diff --git a/core/src/main/java/org/springframework/security/annotation/Jsr250MethodDefinitionSource.java b/core/src/main/java/org/springframework/security/annotation/Jsr250MethodSecurityMetadataSource.java similarity index 95% rename from core/src/main/java/org/springframework/security/annotation/Jsr250MethodDefinitionSource.java rename to core/src/main/java/org/springframework/security/annotation/Jsr250MethodSecurityMetadataSource.java index 5d78086a2a..0bef070f6a 100644 --- a/core/src/main/java/org/springframework/security/annotation/Jsr250MethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/annotation/Jsr250MethodSecurityMetadataSource.java @@ -27,7 +27,7 @@ import javax.annotation.security.RolesAllowed; import org.springframework.core.annotation.AnnotationUtils; import org.springframework.security.ConfigAttribute; -import org.springframework.security.intercept.method.AbstractFallbackMethodDefinitionSource; +import org.springframework.security.intercept.method.AbstractFallbackMethodSecurityMetadataSource; /** @@ -37,7 +37,7 @@ import org.springframework.security.intercept.method.AbstractFallbackMethodDefin * @version $Id$ * @since 2.0 */ -public class Jsr250MethodDefinitionSource extends AbstractFallbackMethodDefinitionSource { +public class Jsr250MethodSecurityMetadataSource extends AbstractFallbackMethodSecurityMetadataSource { protected List findAttributes(Class clazz) { return processAnnotations(clazz.getAnnotations()); diff --git a/core/src/main/java/org/springframework/security/annotation/SecuredMethodDefinitionSource.java b/core/src/main/java/org/springframework/security/annotation/SecuredMethodSecurityMetadataSource.java similarity index 93% rename from core/src/main/java/org/springframework/security/annotation/SecuredMethodDefinitionSource.java rename to core/src/main/java/org/springframework/security/annotation/SecuredMethodSecurityMetadataSource.java index a9792bdec3..db493aa352 100644 --- a/core/src/main/java/org/springframework/security/annotation/SecuredMethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/annotation/SecuredMethodSecurityMetadataSource.java @@ -24,7 +24,7 @@ import java.util.List; import org.springframework.core.annotation.AnnotationUtils; import org.springframework.security.ConfigAttribute; import org.springframework.security.SecurityConfig; -import org.springframework.security.intercept.method.AbstractFallbackMethodDefinitionSource; +import org.springframework.security.intercept.method.AbstractFallbackMethodSecurityMetadataSource; /** @@ -33,7 +33,7 @@ import org.springframework.security.intercept.method.AbstractFallbackMethodDefin * @author Ben Alex * @version $Id$ */ -public class SecuredMethodDefinitionSource extends AbstractFallbackMethodDefinitionSource { +public class SecuredMethodSecurityMetadataSource extends AbstractFallbackMethodSecurityMetadataSource { protected List findAttributes(Class clazz) { return processAnnotation(clazz.getAnnotation(Secured.class)); diff --git a/core/src/main/java/org/springframework/security/config/BeanIds.java b/core/src/main/java/org/springframework/security/config/BeanIds.java index 1ff6b92aad..cea5494121 100644 --- a/core/src/main/java/org/springframework/security/config/BeanIds.java +++ b/core/src/main/java/org/springframework/security/config/BeanIds.java @@ -55,13 +55,10 @@ public abstract class BeanIds { public static final String DEFAULT_LOGIN_PAGE_GENERATING_FILTER = "_defaultLoginPageFilter"; public static final String SECURITY_CONTEXT_HOLDER_AWARE_REQUEST_FILTER = "_securityContextHolderAwareRequestFilter"; public static final String SESSION_FIXATION_PROTECTION_FILTER = "_sessionFixationProtectionFilter"; -// public static final String GLOBAL_METHOD_SECURITY_INTERCEPTOR = "_methodSecurityInterceptor"; -// public static final String METHOD_SECURITY_INTERCEPTOR_POST_PROCESSOR = "_methodSecurityInterceptorPostProcessor"; - public static final String METHOD_DEFINITION_SOURCE_ADVISOR = "_methodDefinitionSourceAdvisor"; + public static final String METHOD_SECURITY_METADATA_SOURCE_ADVISOR = "_methodSecurityMetadataSourceAdvisor"; public static final String PROTECT_POINTCUT_POST_PROCESSOR = "_protectPointcutPostProcessor"; -// public static final String DELEGATING_METHOD_DEFINITION_SOURCE = "_delegatingMethodDefinitionSource"; - public static final String SECURED_METHOD_DEFINITION_SOURCE = "_securedMethodDefinitionSource"; - public static final String JSR_250_METHOD_DEFINITION_SOURCE = "_jsr250MethodDefinitionSource"; + public static final String SECURED_METHOD_SECURITY_METADATA_SOURCE = "_securedSecurityMetadataSource"; + public static final String JSR_250_METHOD_SECURITY_METADATA_SOURCE = "_jsr250SecurityMetadataSource"; public static final String EMBEDDED_APACHE_DS = "_apacheDirectoryServerContainer"; public static final String CONTEXT_SOURCE = "_securityContextSource"; public static final String PORT_MAPPER = "_portMapper"; diff --git a/core/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java b/core/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java index cbfe31ef21..25050f94f8 100644 --- a/core/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java +++ b/core/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java @@ -19,7 +19,7 @@ import org.springframework.core.Ordered; import org.springframework.security.ConfigAttribute; import org.springframework.security.config.ConfigUtils.FilterChainList; import org.springframework.security.context.SecurityContextPersistenceFilter; -import org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource; +import org.springframework.security.intercept.web.DefaultFilterInvocationSecurityMetadataSource; import org.springframework.security.intercept.web.FilterSecurityInterceptor; import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken; import org.springframework.security.providers.anonymous.AnonymousProcessingFilter; @@ -147,8 +147,8 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac FilterSecurityInterceptor fsi = ((FilterSecurityInterceptor)beanFactory.getBean(BeanIds.FILTER_SECURITY_INTERCEPTOR)); - DefaultFilterInvocationDefinitionSource fids = - (DefaultFilterInvocationDefinitionSource) fsi.getObjectDefinitionSource(); + DefaultFilterInvocationSecurityMetadataSource fids = + (DefaultFilterInvocationSecurityMetadataSource) fsi.getSecurityMetadataSource(); List attributes = fids.lookupAttributes(loginPage, "POST"); if (attributes == null) { diff --git a/core/src/main/java/org/springframework/security/config/FilterInvocationDefinitionSourceBeanDefinitionParser.java b/core/src/main/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParser.java similarity index 88% rename from core/src/main/java/org/springframework/security/config/FilterInvocationDefinitionSourceBeanDefinitionParser.java rename to core/src/main/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParser.java index 20a6ac91ec..dbf4aedcab 100644 --- a/core/src/main/java/org/springframework/security/config/FilterInvocationDefinitionSourceBeanDefinitionParser.java +++ b/core/src/main/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParser.java @@ -7,7 +7,7 @@ import org.springframework.beans.factory.support.BeanDefinitionBuilder; import org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser; import org.springframework.beans.factory.xml.ParserContext; import org.springframework.security.ConfigAttribute; -import org.springframework.security.intercept.web.FilterInvocationDefinitionSource; +import org.springframework.security.intercept.web.FilterInvocationSecurityMetadataSource; import org.springframework.security.intercept.web.RequestKey; import org.springframework.security.util.AntUrlPathMatcher; import org.springframework.security.util.UrlMatcher; @@ -16,15 +16,15 @@ import org.springframework.util.xml.DomUtils; import org.w3c.dom.Element; /** - * Allows for convenient creation of a {@link FilterInvocationDefinitionSource} bean for use with a FilterSecurityInterceptor. + * Allows for convenient creation of a {@link FilterInvocationSecurityMetadataSource} bean for use with a FilterSecurityInterceptor. * * @author Luke Taylor * @version $Id$ */ -public class FilterInvocationDefinitionSourceBeanDefinitionParser extends AbstractSingleBeanDefinitionParser { +public class FilterInvocationSecurityMetadataSourceBeanDefinitionParser extends AbstractSingleBeanDefinitionParser { protected String getBeanClassName(Element element) { - return "org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource"; + return "org.springframework.security.intercept.web.DefaultFilterInvocationSecurityMetadataSource"; } protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) { diff --git a/core/src/main/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParser.java b/core/src/main/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParser.java index fe0ad5ce28..f33bba71f7 100644 --- a/core/src/main/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParser.java +++ b/core/src/main/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParser.java @@ -21,10 +21,10 @@ import org.springframework.security.SecurityConfig; import org.springframework.security.expression.method.MethodExpressionAfterInvocationProvider; import org.springframework.security.expression.method.MethodExpressionVoter; import org.springframework.security.expression.support.DefaultSecurityExpressionHandler; -import org.springframework.security.intercept.method.DelegatingMethodDefinitionSource; -import org.springframework.security.intercept.method.MapBasedMethodDefinitionSource; +import org.springframework.security.intercept.method.DelegatingMethodSecurityMetadataSource; +import org.springframework.security.intercept.method.MapBasedMethodSecurityMetadataSource; import org.springframework.security.intercept.method.ProtectPointcutPostProcessor; -import org.springframework.security.intercept.method.aopalliance.MethodDefinitionSourceAdvisor; +import org.springframework.security.intercept.method.aopalliance.MethodSecurityMetadataSourceAdvisor; import org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor; import org.springframework.security.vote.AffirmativeBased; import org.springframework.security.vote.AuthenticatedVoter; @@ -45,9 +45,9 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser { private final Log logger = LogFactory.getLog(getClass()); - private static final String SECURED_METHOD_DEFINITION_SOURCE_CLASS = "org.springframework.security.annotation.SecuredMethodDefinitionSource"; - private static final String EXPRESSION_METHOD_DEFINITION_SOURCE_CLASS = "org.springframework.security.expression.method.ExpressionAnnotationMethodDefinitionSource"; - private static final String JSR_250_SECURITY_METHOD_DEFINITION_SOURCE_CLASS = "org.springframework.security.annotation.Jsr250MethodDefinitionSource"; + private static final String SECURED_METHOD_DEFINITION_SOURCE_CLASS = "org.springframework.security.annotation.SecuredMethodSecurityMetadataSource"; + private static final String EXPRESSION_METHOD_DEFINITION_SOURCE_CLASS = "org.springframework.security.expression.method.ExpressionAnnotationMethodSecurityMetadataSource"; + private static final String JSR_250_SECURITY_METHOD_DEFINITION_SOURCE_CLASS = "org.springframework.security.annotation.Jsr250MethodSecurityMetadataSource"; private static final String JSR_250_VOTER_CLASS = "org.springframework.security.annotation.Jsr250Voter"; /* @@ -56,7 +56,7 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser { static final String SECURITY_INTERCEPTOR_ID = "_globalMethodSecurityInterceptor"; static final String INTERCEPTOR_POST_PROCESSOR_ID = "_globalMethodSecurityInterceptorPostProcessor"; static final String ACCESS_MANAGER_ID = "_globalMethodSecurityAccessManager"; - private static final String DELEGATING_METHOD_DEFINITION_SOURCE_ID = "_delegatingMethodDefinitionSource"; + private static final String DELEGATING_METHOD_DEFINITION_SOURCE_ID = "_delegatingMethodSecurityMetadataSource"; private static final String EXPRESSION_HANDLER_ID = "_methodExpressionHandler"; private static final String ATT_ACCESS = "access"; @@ -83,9 +83,9 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser { if (pointcutMap.size() > 0) { // SEC-1016: Put the pointcut MDS first, but only add it if there are actually any pointcuts defined. - MapBasedMethodDefinitionSource mapBasedMethodDefinitionSource = new MapBasedMethodDefinitionSource(); - delegates.add(mapBasedMethodDefinitionSource); - registerProtectPointcutPostProcessor(parserContext, pointcutMap, mapBasedMethodDefinitionSource, source); + MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource = new MapBasedMethodSecurityMetadataSource(); + delegates.add(mapBasedMethodSecurityMetadataSource); + registerProtectPointcutPostProcessor(parserContext, pointcutMap, mapBasedMethodSecurityMetadataSource, source); } if (expressionsEnabled) { @@ -123,7 +123,7 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser { delegates.add(BeanDefinitionBuilder.rootBeanDefinition(JSR_250_SECURITY_METHOD_DEFINITION_SOURCE_CLASS).getBeanDefinition()); } - registerDelegatingMethodDefinitionSource(parserContext, delegates, source); + registerDelegatingMethodSecurityMetadataSource(parserContext, delegates, source); String accessManagerId = element.getAttribute(ATT_ACCESS_MGR); @@ -167,24 +167,24 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser { } @SuppressWarnings("unchecked") - private void registerDelegatingMethodDefinitionSource(ParserContext parserContext, ManagedList delegates, Object source) { + private void registerDelegatingMethodSecurityMetadataSource(ParserContext parserContext, ManagedList delegates, Object source) { if (parserContext.getRegistry().containsBeanDefinition(DELEGATING_METHOD_DEFINITION_SOURCE_ID)) { parserContext.getReaderContext().error("Duplicate detected.", source); } - RootBeanDefinition delegatingMethodDefinitionSource = new RootBeanDefinition(DelegatingMethodDefinitionSource.class); - delegatingMethodDefinitionSource.setRole(BeanDefinition.ROLE_INFRASTRUCTURE); - delegatingMethodDefinitionSource.setSource(source); - delegatingMethodDefinitionSource.getPropertyValues().addPropertyValue("methodDefinitionSources", delegates); - parserContext.getRegistry().registerBeanDefinition(DELEGATING_METHOD_DEFINITION_SOURCE_ID, delegatingMethodDefinitionSource); + RootBeanDefinition delegatingMethodSecurityMetadataSource = new RootBeanDefinition(DelegatingMethodSecurityMetadataSource.class); + delegatingMethodSecurityMetadataSource.setRole(BeanDefinition.ROLE_INFRASTRUCTURE); + delegatingMethodSecurityMetadataSource.setSource(source); + delegatingMethodSecurityMetadataSource.getPropertyValues().addPropertyValue("methodSecurityMetadataSources", delegates); + parserContext.getRegistry().registerBeanDefinition(DELEGATING_METHOD_DEFINITION_SOURCE_ID, delegatingMethodSecurityMetadataSource); } private void registerProtectPointcutPostProcessor(ParserContext parserContext, Map> pointcutMap, - MapBasedMethodDefinitionSource mapBasedMethodDefinitionSource, Object source) { + MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource, Object source) { RootBeanDefinition ppbp = new RootBeanDefinition(ProtectPointcutPostProcessor.class); ppbp.setRole(BeanDefinition.ROLE_INFRASTRUCTURE); ppbp.setSource(source); - ppbp.getConstructorArgumentValues().addGenericArgumentValue(mapBasedMethodDefinitionSource); + ppbp.getConstructorArgumentValues().addGenericArgumentValue(mapBasedMethodSecurityMetadataSource); ppbp.getPropertyValues().addPropertyValue("pointcutMap", pointcutMap); parserContext.getRegistry().registerBeanDefinition(BeanIds.PROTECT_POINTCUT_POST_PROCESSOR, ppbp); } @@ -224,7 +224,7 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser { interceptor.getPropertyValues().addPropertyValue("accessDecisionManager", new RuntimeBeanReference(accessManagerId)); interceptor.getPropertyValues().addPropertyValue("authenticationManager", new RuntimeBeanReference(BeanIds.AUTHENTICATION_MANAGER)); - interceptor.getPropertyValues().addPropertyValue("objectDefinitionSource", new RuntimeBeanReference(DELEGATING_METHOD_DEFINITION_SOURCE_ID)); + interceptor.getPropertyValues().addPropertyValue("securityMetadataSource", new RuntimeBeanReference(DELEGATING_METHOD_DEFINITION_SOURCE_ID)); parserContext.getRegistry().registerBeanDefinition(SECURITY_INTERCEPTOR_ID, interceptor); parserContext.registerComponent(new BeanComponentDefinition(interceptor, SECURITY_INTERCEPTOR_ID)); @@ -233,12 +233,12 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser { } private void registerAdvisor(ParserContext parserContext, Object source) { - RootBeanDefinition advisor = new RootBeanDefinition(MethodDefinitionSourceAdvisor.class); + RootBeanDefinition advisor = new RootBeanDefinition(MethodSecurityMetadataSourceAdvisor.class); advisor.setRole(BeanDefinition.ROLE_INFRASTRUCTURE); advisor.setSource(source); advisor.getConstructorArgumentValues().addGenericArgumentValue(SECURITY_INTERCEPTOR_ID); advisor.getConstructorArgumentValues().addGenericArgumentValue(new RuntimeBeanReference(DELEGATING_METHOD_DEFINITION_SOURCE_ID)); - parserContext.getRegistry().registerBeanDefinition(BeanIds.METHOD_DEFINITION_SOURCE_ADVISOR, advisor); + parserContext.getRegistry().registerBeanDefinition(BeanIds.METHOD_SECURITY_METADATA_SOURCE_ADVISOR, advisor); } } diff --git a/core/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java b/core/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java index c076c782d7..9a70ff19de 100644 --- a/core/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java +++ b/core/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java @@ -22,7 +22,7 @@ import org.springframework.security.SecurityConfig; import org.springframework.security.context.HttpSessionSecurityContextRepository; import org.springframework.security.context.SecurityContextPersistenceFilter; import org.springframework.security.expression.web.WebExpressionVoter; -import org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource; +import org.springframework.security.intercept.web.DefaultFilterInvocationSecurityMetadataSource; import org.springframework.security.intercept.web.FilterSecurityInterceptor; import org.springframework.security.intercept.web.RequestKey; import org.springframework.security.securechannel.ChannelDecisionManagerImpl; @@ -106,7 +106,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser { private static final String ATT_DISABLE_URL_REWRITING = "disable-url-rewriting"; - private static final String EXPRESSION_FIDS_CLASS = "org.springframework.security.expression.web.ExpressionBasedFilterInvocationDefinitionSource"; + private static final String EXPRESSION_FIDS_CLASS = "org.springframework.security.expression.web.ExpressionBasedFilterInvocationSecurityMetadataSource"; private static final String EXPRESSION_HANDLER_CLASS = "org.springframework.security.expression.support.DefaultSecurityExpressionHandler"; private static final String EXPRESSION_HANDLER_ID = "_webExpressionHandler"; @@ -172,7 +172,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser { fidsBuilder.addConstructorArgReference(expressionHandlerRef); voters = new Class[] {WebExpressionVoter.class}; } else { - fidsBuilder = BeanDefinitionBuilder.rootBeanDefinition(DefaultFilterInvocationDefinitionSource.class); + fidsBuilder = BeanDefinitionBuilder.rootBeanDefinition(DefaultFilterInvocationSecurityMetadataSource.class); fidsBuilder.addConstructorArgValue(matcher); fidsBuilder.addConstructorArgValue(requestToAttributesMap); voters = new Class[] {RoleVoter.class, AuthenticatedVoter.class}; @@ -359,7 +359,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser { builder.addPropertyValue("observeOncePerRequest", Boolean.FALSE); } - builder.addPropertyValue("objectDefinitionSource", fids); + builder.addPropertyValue("securityMetadataSource", fids); pc.getRegistry().registerBeanDefinition(BeanIds.FILTER_SECURITY_INTERCEPTOR, builder.getBeanDefinition()); ConfigUtils.addHttpFilter(pc, new RuntimeBeanReference(BeanIds.FILTER_SECURITY_INTERCEPTOR)); } @@ -369,11 +369,11 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser { RootBeanDefinition channelFilter = new RootBeanDefinition(ChannelProcessingFilter.class); channelFilter.getPropertyValues().addPropertyValue("channelDecisionManager", new RuntimeBeanReference(BeanIds.CHANNEL_DECISION_MANAGER)); - DefaultFilterInvocationDefinitionSource channelFilterInvDefSource = - new DefaultFilterInvocationDefinitionSource(matcher, channelRequestMap); + DefaultFilterInvocationSecurityMetadataSource channelFilterInvDefSource = + new DefaultFilterInvocationSecurityMetadataSource(matcher, channelRequestMap); channelFilterInvDefSource.setStripQueryStringFromUrls(matcher instanceof AntUrlPathMatcher); - channelFilter.getPropertyValues().addPropertyValue("filterInvocationDefinitionSource", + channelFilter.getPropertyValues().addPropertyValue("filterInvocationSecurityMetadataSource", channelFilterInvDefSource); RootBeanDefinition channelDecisionManager = new RootBeanDefinition(ChannelDecisionManagerImpl.class); ManagedList channelProcessors = new ManagedList(3); @@ -639,7 +639,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser { } /** - * Parses the filter invocation map which will be used to configure the FilterInvocationDefinitionSource + * Parses the filter invocation map which will be used to configure the FilterInvocationSecurityMetadataSource * used in the security interceptor. */ static LinkedHashMap> @@ -677,7 +677,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser { if (useExpressions) { logger.info("Creating access control expression attribute '" + access + "' for " + key); attributes = new ArrayList(1); - // The expression will be parsed later by the ExpressionFilterInvocationDefinitionSource + // The expression will be parsed later by the ExpressionFilterInvocationSecurityMetadataSource attributes.add(new SecurityConfig(access)); } else { diff --git a/core/src/main/java/org/springframework/security/config/InterceptMethodsBeanDefinitionDecorator.java b/core/src/main/java/org/springframework/security/config/InterceptMethodsBeanDefinitionDecorator.java index 199d628513..0bf2d53be7 100644 --- a/core/src/main/java/org/springframework/security/config/InterceptMethodsBeanDefinitionDecorator.java +++ b/core/src/main/java/org/springframework/security/config/InterceptMethodsBeanDefinitionDecorator.java @@ -80,11 +80,11 @@ class InternalInterceptMethodsBeanDefinitionDecorator extends AbstractIntercepto } } - // Rely on the default property editor for MethodSecurityInterceptor.setObjectDefinitionSource to setup the MethodDefinitionSource + // Rely on the default property editor for MethodSecurityInterceptor.setSecurityMetadataSource to setup the MethodSecurityMetadataSource sb.append(methodName + "=" + accessConfig).append("\r\n"); } - interceptor.addPropertyValue("objectDefinitionSource", sb.toString()); + interceptor.addPropertyValue("securityMetadataSource", sb.toString()); return interceptor.getBeanDefinition(); } diff --git a/core/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java b/core/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java index 6a003ee819..1d0b8fe435 100644 --- a/core/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java +++ b/core/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java @@ -23,7 +23,7 @@ public class SecurityNamespaceHandler extends NamespaceHandlerSupport { registerBeanDefinitionParser(Elements.AUTHENTICATION_PROVIDER, new AuthenticationProviderBeanDefinitionParser()); registerBeanDefinitionParser(Elements.GLOBAL_METHOD_SECURITY, new GlobalMethodSecurityBeanDefinitionParser()); registerBeanDefinitionParser(Elements.AUTHENTICATION_MANAGER, new AuthenticationManagerBeanDefinitionParser()); - registerBeanDefinitionParser(Elements.FILTER_INVOCATION_DEFINITION_SOURCE, new FilterInvocationDefinitionSourceBeanDefinitionParser()); + registerBeanDefinitionParser(Elements.FILTER_INVOCATION_DEFINITION_SOURCE, new FilterInvocationSecurityMetadataSourceBeanDefinitionParser()); // Decorators registerBeanDefinitionDecorator(Elements.INTERCEPT_METHODS, new InterceptMethodsBeanDefinitionDecorator()); diff --git a/core/src/main/java/org/springframework/security/expression/method/ExpressionAnnotationMethodDefinitionSource.java b/core/src/main/java/org/springframework/security/expression/method/ExpressionAnnotationMethodSecurityMetadataSource.java similarity index 93% rename from core/src/main/java/org/springframework/security/expression/method/ExpressionAnnotationMethodDefinitionSource.java rename to core/src/main/java/org/springframework/security/expression/method/ExpressionAnnotationMethodSecurityMetadataSource.java index ef0bee8d10..2b2cfc9e43 100644 --- a/core/src/main/java/org/springframework/security/expression/method/ExpressionAnnotationMethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/expression/method/ExpressionAnnotationMethodSecurityMetadataSource.java @@ -18,11 +18,11 @@ import org.springframework.security.expression.annotation.PostAuthorize; import org.springframework.security.expression.annotation.PostFilter; import org.springframework.security.expression.annotation.PreAuthorize; import org.springframework.security.expression.annotation.PreFilter; -import org.springframework.security.intercept.method.AbstractMethodDefinitionSource; +import org.springframework.security.intercept.method.AbstractMethodSecurityMetadataSource; import org.springframework.util.ClassUtils; /** - * MethodDefinitionSource which extracts metadata from the @PreFilter and @PreAuthorize annotations + * MethodSecurityMetadataSource which extracts metadata from the @PreFilter and @PreAuthorize annotations * placed on a method. The metadata is encapsulated in a {@link AbstractExpressionBasedMethodConfigAttribute} instance. *

