Removed array of authorities constructor from TestingAuthenticationToken and RunAsUserToken.

acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java

@@ -399,8 +399,7 @@ public class AclImplTests {
 
     @Test
     public void gettersAndSettersAreConsistent() throws Exception {
-        Authentication auth = new TestingAuthenticationToken("ben", "ignored", new GrantedAuthority[] {
+        Authentication auth = new TestingAuthenticationToken("ben", "ignored", "ROLE_GENERAL");
-                new GrantedAuthorityImpl("ROLE_GENERAL") });
         auth.setAuthenticated(true);
         SecurityContextHolder.getContext().setAuthentication(auth);
         ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, (100));

acl/src/test/java/org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.java

@@ -83,16 +83,15 @@ public class AclImplementationSecurityCheckTests {
     @Test
     public void testSecurityCheckWithMultipleACEs() throws Exception {
         // Create a simple authentication with ROLE_GENERAL
-        Authentication auth = new TestingAuthenticationToken("user", "password",
+        Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL");
-                new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE_GENERAL") });
         auth.setAuthenticated(true);
         SecurityContextHolder.getContext().setAuthentication(auth);
 
         ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
         // Authorization strategy will require a different role for each access
-        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
+        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
                 new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
-                new GrantedAuthorityImpl("ROLE_GENERAL") });
+                new GrantedAuthorityImpl("ROLE_GENERAL"));
 
         // Let's give the principal the ADMINISTRATION permission, without
         // granting access
@@ -172,22 +171,21 @@ public class AclImplementationSecurityCheckTests {
     @Test
     public void testSecurityCheckWithInheritableACEs() throws Exception {
         // Create a simple authentication with ROLE_GENERAL
-        Authentication auth = new TestingAuthenticationToken("user", "password",
+        Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL");
-                new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE_GENERAL") });
         auth.setAuthenticated(true);
         SecurityContextHolder.getContext().setAuthentication(auth);
 
-        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
+        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100);
         // Authorization strategy will require a different role for each access
-        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
+        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
                 new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO"),
-                new GrantedAuthorityImpl("ROLE_GENERAL") });
+                new GrantedAuthorityImpl("ROLE_GENERAL"));
 
         // Let's give the principal an ADMINISTRATION permission, with granting
         // access
-        MutableAcl parentAcl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
+        MutableAcl parentAcl = new AclImpl(identity, 1, aclAuthorizationStrategy, new ConsoleAuditLogger());
         parentAcl.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(auth), true);
-        MutableAcl childAcl = new AclImpl(identity, new Long(2), aclAuthorizationStrategy, new ConsoleAuditLogger());
+        MutableAcl childAcl = new AclImpl(identity, 2, aclAuthorizationStrategy, new ConsoleAuditLogger());
 
         // Check against the 'child' acl, which doesn't offer any authorization
         // rights on CHANGE_OWNERSHIP
@@ -212,9 +210,9 @@ public class AclImplementationSecurityCheckTests {
         }
 
         // Create a root parent and link it to the middle parent
-        MutableAcl rootParentAcl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy,
+        MutableAcl rootParentAcl = new AclImpl(identity, 1, aclAuthorizationStrategy,
                 new ConsoleAuditLogger());
-        parentAcl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
+        parentAcl = new AclImpl(identity, 1, aclAuthorizationStrategy, new ConsoleAuditLogger());
         rootParentAcl.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(auth), true);
         parentAcl.setEntriesInheriting(true);
         parentAcl.setParent(rootParentAcl);
@@ -231,18 +229,16 @@ public class AclImplementationSecurityCheckTests {
     @SuppressWarnings("deprecation")
     @Test
     public void testSecurityCheckPrincipalOwner() throws Exception {
-        Authentication auth = new TestingAuthenticationToken("user", "password", new GrantedAuthority[] {
+        Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_ONE");
-                new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_ONE"),
-                new GrantedAuthorityImpl("ROLE_ONE") });
         auth.setAuthenticated(true);
         SecurityContextHolder.getContext().setAuthentication(auth);
 
-        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
+        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100);
-        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
+        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
                 new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
-                new GrantedAuthorityImpl("ROLE_GENERAL") });
+                new GrantedAuthorityImpl("ROLE_GENERAL"));
 
