Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-719: Refactor portlet code to make more use of core classes 

http://jira.springframework.org/browse/SEC-719. Rewrote provider as a preauthenticated provider.
This commit is contained in:
Luke Taylor 2008-03-19 15:45:42 +00:00
parent f8d855f1a2
commit 5de0f3b8f0
21 changed files with 166 additions and 1102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
portlet/src/main/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptor.java
View File

@ -367,7 +367,6 @@ public class PortletSessionContextIntegrationInterceptor
}
/**
* Creates a new <code>SecurityContext</code> object. The specific class is
* determined by the setting of the {@link #context} property.

198
portlet/src/main/java/org/springframework/security/providers/portlet/PortletAuthenticationProvider.java
View File

@ -1,198 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.providers.portlet;
import java.security.Principal;
import java.util.Map;
import javax.portlet.PortletRequest;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationServiceException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.providers.dao.UserCache;
import org.springframework.security.providers.dao.cache.NullUserCache;
import org.springframework.security.userdetails.UserDetails;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
/**
* <p>Processes a JSR 168 Portlet authentication request. The request will typically
* originate from {@link org.springframework.security.ui.portlet.PortletProcessingInterceptor}.</p>
*
* <p>Be aware that this provider is trusting the portal and portlet container to handle
* actual authentication. If a valid {@link PortletAuthenticationToken} is presented with
* non-null principal and credentials, then the {@link #authenticate} method will succeed.</p>
*
* <p>If the <code>details</code> property of the requesting <code>Authentication</code>
* object happens to be the <code>PortletRequest</code>, then this provider will place
* the contents of the <code>USER_INFO</code> map from of the request attributes into
* the <code>details</code> property of the authentication result.</p>
*
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public class PortletAuthenticationProvider
implements AuthenticationProvider, InitializingBean {
//~ Static fields/initializers =====================================================================================
private static final Log logger = LogFactory.getLog(PortletAuthenticationProvider.class);
//~ Instance fields ================================================================================================
private PortletAuthoritiesPopulator portletAuthoritiesPopulator;
private UserCache userCache = new NullUserCache();
//~ Methods ========================================================================================================
public void afterPropertiesSet() throws Exception {
Assert.notNull(this.portletAuthoritiesPopulator, "An authorities populator must be set");
Assert.notNull(this.userCache, "A user cache must be set");
}
public boolean supports(Class authentication) {
return PortletAuthenticationToken.class.isAssignableFrom(authentication);
}
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
// make sure we support the authentication
if (!supports(authentication.getClass())) {
return null;
}
if (logger.isDebugEnabled())
logger.debug("portlet authentication request: " + authentication);
// make sure there is a valid principal in the authentication attempt
Object principal = authentication.getPrincipal();
if (principal == null) {
throw new BadCredentialsException("No principal presented - user is not authenticated");
}
// make sure there are valid credentials in the authentication attempt
Object credentials = authentication.getCredentials();
if (credentials == null) {
throw new BadCredentialsException("No credentials presented - user is not authenticated");
}
// determine the username string from the principal
String username = getUsernameFromPrincipal(principal);
if (username == null) {
throw new BadCredentialsException("No username available - user is not authenticated");
}
// try to retrieve the user from the cache
UserDetails user = this.userCache.getUserFromCache(username);
// if the user is null then it wasn't in the cache so go get it
if (user == null) {
if (logger.isDebugEnabled())
logger.debug("user not found in the cache");
// get the user from the authorities populator
user = this.portletAuthoritiesPopulator.getUserDetails(authentication);
if (user == null) {
throw new AuthenticationServiceException(
"portletAuthoritiesPopulator returned null, which is an interface contract violation");
}
// store the result back in the cache
this.userCache.putUserInCache(user);
} else {
if (logger.isDebugEnabled())
logger.debug("got user from the cache");
}
// build the resulting successful authentication token
PortletAuthenticationToken result = new PortletAuthenticationToken(
user, authentication.getCredentials(), user.getAuthorities());
result.setAuthenticated(true);
// see if the detail property on the request is the PortletRequest
if (authentication.getDetails() instanceof PortletRequest) {
// if available, place the USER_INFO map into the details property of the result
PortletRequest request = (PortletRequest)authentication.getDetails();
Map userInfo = null;
try {
userInfo = (Map)request.getAttribute(PortletRequest.USER_INFO);
} catch (Exception e) {
logger.warn("unable to retrieve USER_INFO map from portlet request", e);
}
result.setDetails(userInfo);
} else {
// copy any other details information forward
result.setDetails(authentication.getDetails());
}
if (logger.isDebugEnabled())
logger.debug("portlet authentication succeeded: " + result);
return result;
}
/**
* This method attempt to determine the username string from the principal object.
* If the principal object is a {@link UserDetails} object then it will use the
* {@link UserDetails#getUsername() method. If the principal object is a
* {@link Principal} object then it will use the {@link Principal#getName()}
* method. Otherwise it will simply call the <code>toString()<code> method
* on the principal object and return that.
* @param principal the principal object to inspect for a username
* @return the determined username, or null if no principal is passed
*/
public static final String getUsernameFromPrincipal(Object principal) {
if (principal == null) {
return null;
}
if (principal instanceof UserDetails) {
return ((UserDetails)principal).getUsername();
}
if (principal instanceof Principal) {
return ((Principal)principal).getName();
}
return principal.toString();
}
public PortletAuthoritiesPopulator getPortletAuthoritiesPopulator() {
return this.portletAuthoritiesPopulator;
}
public void setPortletAuthoritiesPopulator(PortletAuthoritiesPopulator portletAuthoritiesPopulator) {
this.portletAuthoritiesPopulator = portletAuthoritiesPopulator;
}
public UserCache getUserCache() {
return userCache;
}
public void setUserCache(UserCache userCache) {
this.userCache = userCache;
}
}