* Annotations may be specified on classes or methods, and method-specific annotations will take precedence. @@ -38,10 +38,10 @@ import org.springframework.util.ClassUtils; * @since 2.5 * @version $Id$ */ -public class ExpressionAnnotationMethodDefinitionSource extends AbstractMethodDefinitionSource { +public class ExpressionAnnotationMethodSecurityMetadataSource extends AbstractMethodSecurityMetadataSource { private ExpressionParser parser; - public ExpressionAnnotationMethodDefinitionSource() { + public ExpressionAnnotationMethodSecurityMetadataSource() { parser = new SpelAntlrExpressionParser(); } @@ -49,7 +49,7 @@ public class ExpressionAnnotationMethodDefinitionSource extends AbstractMethodDe * Constructor which obtains the expression parser from the {@link SecurityExpressionHandler#getExpressionParser() } * method on the supplied SecurityExpressionHandler. */ - public ExpressionAnnotationMethodDefinitionSource(SecurityExpressionHandler handler) { + public ExpressionAnnotationMethodSecurityMetadataSource(SecurityExpressionHandler handler) { parser = handler.getExpressionParser(); } @@ -76,7 +76,7 @@ public class ExpressionAnnotationMethodDefinitionSource extends AbstractMethodDe } /** - * See {@link org.springframework.security.intercept.method.AbstractFallbackMethodDefinitionSource#getAttributes(Method, Class)} + * See {@link org.springframework.security.intercept.method.AbstractFallbackMethodSecurityMetadataSource#getAttributes(Method, Class)} * for the logic of this method. The ordering here is slightly different in that we consider method-specific * annotations on an interface before class-level ones. */ diff --git a/core/src/main/java/org/springframework/security/expression/web/ExpressionBasedFilterInvocationDefinitionSource.java b/core/src/main/java/org/springframework/security/expression/web/ExpressionBasedFilterInvocationSecurityMetadataSource.java similarity index 87% rename from core/src/main/java/org/springframework/security/expression/web/ExpressionBasedFilterInvocationDefinitionSource.java rename to core/src/main/java/org/springframework/security/expression/web/ExpressionBasedFilterInvocationSecurityMetadataSource.java index 7da24cb281..42dfa2ca6d 100644 --- a/core/src/main/java/org/springframework/security/expression/web/ExpressionBasedFilterInvocationDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/expression/web/ExpressionBasedFilterInvocationSecurityMetadataSource.java @@ -11,22 +11,22 @@ import org.springframework.expression.ExpressionParser; import org.springframework.expression.ParseException; import org.springframework.security.ConfigAttribute; import org.springframework.security.expression.SecurityExpressionHandler; -import org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource; +import org.springframework.security.intercept.web.DefaultFilterInvocationSecurityMetadataSource; import org.springframework.security.intercept.web.RequestKey; import org.springframework.security.util.UrlMatcher; import org.springframework.util.Assert; /** - * Expression-based FilterInvocationDefinitionSource. + * Expression-based FilterInvocationSecurityMetadataSource. * * @author Luke Taylor * @version $Id$ * @since 2.5 */ -public final class ExpressionBasedFilterInvocationDefinitionSource extends DefaultFilterInvocationDefinitionSource { - private final static Log logger = LogFactory.getLog(ExpressionBasedFilterInvocationDefinitionSource.class); +public final class ExpressionBasedFilterInvocationSecurityMetadataSource extends DefaultFilterInvocationSecurityMetadataSource { + private final static Log logger = LogFactory.getLog(ExpressionBasedFilterInvocationSecurityMetadataSource.class); - public ExpressionBasedFilterInvocationDefinitionSource(UrlMatcher urlMatcher, + public ExpressionBasedFilterInvocationSecurityMetadataSource(UrlMatcher urlMatcher, LinkedHashMap> requestMap, SecurityExpressionHandler expressionHandler) { super(urlMatcher, processMap(requestMap, expressionHandler.getExpressionParser())); Assert.notNull(expressionHandler, "A non-null SecurityExpressionHandler is required"); diff --git a/core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java b/core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java index 349a8fdabc..afd9dcb456 100644 --- a/core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java +++ b/core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java @@ -54,7 +54,7 @@ import org.springframework.util.Assert; *

    *
  1. Obtain the {@link Authentication} object from the {@link SecurityContextHolder}.
    2. *
  2. Determine if the request relates to a secured or public invocation by looking up the secure object request - * against the {@link ObjectDefinitionSource}.
    3. + * against the {@link SecurityMetadataSource}. *
  3. For an invocation that is secured (there is a list of ConfigAttributes for the secure * object invocation): *
      @@ -122,9 +122,9 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A Assert.notNull(this.authenticationManager, "An AuthenticationManager is required"); Assert.notNull(this.accessDecisionManager, "An AccessDecisionManager is required"); Assert.notNull(this.runAsManager, "A RunAsManager is required"); - Assert.notNull(this.obtainObjectDefinitionSource(), "An ObjectDefinitionSource is required"); - Assert.isTrue(this.obtainObjectDefinitionSource().supports(getSecureObjectClass()), - "ObjectDefinitionSource does not support secure object class: " + getSecureObjectClass()); + Assert.notNull(this.obtainSecurityMetadataSource(), "An SecurityMetadataSource is required"); + Assert.isTrue(this.obtainSecurityMetadataSource().supports(getSecureObjectClass()), + "SecurityMetadataSource does not support secure object class: " + getSecureObjectClass()); Assert.isTrue(this.runAsManager.supports(getSecureObjectClass()), "RunAsManager does not support secure object class: " + getSecureObjectClass()); Assert.isTrue(this.accessDecisionManager.supports(getSecureObjectClass()), @@ -136,10 +136,10 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A } if (this.validateConfigAttributes) { - Collection attributeDefs = this.obtainObjectDefinitionSource().getAllConfigAttributes(); + Collection attributeDefs = this.obtainSecurityMetadataSource().getAllConfigAttributes(); if (attributeDefs == null) { - logger.warn("Could not validate configuration attributes as the ObjectDefinitionSource did not return " + logger.warn("Could not validate configuration attributes as the SecurityMetadataSource did not return " + "any attributes from getAllConfigAttributes()"); return; } @@ -171,7 +171,7 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A + getSecureObjectClass()); } - List attributes = this.obtainObjectDefinitionSource().getAttributes(object); + List attributes = this.obtainSecurityMetadataSource().getAttributes(object); if (attributes == null) { if (rejectPublicInvocations) { @@ -371,7 +371,7 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A return validateConfigAttributes; } - public abstract ObjectDefinitionSource obtainObjectDefinitionSource(); + public abstract SecurityMetadataSource obtainSecurityMetadataSource(); public void setAccessDecisionManager(AccessDecisionManager accessDecisionManager) { this.accessDecisionManager = accessDecisionManager; diff --git a/core/src/main/java/org/springframework/security/intercept/ObjectDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/SecurityMetadataSource.java similarity index 93% rename from core/src/main/java/org/springframework/security/intercept/ObjectDefinitionSource.java rename to core/src/main/java/org/springframework/security/intercept/SecurityMetadataSource.java index f22bb4a366..b6a854b34d 100644 --- a/core/src/main/java/org/springframework/security/intercept/ObjectDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/SecurityMetadataSource.java @@ -28,7 +28,7 @@ import org.springframework.security.ConfigAttribute; * @author Ben Alex * @version $Id$ */ -public interface ObjectDefinitionSource { +public interface SecurityMetadataSource { //~ Methods ======================================================================================================== /** @@ -41,7 +41,7 @@ public interface ObjectDefinitionSource { * @return the attributes that apply to the passed in secured object or null if there are no applicable attributes. * * @throws IllegalArgumentException if the passed object is not of a type supported by the - * ObjectDefinitionSource implementation + * SecurityMetadataSource implementation */ List getAttributes(Object object) throws IllegalArgumentException; @@ -56,7 +56,7 @@ public interface ObjectDefinitionSource { Collection getAllConfigAttributes(); /** - * Indicates whether the ObjectDefinitionSource implementation is able to provide + * Indicates whether the SecurityMetadataSource implementation is able to provide * ConfigAttributes for the indicated secure object type. * * @param clazz the class that is being queried diff --git a/core/src/main/java/org/springframework/security/intercept/method/AbstractFallbackMethodDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/method/AbstractFallbackMethodSecurityMetadataSource.java similarity index 89% rename from core/src/main/java/org/springframework/security/intercept/method/AbstractFallbackMethodDefinitionSource.java rename to core/src/main/java/org/springframework/security/intercept/method/AbstractFallbackMethodSecurityMetadataSource.java index 32587eeb10..b49cd768b8 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/AbstractFallbackMethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/method/AbstractFallbackMethodSecurityMetadataSource.java @@ -7,25 +7,25 @@ import org.springframework.security.ConfigAttribute; import org.springframework.util.ClassUtils; /** - * Abstract implementation of {@link MethodDefinitionSource} that supports both Spring AOP and AspectJ and + * Abstract implementation of {@link MethodSecurityMetadataSource} that supports both Spring AOP and AspectJ and * performs attribute resolution from: 1. specific target method; 2. target class; 3. declaring method; - * 4. declaring class/interface. Use with {@link DelegatingMethodDefinitionSource} for caching support. + * 4. declaring class/interface. Use with {@link DelegatingMethodSecurityMetadataSource} for caching support. *