-        Acl acl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger(), null, null,
+        Acl acl = new AclImpl(identity, 1, aclAuthorizationStrategy, new ConsoleAuditLogger(), null, null,
                 false, new PrincipalSid(auth));
         try {
             aclAuthorizationStrategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_GENERAL);

acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java

@@ -2,22 +2,10 @@ package org.springframework.security.acls.jdbc;
 
 import static org.junit.Assert.*;
 
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.io.Serializable;
-import java.util.Map;
-
 import net.sf.ehcache.Cache;
 import net.sf.ehcache.CacheManager;
 import net.sf.ehcache.Ehcache;
-
+import org.junit.*;
-import org.junit.After;
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
-import org.junit.Test;
 import org.springframework.security.acls.domain.AclAuthorizationStrategy;
 import org.springframework.security.acls.domain.AclAuthorizationStrategyImpl;
 import org.springframework.security.acls.domain.AclImpl;
@@ -28,11 +16,18 @@ import org.springframework.security.acls.model.MutableAcl;
 import org.springframework.security.acls.model.ObjectIdentity;
 import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.GrantedAuthorityImpl;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.util.FieldUtils;
 
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.io.Serializable;
+import java.util.*;
+
 /**
  * Tests {@link EhCacheBasedAclCache}
  *
@@ -127,11 +122,11 @@ public class EhCacheBasedAclCacheTests {
     // SEC-527
     @Test
     public void testDiskSerializationOfMutableAclObjectInstance() throws Exception {
-        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
+        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(100));
-        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
+        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
                 new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
-                new GrantedAuthorityImpl("ROLE_GENERAL") });
+                new GrantedAuthorityImpl("ROLE_GENERAL"));
-        MutableAcl acl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
+        MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
 
         // Serialization test
         File file = File.createTempFile("SEC_TEST", ".object");
@@ -159,11 +154,11 @@ public class EhCacheBasedAclCacheTests {
         Ehcache cache = getCache();
         EhCacheBasedAclCache myCache = new EhCacheBasedAclCache(cache);
 
-        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
+        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(100));
-        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
+        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
                 new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
-                new GrantedAuthorityImpl("ROLE_GENERAL") });
+                new GrantedAuthorityImpl("ROLE_GENERAL"));
-        MutableAcl acl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
+        MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
 
         assertEquals(0, cache.getDiskStoreSize());
         myCache.putInCache(acl);
@@ -173,29 +168,29 @@ public class EhCacheBasedAclCacheTests {
         assertFalse(cache.isElementInMemory(acl.getObjectIdentity()));
 
         // Check we can get from cache the same objects we put in
-        assertEquals(myCache.getFromCache(new Long(1)), acl);
+        assertEquals(myCache.getFromCache(Long.valueOf(1)), acl);
         assertEquals(myCache.getFromCache(identity), acl);
 
         // Put another object in cache
-        ObjectIdentity identity2 = new ObjectIdentityImpl(TARGET_CLASS, new Long(101));
+        ObjectIdentity identity2 = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(101));
-        MutableAcl acl2 = new AclImpl(identity2, new Long(2), aclAuthorizationStrategy, new ConsoleAuditLogger());
+        MutableAcl acl2 = new AclImpl(identity2, Long.valueOf(2), aclAuthorizationStrategy, new ConsoleAuditLogger());
 
         myCache.putInCache(acl2);
         assertEquals(cache.getSize(), 4);
         assertEquals(4, cache.getDiskStoreSize());
 
         // Try to evict an entry that doesn't exist
-        myCache.evictFromCache(new Long(3));
+        myCache.evictFromCache(Long.valueOf(3));
-        myCache.evictFromCache(new ObjectIdentityImpl(TARGET_CLASS, new Long(102)));
+        myCache.evictFromCache(new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(102)));
         assertEquals(cache.getSize(), 4);
         assertEquals(4, cache.getDiskStoreSize());
 
-        myCache.evictFromCache(new Long(1));
+        myCache.evictFromCache(Long.valueOf(1));
         assertEquals(cache.getSize(), 2);
         assertEquals(2, cache.getDiskStoreSize());
 
