Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-08 19:42:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-777: The disabled status cannot be set in <user-service>

Browse Source 
http://jira.springframework.org/browse/SEC-777. Added the disabled flag to the relax grammar file.
This commit is contained in:
Luke Taylor 2008-04-21 15:59:08 +00:00
parent 993fdd7a32
commit 5bb558bd6a
3 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc
View File

@ -405,7 +405,9 @@ user.attlist &=
user.attlist &= user.attlist &=
## Can be set to "true" to mark an account as locked and unusable. ## Can be set to "true" to mark an account as locked and unusable.
attribute locked {boolean}? attribute locked {boolean}?
user.attlist &=
## Can be set to "true" to mark an account as disabled and unusable.
attribute disabled {boolean}?
jdbc-user-service = jdbc-user-service =
## Causes creation of a JDBC-based UserDetailsService. ## Causes creation of a JDBC-based UserDetailsService.

6
core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd
View File

@ -1116,6 +1116,12 @@
unusable.</xs:documentation> unusable.</xs:documentation>
</xs:annotation> </xs:annotation>
</xs:attribute> </xs:attribute>
<xs:attribute name="disabled" type="security:boolean">
<xs:annotation>
<xs:documentation>Can be set to "true" to mark an account as disabled and
unusable.</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:attributeGroup> </xs:attributeGroup>
<xs:element name="jdbc-user-service" substitutionGroup="security:any-user-service"> <xs:element name="jdbc-user-service" substitutionGroup="security:any-user-service">
<xs:annotation> <xs:annotation>

18
core/src/test/java/org/springframework/security/config/UserServiceBeanDefinitionParserTests.java
View File

@ -1,6 +1,9 @@
package org.springframework.security.config; package org.springframework.security.config;
import static org.junit.Assert.*;
import org.springframework.security.util.InMemoryXmlApplicationContext; import org.springframework.security.util.InMemoryXmlApplicationContext;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService; import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.context.support.AbstractXmlApplicationContext; import org.springframework.context.support.AbstractXmlApplicationContext;
import org.springframework.beans.FatalBeanException; import org.springframework.beans.FatalBeanException;
@ -42,6 +45,21 @@ public class UserServiceBeanDefinitionParserTests {
userService.loadUserByUsername("joe"); userService.loadUserByUsername("joe");
} }
@Test
public void disabledAndEmbeddedFlagsAreSupported() {
setContext(
"<user-service id='service'>" +
" <user name='joe' password='joespassword' authorities='ROLE_A' locked='true'/>" +
" <user name='bob' password='bobspassword' authorities='ROLE_A' disabled='true'/>" +
"</user-service>");
UserDetailsService userService = (UserDetailsService) appContext.getBean("service");
UserDetails joe = userService.loadUserByUsername("joe");
assertFalse(joe.isAccountNonLocked());
UserDetails bob = userService.loadUserByUsername("bob");
assertFalse(bob.isEnabled());
}
@Test(expected=FatalBeanException.class) @Test(expected=FatalBeanException.class)
public void userWithBothPropertiesAndEmbeddedUsersThrowsException() { public void userWithBothPropertiesAndEmbeddedUsersThrowsException() {
setContext( setContext(