      - * This class mimics the behaviour of Spring's AbstractFallbackTransactionAttributeSource class. + * This class mimics the behaviour of Spring's AbstractFallbackTransactionAttributeSource class. *

      * Note that this class cannot extract security metadata where that metadata is expressed by way of * a target method/class (i.e. #1 and #2 above) AND the target method/class is encapsulated in another * proxy object. Spring Security does not walk a proxy chain to locate the concrete/final target object. * Consider making Spring Security your final advisor (so it advises the final target, as opposed to * another proxy), move the metadata to declared methods or interfaces the proxy implements, or provide - * your own replacement MethodDefinitionSource. + * your own replacement MethodSecurityMetadataSource. * * @author Ben Alex * @author Luke taylor * @version $Id$ * @since 2.0 */ -public abstract class AbstractFallbackMethodDefinitionSource extends AbstractMethodDefinitionSource { +public abstract class AbstractFallbackMethodSecurityMetadataSource extends AbstractMethodSecurityMetadataSource { public List getAttributes(Method method, Class targetClass) { // The method may be on an interface, but we need attributes from the target class. diff --git a/core/src/main/java/org/springframework/security/intercept/method/AbstractMethodDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/method/AbstractMethodSecurityMetadataSource.java similarity index 92% rename from core/src/main/java/org/springframework/security/intercept/method/AbstractMethodDefinitionSource.java rename to core/src/main/java/org/springframework/security/intercept/method/AbstractMethodSecurityMetadataSource.java index 749b7c2f92..4dfc38eb87 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/AbstractMethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/method/AbstractMethodSecurityMetadataSource.java @@ -33,14 +33,14 @@ import java.util.List; /** - * Abstract implementation of MethodDefinitionSource which resolves the secured object type to + * Abstract implementation of MethodSecurityMetadataSource which resolves the secured object type to * either a MethodInvocation or a JoinPoint. * * @author Ben Alex * @author Luke Taylor * @version $Id$ */ -public abstract class AbstractMethodDefinitionSource implements MethodDefinitionSource { +public abstract class AbstractMethodSecurityMetadataSource implements MethodSecurityMetadataSource { protected final Log logger = LogFactory.getLog(getClass()); diff --git a/core/src/main/java/org/springframework/security/intercept/method/DelegatingMethodDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/method/DelegatingMethodSecurityMetadataSource.java similarity index 86% rename from core/src/main/java/org/springframework/security/intercept/method/DelegatingMethodDefinitionSource.java rename to core/src/main/java/org/springframework/security/intercept/method/DelegatingMethodSecurityMetadataSource.java index 33ad0dba10..90a47707a3 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/DelegatingMethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/method/DelegatingMethodSecurityMetadataSource.java @@ -22,17 +22,17 @@ import org.springframework.util.ObjectUtils; * @author Luke Taylor * @version $Id$ */ -public final class DelegatingMethodDefinitionSource extends AbstractMethodDefinitionSource implements InitializingBean { +public final class DelegatingMethodSecurityMetadataSource extends AbstractMethodSecurityMetadataSource implements InitializingBean { private final static List NULL_CONFIG_ATTRIBUTE = Collections.emptyList(); - private List methodDefinitionSources; + private List methodSecurityMetadataSources; private final Map> attributeCache = new HashMap>(); //~ Methods ======================================================================================================== public void afterPropertiesSet() throws Exception { - Assert.notNull(methodDefinitionSources, "A list of MethodDefinitionSources is required"); + Assert.notNull(methodSecurityMetadataSources, "A list of MethodSecurityMetadataSources is required"); } public List getAttributes(Method method, Class targetClass) { @@ -50,7 +50,7 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini // No cached value, so query the sources to find a result List attributes = null; - for (MethodDefinitionSource s : methodDefinitionSources) { + for (MethodSecurityMetadataSource s : methodSecurityMetadataSources) { attributes = s.getAttributes(method, targetClass); if (attributes != null) { break; @@ -75,7 +75,7 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini public Collection getAllConfigAttributes() { Set set = new HashSet(); - for (MethodDefinitionSource s : methodDefinitionSources) { + for (MethodSecurityMetadataSource s : methodSecurityMetadataSources) { Collection attrs = s.getAllConfigAttributes(); if (attrs != null) { set.addAll(attrs); @@ -85,8 +85,8 @@ public final class DelegatingMethodDefinitionSource extends AbstractMethodDefini } @SuppressWarnings("unchecked") - public void setMethodDefinitionSources(List methodDefinitionSources) { - this.methodDefinitionSources = methodDefinitionSources; + public void setMethodSecurityMetadataSources(List methodSecurityMetadataSources) { + this.methodSecurityMetadataSources = methodSecurityMetadataSources; } //~ Inner Classes ================================================================================================== diff --git a/core/src/main/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/method/MapBasedMethodSecurityMetadataSource.java similarity index 96% rename from core/src/main/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSource.java rename to core/src/main/java/org/springframework/security/intercept/method/MapBasedMethodSecurityMetadataSource.java index d61a2d9457..0ff788bd83 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/method/MapBasedMethodSecurityMetadataSource.java @@ -34,7 +34,7 @@ import org.springframework.util.ClassUtils; * Stores a list of ConfigAttributes for a method or class signature. * *

      - * This class is the preferred implementation of {@link MethodDefinitionSource} for XML-based + * This class is the preferred implementation of {@link MethodSecurityMetadataSource} for XML-based * definition of method security metadata. To assist in XML-based definition, wildcard support * is provided. *

      @@ -43,7 +43,7 @@ import org.springframework.util.ClassUtils; * @version $Id$ * @since 2.0 */ -public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefinitionSource implements BeanClassLoaderAware { +public class MapBasedMethodSecurityMetadataSource extends AbstractFallbackMethodSecurityMetadataSource implements BeanClassLoaderAware { //~ Instance fields ================================================================================================ private ClassLoader beanClassLoader = ClassUtils.getDefaultClassLoader(); @@ -56,14 +56,14 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini //~ Methods ======================================================================================================== - public MapBasedMethodDefinitionSource() { + public MapBasedMethodSecurityMetadataSource() { } /** - * Creates the MapBasedMethodDefinitionSource from a + * Creates the MapBasedMethodSecurityMetadataSource from a * @param methodMap map of method names to ConfigAttributes. */ - public MapBasedMethodDefinitionSource(Map> methodMap) { + public MapBasedMethodSecurityMetadataSource(Map> methodMap) { for (Map.Entry> entry : methodMap.entrySet()) { addSecureMethod(entry.getKey(), entry.getValue()); } diff --git a/core/src/main/java/org/springframework/security/intercept/method/MethodInvocationPrivilegeEvaluator.java b/core/src/main/java/org/springframework/security/intercept/method/MethodInvocationPrivilegeEvaluator.java index f8390898b5..ccc82521c9 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/MethodInvocationPrivilegeEvaluator.java +++ b/core/src/main/java/org/springframework/security/intercept/method/MethodInvocationPrivilegeEvaluator.java @@ -59,7 +59,7 @@ public class MethodInvocationPrivilegeEvaluator implements InitializingBean { Assert.notNull(mi, "MethodInvocation required"); Assert.notNull(mi.getMethod(), "MethodInvocation must provide a non-null getMethod()"); - List attrs = securityInterceptor.obtainObjectDefinitionSource().getAttributes(mi); + List attrs = securityInterceptor.obtainSecurityMetadataSource().getAttributes(mi); if (attrs == null) { if (securityInterceptor.isRejectPublicInvocations()) { diff --git a/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/method/MethodSecurityMetadataSource.java similarity index 82% rename from core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSource.java rename to core/src/main/java/org/springframework/security/intercept/method/MethodSecurityMetadataSource.java index babaf42ba0..e3465465d4 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/method/MethodSecurityMetadataSource.java @@ -19,16 +19,16 @@ import java.lang.reflect.Method; import java.util.List; import org.springframework.security.ConfigAttribute; -import org.springframework.security.intercept.ObjectDefinitionSource; +import org.springframework.security.intercept.SecurityMetadataSource; /** - * Interface for ObjectDefinitionSource implementations + * Interface for SecurityMetadataSource implementations * that are designed to perform lookups keyed on Methods. * * @author Ben Alex * @version $Id$ */ -public interface MethodDefinitionSource extends ObjectDefinitionSource { +public interface MethodSecurityMetadataSource extends SecurityMetadataSource { public List getAttributes(Method method, Class targetClass); } diff --git a/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditor.java b/core/src/main/java/org/springframework/security/intercept/method/MethodSecurityMetadataSourceEditor.java similarity index 86% rename from core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditor.java rename to core/src/main/java/org/springframework/security/intercept/method/MethodSecurityMetadataSourceEditor.java index 913513548b..6d68a22f73 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditor.java +++ b/core/src/main/java/org/springframework/security/intercept/method/MethodSecurityMetadataSourceEditor.java @@ -30,21 +30,21 @@ import org.springframework.util.StringUtils; /** - * Property editor to assist with the setup of a {@link MethodDefinitionSource}. + * Property editor to assist with the setup of a {@link MethodSecurityMetadataSource}. *

      - * The class creates and populates a {@link MapBasedMethodDefinitionSource}. + * The class creates and populates a {@link MapBasedMethodSecurityMetadataSource}. * * @author Ben Alex * @deprecated use method annotations or the protect-pointcut support from the namespace * @version $Id$ */ -public class MethodDefinitionSourceEditor extends PropertyEditorSupport { +public class MethodSecurityMetadataSourceEditor extends PropertyEditorSupport { //~ Methods ======================================================================================================== @SuppressWarnings("unchecked") public void setAsText(String s) throws IllegalArgumentException { if ((s == null) || "".equals(s)) { - setValue(new MapBasedMethodDefinitionSource()); + setValue(new MapBasedMethodSecurityMetadataSource()); return; } @@ -71,6 +71,6 @@ public class MethodDefinitionSourceEditor extends PropertyEditorSupport { mappings.put(name, attributes); } - setValue(new MapBasedMethodDefinitionSource(mappings)); + setValue(new MapBasedMethodSecurityMetadataSource(mappings)); } } diff --git a/core/src/main/java/org/springframework/security/intercept/method/ProtectPointcutPostProcessor.java b/core/src/main/java/org/springframework/security/intercept/method/ProtectPointcutPostProcessor.java index 8037381848..5a78cc1875 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/ProtectPointcutPostProcessor.java +++ b/core/src/main/java/org/springframework/security/intercept/method/ProtectPointcutPostProcessor.java @@ -15,19 +15,19 @@ import org.aspectj.weaver.tools.PointcutPrimitive; import org.springframework.beans.BeansException; import org.springframework.beans.factory.config.BeanPostProcessor; import org.springframework.security.ConfigAttribute; -import org.springframework.security.intercept.method.aopalliance.MethodDefinitionSourceAdvisor; +import org.springframework.security.intercept.method.aopalliance.MethodSecurityMetadataSourceAdvisor; import org.springframework.util.Assert; import org.springframework.util.StringUtils; /** * Parses AspectJ pointcut expressions, registering methods that match the pointcut with a - * traditional {@link MapBasedMethodDefinitionSource}. + * traditional {@link MapBasedMethodSecurityMetadataSource}. * *

      * This class provides a convenient way of declaring a list of pointcuts, and then * having every method of every bean defined in the Spring application context compared with * those pointcuts. Where a match is found, the matching method will be registered with the - * {@link MapBasedMethodDefinitionSource}. + * {@link MapBasedMethodSecurityMetadataSource}. *

      * It is very important to understand that only the first pointcut that matches a given * method will be taken as authoritative for that method. This is why pointcuts should be provided @@ -36,8 +36,8 @@ import org.springframework.util.StringUtils; * Note also that only beans defined in the Spring application context will be examined by this * class. *

      - * Because this class registers method security metadata with {@link MapBasedMethodDefinitionSource}, - * normal Spring Security capabilities such as {@link MethodDefinitionSourceAdvisor} can be used. + * Because this class registers method security metadata with {@link MapBasedMethodSecurityMetadataSource}, + * normal Spring Security capabilities such as {@link MethodSecurityMetadataSourceAdvisor} can be used. * It does not matter the fact the method metadata was originally obtained from an AspectJ pointcut * expression evaluation. * @@ -51,12 +51,12 @@ public final class ProtectPointcutPostProcessor implements BeanPostProcessor { private static final Log logger = LogFactory.getLog(ProtectPointcutPostProcessor.class); private Map> pointcutMap = new LinkedHashMap>(); - private MapBasedMethodDefinitionSource mapBasedMethodDefinitionSource; + private MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource; private PointcutParser parser; - public ProtectPointcutPostProcessor(MapBasedMethodDefinitionSource mapBasedMethodDefinitionSource) { - Assert.notNull(mapBasedMethodDefinitionSource, "MapBasedMethodDefinitionSource to populate is required"); - this.mapBasedMethodDefinitionSource = mapBasedMethodDefinitionSource; + public ProtectPointcutPostProcessor(MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource) { + Assert.notNull(mapBasedMethodSecurityMetadataSource, "MapBasedMethodSecurityMetadataSource to populate is required"); + this.mapBasedMethodSecurityMetadataSource = mapBasedMethodSecurityMetadataSource; // Set up AspectJ pointcut expression parser Set supportedPrimitives = new HashSet(3); @@ -115,7 +115,7 @@ public final class ProtectPointcutPostProcessor implements BeanPostProcessor { logger.debug("AspectJ pointcut expression '" + expression.getPointcutExpression() + "' matches target class '" + targetClass.getName() + "' (bean ID '" + beanName + "') for method '" + method + "'; registering security configuration attribute '" + attr + "'"); } - mapBasedMethodDefinitionSource.addSecureMethod(targetClass, method, attr); + mapBasedMethodSecurityMetadataSource.addSecureMethod(targetClass, method, attr); } return matches; diff --git a/core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptor.java b/core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptor.java index eca9b52bcb..40c3114145 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptor.java +++ b/core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptor.java @@ -17,8 +17,8 @@ package org.springframework.security.intercept.method.aopalliance; import org.springframework.security.intercept.AbstractSecurityInterceptor; import org.springframework.security.intercept.InterceptorStatusToken; -import org.springframework.security.intercept.ObjectDefinitionSource; -import org.springframework.security.intercept.method.MethodDefinitionSource; +import org.springframework.security.intercept.SecurityMetadataSource; +import org.springframework.security.intercept.method.MethodSecurityMetadataSource; import org.aopalliance.intercept.MethodInterceptor; import org.aopalliance.intercept.MethodInvocation; @@ -26,8 +26,8 @@ import org.aopalliance.intercept.MethodInvocation; /** * Provides security interception of AOP Alliance based method invocations.