         // Check the second object inserted
-        assertEquals(myCache.getFromCache(new Long(2)), acl2);
+        assertEquals(myCache.getFromCache(Long.valueOf(2)), acl2);
         assertEquals(myCache.getFromCache(identity2), acl2);
 
         myCache.evictFromCache(identity2);
@@ -208,18 +203,17 @@ public class EhCacheBasedAclCacheTests {
         Ehcache cache = getCache();
         EhCacheBasedAclCache myCache = new EhCacheBasedAclCache(cache);
 
-        Authentication auth = new TestingAuthenticationToken("user", "password", new GrantedAuthority[] {
+        Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL");
-                new GrantedAuthorityImpl("ROLE_GENERAL") });
         auth.setAuthenticated(true);
         SecurityContextHolder.getContext().setAuthentication(auth);
 
-        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(1));
+        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(1));
-        ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, new Long(2));
+        ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(2));
-        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
+        AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
                 new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
-                new GrantedAuthorityImpl("ROLE_GENERAL") });
+                new GrantedAuthorityImpl("ROLE_GENERAL"));
-        MutableAcl acl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
+        MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
-        MutableAcl parentAcl = new AclImpl(identityParent, new Long(2), aclAuthorizationStrategy, new ConsoleAuditLogger());
+        MutableAcl parentAcl = new AclImpl(identityParent, Long.valueOf(2), aclAuthorizationStrategy, new ConsoleAuditLogger());
 
         acl.setParent(parentAcl);
 
@@ -240,7 +234,7 @@ public class EhCacheBasedAclCacheTests {
         }
 
         // Check we can get from cache the same objects we put in
-        AclImpl aclFromCache = (AclImpl) myCache.getFromCache(new Long(1));
+        AclImpl aclFromCache = (AclImpl) myCache.getFromCache(Long.valueOf(1));
         // For the checks on transient fields, we need to be sure that the object is being loaded from the cache,
         // not from the ehcache spool or elsewhere...
         assertFalse(acl == aclFromCache);
@@ -250,7 +244,7 @@ public class EhCacheBasedAclCacheTests {
         assertNotNull(FieldUtils.getFieldValue(aclFromCache.getParentAcl(), "permissionGrantingStrategy"));
         assertEquals(acl, myCache.getFromCache(identity));
         assertNotNull(FieldUtils.getFieldValue(aclFromCache, "aclAuthorizationStrategy"));
-        AclImpl parentAclFromCache = (AclImpl) myCache.getFromCache(new Long(2));
+        AclImpl parentAclFromCache = (AclImpl) myCache.getFromCache(Long.valueOf(2));
         assertEquals(parentAcl, parentAclFromCache);
         assertNotNull(FieldUtils.getFieldValue(parentAclFromCache, "aclAuthorizationStrategy"));
         assertEquals(parentAcl, myCache.getFromCache(identityParent));

cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java

@@ -256,8 +256,7 @@ public class CasAuthenticationProviderTests {
         cap.setServiceProperties(makeServiceProperties());
         cap.afterPropertiesSet();
 
-        TestingAuthenticationToken token = new TestingAuthenticationToken("user", "password",
+        TestingAuthenticationToken token = new TestingAuthenticationToken("user", "password", "ROLE_A");
-                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A")});
         assertFalse(cap.supports(TestingAuthenticationToken.class));
 
         // Try it anyway

core/src/main/java/org/springframework/security/access/intercept/RunAsUserToken.java

@@ -38,12 +38,7 @@ public class RunAsUserToken extends AbstractAuthenticationToken {
 
     //~ Constructors ===================================================================================================
 
-    public RunAsUserToken(String key, Object principal, Object credentials, GrantedAuthority[] authorities,
+    public RunAsUserToken(String key, Object principal, Object credentials, Collection<? extends GrantedAuthority> authorities,
-            Class<? extends Authentication> originalAuthentication) {
-        this(key, principal, credentials, Arrays.asList(authorities), originalAuthentication);
-    }
-
-    public RunAsUserToken(String key, Object principal, Object credentials, Collection<GrantedAuthority> authorities,
             Class<? extends Authentication> originalAuthentication) {
         super(authorities);
         this.keyHash = key.hashCode();

core/src/main/java/org/springframework/security/authentication/TestingAuthenticationToken.java