57
portlet/src/main/java/org/springframework/security/providers/portlet/PortletAuthenticationToken.java
View File

@ -1,57 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.providers.portlet;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.providers.AbstractAuthenticationToken;
/**
* <code>Authentication</code> implementation for JSR 168 Portlet authentication. <p>The
* corresponding authentication provider is {@link PortletAuthenticationProvider}.</p>
*
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public class PortletAuthenticationToken extends AbstractAuthenticationToken {
//~ Instance fields ================================================================================================
private static final long serialVersionUID = 1L;
private Object principal;
private Object credentials;
//~ Constructors ===================================================================================================
public PortletAuthenticationToken(Object principal, Object credentials, GrantedAuthority[] authorities) {
super(authorities);
this.principal = principal;
this.credentials = credentials;
}
//~ Methods ========================================================================================================
public Object getPrincipal() {
return this.principal;
}
public Object getCredentials() {
return this.credentials;
}
}

45
portlet/src/main/java/org/springframework/security/providers/portlet/PortletAuthoritiesPopulator.java
View File

@ -1,45 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.providers.portlet;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.userdetails.UserDetails;
/**
* Populates the <code>UserDetails</code> associated with the
* portlet user presented by the portlet container.
*
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public interface PortletAuthoritiesPopulator {
//~ Methods ========================================================================================================
/**
* Obtains the granted authorities for the specified Authentication object.
* <p>May throw any <code>AuthenticationException</code> or return <code>null</code>
* if the authorities are unavailable.</p>
* @param authentication the authentication object seeking authorities
* @return the details of the indicated user (at minimum the granted authorities and the username)
* @throws AuthenticationException if the user details are not available or the authentication is not valid for some reason
*/
public UserDetails getUserDetails(Authentication authentication) throws AuthenticationException;
}

5
portlet/src/main/java/org/springframework/security/providers/portlet/package.html
View File

@ -1,5 +0,0 @@
<html>
<body>
An authentication provider that can uses the security model in the Portlet 1.0 (JSR 168) Specification.
</body>
</html>

144
portlet/src/main/java/org/springframework/security/providers/portlet/populator/ContainerPortletAuthoritiesPopulator.java
View File

@ -1,144 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.providers.portlet.populator;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.portlet.PortletRequest;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationServiceException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.portlet.PortletAuthenticationProvider;
import org.springframework.security.providers.portlet.PortletAuthoritiesPopulator;
import org.springframework.security.userdetails.User;
import org.springframework.security.userdetails.UserDetails;
/**
* <p>Populates the portlet authorities via role information from the portlet container.
* Primarily it uses the <code>PortletRequest.isUserInRole(role)</code> method to
* check if the user is in a list of configured roles.</p>
*
* <p>This bean has the following configurable properties:</p>
* <ul>
* <li><code>rolesToCheck</code> : A list of strings containing names of roles to check.
* These roles must also be properly declared in a &lt;security-role-ref&gt; element
* of the portlet descriptor in the portlet.xml file.</li>
* <li><code>rolePrefix</code> : The prefix to be added onto each role name that as it is
* added to the list of authorities. The default value is 'ROLE_'.</li>
* <li><code>userRole</code> : The authority that all authenticated users will automatically
* be granted. The default value is 'ROLE_USER'. Set this to null to avoid having any
* value automatically populated.</li>
* </ul>
*
* <p>This populator depends on finding the <code>PortletRequest<code> when calling the
* {@link Authentication#getDetails()} method on the object passed to
* {@link #getUserDetails(Authentication)}. If not, it will throw an
* {@link AuthenticationServiceException}.
*
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public class ContainerPortletAuthoritiesPopulator
implements PortletAuthoritiesPopulator {
//~ Static fields/initializers =====================================================================================
public static final String DEFAULT_ROLE_PREFIX = "ROLE_";
public static final String DEFAULT_USER_ROLE = "ROLE_USER";
//~ Instance fields ================================================================================================
private List rolesToCheck;
private String rolePrefix = DEFAULT_ROLE_PREFIX;
private String userRole = DEFAULT_USER_ROLE;
//~ Methods ========================================================================================================
public UserDetails getUserDetails(Authentication authentication)
throws AuthenticationException {
// get the username and password for the authentication
String username = PortletAuthenticationProvider.getUsernameFromPrincipal(authentication.getPrincipal());
String password = authentication.getCredentials().toString();
// see if we can load authorities from the portlet request
Object details = authentication.getDetails();
if (!(details instanceof PortletRequest)) {
throw new AuthenticationServiceException("expected Authentication.getDetails() to return a PortletRequest");
}
GrantedAuthority[] authorities = loadGrantedAuthorities((PortletRequest)details);
// construct and return the new user
return new User(username, password, true, true, true, true, authorities);
}
private GrantedAuthority[] loadGrantedAuthorities(PortletRequest request) {
// start the list and add the standard user role
ArrayList authorities = new ArrayList();
if (this.userRole != null && this.userRole.length() > 0)
authorities.add(new GrantedAuthorityImpl(getUserRole()));
// iterate through the configured list of roles to check (if there is one)
if (this.rolesToCheck != null) {
for(Iterator i = this.rolesToCheck.iterator(); i.hasNext(); ) {
String role = (String)i.next();
// if the request says the user has that role, then add it
if (request.isUserInRole(role)) {
authorities.add(new GrantedAuthorityImpl(getRolePrefix() + role));
}
}
}
// return the array of GrantedAuthority objects
return (GrantedAuthority[])authorities.toArray(new GrantedAuthority[authorities.size()]);
}
public List getRolesToCheck() {
return rolesToCheck;
}
public void setRolesToCheck(List rolesToCheck) {
this.rolesToCheck = rolesToCheck;
}
public String getRolePrefix() {
return rolePrefix;
}
public void setRolePrefix(String rolePrefix) {
this.rolePrefix = rolePrefix;
}
public String getUserRole() {
return userRole;
}
public void setUserRole(String userRole) {
this.userRole = userRole;
}
}