      The - * ObjectDefinitionSource required by this security interceptor is of type {@link - * MethodDefinitionSource}. This is shared with the AspectJ based security interceptor + * SecurityMetadataSource required by this security interceptor is of type {@link + * MethodSecurityMetadataSource}. This is shared with the AspectJ based security interceptor * (AspectJSecurityInterceptor), since both work with Java Methods.

      *

      Refer to {@link AbstractSecurityInterceptor} for details on the workflow.

      * @@ -37,12 +37,12 @@ import org.aopalliance.intercept.MethodInvocation; public class MethodSecurityInterceptor extends AbstractSecurityInterceptor implements MethodInterceptor { //~ Instance fields ================================================================================================ - private MethodDefinitionSource objectDefinitionSource; + private MethodSecurityMetadataSource securityMetadataSource; //~ Methods ======================================================================================================== - public MethodDefinitionSource getObjectDefinitionSource() { - return this.objectDefinitionSource; + public MethodSecurityMetadataSource getSecurityMetadataSource() { + return this.securityMetadataSource; } public Class getSecureObjectClass() { @@ -71,11 +71,11 @@ public class MethodSecurityInterceptor extends AbstractSecurityInterceptor imple return result; } - public ObjectDefinitionSource obtainObjectDefinitionSource() { - return this.objectDefinitionSource; + public SecurityMetadataSource obtainSecurityMetadataSource() { + return this.securityMetadataSource; } - public void setObjectDefinitionSource(MethodDefinitionSource newSource) { - this.objectDefinitionSource = newSource; + public void setSecurityMetadataSource(MethodSecurityMetadataSource newSource) { + this.securityMetadataSource = newSource; } } diff --git a/core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodDefinitionSourceAdvisor.java b/core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityMetadataSourceAdvisor.java similarity index 83% rename from core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodDefinitionSourceAdvisor.java rename to core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityMetadataSourceAdvisor.java index 6e82df2dfb..dafbff9367 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodDefinitionSourceAdvisor.java +++ b/core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityMetadataSourceAdvisor.java @@ -26,11 +26,11 @@ import org.springframework.aop.support.StaticMethodMatcherPointcut; import org.springframework.beans.BeansException; import org.springframework.beans.factory.BeanFactory; import org.springframework.beans.factory.BeanFactoryAware; -import org.springframework.security.intercept.method.MethodDefinitionSource; +import org.springframework.security.intercept.method.MethodSecurityMetadataSource; import org.springframework.util.Assert; /** - * Advisor driven by a {@link MethodDefinitionSource}, used to exclude a {@link MethodSecurityInterceptor} from + * Advisor driven by a {@link MethodSecurityMetadataSource}, used to exclude a {@link MethodSecurityInterceptor} from * public (ie non-secure) methods. *

      * Because the AOP framework caches advice calculations, this is normally faster than just letting the @@ -47,12 +47,12 @@ import org.springframework.util.Assert; * @author Ben Alex * @version $Id$ */ -public class MethodDefinitionSourceAdvisor extends AbstractPointcutAdvisor implements BeanFactoryAware { +public class MethodSecurityMetadataSourceAdvisor extends AbstractPointcutAdvisor implements BeanFactoryAware { //~ Instance fields ================================================================================================ - private MethodDefinitionSource attributeSource; + private MethodSecurityMetadataSource attributeSource; private MethodSecurityInterceptor interceptor; - private Pointcut pointcut = new MethodDefinitionSourcePointcut(); + private Pointcut pointcut = new MethodSecurityMetadataSourcePointcut(); private BeanFactory beanFactory; private String adviceBeanName; private final Object adviceMonitor = new Object(); @@ -62,12 +62,12 @@ public class MethodDefinitionSourceAdvisor extends AbstractPointcutAdvisor imple /** * @deprecated use the decoupled approach instead */ - public MethodDefinitionSourceAdvisor(MethodSecurityInterceptor advice) { - Assert.notNull(advice.getObjectDefinitionSource(), "Cannot construct a MethodDefinitionSourceAdvisor using a " + - "MethodSecurityInterceptor that has no ObjectDefinitionSource configured"); + public MethodSecurityMetadataSourceAdvisor(MethodSecurityInterceptor advice) { + Assert.notNull(advice.getSecurityMetadataSource(), "Cannot construct a MethodSecurityMetadataSourceAdvisor using a " + + "MethodSecurityInterceptor that has no SecurityMetadataSource configured"); this.interceptor = advice; - this.attributeSource = advice.getObjectDefinitionSource(); + this.attributeSource = advice.getSecurityMetadataSource(); } /** @@ -82,7 +82,7 @@ public class MethodDefinitionSourceAdvisor extends AbstractPointcutAdvisor imple * @param adviceBeanName name of the MethodSecurityInterceptor bean * @param attributeSource the attribute source (should be the same as the one used on the interceptor) */ - public MethodDefinitionSourceAdvisor(String adviceBeanName, MethodDefinitionSource attributeSource) { + public MethodSecurityMetadataSourceAdvisor(String adviceBeanName, MethodSecurityMetadataSource attributeSource) { Assert.notNull(adviceBeanName, "The adviceBeanName cannot be null"); Assert.notNull(attributeSource, "The attributeSource cannot be null"); @@ -114,7 +114,7 @@ public class MethodDefinitionSourceAdvisor extends AbstractPointcutAdvisor imple //~ Inner Classes ================================================================================================== - class MethodDefinitionSourcePointcut extends StaticMethodMatcherPointcut { + class MethodSecurityMetadataSourcePointcut extends StaticMethodMatcherPointcut { @SuppressWarnings("unchecked") public boolean matches(Method m, Class targetClass) { return attributeSource.getAttributes(m, targetClass) != null; @@ -124,7 +124,7 @@ public class MethodDefinitionSourceAdvisor extends AbstractPointcutAdvisor imple /** * Represents a MethodInvocation. *

      - * Required as MethodDefinitionSource only supports lookup of configuration attributes for + * Required as MethodSecurityMetadataSource only supports lookup of configuration attributes for * MethodInvocations. */ class InternalMethodInvocation implements MethodInvocation { diff --git a/core/src/main/java/org/springframework/security/intercept/method/aspectj/AspectJAnnotationSecurityInterceptor.java b/core/src/main/java/org/springframework/security/intercept/method/aspectj/AspectJAnnotationSecurityInterceptor.java index 84f34dc7e9..c32b0d1730 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/aspectj/AspectJAnnotationSecurityInterceptor.java +++ b/core/src/main/java/org/springframework/security/intercept/method/aspectj/AspectJAnnotationSecurityInterceptor.java @@ -2,8 +2,8 @@ package org.springframework.security.intercept.method.aspectj; import org.springframework.security.intercept.AbstractSecurityInterceptor; import org.springframework.security.intercept.InterceptorStatusToken; -import org.springframework.security.intercept.ObjectDefinitionSource; -import org.springframework.security.intercept.method.MethodDefinitionSource; +import org.springframework.security.intercept.SecurityMetadataSource; +import org.springframework.security.intercept.method.MethodSecurityMetadataSource; import org.aspectj.lang.JoinPoint; @@ -16,12 +16,12 @@ import org.aspectj.lang.JoinPoint; public class AspectJAnnotationSecurityInterceptor extends AbstractSecurityInterceptor { //~ Instance fields ================================================================================================ - private MethodDefinitionSource objectDefinitionSource; + private MethodSecurityMetadataSource securityMetadataSource; //~ Methods ======================================================================================================== - public MethodDefinitionSource getObjectDefinitionSource() { - return this.objectDefinitionSource; + public MethodSecurityMetadataSource getSecurityMetadataSource() { + return this.securityMetadataSource; } public Class getSecureObjectClass() { @@ -50,12 +50,12 @@ public class AspectJAnnotationSecurityInterceptor extends AbstractSecurityInterc return result; } - public ObjectDefinitionSource obtainObjectDefinitionSource() { - return this.objectDefinitionSource; + public SecurityMetadataSource obtainSecurityMetadataSource() { + return this.securityMetadataSource; } - public void setObjectDefinitionSource(MethodDefinitionSource newSource) { - this.objectDefinitionSource = newSource; + public void setSecurityMetadataSource(MethodSecurityMetadataSource newSource) { + this.securityMetadataSource = newSource; } } diff --git a/core/src/main/java/org/springframework/security/intercept/method/aspectj/AspectJSecurityInterceptor.java b/core/src/main/java/org/springframework/security/intercept/method/aspectj/AspectJSecurityInterceptor.java index 6d8dfeddce..05feb297af 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/aspectj/AspectJSecurityInterceptor.java +++ b/core/src/main/java/org/springframework/security/intercept/method/aspectj/AspectJSecurityInterceptor.java @@ -17,8 +17,8 @@ package org.springframework.security.intercept.method.aspectj; import org.springframework.security.intercept.AbstractSecurityInterceptor; import org.springframework.security.intercept.InterceptorStatusToken; -import org.springframework.security.intercept.ObjectDefinitionSource; -import org.springframework.security.intercept.method.MethodDefinitionSource; +import org.springframework.security.intercept.SecurityMetadataSource; +import org.springframework.security.intercept.method.MethodSecurityMetadataSource; import org.aspectj.lang.JoinPoint; @@ -26,8 +26,8 @@ import org.aspectj.lang.JoinPoint; /** * Provides security interception of AspectJ method invocations. *

      - * The ObjectDefinitionSource required by this security interceptor is of type - * {@link MethodDefinitionSource}. This is shared with the AOP Alliance based security interceptor + * The SecurityMetadataSource required by this security interceptor is of type + * {@link MethodSecurityMetadataSource}. This is shared with the AOP Alliance based security interceptor * (MethodSecurityInterceptor), since both work with Java Methods. *

      * The secure object type is org.aspectj.lang.JoinPoint, which is passed from the relevant @@ -42,7 +42,7 @@ import org.aspectj.lang.JoinPoint; public class AspectJSecurityInterceptor extends AbstractSecurityInterceptor { //~ Instance fields ================================================================================================ - private MethodDefinitionSource objectDefinitionSource; + private MethodSecurityMetadataSource securityMetadataSource; //~ Methods ======================================================================================================== @@ -72,11 +72,11 @@ public class AspectJSecurityInterceptor extends AbstractSecurityInterceptor { return result; } - public ObjectDefinitionSource obtainObjectDefinitionSource() { - return this.objectDefinitionSource; + public SecurityMetadataSource obtainSecurityMetadataSource() { + return this.securityMetadataSource; } - public void setObjectDefinitionSource(MethodDefinitionSource newSource) { - this.objectDefinitionSource = newSource; + public void setSecurityMetadataSource(MethodSecurityMetadataSource newSource) { + this.securityMetadataSource = newSource; } } diff --git a/core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationSecurityMetadataSource.java similarity index 97% rename from core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSource.java rename to core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationSecurityMetadataSource.java index b7b95f6a0a..3b42771fad 100644 --- a/core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationSecurityMetadataSource.java @@ -51,7 +51,7 @@ import org.springframework.security.util.UrlMatcher; * @author Luke Taylor * @version $Id$ */ -public class DefaultFilterInvocationDefinitionSource implements FilterInvocationDefinitionSource { +public class DefaultFilterInvocationSecurityMetadataSource implements FilterInvocationSecurityMetadataSource { private static final Set HTTP_METHODS = new HashSet(Arrays.asList("DELETE", "GET", "HEAD", "OPTIONS", "POST", "PUT", "TRACE")); @@ -76,7 +76,7 @@ public class DefaultFilterInvocationDefinitionSource implements FilterInvocation * @param urlMatcher typically an ant or regular expression matcher. * @param requestMap order-preserving map of request definitions to attribute lists */ - public DefaultFilterInvocationDefinitionSource(UrlMatcher urlMatcher, + public DefaultFilterInvocationSecurityMetadataSource(UrlMatcher urlMatcher, LinkedHashMap> requestMap) { this.urlMatcher = urlMatcher; diff --git a/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationSecurityMetadataSource.java similarity index 78% rename from core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSource.java rename to core/src/main/java/org/springframework/security/intercept/web/FilterInvocationSecurityMetadataSource.java index da055c9302..d264861b15 100644 --- a/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationSecurityMetadataSource.java @@ -15,14 +15,14 @@ package org.springframework.security.intercept.web; -import org.springframework.security.intercept.ObjectDefinitionSource; +import org.springframework.security.intercept.SecurityMetadataSource; /** - * Marker interface for ObjectDefinitionSource implementations + * Marker interface for SecurityMetadataSource implementations * that are designed to perform lookups keyed on {@link FilterInvocation}s. * * @author Ben Alex * @version $Id$ */ -public interface FilterInvocationDefinitionSource extends ObjectDefinitionSource {} +public interface FilterInvocationSecurityMetadataSource extends SecurityMetadataSource {} diff --git a/core/src/main/java/org/springframework/security/intercept/web/FilterSecurityInterceptor.java b/core/src/main/java/org/springframework/security/intercept/web/FilterSecurityInterceptor.java index c05c74742c..536fdf3d2e 100644 --- a/core/src/main/java/org/springframework/security/intercept/web/FilterSecurityInterceptor.java +++ b/core/src/main/java/org/springframework/security/intercept/web/FilterSecurityInterceptor.java @@ -17,7 +17,7 @@ package org.springframework.security.intercept.web; import org.springframework.security.intercept.AbstractSecurityInterceptor; import org.springframework.security.intercept.InterceptorStatusToken; -import org.springframework.security.intercept.ObjectDefinitionSource; +import org.springframework.security.intercept.SecurityMetadataSource; import org.springframework.security.ui.FilterChainOrder; import org.springframework.core.Ordered; @@ -34,8 +34,8 @@ import javax.servlet.ServletResponse; /** * Performs security handling of HTTP resources via a filter implementation. *

      - * The ObjectDefinitionSource required by this security interceptor is of type {@link - * FilterInvocationDefinitionSource}. + * The SecurityMetadataSource required by this security interceptor is of type {@link + * FilterInvocationSecurityMetadataSource}. *

      * Refer to {@link AbstractSecurityInterceptor} for details on the workflow.