@@ -49,10 +49,6 @@ public class TestingAuthenticationToken extends AbstractAuthenticationToken {
         setAuthenticated(true);
     }
 
-    public TestingAuthenticationToken(Object principal, Object credentials, GrantedAuthority[] authorities) {
-        this(principal, credentials, Arrays.asList(authorities));
-    }
-
     public TestingAuthenticationToken(Object principal, Object credentials, List<GrantedAuthority> authorities) {
         super(authorities);
         this.principal = principal;

core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java

@@ -25,6 +25,7 @@ import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
 
@@ -32,30 +33,10 @@ import org.springframework.security.core.authority.GrantedAuthorityImpl;
  * Tests {@link RunAsImplAuthenticationProvider}.
  */
 public class RunAsImplAuthenticationProviderTests extends TestCase {
-    //~ Constructors ===================================================================================================
-
-    public RunAsImplAuthenticationProviderTests() {
-        super();
-    }
-
-    public RunAsImplAuthenticationProviderTests(String arg0) {
-        super(arg0);
-    }
-
-    //~ Methods ========================================================================================================
-
-    public static void main(String[] args) {
-        junit.textui.TestRunner.run(RunAsImplAuthenticationProviderTests.class);
-    }
-
-    public final void setUp() throws Exception {
-        super.setUp();
-    }
 
     public void testAuthenticationFailDueToWrongKey() {
-        RunAsUserToken token = new RunAsUserToken("WRONG_PASSWORD", "Test", "Password",
+        RunAsUserToken token = new RunAsUserToken("wrong_key", "Test", "Password",
-                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")},
+                AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class);
-                UsernamePasswordAuthenticationToken.class);
         RunAsImplAuthenticationProvider provider = new RunAsImplAuthenticationProvider();
         provider.setKey("hello_world");
 
@@ -69,8 +50,7 @@ public class RunAsImplAuthenticationProviderTests extends TestCase {
 
     public void testAuthenticationSuccess() {
         RunAsUserToken token = new RunAsUserToken("my_password", "Test", "Password",
-                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")},
+                AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class);
-                UsernamePasswordAuthenticationToken.class);
         RunAsImplAuthenticationProvider provider = new RunAsImplAuthenticationProvider();
         provider.setKey("my_password");
 

core/src/test/java/org/springframework/security/access/intercept/RunAsUserTokenTests.java

@@ -16,12 +16,8 @@
 package org.springframework.security.access.intercept;
 
 import junit.framework.TestCase;
-
-
-import org.springframework.security.access.intercept.RunAsUserToken;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
 
 
 /**
@@ -30,30 +26,10 @@ import org.springframework.security.core.authority.GrantedAuthorityImpl;
  * @author Ben Alex
  */
 public class RunAsUserTokenTests extends TestCase {
-    //~ Constructors ===================================================================================================
-
-    public RunAsUserTokenTests() {
-        super();
-    }
-
-    public RunAsUserTokenTests(String arg0) {
-        super(arg0);
-    }
-
-    //~ Methods ========================================================================================================
-
-    public static void main(String[] args) {
-        junit.textui.TestRunner.run(RunAsUserTokenTests.class);
-    }
-
-    public final void setUp() throws Exception {
-        super.setUp();
-    }
 
     public void testAuthenticationSetting() {
         RunAsUserToken token = new RunAsUserToken("my_password", "Test", "Password",
-                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")},
+                AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class);
-                UsernamePasswordAuthenticationToken.class);
         assertTrue(token.isAuthenticated());
         token.setAuthenticated(false);
         assertTrue(!token.isAuthenticated());
@@ -61,8 +37,7 @@ public class RunAsUserTokenTests extends TestCase {
 
     public void testGetters() {
         RunAsUserToken token = new RunAsUserToken("my_password", "Test", "Password",
-                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")},
+                AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class);
-                UsernamePasswordAuthenticationToken.class);
         assertEquals("Test", token.getPrincipal());
         assertEquals("Password", token.getCredentials());
         assertEquals("my_password".hashCode(), token.getKeyHash());
@@ -82,8 +57,7 @@ public class RunAsUserTokenTests extends TestCase {
 
     public void testToString() {
         RunAsUserToken token = new RunAsUserToken("my_password", "Test", "Password",
-                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")},
+                AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class);
-                UsernamePasswordAuthenticationToken.class);
         assertTrue(token.toString().lastIndexOf("Original Class:") != -1);
     }
 }

core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java

@@ -46,7 +46,7 @@ public class ConsensusBasedTests {
         mgr.setAllowIfEqualGrantedDeniedDecisions(false);
         assertTrue(!mgr.isAllowIfEqualGrantedDeniedDecisions()); // check changed
 