74
portlet/src/main/java/org/springframework/security/providers/portlet/populator/DaoPortletAuthoritiesPopulator.java
View File

@ -1,74 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.providers.portlet.populator;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationServiceException;
import org.springframework.security.providers.portlet.PortletAuthenticationProvider;
import org.springframework.security.providers.portlet.PortletAuthoritiesPopulator;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
/**
* Populates the portlet authorities via a {@link UserDetailsService}.
*
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public class DaoPortletAuthoritiesPopulator
implements PortletAuthoritiesPopulator, InitializingBean {
//~ Instance fields ================================================================================================
private UserDetailsService userDetailsService;
//~ Methods ========================================================================================================
public void afterPropertiesSet() throws Exception {
Assert.notNull(this.userDetailsService, "A userDetailsService must be set");
}
public UserDetails getUserDetails(Authentication authentication)
throws AuthenticationException {
// make sure the Authentication object is valid
if (authentication == null || authentication.getPrincipal() == null) {
throw new AuthenticationServiceException(
"must pass valid Authentication object with non-null principal");
}
// get the username from the principal
String username = PortletAuthenticationProvider.getUsernameFromPrincipal(authentication.getPrincipal());
// call the UserDetailsService with the username
return this.userDetailsService.loadUserByUsername(username);
}
public UserDetailsService getUserDetailsService() {
return userDetailsService;
}
public void setUserDetailsService(UserDetailsService userDetailsService) {
this.userDetailsService = userDetailsService;
}
}

5
portlet/src/main/java/org/springframework/security/providers/portlet/populator/package.html
View File

@ -1,5 +0,0 @@
<html>
<body>
Implementations that populate GrantedAuthority[]s of Portlet authentications.
</body>
</html>

33
portlet/src/main/java/org/springframework/security/ui/portlet/PortletAuthenticationDetails.java Normal file
View File

@ -0,0 +1,33 @@
package org.springframework.security.ui.portlet;
import java.io.Serializable;
import java.util.Map;
import javax.portlet.PortletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
public class PortletAuthenticationDetails implements Serializable {
//~ Instance fields ================================================================================================
protected final Log logger = LogFactory.getLog(PortletAuthenticationDetails.class);
protected Map userInfo;
//~ Constructors ===================================================================================================
public PortletAuthenticationDetails(PortletRequest request) {
try {
userInfo = (Map)request.getAttribute(PortletRequest.USER_INFO);
} catch (Exception e) {
logger.warn("unable to retrieve USER_INFO map from portlet request", e);
}
}
public Map getUserInfo() {
return userInfo;
}
public String toString() {
return "User info: " + userInfo.toString();
}
}

37
portlet/src/main/java/org/springframework/security/ui/portlet/PortletPreAuthenticatedAuthenticationDetails.java Normal file
View File

@ -0,0 +1,37 @@
package org.springframework.security.ui.portlet;
import java.util.Arrays;
import javax.portlet.PortletRequest;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.MutableGrantedAuthoritiesContainer;
import org.springframework.util.Assert;
public class PortletPreAuthenticatedAuthenticationDetails extends PortletAuthenticationDetails implements MutableGrantedAuthoritiesContainer {
private GrantedAuthority[] preAuthenticatedGrantedAuthorities = null;
public PortletPreAuthenticatedAuthenticationDetails(PortletRequest request) {
super(request);
}
public GrantedAuthority[] getGrantedAuthorities() {
Assert.notNull(preAuthenticatedGrantedAuthorities, "Pre-authenticated granted authorities have not been set");
GrantedAuthority[] result = new GrantedAuthority[preAuthenticatedGrantedAuthorities.length];
System.arraycopy(preAuthenticatedGrantedAuthorities, 0, result, 0, result.length);
return result;
}
public void setGrantedAuthorities(GrantedAuthority[] authorities) {
this.preAuthenticatedGrantedAuthorities = new GrantedAuthority[authorities.length];
System.arraycopy(authorities, 0, preAuthenticatedGrantedAuthorities, 0, preAuthenticatedGrantedAuthorities.length);
}
public String toString() {
StringBuffer sb = new StringBuffer();
sb.append(super.toString() + "; ");
sb.append("preAuthenticatedGrantedAuthorities: " + Arrays.asList(preAuthenticatedGrantedAuthorities));
return sb.toString();
}
}