      * @@ -49,7 +49,7 @@ public class FilterSecurityInterceptor extends AbstractSecurityInterceptor imple //~ Instance fields ================================================================================================ - private FilterInvocationDefinitionSource objectDefinitionSource; + private FilterInvocationSecurityMetadataSource securityMetadataSource; private boolean observeOncePerRequest = true; //~ Methods ======================================================================================================== @@ -85,8 +85,8 @@ public class FilterSecurityInterceptor extends AbstractSecurityInterceptor imple invoke(fi); } - public FilterInvocationDefinitionSource getObjectDefinitionSource() { - return this.objectDefinitionSource; + public FilterInvocationSecurityMetadataSource getSecurityMetadataSource() { + return this.securityMetadataSource; } public Class getSecureObjectClass() { @@ -96,7 +96,7 @@ public class FilterSecurityInterceptor extends AbstractSecurityInterceptor imple public void invoke(FilterInvocation fi) throws IOException, ServletException { if ((fi.getRequest() != null) && (fi.getRequest().getAttribute(FILTER_APPLIED) != null) && observeOncePerRequest) { - // filter already applied to this request and user wants us to observce + // filter already applied to this request and user wants us to observe // once-per-request handling, so don't re-do security checking fi.getChain().doFilter(fi.getRequest(), fi.getResponse()); } else { @@ -129,12 +129,20 @@ public class FilterSecurityInterceptor extends AbstractSecurityInterceptor imple return observeOncePerRequest; } - public ObjectDefinitionSource obtainObjectDefinitionSource() { - return this.objectDefinitionSource; + public SecurityMetadataSource obtainSecurityMetadataSource() { + return this.securityMetadataSource; } - public void setObjectDefinitionSource(FilterInvocationDefinitionSource newSource) { - this.objectDefinitionSource = newSource; + /** + * @deprecated use setSecurityMetadataSource instead + */ + public void setObjectDefinitionSource(FilterInvocationSecurityMetadataSource newSource) { + logger.warn("The property 'objectDefinitionSource' is deprecated. Please use 'securityMetadataSource' instead"); + this.securityMetadataSource = newSource; + } + + public void setSecurityMetadataSource(FilterInvocationSecurityMetadataSource newSource) { + this.securityMetadataSource = newSource; } public void setObserveOncePerRequest(boolean observeOncePerRequest) { diff --git a/core/src/main/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluator.java b/core/src/main/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluator.java index 68168c3ae9..84fcffab26 100644 --- a/core/src/main/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluator.java +++ b/core/src/main/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluator.java @@ -51,7 +51,7 @@ public class WebInvocationPrivilegeEvaluator implements InitializingBean { public boolean isAllowed(FilterInvocation fi, Authentication authentication) { Assert.notNull(fi, "FilterInvocation required"); - List attrs = securityInterceptor.obtainObjectDefinitionSource().getAttributes(fi); + List attrs = securityInterceptor.obtainSecurityMetadataSource().getAttributes(fi); if (attrs == null) { if (securityInterceptor.isRejectPublicInvocations()) { diff --git a/core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java b/core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java index 851a837a30..cf85c1ddde 100644 --- a/core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java +++ b/core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java @@ -29,7 +29,7 @@ import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.InitializingBean; import org.springframework.security.ConfigAttribute; import org.springframework.security.intercept.web.FilterInvocation; -import org.springframework.security.intercept.web.FilterInvocationDefinitionSource; +import org.springframework.security.intercept.web.FilterInvocationSecurityMetadataSource; import org.springframework.security.ui.FilterChainOrder; import org.springframework.security.ui.SpringSecurityFilter; import org.springframework.util.Assert; @@ -51,19 +51,19 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini //~ Instance fields ================================================================================================ private ChannelDecisionManager channelDecisionManager; - private FilterInvocationDefinitionSource filterInvocationDefinitionSource; + private FilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource; //~ Methods ======================================================================================================== public void afterPropertiesSet() throws Exception { - Assert.notNull(filterInvocationDefinitionSource, "filterInvocationDefinitionSource must be specified"); + Assert.notNull(filterInvocationSecurityMetadataSource, "filterInvocationSecurityMetadataSource must be specified"); Assert.notNull(channelDecisionManager, "channelDecisionManager must be specified"); - Collection attrDefs = this.filterInvocationDefinitionSource.getAllConfigAttributes(); + Collection attrDefs = this.filterInvocationSecurityMetadataSource.getAllConfigAttributes(); if (attrDefs == null) { if (logger.isWarnEnabled()) { - logger.warn("Could not validate configuration attributes as the FilterInvocationDefinitionSource did " + logger.warn("Could not validate configuration attributes as the FilterInvocationSecurityMetadataSource did " + "not return any attributes"); } @@ -91,7 +91,7 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini throws IOException, ServletException { FilterInvocation fi = new FilterInvocation(request, response, chain); - List attr = this.filterInvocationDefinitionSource.getAttributes(fi); + List attr = this.filterInvocationSecurityMetadataSource.getAttributes(fi); if (attr != null) { if (logger.isDebugEnabled()) { @@ -112,16 +112,16 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini return channelDecisionManager; } - public FilterInvocationDefinitionSource getFilterInvocationDefinitionSource() { - return filterInvocationDefinitionSource; + public FilterInvocationSecurityMetadataSource getFilterInvocationSecurityMetadataSource() { + return filterInvocationSecurityMetadataSource; } public void setChannelDecisionManager(ChannelDecisionManager channelDecisionManager) { this.channelDecisionManager = channelDecisionManager; } - public void setFilterInvocationDefinitionSource(FilterInvocationDefinitionSource filterInvocationDefinitionSource) { - this.filterInvocationDefinitionSource = filterInvocationDefinitionSource; + public void setFilterInvocationSecurityMetadataSource(FilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource) { + this.filterInvocationSecurityMetadataSource = filterInvocationSecurityMetadataSource; } public int getOrder() { diff --git a/core/src/main/java/org/springframework/security/util/FilterChainProxy.java b/core/src/main/java/org/springframework/security/util/FilterChainProxy.java index 847dd38749..09c814678a 100644 --- a/core/src/main/java/org/springframework/security/util/FilterChainProxy.java +++ b/core/src/main/java/org/springframework/security/util/FilterChainProxy.java @@ -35,7 +35,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.springframework.beans.factory.InitializingBean; import org.springframework.security.intercept.web.FilterInvocation; -import org.springframework.security.intercept.web.FilterInvocationDefinitionSource; +import org.springframework.security.intercept.web.FilterInvocationSecurityMetadataSource; import org.springframework.util.Assert; import org.springframework.web.filter.DelegatingFilterProxy; @@ -53,7 +53,7 @@ import org.springframework.web.filter.DelegatingFilterProxy; * *