-        List<ConfigAttribute> config = SecurityConfig.createList(new String[]{"ROLE_1", "DENY_FOR_SURE"});
+        List<ConfigAttribute> config = SecurityConfig.createList("ROLE_1", "DENY_FOR_SURE");
 
         mgr.decide(auth, new Object(), config);
     }
@@ -58,7 +58,7 @@ public class ConsensusBasedTests {
 
         assertTrue(mgr.isAllowIfEqualGrantedDeniedDecisions()); // check default
 
-        List<ConfigAttribute> config = SecurityConfig.createList(new String[]{"ROLE_1", "DENY_FOR_SURE"});
+        List<ConfigAttribute> config = SecurityConfig.createList("ROLE_1", "DENY_FOR_SURE");
 
         mgr.decide(auth, new Object(), config);
         assertTrue(true);
@@ -107,7 +107,7 @@ public class ConsensusBasedTests {
         TestingAuthenticationToken auth = makeTestToken();
         ConsensusBased mgr = makeDecisionManager();
 
-        mgr.decide(auth, new Object(), SecurityConfig.createList(new String[]{"ROLE_1", "ROLE_2"}));
+        mgr.decide(auth, new Object(), SecurityConfig.createList("ROLE_1", "ROLE_2"));
     }
 
     private ConsensusBased makeDecisionManager() {
@@ -125,8 +125,6 @@ public class ConsensusBasedTests {
     }
 
     private TestingAuthenticationToken makeTestToken() {
-        return new TestingAuthenticationToken("somebody", "password",
+        return new TestingAuthenticationToken("somebody", "password", "ROLE_1", "ROLE_2");
-            new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_1"), new GrantedAuthorityImpl(
-                    "ROLE_2")});
     }
 }

core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationProviderTests.java

@@ -73,8 +73,7 @@ public class AnonymousAuthenticationProviderTests extends TestCase {
         AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider();
         aap.setKey("qwerty");
 
-        TestingAuthenticationToken token = new TestingAuthenticationToken("user", "password",
+        TestingAuthenticationToken token = new TestingAuthenticationToken("user", "password", "ROLE_A");
-                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A")});
         assertFalse(aap.supports(TestingAuthenticationToken.class));
 
         // Try it anyway

taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagAttributeTests.java

@@ -44,10 +44,7 @@ public class AuthorizeTagAttributeTests extends TestCase {
     protected void setUp() throws Exception {
         super.setUp();
 
-        currentUser = new TestingAuthenticationToken("abc", "123",
+        currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR","ROLE_RESTRICTED");
-                new GrantedAuthority[] {
-                    new GrantedAuthorityImpl("ROLE_SUPERVISOR"), new GrantedAuthorityImpl("ROLE_RESTRICTED"),
-                });
 
         SecurityContextHolder.getContext().setAuthentication(currentUser);
     }

taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagCustomGrantedAuthorityTests.java

@@ -15,55 +15,56 @@
 
 package org.springframework.security.taglibs.authz;
 
-import junit.framework.TestCase;
+import static org.junit.Assert.*;
-
 
+import org.junit.*;
 import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 
-
 import javax.servlet.jsp.JspException;
 import javax.servlet.jsp.tagext.Tag;
+import java.util.*;
+
 
 
 /**
  *
  * @author Francois Beausoleil
  */
-public class AuthorizeTagCustomGrantedAuthorityTests extends TestCase {
+public class AuthorizeTagCustomGrantedAuthorityTests {
     //~ Instance fields ================================================================================================
 
     private final JspAuthorizeTag authorizeTag = new JspAuthorizeTag();
-    private TestingAuthenticationToken currentUser;
 
     //~ Methods ========================================================================================================
 