27
portlet/src/main/java/org/springframework/security/ui/portlet/PortletPreAuthenticatedAuthenticationDetailsSource.java Normal file
View File

@ -0,0 +1,27 @@
package org.springframework.security.ui.portlet;
import java.util.ArrayList;
import javax.portlet.PortletRequest;
import org.springframework.security.ui.preauth.j2ee.AbstractPreAuthenticatedAuthenticationDetailsSource;
public class PortletPreAuthenticatedAuthenticationDetailsSource extends AbstractPreAuthenticatedAuthenticationDetailsSource {
public PortletPreAuthenticatedAuthenticationDetailsSource() {
setClazz(PortletPreAuthenticatedAuthenticationDetails.class);
}
protected String[] getUserRoles(Object context, String[] mappableRoles) {
ArrayList portletRoles = new ArrayList();
for (int i = 0; i < mappableRoles.length; i++) {
if (((PortletRequest)context).isUserInRole(mappableRoles[i])) {
portletRoles.add(mappableRoles[i]);
}
}
return (String[]) portletRoles.toArray(new String[portletRoles.size()]);
}
}

43
portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingFilterEntryPoint.java
View File

@ -16,18 +16,7 @@
package org.springframework.security.ui.portlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.AuthenticationException;
import org.springframework.security.ui.AuthenticationEntryPoint;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.core.Ordered;
import org.springframework.security.ui.preauth.PreAuthenticatedProcessingFilterEntryPoint;
/**
* <p>In the case of relying on Portlet authentication to access Servlet resources
@ -42,34 +31,6 @@ import org.springframework.core.Ordered;
* @since 2.0
* @version $Id$
*/
public class PortletProcessingFilterEntryPoint implements AuthenticationEntryPoint, Ordered {
//~ Static fields/initializers =====================================================================================
private static final Log logger = LogFactory.getLog(PortletProcessingFilterEntryPoint.class);
//~ Instance fields ================================================================================================
private int order = Integer.MAX_VALUE; // ~ default
//~ Methods ========================================================================================================
public int getOrder() {
return order;
}
public void setOrder(int order) {
this.order = order;
}
public void commence(ServletRequest request, ServletResponse response,
AuthenticationException authException) throws IOException, ServletException {
if (logger.isDebugEnabled())
logger.debug("portlet entry point called. Rejecting access");
HttpServletResponse httpResponse = (HttpServletResponse)response;
httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "Access Denied");
}
public class PortletProcessingFilterEntryPoint extends PreAuthenticatedProcessingFilterEntryPoint {
}

61
portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingInterceptor.java
View File

@ -35,10 +35,10 @@ import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationManager;
import org.springframework.security.context.SecurityContext;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.portlet.PortletAuthenticationProvider;
import org.springframework.security.providers.portlet.PortletAuthenticationToken;
import org.springframework.security.providers.portlet.populator.ContainerPortletAuthoritiesPopulator;
import org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.security.ui.AbstractProcessingFilter;
import org.springframework.security.ui.AuthenticationDetailsSource;
import org.springframework.security.ui.AuthenticationDetailsSourceImpl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
@ -81,8 +81,7 @@ import org.springframework.web.portlet.ModelAndView;
* @since 2.0
* @version $Id$
*/
public class PortletProcessingInterceptor implements
HandlerInterceptor, InitializingBean {
public class PortletProcessingInterceptor implements HandlerInterceptor, InitializingBean {
//~ Static fields/initializers =====================================================================================
@ -93,6 +92,15 @@ public class PortletProcessingInterceptor implements
private AuthenticationManager authenticationManager;
private List userNameAttributes;
private AuthenticationDetailsSource authenticationDetailsSource;
private boolean useAuthTypeAsCredentials = false;
public PortletProcessingInterceptor() {
authenticationDetailsSource = new AuthenticationDetailsSourceImpl();
((AuthenticationDetailsSourceImpl)authenticationDetailsSource).setClazz(PortletAuthenticationDetails.class);
}
//~ Methods ========================================================================================================
@ -140,13 +148,12 @@ public class PortletProcessingInterceptor implements
try {
// build the authentication request from the PortletRequest
PortletAuthenticationToken authRequest = new PortletAuthenticationToken(
PreAuthenticatedAuthenticationToken authRequest = new PreAuthenticatedAuthenticationToken(
getPrincipalFromRequest(request),
getCredentialsFromRequest(request),
null);
getCredentialsFromRequest(request));
// put the PortletRequest into the authentication request as the "details"
authRequest.setDetails(request);
authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
if (logger.isDebugEnabled())
logger.debug("Beginning authentication request for user '" + authRequest.getName() + "'");
@ -158,16 +165,18 @@ public class PortletProcessingInterceptor implements
Authentication authResult = authenticationManager.authenticate(authRequest);
// process a successful authentication
if (logger.isDebugEnabled())
if (logger.isDebugEnabled()) {
logger.debug("Authentication success: " + authResult);
}
ctx.setAuthentication(authResult);
onSuccessfulAuthentication(request, response, authResult);
} catch (AuthenticationException failed) {
// process an unsuccessful authentication
if (logger.isDebugEnabled())
logger.debug("Authentication failed - updating ContextHolder to contain null Authentication");
if (logger.isDebugEnabled()) {
logger.debug("Authentication failed - updating ContextHolder to contain null Authentication", failed);
}
ctx.setAuthentication(null);
request.getPortletSession().setAttribute(
AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY,
@ -251,10 +260,13 @@ public class PortletProcessingInterceptor implements
* @return the determined credentials object, or null if none found
*/
protected Object getCredentialsFromRequest(PortletRequest request) {
return request.getAuthType();
if (useAuthTypeAsCredentials) {
return request.getAuthType();
}
return "dummy";
}
/**
* Callback for custom processing prior to the authentication attempt.
* @param request the portlet request to be authenticated
@ -286,20 +298,23 @@ public class PortletProcessingInterceptor implements
throws IOException {}
public AuthenticationManager getAuthenticationManager() {
return authenticationManager;
}
public void setAuthenticationManager(AuthenticationManager authenticationManager) {
this.authenticationManager = authenticationManager;
}
public List getUserNameAttributes() {
return userNameAttributes;
}
public void setUserNameAttributes(List userNameAttributes) {
this.userNameAttributes = userNameAttributes;
}
public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource) {
this.authenticationDetailsSource = authenticationDetailsSource;
}
/**
*
* @param useAuthTypeAsCredentials
*/
public void setUseAuthTypeAsCredentials(boolean useAuthTypeAsCredentials) {
this.useAuthTypeAsCredentials = useAuthTypeAsCredentials;
}
}