      As of version 2.0, FilterChainProxy is configured using an ordered Map of path patterns to Lists * of Filter objects. In previous - * versions, a {@link FilterInvocationDefinitionSource} was used. This is now deprecated in favour of namespace-based + * versions, a {@link FilterInvocationSecurityMetadataSource} was used. This is now deprecated in favour of namespace-based * configuration which provides a more robust and simplfied syntax. The Map instance will normally be * created while parsing the namespace configuration, so doesn't have to be set explicitly. * Instead the <filter-chain-map> element should be used within the FilterChainProxy bean declaration. diff --git a/core/src/main/java/org/springframework/security/util/FilterInvocationUtils.java b/core/src/main/java/org/springframework/security/util/FilterInvocationUtils.java index 5c4a287b9b..53df0f738f 100644 --- a/core/src/main/java/org/springframework/security/util/FilterInvocationUtils.java +++ b/core/src/main/java/org/springframework/security/util/FilterInvocationUtils.java @@ -16,6 +16,7 @@ package org.springframework.security.util; import org.springframework.security.intercept.web.FilterInvocation; +import org.springframework.security.intercept.web.FilterInvocationSecurityMetadataSource; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; @@ -48,18 +49,16 @@ public final class FilterInvocationUtils { /** * Creates a FilterInvocation for the specified contextPath and Uri. - * Note the normal subclasses of DefaultFilterInvocationDefinitionSource disregard the + * Note the normal subclasses of DefaultFilterInvocationSecurityMetadataSource disregard the * contextPath when evaluating which secure object metadata applies to a given * FilterInvocation, so generally the contextPath is unimportant unless you are using a - * custom FilterInvocationDefinitionSource. + * custom FilterInvocationSecurityMetadataSource. * * @param contextPath the contextPath that will be contained within the * FilterInvocationHttpServletRequest * @param uri the URI of the request, such as /foo/default.jsp * * @return a fully-formed FilterInvocation (never null) - * - * @throws UnsupportedOperationException DOCUMENT ME! */ public static FilterInvocation create(String contextPath, String uri) { Assert.hasText(contextPath, "contextPath required"); @@ -72,8 +71,7 @@ public final class FilterInvocationUtils { FilterInvocation fi = new FilterInvocation(req, new MockHttpServletResponse(), new FilterChain() { - public void doFilter(ServletRequest arg0, ServletResponse arg1) - throws IOException, ServletException { + public void doFilter(ServletRequest arg0, ServletResponse arg1) throws IOException, ServletException { throw new UnsupportedOperationException( "WebInvocationPrivilegeEvaluator does not support filter chains"); } diff --git a/core/src/test/java/org/springframework/security/annotation/Jsr250MethodDefinitionSourceTests.java b/core/src/test/java/org/springframework/security/annotation/Jsr250MethodDefinitionSourceTests.java index 5a1f96e699..5ba785245b 100644 --- a/core/src/test/java/org/springframework/security/annotation/Jsr250MethodDefinitionSourceTests.java +++ b/core/src/test/java/org/springframework/security/annotation/Jsr250MethodDefinitionSourceTests.java @@ -19,7 +19,7 @@ import org.springframework.security.ConfigAttribute; * @version $Id$ */ public class Jsr250MethodDefinitionSourceTests { - Jsr250MethodDefinitionSource mds = new Jsr250MethodDefinitionSource(); + Jsr250MethodSecurityMetadataSource mds = new Jsr250MethodSecurityMetadataSource(); A a = new A(); UserAllowedClass userAllowed = new UserAllowedClass(); DenyAllClass denyAll = new DenyAllClass(); diff --git a/core/src/test/java/org/springframework/security/annotation/MethodDefinitionSourceEditorTigerTests.java b/core/src/test/java/org/springframework/security/annotation/MethodDefinitionSourceEditorTigerTests.java index f8b95da4e8..b50af2b7b2 100644 --- a/core/src/test/java/org/springframework/security/annotation/MethodDefinitionSourceEditorTigerTests.java +++ b/core/src/test/java/org/springframework/security/annotation/MethodDefinitionSourceEditorTigerTests.java @@ -26,8 +26,8 @@ import org.springframework.security.SecurityConfig; import org.springframework.security.annotation.test.Entity; import org.springframework.security.annotation.test.PersonServiceImpl; import org.springframework.security.annotation.test.Service; -import org.springframework.security.intercept.method.MapBasedMethodDefinitionSource; -import org.springframework.security.intercept.method.MethodDefinitionSourceEditor; +import org.springframework.security.intercept.method.MapBasedMethodSecurityMetadataSource; +import org.springframework.security.intercept.method.MethodSecurityMetadataSourceEditor; import org.springframework.security.intercept.method.MockMethodInvocation; @@ -50,13 +50,13 @@ public class MethodDefinitionSourceEditorTigerTests { @Test public void testConcreteClassInvocations() throws Exception { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); editor.setAsText( "org.springframework.security.annotation.test.Service.makeLower*=ROLE_FROM_INTERFACE\r\n" + "org.springframework.security.annotation.test.Service.makeUpper*=ROLE_FROM_INTERFACE\r\n" + "org.springframework.security.annotation.test.ServiceImpl.makeUpper*=ROLE_FROM_IMPLEMENTATION"); - MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue(); + MapBasedMethodSecurityMetadataSource map = (MapBasedMethodSecurityMetadataSource) editor.getValue(); assertEquals(3, map.getMethodMapSize()); List returnedMakeLower = map.getAttributes(makeLower); @@ -70,13 +70,13 @@ public class MethodDefinitionSourceEditorTigerTests { @Test public void testBridgeMethodResolution() throws Exception { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); editor.setAsText( "org.springframework.security.annotation.test.PersonService.makeUpper*=ROLE_FROM_INTERFACE\r\n" + "org.springframework.security.annotation.test.ServiceImpl.makeUpper*=ROLE_FROM_ABSTRACT\r\n" + "org.springframework.security.annotation.test.PersonServiceImpl.makeUpper*=ROLE_FROM_PSI"); - MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue(); + MapBasedMethodSecurityMetadataSource map = (MapBasedMethodSecurityMetadataSource) editor.getValue(); assertEquals(3, map.getMethodMapSize()); List returnedMakeUpper = map.getAttributes(makeUpper); diff --git a/core/src/test/java/org/springframework/security/annotation/SecuredMethodDefinitionSourceTests.java b/core/src/test/java/org/springframework/security/annotation/SecuredMethodDefinitionSourceTests.java index dc033054b2..68c64a1ca6 100644 --- a/core/src/test/java/org/springframework/security/annotation/SecuredMethodDefinitionSourceTests.java +++ b/core/src/test/java/org/springframework/security/annotation/SecuredMethodDefinitionSourceTests.java @@ -27,7 +27,7 @@ import org.springframework.util.StringUtils; /** - * Tests for {@link org.springframework.security.annotation.SecuredMethodDefinitionSource} + * Tests for {@link org.springframework.security.annotation.SecuredMethodSecurityMetadataSource} * * @author Mark St.Godard * @author Joe Scalise @@ -37,7 +37,7 @@ import org.springframework.util.StringUtils; public class SecuredMethodDefinitionSourceTests extends TestCase { //~ Instance fields ================================================================================================ - private SecuredMethodDefinitionSource mds = new SecuredMethodDefinitionSource();; + private SecuredMethodSecurityMetadataSource mds = new SecuredMethodSecurityMetadataSource();; private Log logger = LogFactory.getLog(SecuredMethodDefinitionSourceTests.class); //~ Methods ======================================================================================================== diff --git a/core/src/test/java/org/springframework/security/config/FilterInvocationDefinitionSourceParserTests.java b/core/src/test/java/org/springframework/security/config/FilterInvocationDefinitionSourceParserTests.java index 2fa49fff70..0b3ede12da 100644 --- a/core/src/test/java/org/springframework/security/config/FilterInvocationDefinitionSourceParserTests.java +++ b/core/src/test/java/org/springframework/security/config/FilterInvocationDefinitionSourceParserTests.java @@ -12,7 +12,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.ConfigAttribute; import org.springframework.security.SecurityConfig; -import org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource; +import org.springframework.security.intercept.web.DefaultFilterInvocationSecurityMetadataSource; import org.springframework.security.intercept.web.FilterInvocation; import org.springframework.security.util.InMemoryXmlApplicationContext; @@ -42,7 +42,7 @@ public class FilterInvocationDefinitionSourceParserTests { "" + " " + ""); - DefaultFilterInvocationDefinitionSource fids = (DefaultFilterInvocationDefinitionSource) appContext.getBean("fids"); + DefaultFilterInvocationSecurityMetadataSource fids = (DefaultFilterInvocationSecurityMetadataSource) appContext.getBean("fids"); List cad = fids.getAttributes(createFilterInvocation("/anything", "GET")); assertNotNull(cad); assertTrue(cad.contains(new SecurityConfig("ROLE_A"))); @@ -53,7 +53,7 @@ public class FilterInvocationDefinitionSourceParserTests { setContext( "" + "" + - " " + + " " + " " + " " + " " + diff --git a/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java b/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java index e5d43cefd7..ccde91d744 100644 --- a/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java +++ b/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java @@ -29,7 +29,7 @@ import org.springframework.security.context.HttpSessionSecurityContextRepository import org.springframework.security.context.SecurityContextHolder; import org.springframework.security.context.SecurityContextPersistenceFilter; import org.springframework.security.intercept.web.FilterInvocation; -import org.springframework.security.intercept.web.FilterInvocationDefinitionSource; +import org.springframework.security.intercept.web.FilterInvocationSecurityMetadataSource; import org.springframework.security.intercept.web.FilterSecurityInterceptor; import org.springframework.security.providers.TestingAuthenticationToken; import org.springframework.security.providers.UsernamePasswordAuthenticationToken; @@ -86,7 +86,7 @@ public class HttpSecurityBeanDefinitionParserTests { checkAutoConfigFilters(filterList); assertEquals(true, FieldUtils.getFieldValue(appContext.getBean("_filterChainProxy"), "stripQueryStringFromUrls")); - assertEquals(true, FieldUtils.getFieldValue(filterList.get(AUTO_CONFIG_FILTERS-1), "objectDefinitionSource.stripQueryStringFromUrls")); + assertEquals(true, FieldUtils.getFieldValue(filterList.get(AUTO_CONFIG_FILTERS-1), "securityMetadataSource.stripQueryStringFromUrls")); } @Test(expected=BeanDefinitionParsingException.class) @@ -144,7 +144,7 @@ public class HttpSecurityBeanDefinitionParserTests { List allFilters = getFilters("/ImCaughtByTheUniversalMatchPattern"); checkAutoConfigFilters(allFilters); assertEquals(false, FieldUtils.getFieldValue(appContext.getBean("_filterChainProxy"), "stripQueryStringFromUrls")); - assertEquals(false, FieldUtils.getFieldValue(allFilters.get(AUTO_CONFIG_FILTERS-1), "objectDefinitionSource.stripQueryStringFromUrls")); + assertEquals(false, FieldUtils.getFieldValue(allFilters.get(AUTO_CONFIG_FILTERS-1), "securityMetadataSource.stripQueryStringFromUrls")); } @Test @@ -225,7 +225,7 @@ public class HttpSecurityBeanDefinitionParserTests { FilterSecurityInterceptor fis = (FilterSecurityInterceptor) appContext.getBean(BeanIds.FILTER_SECURITY_INTERCEPTOR); - FilterInvocationDefinitionSource fids = fis.getObjectDefinitionSource(); + FilterInvocationSecurityMetadataSource fids = fis.getSecurityMetadataSource(); List attrDef = fids.getAttributes(createFilterinvocation("/Secure", null)); assertEquals(2, attrDef.size()); assertTrue(attrDef.contains(new SecurityConfig("ROLE_A"))); @@ -245,7 +245,7 @@ public class HttpSecurityBeanDefinitionParserTests { " " + AUTH_PROVIDER_XML); FilterSecurityInterceptor fis = (FilterSecurityInterceptor) appContext.getBean(BeanIds.FILTER_SECURITY_INTERCEPTOR); - FilterInvocationDefinitionSource fids = fis.getObjectDefinitionSource(); + FilterInvocationSecurityMetadataSource fids = fis.getSecurityMetadataSource(); List attrs = fids.getAttributes(createFilterinvocation("/secure", "POST")); assertEquals(2, attrs.size()); assertTrue(attrs.contains(new SecurityConfig("ROLE_A"))); @@ -685,7 +685,7 @@ public class HttpSecurityBeanDefinitionParserTests { "" + AUTH_PROVIDER_XML); FilterSecurityInterceptor fis = (FilterSecurityInterceptor) appContext.getBean(BeanIds.FILTER_SECURITY_INTERCEPTOR); - FilterInvocationDefinitionSource fids = fis.getObjectDefinitionSource(); + FilterInvocationSecurityMetadataSource fids = fis.getSecurityMetadataSource(); List attrDef = fids.getAttributes(createFilterinvocation("/someurl", null)); assertEquals(1, attrDef.size()); assertTrue(attrDef.contains(new SecurityConfig("ROLE_B"))); @@ -723,7 +723,7 @@ public class HttpSecurityBeanDefinitionParserTests { FilterSecurityInterceptor fis = (FilterSecurityInterceptor) appContext.getBean(BeanIds.FILTER_SECURITY_INTERCEPTOR); - FilterInvocationDefinitionSource fids = fis.getObjectDefinitionSource(); + FilterInvocationSecurityMetadataSource fids = fis.getSecurityMetadataSource(); List attrDef = fids.getAttributes(createFilterinvocation("/secure", null)); assertEquals(1, attrDef.size()); diff --git a/core/src/test/java/org/springframework/security/expression/method/ExpressionAnnotationMethodDefinitionSourceTests.java b/core/src/test/java/org/springframework/security/expression/method/ExpressionAnnotationMethodDefinitionSourceTests.java index e6cf2652d4..2f8a310a5b 100644 --- a/core/src/test/java/org/springframework/security/expression/method/ExpressionAnnotationMethodDefinitionSourceTests.java +++ b/core/src/test/java/org/springframework/security/expression/method/ExpressionAnnotationMethodDefinitionSourceTests.java @@ -11,14 +11,14 @@ import org.springframework.security.expression.annotation.PostAuthorize; import org.springframework.security.expression.annotation.PostFilter; import org.springframework.security.expression.annotation.PreAuthorize; import org.springframework.security.expression.annotation.PreFilter; -import org.springframework.security.expression.method.ExpressionAnnotationMethodDefinitionSource; +import org.springframework.security.expression.method.ExpressionAnnotationMethodSecurityMetadataSource; import org.springframework.security.expression.method.PostInvocationExpressionAttribute; import org.springframework.security.expression.method.PreInvocationExpressionAttribute; import org.springframework.security.intercept.method.MockMethodInvocation; public class ExpressionAnnotationMethodDefinitionSourceTests { - private ExpressionAnnotationMethodDefinitionSource mds = new ExpressionAnnotationMethodDefinitionSource(); + private ExpressionAnnotationMethodSecurityMetadataSource mds = new ExpressionAnnotationMethodSecurityMetadataSource(); private MockMethodInvocation voidImpl1; private MockMethodInvocation voidImpl2; diff --git a/core/src/test/java/org/springframework/security/intercept/AbstractSecurityInterceptorTests.java b/core/src/test/java/org/springframework/security/intercept/AbstractSecurityInterceptorTests.java index b8ce367540..62e11390ce 100644 --- a/core/src/test/java/org/springframework/security/intercept/AbstractSecurityInterceptorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/AbstractSecurityInterceptorTests.java @@ -46,7 +46,7 @@ public class AbstractSecurityInterceptorTests { si.setAuthenticationManager(jmock.mock(AuthenticationManager.class)); si.setAfterInvocationManager(jmock.mock(AfterInvocationManager.class)); si.setAccessDecisionManager(jmock.mock(AccessDecisionManager.class)); - si.setObjectDefinitionSource(jmock.mock(ObjectDefinitionSource.class)); + si.setSecurityMetadataSource(jmock.mock(SecurityMetadataSource.class)); jmock.checking(new Expectations() {{ ignoring(anything()); }}); si.beforeInvocation(new SimpleMethodInvocation()); @@ -59,7 +59,7 @@ public class AbstractSecurityInterceptorTests { si.setAuthenticationManager(jmock.mock(AuthenticationManager.class)); si.setAfterInvocationManager(jmock.mock(AfterInvocationManager.class)); si.setAccessDecisionManager(jmock.mock(AccessDecisionManager.class)); - si.setObjectDefinitionSource(jmock.mock(ObjectDefinitionSource.class)); + si.setSecurityMetadataSource(jmock.mock(SecurityMetadataSource.class)); jmock.checking(new Expectations() {{ ignoring(anything()); }}); @@ -69,34 +69,34 @@ public class AbstractSecurityInterceptorTests { //~ Inner Classes ================================================================================================== private class MockSecurityInterceptorReturnsNull extends AbstractSecurityInterceptor { - private ObjectDefinitionSource objectDefinitionSource; + private SecurityMetadataSource securityMetadataSource; public Class getSecureObjectClass() { return null; } - public ObjectDefinitionSource obtainObjectDefinitionSource() { - return objectDefinitionSource; + public SecurityMetadataSource obtainSecurityMetadataSource() { + return securityMetadataSource; } - public void setObjectDefinitionSource(ObjectDefinitionSource objectDefinitionSource) { - this.objectDefinitionSource = objectDefinitionSource; + public void setSecurityMetadataSource(SecurityMetadataSource securityMetadataSource) { + this.securityMetadataSource = securityMetadataSource; } } private class MockSecurityInterceptorWhichOnlySupportsStrings extends AbstractSecurityInterceptor { - private ObjectDefinitionSource objectDefinitionSource; + private SecurityMetadataSource securityMetadataSource; public Class getSecureObjectClass() { return String.class; } - public ObjectDefinitionSource obtainObjectDefinitionSource() { - return objectDefinitionSource; + public SecurityMetadataSource obtainSecurityMetadataSource() { + return securityMetadataSource; } - public void setObjectDefinitionSource(ObjectDefinitionSource objectDefinitionSource) { - this.objectDefinitionSource = objectDefinitionSource; + public void setSecurityMetadataSource(SecurityMetadataSource securityMetadataSource) { + this.securityMetadataSource = securityMetadataSource; } } } diff --git a/core/src/test/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSourceTests.java b/core/src/test/java/org/springframework/security/intercept/method/MapBasedMethodSecurityMetadataSourceTests.java similarity index 88% rename from core/src/test/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSourceTests.java rename to core/src/test/java/org/springframework/security/intercept/method/MapBasedMethodSecurityMetadataSourceTests.java index d1ba7b23c4..0217a13aa3 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSourceTests.java +++ b/core/src/test/java/org/springframework/security/intercept/method/MapBasedMethodSecurityMetadataSourceTests.java @@ -11,21 +11,21 @@ import org.springframework.security.ConfigAttribute; import org.springframework.security.SecurityConfig; /** - * Tests for {@link MapBasedMethodDefinitionSource}. + * Tests for {@link MapBasedMethodSecurityMetadataSource}. * * @author Luke Taylor * @since 2.0.4 */ -public class MapBasedMethodDefinitionSourceTests { +public class MapBasedMethodSecurityMetadataSourceTests { private final List ROLE_A = SecurityConfig.createList("ROLE_A"); private final List ROLE_B = SecurityConfig.createList("ROLE_B"); - private MapBasedMethodDefinitionSource mds; + private MapBasedMethodSecurityMetadataSource mds; private Method someMethodString; private Method someMethodInteger; @Before public void initialize() throws Exception { - mds = new MapBasedMethodDefinitionSource(); + mds = new MapBasedMethodSecurityMetadataSource(); someMethodString = MockService.class.getMethod("someMethod", String.class); someMethodInteger = MockService.class.getMethod("someMethod", Integer.class); } diff --git a/core/src/test/java/org/springframework/security/intercept/method/MethodInvocationPrivilegeEvaluatorTests.java b/core/src/test/java/org/springframework/security/intercept/method/MethodInvocationPrivilegeEvaluatorTests.java index 076f2f2fc5..7ef028a865 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/MethodInvocationPrivilegeEvaluatorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/method/MethodInvocationPrivilegeEvaluatorTests.java @@ -50,7 +50,7 @@ public class MethodInvocationPrivilegeEvaluatorTests { private TestingAuthenticationToken token; private MethodSecurityInterceptor interceptor; private AccessDecisionManager adm; - private MethodDefinitionSource mds; + private MethodSecurityMetadataSource mds; private final List role = SecurityConfig.createList("ROLE_IGNORED"); //~ Methods ======================================================================================================== @@ -62,10 +62,10 @@ public class MethodInvocationPrivilegeEvaluatorTests { token = new