework.security.acls.domain.BasePermission;
import org.springframework.security.acls.objectidentity.ObjectIdentity;
import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
import org.springframework.security.acls.sid.PrincipalSid;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.security.util.AuthorityUtils;
import org.springframework.transaction.PlatformTransactionManager;
import org.springframework.transaction.TransactionStatus;
import org.springframework.transaction.support.TransactionCallback;
import org.springframework.transaction.support.TransactionTemplate;
import org.springframework.util.Assert;
import java.util.Random;
import javax.sql.DataSource;
/**
* Populates the Contacts in-memory database with contact and ACL information.
@ -81,7 +73,7 @@ public class DataSourcePopulator implements InitializingBean {
// Set a user account that will initially own all the created data
Authentication authRequest = new UsernamePasswordAuthenticationToken("rod", "koala",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_IGNORED")});
AuthorityUtils.createAuthorityList("ROLE_IGNORED"));
SecurityContextHolder.getContext().setAuthentication(authRequest);
template.execute(
@ -173,7 +165,7 @@ public class DataSourcePopulator implements InitializingBean {
final ObjectIdentity objectIdentity = new ObjectIdentityImpl(Contact.class, new Long(i));
tt.execute(new TransactionCallback() {
public Object doInTransaction(TransactionStatus arg0) {
MutableAcl acl = mutableAclService.createAcl(objectIdentity);
mutableAclService.createAcl(objectIdentity);
return null;
}

8
samples/tutorial/src/main/java/bigbank/BankDaoStub.java
View File

@ -5,8 +5,8 @@ import java.util.Map;
public class BankDaoStub implements BankDao {
private long id = 0;
private Map accounts = new HashMap();
private Map<Long, Account> accounts = new HashMap<Long, Account>();
public void createOrUpdateAccount(Account account) {
if (account.getId() == -1) {
id++;
@ -17,7 +17,7 @@ public class BankDaoStub implements BankDao {
}
public Account[] findAccounts() {
Account[] a = (Account[]) accounts.values().toArray(new Account[] {});
Account[] a = accounts.values().toArray(new Account[] {});
System.out.println("Returning " + a.length + " account(s):");
for (int i = 0; i < a.length; i++) {
System.out.println(" > " + a[i]);
@ -26,7 +26,7 @@ public class BankDaoStub implements BankDao {
}
public Account readAccount(Long id) {
return (Account) accounts.get(id);
return accounts.get(id);
}
}

9
samples/tutorial/src/main/java/bigbank/web/PostAccounts.java
View File

@ -3,7 +3,6 @@ package bigbank.web;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.AccessDeniedException;
import org.springframework.util.Assert;
import org.springframework.web.bind.ServletRequestUtils;
import org.springframework.web.servlet.ModelAndView;
@ -15,7 +14,7 @@ import bigbank.BankService;
public class PostAccounts implements Controller {
private BankService bankService;
public PostAccounts(BankService bankService) {
Assert.notNull(bankService);
this.bankService = bankService;
@ -24,15 +23,15 @@ public class PostAccounts implements Controller {
public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
// Security check (this is unnecessary if Spring Security is performing the authorization)
// if (!request.isUserInRole("ROLE_TELLER")) {
// throw new AccessDeniedException("You must be a teller to post transactions (Spring Security message)"); // only for Spring Security managed authentication
// throw new AccessDeniedException("You must be a teller to post transactions (Spring Security message)");
// }
// Actual business logic
Long id = ServletRequestUtils.getRequiredLongParameter(request, "id");
Double amount = ServletRequestUtils.getRequiredDoubleParameter(request, "amount");
Account a = bankService.readAccount(id);
bankService.post(a, amount);
return new ModelAndView("redirect:listAccounts.html");
}

2
taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagCustomGrantedAuthorityTests.java
View File

@ -79,7 +79,7 @@ public class AuthorizeTagCustomGrantedAuthorityTests extends TestCase {
private static class CustomGrantedAuthority implements GrantedAuthority {
private final String authority;
public int compareTo(Object o) {
public int compareTo(GrantedAuthority o) {
return 0;
}

1
taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagExpressionLanguageTests.java
View File

@ -16,7 +16,6 @@
package org.springframework.security.taglibs.authz;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.el.ExpressionEvaluator;
import javax.servlet.jsp.el.VariableResolver;
import javax.servlet.jsp.tagext.Tag;