24
portlet/src/test/java/org/springframework/security/context/PortletSessionContextIntegrationInterceptorTests.java
View File

@ -22,8 +22,8 @@ import junit.framework.TestCase;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.portlet.PortletAuthenticationToken;
import org.springframework.security.providers.portlet.PortletTestUtils;
import org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.security.userdetails.User;
import org.springframework.mock.web.portlet.MockActionRequest;
import org.springframework.mock.web.portlet.MockActionResponse;
@ -97,8 +97,8 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
public void testNormalRenderRequestProcessing() throws Exception {
// Build an Authentication object we simulate came from PortletSession
PortletAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
PortletAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
PreAuthenticatedAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
PreAuthenticatedAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
// Build a Context to store in PortletSession (simulating prior request)
SecurityContext sc = new SecurityContextImpl();
@ -134,8 +134,8 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
public void testNormalActionRequestProcessing() throws Exception {
// Build an Authentication object we simulate came from PortletSession
PortletAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
PortletAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
PreAuthenticatedAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
PreAuthenticatedAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
// Build a Context to store in PortletSession (simulating prior request)
SecurityContext sc = new SecurityContextImpl();
@ -167,8 +167,8 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
public void testUpdatesCopiedBackIntoSession() throws Exception {
// Build an Authentication object we simulate came from PortletSession
PortletAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
PortletAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
PreAuthenticatedAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
PreAuthenticatedAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
// Build a Context to store in PortletSession (simulating prior request)
SecurityContext sc = new SecurityContextImpl();
@ -226,7 +226,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
// Execute the interceptor
interceptor.preHandleAction(request, response, null);
PortletAuthenticationToken principal = PortletTestUtils.createAuthenticatedToken();
PreAuthenticatedAuthenticationToken principal = PortletTestUtils.createAuthenticatedToken();
SecurityContextHolder.getContext().setAuthentication(principal);
interceptor.afterActionCompletion(request, response, null, null);
@ -289,7 +289,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
// Execute the interceptor
interceptor.preHandleAction(request, response, null);
PortletAuthenticationToken principal = PortletTestUtils.createAuthenticatedToken();
PreAuthenticatedAuthenticationToken principal = PortletTestUtils.createAuthenticatedToken();
SecurityContextHolder.getContext().setAuthentication(principal);
interceptor.afterActionCompletion(request, response, null, null);
@ -312,7 +312,7 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
// Execute the interceptor
interceptor.preHandleAction(request, response, null);
PortletAuthenticationToken principal = PortletTestUtils.createAuthenticatedToken();
PreAuthenticatedAuthenticationToken principal = PortletTestUtils.createAuthenticatedToken();
SecurityContextHolder.getContext().setAuthentication(principal);
interceptor.afterActionCompletion(request, response, null, null);
@ -323,8 +323,8 @@ public class PortletSessionContextIntegrationInterceptorTests extends TestCase {
public void testUsePortletScopeSession() throws Exception {
// Build an Authentication object we simulate came from PortletSession
PortletAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
PortletAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
PreAuthenticatedAuthenticationToken sessionPrincipal = PortletTestUtils.createAuthenticatedToken();
PreAuthenticatedAuthenticationToken baselinePrincipal = PortletTestUtils.createAuthenticatedToken();
// Build a Context to store in PortletSession (simulating prior request)
SecurityContext sc = new SecurityContextImpl();

117
portlet/src/test/java/org/springframework/security/providers/portlet/PortletAuthenticationProviderTests.java
View File