TestingAuthenticationToken("Test", "Password", "ROLE_SOMETHING"); adm = jmock.mock(AccessDecisionManager.class); AuthenticationManager authman = jmock.mock(AuthenticationManager.class); - mds = jmock.mock(MethodDefinitionSource.class); + mds = jmock.mock(MethodSecurityMetadataSource.class); interceptor.setAccessDecisionManager(adm); interceptor.setAuthenticationManager(authman); - interceptor.setObjectDefinitionSource(mds); + interceptor.setSecurityMetadataSource(mds); } @Test diff --git a/core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java b/core/src/test/java/org/springframework/security/intercept/method/MethodSecurityMetadataSourceEditorTests.java similarity index 80% rename from core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java rename to core/src/test/java/org/springframework/security/intercept/method/MethodSecurityMetadataSourceEditorTests.java index 3d344a1b36..47eb703df2 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/method/MethodSecurityMetadataSourceEditorTests.java @@ -31,13 +31,13 @@ import org.springframework.security.TargetObject; /** - * Tests {@link MethodDefinitionSourceEditor} and its associated {@link MapBasedMethodDefinitionSource}. + * Tests {@link MethodSecurityMetadataSourceEditor} and its associated {@link MapBasedMethodSecurityMetadataSource}. * * @author Ben Alex * @version $Id$ */ @SuppressWarnings("deprecation") -public class MethodDefinitionSourceEditorTests extends TestCase { +public class MethodSecurityMetadataSourceEditorTests extends TestCase { //~ Methods ======================================================================================================== public final void setUp() throws Exception { @@ -45,10 +45,10 @@ public class MethodDefinitionSourceEditorTests extends TestCase { } public void testAspectJJointPointLookup() throws Exception { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); editor.setAsText("org.springframework.security.TargetObject.countLength=ROLE_ONE,ROLE_TWO,RUN_AS_ENTRY"); - MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue(); + MapBasedMethodSecurityMetadataSource map = (MapBasedMethodSecurityMetadataSource) editor.getValue(); Class clazz = TargetObject.class; Method method = clazz.getMethod("countLength", new Class[] {String.class}); @@ -61,7 +61,7 @@ public class MethodDefinitionSourceEditorTests extends TestCase { } public void testClassNameNotFoundResultsInException() { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); try { editor.setAsText("org.springframework.security.DOES_NOT_EXIST_NAME=FOO,BAR"); @@ -72,7 +72,7 @@ public class MethodDefinitionSourceEditorTests extends TestCase { } public void testClassNameNotInProperFormatResultsInException() { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); try { editor.setAsText("DOES_NOT_EXIST_NAME=FOO,BAR"); @@ -83,7 +83,7 @@ public class MethodDefinitionSourceEditorTests extends TestCase { } public void testClassNameValidButMethodNameInvalidResultsInException() { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); try { editor.setAsText("org.springframework.security.TargetObject.INVALID_METHOD=FOO,BAR"); @@ -94,7 +94,7 @@ public class MethodDefinitionSourceEditorTests extends TestCase { } public void testConcreteClassInvocationsAlsoReturnDefinitionsAgainstInterface() throws Exception { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); editor.setAsText( "org.springframework.security.ITargetObject.computeHashCode*=ROLE_FROM_INTERFACE\r\n" + "org.springframework.security.ITargetObject.makeLower*=ROLE_FROM_INTERFACE\r\n" + @@ -103,7 +103,7 @@ public class MethodDefinitionSourceEditorTests extends TestCase { "org.springframework.security.OtherTargetObject.computeHashCode*=ROLE_FROM_OTO\r\n" + "org.springframework.security.OtherTargetObject.makeUpper*=ROLE_FROM_IMPLEMENTATION"); - MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue(); + MapBasedMethodSecurityMetadataSource map = (MapBasedMethodSecurityMetadataSource) editor.getValue(); assertEquals(6, map.getMethodMapSize()); List returnedMakeLower = map.getAttributes(new MockMethodInvocation(ITargetObject.class, "makeLowerCase", new Class[] {String.class}, new OtherTargetObject())); @@ -124,38 +124,38 @@ public class MethodDefinitionSourceEditorTests extends TestCase { } public void testEmptyStringReturnsEmptyMap() { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); editor.setAsText(""); - MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue(); + MapBasedMethodSecurityMetadataSource map = (MapBasedMethodSecurityMetadataSource) editor.getValue(); assertEquals(0, map.getMethodMapSize()); } public void testIterator() { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); editor.setAsText( "org.springframework.security.TargetObject.countLength=ROLE_ONE,ROLE_TWO,RUN_AS_ENTRY\r\norg.springframework.security.TargetObject.make*=ROLE_NINE,ROLE_SUPERVISOR"); - MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue(); + MapBasedMethodSecurityMetadataSource map = (MapBasedMethodSecurityMetadataSource) editor.getValue(); assertEquals(5, map.getAllConfigAttributes().size()); } public void testMultiMethodParsing() { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); editor.setAsText( "org.springframework.security.TargetObject.countLength=ROLE_ONE,ROLE_TWO,RUN_AS_ENTRY\r\norg.springframework.security.TargetObject.make*=ROLE_NINE,ROLE_SUPERVISOR"); - MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue(); + MapBasedMethodSecurityMetadataSource map = (MapBasedMethodSecurityMetadataSource) editor.getValue(); assertEquals(3, map.getMethodMapSize()); } public void testMultiMethodParsingWhereLaterMethodsOverrideEarlierMethods() throws Exception { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); editor.setAsText( "org.springframework.security.TargetObject.*=ROLE_GENERAL\r\norg.springframework.security.TargetObject.makeLower*=ROLE_LOWER\r\norg.springframework.security.TargetObject.make*=ROLE_MAKE\r\norg.springframework.security.TargetObject.makeUpper*=ROLE_UPPER"); - MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue(); + MapBasedMethodSecurityMetadataSource map = (MapBasedMethodSecurityMetadataSource) editor.getValue(); assertEquals(14, map.getMethodMapSize()); List returnedMakeLower = map.getAttributes(new MockMethodInvocation(ITargetObject.class, @@ -174,11 +174,11 @@ public class MethodDefinitionSourceEditorTests extends TestCase { assertEquals(expectedCountLength, returnedCountLength); } - public void testNullIsReturnedByMethodDefinitionSourceWhenMethodInvocationNotDefined() throws Exception { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + public void testNullIsReturnedByMethodSecurityMetadataSourceWhenMethodInvocationNotDefined() throws Exception { + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); editor.setAsText("org.springframework.security.TargetObject.countLength=ROLE_ONE,ROLE_TWO,RUN_AS_ENTRY"); - MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue(); + MapBasedMethodSecurityMetadataSource map = (MapBasedMethodSecurityMetadataSource) editor.getValue(); List configAttributeDefinition = map.getAttributes(new MockMethodInvocation( ITargetObject.class, "makeLowerCase", new Class[] {String.class}, new TargetObject())); @@ -186,18 +186,18 @@ public class MethodDefinitionSourceEditorTests extends TestCase { } public void testNullReturnsEmptyMap() { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); editor.setAsText(null); - MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue(); + MapBasedMethodSecurityMetadataSource map = (MapBasedMethodSecurityMetadataSource) editor.getValue(); assertEquals(0, map.getMethodMapSize()); } public void testSingleMethodParsing() throws Exception { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); editor.setAsText("org.springframework.security.TargetObject.countLength=ROLE_ONE,ROLE_TWO,RUN_AS_ENTRY"); - MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue(); + MapBasedMethodSecurityMetadataSource map = (MapBasedMethodSecurityMetadataSource) editor.getValue(); List returnedCountLength = map.getAttributes(new MockMethodInvocation(ITargetObject.class, "countLength", new Class[] {String.class}, new TargetObject())); diff --git a/core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java b/core/src/test/java/org/springframework/security/intercept/method/MockMethodSecurityMetadataSource.java similarity index 92% rename from core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java rename to core/src/test/java/org/springframework/security/intercept/method/MockMethodSecurityMetadataSource.java index 5ee6bef7e2..2b66692015 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java +++ b/core/src/test/java/org/springframework/security/intercept/method/MockMethodSecurityMetadataSource.java @@ -30,7 +30,7 @@ import org.springframework.security.SecurityConfig; * @author Ben Alex * @version $Id$ */ -public class MockMethodDefinitionSource implements MethodDefinitionSource { +public class MockMethodSecurityMetadataSource implements MethodSecurityMetadataSource { //~ Instance fields ================================================================================================ private List list; @@ -38,7 +38,7 @@ public class MockMethodDefinitionSource implements MethodDefinitionSource { //~ Constructors =================================================================================================== - public MockMethodDefinitionSource(boolean includeInvalidAttributes, boolean returnACollectionWhenRequested) { + public MockMethodSecurityMetadataSource(boolean includeInvalidAttributes, boolean returnACollectionWhenRequested) { returnACollection = returnACollectionWhenRequested; list = new ArrayList(); diff --git a/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorTests.java b/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorTests.java index e9b83636cd..79dbbdec2d 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorTests.java @@ -41,7 +41,7 @@ import org.springframework.security.RunAsManager; import org.springframework.security.SecurityConfig; import org.springframework.security.TargetObject; import org.springframework.security.context.SecurityContextHolder; -import org.springframework.security.intercept.method.MethodDefinitionSource; +import org.springframework.security.intercept.method.MethodSecurityMetadataSource; import org.springframework.security.providers.TestingAuthenticationToken; import org.springframework.security.runas.RunAsUserToken; @@ -59,7 +59,7 @@ public class MethodSecurityInterceptorTests { private ITargetObject realTarget; private ITargetObject advisedTarget; private AccessDecisionManager adm; - private MethodDefinitionSource mds; + private MethodSecurityMetadataSource mds; private AuthenticationManager authman; private Expectations mdsWillReturnNullFromGetAttributes; @@ -74,10 +74,10 @@ public class MethodSecurityInterceptorTests { interceptor = new MethodSecurityInterceptor(); adm = jmock.mock(AccessDecisionManager.class); authman = jmock.mock(AuthenticationManager.class); - mds = jmock.mock(MethodDefinitionSource.class); + mds = jmock.mock(MethodSecurityMetadataSource.class); interceptor.setAccessDecisionManager(adm); interceptor.setAuthenticationManager(authman); - interceptor.setObjectDefinitionSource(mds); + interceptor.setSecurityMetadataSource(mds); createTarget(false); mdsWillReturnNullFromGetAttributes = new Expectations() {{ @@ -109,7 +109,7 @@ public class MethodSecurityInterceptorTests { assertEquals(adm, interceptor.getAccessDecisionManager()); assertEquals(runAs, interceptor.getRunAsManager()); assertEquals(authman, interceptor.getAuthenticationManager()); - assertEquals(mds, interceptor.getObjectDefinitionSource()); + assertEquals(mds, interceptor.getSecurityMetadataSource()); assertEquals(aim, interceptor.getAfterInvocationManager()); } @@ -126,8 +126,8 @@ public class MethodSecurityInterceptorTests { } @Test(expected=IllegalArgumentException.class) - public void missingMethodDefinitionSourceIsRejected() throws Exception { - interceptor.setObjectDefinitionSource(null); + public void missingMethodSecurityMetadataSourceIsRejected() throws Exception { + interceptor.setSecurityMetadataSource(null); interceptor.afterPropertiesSet(); } @@ -138,7 +138,7 @@ public class MethodSecurityInterceptorTests { } @Test(expected=IllegalArgumentException.class) - public void initializationRejectsObjectDefinitionSourceThatDoesNotSupportMethodInvocation() throws Throwable { + public void initializationRejectsSecurityMetadataSourceThatDoesNotSupportMethodInvocation() throws Throwable { jmock.checking(new Expectations() {{ oneOf(mds).supports(MethodInvocation.class); will(returnValue(false)); }}); @@ -198,7 +198,7 @@ public class MethodSecurityInterceptorTests { } @Test - public void validationNotAttemptedIfMethodDefinitionSourceReturnsNullForAttributes() throws Exception { + public void validationNotAttemptedIfMethodSecurityMetadataSourceReturnsNullForAttributes() throws Exception { jmock.checking(new Expectations() {{ oneOf(mds).supports(MethodInvocation.class); will(returnValue(true)); oneOf(adm).supports(MethodInvocation.class); will(returnValue(true)); @@ -302,90 +302,4 @@ public class MethodSecurityInterceptorTests { }}); advisedTarget.makeUpperCase("hello"); } - - - //~ Inner Classes ================================================================================================== - -// private static class MockMethodDefinitionSource() extends AbstractMethodDefinitionSource { -// -// } - - /* - private class MockAccessDecisionManagerWhichOnlySupportsStrings implements AccessDecisionManager { - public void decide(Authentication authentication, Object object, List configAttributes) - throws AccessDeniedException { - throw new UnsupportedOperationException("mock method not implemented"); - } - - public boolean supports(Class clazz) { - if (String.class.isAssignableFrom(clazz)) { - return true; - } else { - return false; - } - } - - public boolean supports(ConfigAttribute attribute) { - return true; - } - } - - private class MockAfterInvocationManagerWhichOnlySupportsStrings implements AfterInvocationManager { - public Object decide(Authentication authentication, Object object, List config, - Object returnedObject) throws AccessDeniedException { - throw new UnsupportedOperationException("mock method not implemented"); - } - - public boolean supports(Class clazz) { - if (String.class.isAssignableFrom(clazz)) { - return true; - } else { - return false; - } - } - - public boolean supports(ConfigAttribute attribute) { - return true; - } - } - - private class MockObjectDefinitionSourceWhichOnlySupportsStrings implements MethodDefinitionSource { - public Collection getAllConfigAttributes() { - return null; - } - - public List getAttributes(Method method, Class targetClass) { - throw new UnsupportedOperationException("mock method not implemented"); - } - - public boolean supports(Class clazz) { - if (String.class.isAssignableFrom(clazz)) { - return true; - } else { - return false; - } - } - - public List getAttributes(Object object) { - throw new UnsupportedOperationException("mock method not implemented"); - } - } - - private class MockRunAsManagerWhichOnlySupportsStrings implements RunAsManager { - public Authentication buildRunAs(Authentication authentication, Object object, List config) { - throw new UnsupportedOperationException("mock method not implemented"); - } - - public boolean supports(Class clazz) { - if (String.class.isAssignableFrom(clazz)) { - return true; - } else { - return false; - } - } - - public boolean supports(ConfigAttribute attribute) { - return true; - } - }*/ } diff --git a/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorWithAopConfigTests.java b/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorWithAopConfigTests.java index 2a0878650e..b5d325b24d 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorWithAopConfigTests.java +++ b/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorWithAopConfigTests.java @@ -10,9 +10,9 @@ import org.springframework.security.context.SecurityContextHolder; import org.springframework.security.util.InMemoryXmlApplicationContext; /** - * Tests for SEC-428. - * - * @author Luke Taylor + * Tests for SEC-428. + * + * @author Luke Taylor * @author Ben Alex */ public class MethodSecurityInterceptorWithAopConfigTests { @@ -23,21 +23,21 @@ public class MethodSecurityInterceptorWithAopConfigTests { " " + " " + " "; - - static final String ACCESS_MANAGER_XML = + + static final String ACCESS_MANAGER_XML = "" + " " + " " + " " + ""; - + private AbstractXmlApplicationContext appContext; - + @Before public void clearContext() { SecurityContextHolder.clearContext(); } - + @After public void closeAppContext() { SecurityContextHolder.clearContext(); @@ -46,7 +46,7 @@ public class MethodSecurityInterceptorWithAopConfigTests { appContext = null; } } - + @Test(expected=AuthenticationCredentialsNotFoundException.class) public void securityInterceptorIsAppliedWhenUsedWithAopConfig() { setContext( @@ -56,7 +56,7 @@ public class MethodSecurityInterceptorWithAopConfigTests { "" + "" + "" + - " " + + " " + " " + "org.springframework.security.TargetObject.makeLower*=ROLE_A\n" + "org.springframework.security.TargetObject.makeUpper*=ROLE_A\n" + @@ -65,13 +65,13 @@ public class MethodSecurityInterceptorWithAopConfigTests { " " + "" + AUTH_PROVIDER_XML + ACCESS_MANAGER_XML); - + ITargetObject target = (ITargetObject) appContext.getBean("target"); target.makeLowerCase("TEST"); - + } private void setContext(String context) { appContext = new InMemoryXmlApplicationContext(context); - } + } } diff --git a/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodDefinitionSourceAdvisorTests.java b/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityMetadataSourceAdvisorTests.java similarity index 72% rename from core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodDefinitionSourceAdvisorTests.java rename to core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityMetadataSourceAdvisorTests.java index ab4c11d861..6711db1622 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodDefinitionSourceAdvisorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityMetadataSourceAdvisorTests.java @@ -20,45 +20,37 @@ import java.lang.reflect.Method; import junit.framework.TestCase; import org.springframework.security.TargetObject; -import org.springframework.security.intercept.method.MapBasedMethodDefinitionSource; -import org.springframework.security.intercept.method.MethodDefinitionSourceEditor; +import org.springframework.security.intercept.method.MapBasedMethodSecurityMetadataSource; +import org.springframework.security.intercept.method.MethodSecurityMetadataSourceEditor; /** - * Tests {@link MethodDefinitionSourceAdvisor}. + * Tests {@link MethodSecurityMetadataSourceAdvisor}. * * @author Ben Alex * @version $Id$ */ @SuppressWarnings("deprecation") -public class MethodDefinitionSourceAdvisorTests extends TestCase { +public class MethodSecurityMetadataSourceAdvisorTests extends TestCase { //~ Methods ======================================================================================================== private MethodSecurityInterceptor getInterceptor() { - MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); + MethodSecurityMetadataSourceEditor editor = new MethodSecurityMetadataSourceEditor(); editor.setAsText("org.springframework.security.TargetObject.countLength=ROLE_NOT_USED"); - MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue(); + MapBasedMethodSecurityMetadataSource map = (MapBasedMethodSecurityMetadataSource) editor.getValue(); MethodSecurityInterceptor msi = new MethodSecurityInterceptor(); - msi.setObjectDefinitionSource(map); + msi.setSecurityMetadataSource(map); return msi; } - public static void main(String[] args) { - junit.textui.TestRunner.run(MethodDefinitionSourceAdvisorTests.class); - } - - public final void setUp() throws Exception { - super.setUp(); - } - public void testAdvisorReturnsFalseWhenMethodInvocationNotDefined() throws Exception { Class clazz = TargetObject.class; Method method = clazz.getMethod("makeLowerCase", new Class[] {String.class}); - MethodDefinitionSourceAdvisor advisor = new MethodDefinitionSourceAdvisor(getInterceptor()); + MethodSecurityMetadataSourceAdvisor advisor = new MethodSecurityMetadataSourceAdvisor(getInterceptor()); assertFalse(advisor.getPointcut().getMethodMatcher().matches(method, clazz)); } @@ -67,7 +59,7 @@ public class MethodDefinitionSourceAdvisorTests extends TestCase { Class clazz = TargetObject.class; Method method = clazz.getMethod("countLength", new Class[] {String.class}); - MethodDefinitionSourceAdvisor advisor = new MethodDefinitionSourceAdvisor(getInterceptor()); + MethodSecurityMetadataSourceAdvisor advisor = new MethodSecurityMetadataSourceAdvisor(getInterceptor()); assertTrue(advisor.getPointcut().getMethodMatcher().matches(method, clazz)); } @@ -75,8 +67,8 @@ public class MethodDefinitionSourceAdvisorTests extends TestCase { MethodSecurityInterceptor msi = new MethodSecurityInterceptor(); try { - new