-    protected void setUp() throws Exception {
+    @Before
-        super.setUp();
+    public void setUp() {
-
+        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("abc", "123", "ROLE_TELLER"));
-        currentUser = new TestingAuthenticationToken("abc", "123",
-                new GrantedAuthority[] {new CustomGrantedAuthority("ROLE_TELLER")});
-
-        SecurityContextHolder.getContext().setAuthentication(currentUser);
     }
 
-    protected void tearDown() throws Exception {
+    @After
+    public void tearDown() {
         SecurityContextHolder.clearContext();
     }
 
-    public void testAllowsRequestWhenCustomAuthorityPresentsCorrectRole()
+    @Test
-        throws JspException {
+    public void testAllowsRequestWhenCustomAuthorityPresentsCorrectRole() throws JspException {
         authorizeTag.setIfAnyGranted("ROLE_TELLER");
         assertEquals("authorized - ROLE_TELLER in both sets", Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag());
     }
 
-    public void testRejectsRequestWhenCustomAuthorityReturnsNull()
+    @Test
-        throws JspException {
+    public void testRejectsRequestWhenCustomAuthorityReturnsNull() throws JspException {
         authorizeTag.setIfAnyGranted("ROLE_TELLER");
-        SecurityContextHolder.getContext()
+        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
-                             .setAuthentication(new TestingAuthenticationToken("abc", "123",
+        authorities.add(new GrantedAuthority() {
-                new GrantedAuthority[] {new CustomGrantedAuthority(null)}));
+                    public String getAuthority() {
+                        return null;
+                    }
+                });
+        SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("abc", "123", authorities));
 
         try {
             authorizeTag.doStartTag();
@@ -72,18 +73,4 @@ public class AuthorizeTagCustomGrantedAuthorityTests extends TestCase {
             assertTrue("expected", true);
         }
     }
-
-    //~ Inner Classes ==================================================================================================
-
-    private static class CustomGrantedAuthority implements GrantedAuthority {
-        private final String authority;
-
-        public CustomGrantedAuthority(String authority) {
-            this.authority = authority;
-        }
-
-        public String getAuthority() {
-            return authority;
-        }
-    }
 }

taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagExpressionLanguageTests.java

@@ -47,8 +47,7 @@ public class AuthorizeTagExpressionLanguageTests extends TestCase {
         };
         authorizeTag.setPageContext(pageContext);
 
-        currentUser = new TestingAuthenticationToken("abc", "123",
+        currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_TELLER");
-                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_TELLER"),});
 
         SecurityContextHolder.getContext().setAuthentication(currentUser);
     }

taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAttributeTest.java

@@ -41,10 +41,7 @@ public class AuthzImplAttributeTest extends TestCase {
     protected void setUp() throws Exception {
         super.setUp();
 
-        currentUser = new TestingAuthenticationToken("abc", "123",
+        currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR","ROLE_RESTRICTED");
-                new GrantedAuthority[] {
-                    new GrantedAuthorityImpl("ROLE_SUPERVISOR"), new GrantedAuthorityImpl("ROLE_RESTRICTED"),
-                });
 
         SecurityContextHolder.getContext().setAuthentication(currentUser);
     }

taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAuthorizeTagTest.java

@@ -37,12 +37,7 @@ public class AuthzImplAuthorizeTagTest extends TestCase {
     //~ Methods ========================================================================================================
 
     protected void setUp() throws Exception {
-        super.setUp();
+        currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR", "ROLE_TELLER");
-
-        currentUser = new TestingAuthenticationToken("abc", "123",
-                new GrantedAuthority[] {
-                    new GrantedAuthorityImpl("ROLE_SUPERVISOR"), new GrantedAuthorityImpl("ROLE_TELLER"),
-                });
 
         SecurityContextHolder.getContext().setAuthentication(currentUser);
     }

web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java

@@ -98,8 +98,7 @@ public class AnonymousAuthenticationFilterTests {
     public void testOperationWhenAuthenticationExistsInContextHolder()
         throws Exception {
         // Put an Authentication object into the SecurityContextHolder
-        Authentication originalAuth = new TestingAuthenticationToken("user", "password",
+        Authentication originalAuth = new TestingAuthenticationToken("user", "password", "ROLE_A");
-                new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A")});
         SecurityContextHolder.getContext().setAuthentication(originalAuth);
 
         // Setup our filter correctly