@ -1,117 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.providers.portlet;
import junit.framework.TestCase;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.userdetails.UserDetails;
/**
* Tests {@link PortletAuthenticationProvider}
*
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public class PortletAuthenticationProviderTests extends TestCase {
//~ Constructors ===================================================================================================
public PortletAuthenticationProviderTests() {
super();
}
public PortletAuthenticationProviderTests(String arg0) {
super(arg0);
}
//~ Methods ========================================================================================================
public void testRequiresPopulator() throws Exception {
PortletAuthenticationProvider provider = new PortletAuthenticationProvider();
try {
provider.afterPropertiesSet();
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException failed) {
//ignored
}
}
public void testNormalOperation() throws Exception {
PortletAuthenticationProvider provider = new PortletAuthenticationProvider();
provider.setPortletAuthoritiesPopulator(new MockAuthoritiesPopulator(false));
provider.afterPropertiesSet();
Authentication result = provider.authenticate(PortletTestUtils.createToken());
assertNotNull(result);
assertNotNull(result.getAuthorities());
}
public void testAuthenticationIsNullWithUnsupportedToken() {
PortletAuthenticationProvider provider = new PortletAuthenticationProvider();
Authentication request = new UsernamePasswordAuthenticationToken(PortletTestUtils.TESTUSER, PortletTestUtils.TESTCRED);
Authentication result = provider.authenticate(request);
assertNull(result);
}
public void testFailsWithNoCredentials() {
PortletAuthenticationProvider provider = new PortletAuthenticationProvider();
provider.setPortletAuthoritiesPopulator(new MockAuthoritiesPopulator(false));
try {
provider.authenticate(new PortletAuthenticationToken(PortletTestUtils.TESTUSER, null, null));
fail("Should have thrown BadCredentialsException");
} catch (BadCredentialsException e) {
//ignore
}
}
public void testPopulatorRejectionCausesFailure() throws Exception {
PortletAuthenticationProvider provider = new PortletAuthenticationProvider();
provider.setPortletAuthoritiesPopulator(new MockAuthoritiesPopulator(true));
try {
provider.authenticate(PortletTestUtils.createToken());
fail("Should have thrown BadCredentialsException");
} catch (BadCredentialsException e) {
//ignore
}
}
//~ Inner Classes ==================================================================================================
public static class MockAuthoritiesPopulator implements PortletAuthoritiesPopulator {
private boolean reject = false;
public MockAuthoritiesPopulator (boolean reject) {
this.reject = reject;
}
public UserDetails getUserDetails(Authentication authentication)
throws AuthenticationException {
if (authentication.getCredentials() == null)
throw new BadCredentialsException("Invalid Credentials");
if (reject)
throw new BadCredentialsException("Authentication Rejected");
return PortletTestUtils.createUser();
}
}
}

63
portlet/src/test/java/org/springframework/security/providers/portlet/PortletAuthenticationTokenTests.java
View File

@ -1,63 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.providers.portlet;
import junit.framework.TestCase;
/**
* Tests for {@link PortletAuthenticationToken}.
*
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public class PortletAuthenticationTokenTests extends TestCase {
//~ Constructors ===================================================================================================
public PortletAuthenticationTokenTests() {}
public PortletAuthenticationTokenTests(String s) {
super(s);
}
//~ Methods ========================================================================================================
public void setUp() throws Exception {
super.setUp();
}
public void testPrincipal() throws Exception {
PortletAuthenticationToken token = PortletTestUtils.createToken();
assertEquals(PortletTestUtils.TESTUSER, token.getPrincipal());
}
public void testCredentials() throws Exception {
PortletAuthenticationToken token = PortletTestUtils.createToken();
assertEquals(PortletTestUtils.TESTCRED, token.getCredentials());
}
public void testAuthenticated() throws Exception {
PortletAuthenticationToken token = PortletTestUtils.createToken();
assertTrue(!token.isAuthenticated());
token.setAuthenticated(true);
assertTrue(token.isAuthenticated());
token.setAuthenticated(false);
assertTrue(!token.isAuthenticated());
}
}

32
portlet/src/test/java/org/springframework/security/providers/portlet/PortletTestUtils.java
View File

@ -24,6 +24,8 @@ import org.springframework.security.context.SecurityContext;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.context.SecurityContextImpl;
import org.springframework.security.providers.TestingAuthenticationToken;
import org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.security.ui.portlet.PortletAuthenticationDetails;
import org.springframework.security.userdetails.User;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.mock.web.portlet.MockActionRequest;
@ -88,41 +90,25 @@ public class PortletTestUtils {
return response;
}
public static PortletAuthenticationToken createToken(PortletRequest request) {
PortletAuthenticationToken token = new PortletAuthenticationToken(TESTUSER, TESTCRED, null);
token.setDetails(request);
public static PreAuthenticatedAuthenticationToken createToken(PortletRequest request) {
PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(TESTUSER, TESTCRED);
token.setDetails(new PortletAuthenticationDetails(request));
return token;
}
public static PortletAuthenticationToken createToken() {
public static PreAuthenticatedAuthenticationToken createToken() {
MockRenderRequest request = createRenderRequest();
return createToken(request);
}
public static PortletAuthenticationToken createAuthenticatedToken(UserDetails user) {
PortletAuthenticationToken result = new PortletAuthenticationToken(
public static PreAuthenticatedAuthenticationToken createAuthenticatedToken(UserDetails user) {
PreAuthenticatedAuthenticationToken result = new PreAuthenticatedAuthenticationToken(
user, user.getPassword(), user.getAuthorities());
result.setAuthenticated(true);
return result;
}
public static PortletAuthenticationToken createAuthenticatedToken() {
public static PreAuthenticatedAuthenticationToken createAuthenticatedToken() {
return createAuthenticatedToken(createUser());
}
public static void setupSecurityContext(PortletRequest request) {
PortletAuthenticationToken token = createToken(request);
SecurityContext context = new SecurityContextImpl();
context.setAuthentication(token);
SecurityContextHolder.setContext(context);
}
public static void setupSecurityContext() {
MockRenderRequest request = createRenderRequest();
setupSecurityContext(request);
}
public static void cleanupSecurityContext() {
SecurityContextHolder.clearContext();
}
}