MethodDefinitionSourceAdvisor(msi); - fail("Should have detected null ObjectDefinitionSource and thrown AopConfigException"); + new MethodSecurityMetadataSourceAdvisor(msi); + fail("Should have detected null SecurityMetadataSource and thrown AopConfigException"); } catch (IllegalArgumentException expected) { assertTrue(true); } @@ -86,7 +78,7 @@ public class MethodDefinitionSourceAdvisorTests extends TestCase { Class clazz = TargetObject.class; Method method = clazz.getMethod("countLength", new Class[] {String.class}); - MethodDefinitionSourceAdvisor.InternalMethodInvocation imi = new MethodDefinitionSourceAdvisor(getInterceptor()).new InternalMethodInvocation(method, clazz); + MethodSecurityMetadataSourceAdvisor.InternalMethodInvocation imi = new MethodSecurityMetadataSourceAdvisor(getInterceptor()).new InternalMethodInvocation(method, clazz); try { imi.getArguments(); @@ -110,7 +102,7 @@ public class MethodDefinitionSourceAdvisorTests extends TestCase { } try { - new MethodDefinitionSourceAdvisor(getInterceptor()).new InternalMethodInvocation(); + new MethodSecurityMetadataSourceAdvisor(getInterceptor()).new InternalMethodInvocation(); fail("Should have thrown UnsupportedOperationException"); } catch (UnsupportedOperationException expected) { assertTrue(true); diff --git a/core/src/test/java/org/springframework/security/intercept/method/aspectj/AspectJSecurityInterceptorTests.java b/core/src/test/java/org/springframework/security/intercept/method/aspectj/AspectJSecurityInterceptorTests.java index 7348de548b..649f8d93d7 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/aspectj/AspectJSecurityInterceptorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/method/aspectj/AspectJSecurityInterceptorTests.java @@ -32,7 +32,7 @@ import org.springframework.security.MockJoinPoint; import org.springframework.security.SecurityConfig; import org.springframework.security.TargetObject; import org.springframework.security.context.SecurityContextHolder; -import org.springframework.security.intercept.method.MethodDefinitionSource; +import org.springframework.security.intercept.method.MethodSecurityMetadataSource; import org.springframework.security.providers.TestingAuthenticationToken; @@ -47,7 +47,7 @@ public class AspectJSecurityInterceptorTests { private TestingAuthenticationToken token; private AspectJSecurityInterceptor interceptor; private AccessDecisionManager adm; - private MethodDefinitionSource mds; + private MethodSecurityMetadataSource mds; private AuthenticationManager authman; private AspectJCallback aspectJCallback; private JoinPoint joinPoint; @@ -61,10 +61,10 @@ public class AspectJSecurityInterceptorTests { interceptor = new AspectJSecurityInterceptor(); adm = jmock.mock(AccessDecisionManager.class); authman = jmock.mock(AuthenticationManager.class); - mds = jmock.mock(MethodDefinitionSource.class); + mds = jmock.mock(MethodSecurityMetadataSource.class); interceptor.setAccessDecisionManager(adm); interceptor.setAuthenticationManager(authman); - interceptor.setObjectDefinitionSource(mds); + interceptor.setSecurityMetadataSource(mds); Method method = TargetObject.class.getMethod("countLength", new Class[] {String.class}); joinPoint = new MockJoinPoint(new TargetObject(), method); aspectJCallback = jmock.mock(AspectJCallback.class); diff --git a/core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSourceTests.java b/core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationSecurityMetadataSourceTests.java similarity index 91% rename from core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSourceTests.java rename to core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationSecurityMetadataSourceTests.java index d1e7f47388..8678bdb07b 100644 --- a/core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSourceTests.java +++ b/core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationSecurityMetadataSourceTests.java @@ -29,29 +29,29 @@ import org.springframework.security.util.AntUrlPathMatcher; import org.springframework.security.util.MockFilterChain; /** - * Tests parts of {@link DefaultFilterInvocationDefinitionSource} not tested by {@link + * Tests parts of {@link DefaultFilterInvocationSecurityMetadataSource} not tested by {@link * FilterInvocationDefinitionSourceEditorTests}. * * @author Ben Alex * @version $Id$ */ @SuppressWarnings("unchecked") -public class DefaultFilterInvocationDefinitionSourceTests { - private DefaultFilterInvocationDefinitionSource fids; +public class DefaultFilterInvocationSecurityMetadataSourceTests { + private DefaultFilterInvocationSecurityMetadataSource fids; private List def = SecurityConfig.createList("ROLE_ONE"); //~ Methods ======================================================================================================== private void createFids(String url, String method) { LinkedHashMap requestMap = new LinkedHashMap(); requestMap.put(new RequestKey(url, method), def); - fids = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(), requestMap); + fids = new DefaultFilterInvocationSecurityMetadataSource(new AntUrlPathMatcher(), requestMap); fids.setStripQueryStringFromUrls(true); } private void createFids(String url, boolean convertToLowerCase) { LinkedHashMap requestMap = new LinkedHashMap(); requestMap.put(new RequestKey(url), def); - fids = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(convertToLowerCase), requestMap); + fids = new DefaultFilterInvocationSecurityMetadataSource(new AntUrlPathMatcher(convertToLowerCase), requestMap); fids.setStripQueryStringFromUrls(true); } @@ -59,7 +59,7 @@ public class DefaultFilterInvocationDefinitionSourceTests { public void convertUrlToLowercaseIsTrueByDefault() { LinkedHashMap requestMap = new LinkedHashMap(); requestMap.put(new RequestKey("/something"), def); - fids = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(), requestMap); + fids = new DefaultFilterInvocationSecurityMetadataSource(new AntUrlPathMatcher(), requestMap); assertTrue(fids.isConvertUrlToLowercaseBeforeComparison()); } @@ -154,7 +154,7 @@ public class DefaultFilterInvocationDefinitionSourceTests { requestMap.put(new RequestKey("/**"), def); List postOnlyDef = SecurityConfig.createList("ROLE_TWO"); requestMap.put(new RequestKey("/somepage**", "POST"), postOnlyDef); - fids = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(), requestMap); + fids = new DefaultFilterInvocationSecurityMetadataSource(new AntUrlPathMatcher(), requestMap); List attrs = fids.getAttributes(createFilterInvocation("/somepage", "POST")); assertEquals(postOnlyDef, attrs); diff --git a/core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java b/core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java index 43d5bd641a..1c455e62d9 100644 --- a/core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java @@ -48,7 +48,7 @@ public class FilterSecurityInterceptorTests { private Mockery jmock = new JUnit4Mockery(); private AuthenticationManager am; private AccessDecisionManager adm; - private FilterInvocationDefinitionSource ods; + private FilterInvocationSecurityMetadataSource ods; private RunAsManager ram; private FilterSecurityInterceptor interceptor; @@ -59,11 +59,11 @@ public class FilterSecurityInterceptorTests { public final void setUp() throws Exception { interceptor = new FilterSecurityInterceptor(); am = jmock.mock(AuthenticationManager.class); - ods = jmock.mock(FilterInvocationDefinitionSource.class); + ods = jmock.mock(FilterInvocationSecurityMetadataSource.class); adm = jmock.mock(AccessDecisionManager.class); ram = jmock.mock(RunAsManager.class); interceptor.setAuthenticationManager(am); - interceptor.setObjectDefinitionSource(ods); + interceptor.setSecurityMetadataSource(ods); interceptor.setAccessDecisionManager(adm); interceptor.setRunAsManager(ram); interceptor.setApplicationEventPublisher(new MockApplicationEventPublisher(true)); diff --git a/core/src/test/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluatorTests.java b/core/src/test/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluatorTests.java index 4a8303cdbe..59945a5349 100644 --- a/core/src/test/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluatorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluatorTests.java @@ -48,7 +48,7 @@ public class WebInvocationPrivilegeEvaluatorTests { private Mockery jmock = new JUnit4Mockery(); private AuthenticationManager am; private AccessDecisionManager adm; - private FilterInvocationDefinitionSource ods; + private FilterInvocationSecurityMetadataSource ods; private RunAsManager ram; private FilterSecurityInterceptor interceptor; @@ -58,11 +58,11 @@ public class WebInvocationPrivilegeEvaluatorTests { public final void setUp() throws Exception { interceptor = new FilterSecurityInterceptor(); am = jmock.mock(AuthenticationManager.class); - ods = jmock.mock(FilterInvocationDefinitionSource.class); + ods = jmock.mock(FilterInvocationSecurityMetadataSource.class); adm = jmock.mock(AccessDecisionManager.class); ram = jmock.mock(RunAsManager.class); interceptor.setAuthenticationManager(am); - interceptor.setObjectDefinitionSource(ods); + interceptor.setSecurityMetadataSource(ods); interceptor.setAccessDecisionManager(adm); interceptor.setRunAsManager(ram); interceptor.setApplicationEventPublisher(new MockApplicationEventPublisher(true)); diff --git a/core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java b/core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java index 50b6d06eaa..40f7c1fcba 100644 --- a/core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java +++ b/core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java @@ -15,20 +15,21 @@ package org.springframework.security.securechannel; +import static org.junit.Assert.*; + import java.io.IOException; import java.util.Collection; import java.util.List; import javax.servlet.ServletException; -import junit.framework.TestCase; - +import org.junit.Test; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.ConfigAttribute; import org.springframework.security.SecurityConfig; import org.springframework.security.intercept.web.FilterInvocation; -import org.springframework.security.intercept.web.FilterInvocationDefinitionSource; +import org.springframework.security.intercept.web.FilterInvocationSecurityMetadataSource; import org.springframework.security.util.MockFilterChain; @@ -38,72 +39,57 @@ import org.springframework.security.util.MockFilterChain; * @author Ben Alex * @version $Id$ */ -public class ChannelProcessingFilterTests extends TestCase { +public class ChannelProcessingFilterTests { //~ Methods ======================================================================================================== - public void testDetectsMissingChannelDecisionManager() - throws Exception { + @Test(expected=IllegalArgumentException.class) + public void testDetectsMissingChannelDecisionManager() throws Exception { ChannelProcessingFilter filter = new ChannelProcessingFilter(); MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", true, "MOCK"); - filter.setFilterInvocationDefinitionSource(fids); + filter.setFilterInvocationSecurityMetadataSource(fids); - try { - filter.afterPropertiesSet(); - fail("Should have thrown IllegalArgumentException"); - } catch (IllegalArgumentException expected) { - assertEquals("channelDecisionManager must be specified", expected.getMessage()); - } + filter.afterPropertiesSet(); } - public void testDetectsMissingFilterInvocationDefinitionSource() - throws Exception { + @Test(expected=IllegalArgumentException.class) + public void testDetectsMissingFilterInvocationSecurityMetadataSource() throws Exception { ChannelProcessingFilter filter = new ChannelProcessingFilter(); filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "MOCK")); - - try { - filter.afterPropertiesSet(); - fail("Should have thrown IllegalArgumentException"); - } catch (IllegalArgumentException expected) { - assertEquals("filterInvocationDefinitionSource must be specified", expected.getMessage()); - } + filter.afterPropertiesSet(); } + @Test public void testDetectsSupportedConfigAttribute() throws Exception { ChannelProcessingFilter filter = new ChannelProcessingFilter(); filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "SUPPORTS_MOCK_ONLY")); MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", true, "SUPPORTS_MOCK_ONLY"); - filter.setFilterInvocationDefinitionSource(fids); + filter.setFilterInvocationSecurityMetadataSource(fids); filter.afterPropertiesSet(); - assertTrue(true); } + @Test(expected=IllegalArgumentException.class) public void testDetectsUnsupportedConfigAttribute() throws Exception { ChannelProcessingFilter filter = new ChannelProcessingFilter(); filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "SUPPORTS_MOCK_ONLY")); MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", true, "SUPPORTS_MOCK_ONLY", "INVALID_ATTRIBUTE"); - filter.setFilterInvocationDefinitionSource(fids); - - try { - filter.afterPropertiesSet(); - fail("Should have thrown IllegalArgumentException"); - } catch (IllegalArgumentException expected) { - assertTrue(expected.getMessage().startsWith("Unsupported configuration attributes:")); - } + filter.setFilterInvocationSecurityMetadataSource(fids); + filter.afterPropertiesSet(); } + @Test public void testDoFilterWhenManagerDoesCommitResponse() throws Exception { ChannelProcessingFilter filter = new ChannelProcessingFilter(); filter.setChannelDecisionManager(new MockChannelDecisionManager(true, "SOME_ATTRIBUTE")); MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", true, "SOME_ATTRIBUTE"); - filter.setFilterInvocationDefinitionSource(fids); + filter.setFilterInvocationSecurityMetadataSource(fids); MockHttpServletRequest request = new MockHttpServletRequest(); request.setQueryString("info=now"); @@ -113,16 +99,16 @@ public class ChannelProcessingFilterTests extends TestCase { MockFilterChain chain = new MockFilterChain(false); filter.doFilter(request, response, chain); - assertTrue(true); } + @Test public void testDoFilterWhenManagerDoesNotCommitResponse() throws Exception { ChannelProcessingFilter filter = new ChannelProcessingFilter(); filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "SOME_ATTRIBUTE")); MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", true, "SOME_ATTRIBUTE"); - filter.setFilterInvocationDefinitionSource(fids); + filter.setFilterInvocationSecurityMetadataSource(fids); MockHttpServletRequest request = new MockHttpServletRequest(); request.setQueryString("info=now"); @@ -132,9 +118,9 @@ public class ChannelProcessingFilterTests extends TestCase { MockFilterChain chain = new MockFilterChain(true); filter.doFilter(request, response, chain); - assertTrue(true); } + @Test public void testDoFilterWhenNullConfigAttributeReturned() throws Exception { ChannelProcessingFilter filter = new ChannelProcessingFilter(); @@ -142,7 +128,7 @@ public class ChannelProcessingFilterTests extends TestCase { MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", true, "NOT_USED"); - filter.setFilterInvocationDefinitionSource(fids); + filter.setFilterInvocationSecurityMetadataSource(fids); MockHttpServletRequest request = new MockHttpServletRequest(); request.setQueryString("info=now"); @@ -152,9 +138,9 @@ public class ChannelProcessingFilterTests extends TestCase { MockFilterChain chain = new MockFilterChain(true); filter.doFilter(request, response, chain); - assertTrue(true); } + @Test public void testGetterSetters() throws Exception { ChannelProcessingFilter filter = new ChannelProcessingFilter(); filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "MOCK")); @@ -162,8 +148,8 @@ public class ChannelProcessingFilterTests extends TestCase { MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", false, "MOCK"); - filter.setFilterInvocationDefinitionSource(fids); - assertTrue(filter.getFilterInvocationDefinitionSource() != null); + filter.setFilterInvocationSecurityMetadataSource(fids); + assertTrue(filter.getFilterInvocationSecurityMetadataSource() != null); filter.init(null); filter.afterPropertiesSet(); @@ -197,7 +183,7 @@ public class ChannelProcessingFilterTests extends TestCase { } } - private class MockFilterInvocationDefinitionMap implements FilterInvocationDefinitionSource { + private class MockFilterInvocationDefinitionMap implements FilterInvocationSecurityMetadataSource { private List toReturn; private String servletPath; private boolean provideIterator; diff --git a/core/src/test/resources/org/springframework/security/vote/labelBasedSecurityApplicationContext.xml b/core/src/test/resources/org/springframework/security/vote/labelBasedSecurityApplicationContext.xml index 3151f5ae29..9f91e5e283 100644 --- a/core/src/test/resources/org/springframework/security/vote/labelBasedSecurityApplicationContext.xml +++ b/core/src/test/resources/org/springframework/security/vote/labelBasedSecurityApplicationContext.xml @@ -1,91 +1,91 @@ - - - - blueuser=password,ROLE_BASIC,LABEL_BLUE - superuser=password2,ROLE_BASIC,LABEL_SHARED - orangeuser=password3,ROLE_BASIC,LABEL_ORANGE - multiuser=password4,ROLE_BASIC,LABEL_BLUE,LABEL_ORANGE - - - + + + + blueuser=password,ROLE_BASIC,LABEL_BLUE + superuser=password2,ROLE_BASIC,LABEL_SHARED + orangeuser=password3,ROLE_BASIC,LABEL_ORANGE + multiuser=password4,ROLE_BASIC,LABEL_BLUE,LABEL_ORANGE + + + - - - + + + - - - - - - - + + + + + + + - - false - - - - - LABELED_OPERATION - - - - - blue - blue-orange - - - - - orange - blue-orange - - - - - blue - orange - blue-orange - - - - - - - - + + false + + + + + LABELED_OPERATION + + + + + blue + blue-orange + + + + + orange + blue-orange + + + + + blue + orange + blue-orange + + + + + + + + - - false - - - - + + false + + + + org.springframework.security.vote.SampleService.get*=ROLE_BASIC org.springframework.security.vote.SampleService.do*=ROLE_BASIC,LABELED_OPERATION - - - - - Security: + - + + Security: + - - sampleService - - - perfOfSecurity - securityInteceptor - - - + + + + sampleService + + + perfOfSecurity + securityInteceptor + + + diff --git a/itest/context/src/test/resources/filter-chain-performance-app-context.xml b/itest/context/src/test/resources/filter-chain-performance-app-context.xml index 9974b27ab1..dbbe6b9fc1 100644 --- a/itest/context/src/test/resources/filter-chain-performance-app-context.xml +++ b/itest/context/src/test/resources/filter-chain-performance-app-context.xml @@ -91,7 +91,7 @@ - + diff --git a/itest/context/src/test/resources/sec-936-app-context.xml b/itest/context/src/test/resources/sec-936-app-context.xml index 1f84f2904f..bd73236968 100755 --- a/itest/context/src/test/resources/sec-936-app-context.xml +++ b/itest/context/src/test/resources/sec-936-app-context.xml @@ -30,7 +30,7 @@ - + org.springframework.security.concurrent.SessionRegistry.get*=ROLE_C diff --git a/ntlm/applicationContext.xml b/ntlm/applicationContext.xml index 99e253fcdc..0670343288 100755 --- a/ntlm/applicationContext.xml +++ b/ntlm/applicationContext.xml @@ -3,93 +3,93 @@ - - - - CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON - PATTERN_TYPE_APACHE_ANT - /login_error.jsp=httpSessionContextIntegrationFilter - /**=httpSessionContextIntegrationFilter, exceptionTranslationFilter, ntlmFilter, filterSecurityInterceptor - - - + + + + CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON + PATTERN_TYPE_APACHE_ANT + /login_error.jsp=httpSessionContextIntegrationFilter + /**=httpSessionContextIntegrationFilter, exceptionTranslationFilter, ntlmFilter, filterSecurityInterceptor + + + - - - - org.springframework.security.context.SecurityContextImpl - - + + + + org.springframework.security.context.SecurityContextImpl + + - - - - + + + + - - - - - - - + + + + + + + - - - - + + + + - - - - - + + + + + - - - - jdoe=PASSWORD,ROLE_USER - - + + + + jdoe=PASSWORD,ROLE_USER + + - - - - - - - CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON - PATTERN_TYPE_APACHE_ANT - /**=ROLE_USER - - - + + + + + + + CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON + PATTERN_TYPE_APACHE_ANT + /**=ROLE_USER + + + - - - - false - - - - - - - + + + + false + + + + + + + - + - - - + + + - + - - + + diff --git a/samples/dms/src/main/resources/applicationContext-dms-secure.xml b/samples/dms/src/main/resources/applicationContext-dms-secure.xml index ebaf912403..fbf1cd7d6b 100755 --- a/samples/dms/src/main/resources/applicationContext-dms-secure.xml +++ b/samples/dms/src/main/resources/applicationContext-dms-secure.xml @@ -220,13 +220,13 @@ - + - + sample.dms.DocumentDao.create=ACL_ABSTRACT_ELEMENT_WRITE_PARENT sample.dms.DocumentDao.delete=ACL_ABSTRACT_ELEMENT_WRITE diff --git a/samples/preauth/src/main/webapp/WEB-INF/applicationContext-security.xml b/samples/preauth/src/main/webapp/WEB-INF/applicationContext-security.xml index 049bc3d5a2..bfae03d9bd 100644 --- a/samples/preauth/src/main/webapp/WEB-INF/applicationContext-security.xml +++ b/samples/preauth/src/main/webapp/WEB-INF/applicationContext-security.xml @@ -38,31 +38,31 @@ - - - - - - - - + + + + + + + + - - + + - + - + - + @@ -73,31 +73,31 @@ - + - + - - + + - + - + - + - + - \ No newline at end of file +