127
portlet/src/test/java/org/springframework/security/providers/portlet/populator/ContainerPortletAuthoritiesPopulatorTests.java
View File

@ -1,127 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.providers.portlet.populator;
import java.util.ArrayList;
import java.util.List;
import junit.framework.TestCase;
import org.springframework.security.AuthenticationServiceException;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.portlet.PortletAuthenticationToken;
import org.springframework.security.providers.portlet.PortletTestUtils;
import org.springframework.security.userdetails.UserDetails;
/**
* Tests for {@link ContainerPortletAuthoritiesPopulator}
*
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public class ContainerPortletAuthoritiesPopulatorTests extends TestCase {
//~ Constructors ===================================================================================================
public ContainerPortletAuthoritiesPopulatorTests() {
super();
}
public ContainerPortletAuthoritiesPopulatorTests(String arg0) {
super(arg0);
}
//~ Methods ========================================================================================================
public final void setUp() throws Exception {
super.setUp();
}
private List createRolesToCheck() {
ArrayList rolesToCheck = new ArrayList();
rolesToCheck.add(PortletTestUtils.PORTALROLE1);
rolesToCheck.add("BOGUS1");
rolesToCheck.add(PortletTestUtils.PORTALROLE2);
rolesToCheck.add("BOGUS2");
return rolesToCheck;
}
public void testGetGrantedAuthorities() throws Exception {
ContainerPortletAuthoritiesPopulator populator = new ContainerPortletAuthoritiesPopulator();
UserDetails results = populator.getUserDetails(PortletTestUtils.createToken());
assertEquals(1, results.getAuthorities().length);
assertEquals(new GrantedAuthorityImpl(ContainerPortletAuthoritiesPopulator.DEFAULT_USER_ROLE), results.getAuthorities()[0]);
}
public void testGetGrantedAuthoritiesCheckRoles() throws Exception {
ContainerPortletAuthoritiesPopulator populator = new ContainerPortletAuthoritiesPopulator();
populator.setRolesToCheck(createRolesToCheck());
UserDetails results = populator.getUserDetails(PortletTestUtils.createToken());
assertEquals(3, results.getAuthorities().length);
assertEquals(new GrantedAuthorityImpl(ContainerPortletAuthoritiesPopulator.DEFAULT_USER_ROLE), results.getAuthorities()[2]);
assertEquals(new GrantedAuthorityImpl(PortletTestUtils.TESTROLE1), results.getAuthorities()[0]);
assertEquals(new GrantedAuthorityImpl(PortletTestUtils.TESTROLE2), results.getAuthorities()[1]);
}
public void testGetGrantedAuthoritiesCustomPrefix() throws Exception {
String prefix = "IHAVE_";
ContainerPortletAuthoritiesPopulator populator = new ContainerPortletAuthoritiesPopulator();
populator.setRolesToCheck(createRolesToCheck());
populator.setRolePrefix(prefix);
UserDetails results = populator.getUserDetails(PortletTestUtils.createToken());
assertEquals(3, results.getAuthorities().length);
assertEquals(new GrantedAuthorityImpl(ContainerPortletAuthoritiesPopulator.DEFAULT_USER_ROLE), results.getAuthorities()[2]);
assertEquals(new GrantedAuthorityImpl(prefix + PortletTestUtils.PORTALROLE1), results.getAuthorities()[0]);
assertEquals(new GrantedAuthorityImpl(prefix + PortletTestUtils.PORTALROLE2), results.getAuthorities()[1]);
}
public void testGetGrantedAuthoritiesNullDefault() throws Exception {
ContainerPortletAuthoritiesPopulator populator = new ContainerPortletAuthoritiesPopulator();
populator.setUserRole(null);
UserDetails results = populator.getUserDetails(PortletTestUtils.createToken());
assertEquals(0, results.getAuthorities().length);
}
public void testGetGrantedAuthoritiesEmptyDefault() throws Exception {
ContainerPortletAuthoritiesPopulator populator = new ContainerPortletAuthoritiesPopulator();
populator.setUserRole("");
UserDetails results = populator.getUserDetails(PortletTestUtils.createToken());
assertEquals(0, results.getAuthorities().length);
}
public void testGetGrantedAuthoritiesForInvalidToken() throws Exception {
ContainerPortletAuthoritiesPopulator populator = new ContainerPortletAuthoritiesPopulator();
PortletAuthenticationToken token = PortletTestUtils.createToken();
token.setDetails(null);
try {
populator.getUserDetails(token);
fail("Should have thrown AuthenticationServiceException");
} catch (AuthenticationServiceException e) {
// ignore
}
token.setDetails("bogus");
try {
populator.getUserDetails(token);
fail("Should have thrown AuthenticationServiceException");
} catch (AuthenticationServiceException e) {
// ignore
}
}
}

100
portlet/src/test/java/org/springframework/security/providers/portlet/populator/DaoPortletAuthoritiesPopulatorTests.java
View File

@ -1,100 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.providers.portlet.populator;
import junit.framework.TestCase;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.portlet.PortletAuthenticationToken;
import org.springframework.security.providers.portlet.PortletTestUtils;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.userdetails.UsernameNotFoundException;
import org.springframework.dao.DataAccessException;
/**
* Tests for {@link DaoPortletAuthoritiesPopulator}
*
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public class DaoPortletAuthoritiesPopulatorTests extends TestCase {
//~ Constructors ===================================================================================================
public DaoPortletAuthoritiesPopulatorTests() {
super();
}
public DaoPortletAuthoritiesPopulatorTests(String arg0) {
super(arg0);
}
//~ Methods ========================================================================================================
public final void setUp() throws Exception {
super.setUp();
}
public void testRequiresDao() throws Exception {
DaoPortletAuthoritiesPopulator populator = new DaoPortletAuthoritiesPopulator();
try {
populator.afterPropertiesSet();
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException failed) {
// ignored
}
}
public void testGetGrantedAuthoritiesForValidUser() throws Exception {
DaoPortletAuthoritiesPopulator populator = new DaoPortletAuthoritiesPopulator();
populator.setUserDetailsService(new MockAuthenticationDao());
populator.afterPropertiesSet();
UserDetails results = populator.getUserDetails(PortletTestUtils.createToken());
assertEquals(2, results.getAuthorities().length);
assertEquals(new GrantedAuthorityImpl(PortletTestUtils.TESTROLE1), results.getAuthorities()[0]);
assertEquals(new GrantedAuthorityImpl(PortletTestUtils.TESTROLE2), results.getAuthorities()[1]);
}
public void testGetGrantedAuthoritiesForInvalidUser() throws Exception {
DaoPortletAuthoritiesPopulator populator = new DaoPortletAuthoritiesPopulator();
populator.setUserDetailsService(new MockAuthenticationDao());
populator.afterPropertiesSet();
try {
populator.getUserDetails(new PortletAuthenticationToken("dummy", "dummy", null));
fail("Should have thrown UsernameNotFoundException");
} catch (UsernameNotFoundException e) {
// ignore
}
}
//~ Inner Classes ==================================================================================================
private class MockAuthenticationDao implements UserDetailsService {
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
if (PortletTestUtils.TESTUSER.equals(username))
return PortletTestUtils.createUser();
throw new UsernameNotFoundException("Could not find: " + username);
}
}
}

60
portlet/src/test/java/org/springframework/security/ui/portlet/PortletProcessingFilterEntryPointTests.java
View File

@ -1,60 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.ui.portlet;
import javax.servlet.http.HttpServletResponse;
import junit.framework.TestCase;
import org.springframework.security.BadCredentialsException;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests {@link PortletProcessingFilterEntryPoint}.
*
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public class PortletProcessingFilterEntryPointTests extends TestCase {
//~ Constructors ===================================================================================================
public PortletProcessingFilterEntryPointTests() {
super();
}
public PortletProcessingFilterEntryPointTests(String arg0) {
super(arg0);
}
//~ Methods ========================================================================================================
public final void setUp() throws Exception {
super.setUp();
}
public void testNormalOperation() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
PortletProcessingFilterEntryPoint entryPoint = new PortletProcessingFilterEntryPoint();
entryPoint.commence(request, response, new BadCredentialsException(null));
assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
}
}

15
portlet/src/test/java/org/springframework/security/ui/portlet/PortletProcessingInterceptorTests.java
View File

@ -32,8 +32,8 @@ import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.TestingAuthenticationToken;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.portlet.PortletAuthenticationToken;
import org.springframework.security.providers.portlet.PortletTestUtils;
import org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.security.ui.AbstractProcessingFilter;
import org.springframework.security.userdetails.User;
import org.springframework.mock.web.portlet.MockActionRequest;
@ -74,6 +74,7 @@ public class PortletProcessingInterceptorTests extends TestCase {
public void testRequiresAuthenticationManager() throws Exception {
PortletProcessingInterceptor interceptor = new PortletProcessingInterceptor();
try {
interceptor.afterPropertiesSet();
fail("Expected IllegalArgumentException");
@ -251,14 +252,14 @@ public class PortletProcessingInterceptorTests extends TestCase {
public Authentication authenticate(Authentication token) {
// Make sure we got a valid token
if (!(token instanceof PortletAuthenticationToken)) {
TestCase.fail("Expected PortletAuthentication object-- got: " + token);
if (!(token instanceof PreAuthenticatedAuthenticationToken)) {
TestCase.fail("Expected PreAuthenticatedAuthenticationToken object-- got: " + token);
}
// Make sure the token details are the PortletRequest
if (!(token.getDetails() instanceof PortletRequest)) {
TestCase.fail("Expected Authentication.getDetails to be a PortletRequest object -- got: " + token.getDetails());
}
// if (!(token.getDetails() instanceof PortletRequest)) {
// TestCase.fail("Expected Authentication.getDetails to be a PortletRequest object -- got: " + token.getDetails());
// }
// Make sure it's got a principal
if (token.getPrincipal() == null) {
@ -273,7 +274,7 @@ public class PortletProcessingInterceptorTests extends TestCase {
// create resulting Authentication object
User user = new User(token.getName(), token.getCredentials().toString(), true, true, true, true,
new GrantedAuthority[] {new GrantedAuthorityImpl(PortletTestUtils.TESTROLE1), new GrantedAuthorityImpl(PortletTestUtils.TESTROLE2)});
PortletAuthenticationToken result = new PortletAuthenticationToken(
PreAuthenticatedAuthenticationToken result = new PreAuthenticatedAuthenticationToken(
user, user.getPassword(), user.getAuthorities());
result.setAuthenticated(true);
return result;