From 5e0cb21c8d476ecab6456e2ff3383a3c39c5f10c Mon Sep 17 00:00:00 2001
From: Luke Taylor
Date: Sun, 9 Dec 2007 18:40:28 +0000
Subject: [PATCH] SEC-619: Added test class for LdapUserDetailsService. The
LdapAuthoritiesPopulator interface and also implementations have been moved
to the org.springframework.security.ldap package since they are now used by
both the ldap provider and the user service.
---
.../config/LdapBeanDefinitionParser.java | 2 +-
.../ldap/LdapAuthoritiesPopulator.java | 2 +-
.../DefaultLdapAuthoritiesPopulator.java | 29 +++++-----
.../ldap/populator/package.html | 2 +-
.../ldap/LdapAuthenticationProvider.java | 6 +-
.../userdetails/ldap/InetOrgPerson.java | 1 -
.../ldap/LdapUserDetailsService.java | 2 +-
.../ldap/MockSpringSecurityContextSource.java | 3 +
.../DefaultLdapAuthoritiesPopulatorTests.java | 3 +-
.../ldap/LdapAuthenticationProviderTests.java | 11 ++--
.../ldap/authenticator/MockUserSearch.java | 3 +
.../ldap/LdapUserDetailsServiceTests.java | 56 +++++++++++++++++++
...applicationContext-acegi-security-ldap.xml | 2 +-
src/docbkx/springsecurity.xml | 4 +-
14 files changed, 94 insertions(+), 32 deletions(-)
rename core/src/main/java/org/springframework/security/{providers => }/ldap/LdapAuthoritiesPopulator.java (96%)
rename core/src/main/java/org/springframework/security/{providers => }/ldap/populator/DefaultLdapAuthoritiesPopulator.java (95%)
rename core/src/main/java/org/springframework/security/{providers => }/ldap/populator/package.html (88%)
rename core/src/test/java/org/springframework/security/{providers => }/ldap/populator/DefaultLdapAuthoritiesPopulatorTests.java (97%)
create mode 100644 core/src/test/java/org/springframework/security/userdetails/ldap/LdapUserDetailsServiceTests.java
diff --git a/core/src/main/java/org/springframework/security/config/LdapBeanDefinitionParser.java b/core/src/main/java/org/springframework/security/config/LdapBeanDefinitionParser.java
index b7cbf1fe8d..47e8e596ec 100644
--- a/core/src/main/java/org/springframework/security/config/LdapBeanDefinitionParser.java
+++ b/core/src/main/java/org/springframework/security/config/LdapBeanDefinitionParser.java
@@ -1,9 +1,9 @@
package org.springframework.security.config;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
+import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator;
import org.springframework.security.providers.ldap.LdapAuthenticationProvider;
import org.springframework.security.providers.ldap.authenticator.BindAuthenticator;
-import org.springframework.security.providers.ldap.populator.DefaultLdapAuthoritiesPopulator;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser;
diff --git a/core/src/main/java/org/springframework/security/providers/ldap/LdapAuthoritiesPopulator.java b/core/src/main/java/org/springframework/security/ldap/LdapAuthoritiesPopulator.java
similarity index 96%
rename from core/src/main/java/org/springframework/security/providers/ldap/LdapAuthoritiesPopulator.java
rename to core/src/main/java/org/springframework/security/ldap/LdapAuthoritiesPopulator.java
index e30a0391d4..4e7c48fa04 100644
--- a/core/src/main/java/org/springframework/security/providers/ldap/LdapAuthoritiesPopulator.java
+++ b/core/src/main/java/org/springframework/security/ldap/LdapAuthoritiesPopulator.java
@@ -13,7 +13,7 @@
* limitations under the License.
*/
-package org.springframework.security.providers.ldap;
+package org.springframework.security.ldap;
import org.springframework.security.GrantedAuthority;
diff --git a/core/src/main/java/org/springframework/security/providers/ldap/populator/DefaultLdapAuthoritiesPopulator.java b/core/src/main/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulator.java
similarity index 95%
rename from core/src/main/java/org/springframework/security/providers/ldap/populator/DefaultLdapAuthoritiesPopulator.java
rename to core/src/main/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulator.java
index 2fba78fa83..d460cbd2d6 100644
--- a/core/src/main/java/org/springframework/security/providers/ldap/populator/DefaultLdapAuthoritiesPopulator.java
+++ b/core/src/main/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulator.java
@@ -13,12 +13,12 @@
* limitations under the License.
*/
-package org.springframework.security.providers.ldap.populator;
+package org.springframework.security.ldap.populator;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.ldap.SpringSecurityLdapTemplate;
-import org.springframework.security.providers.ldap.LdapAuthoritiesPopulator;
+import org.springframework.security.ldap.LdapAuthoritiesPopulator;
import org.springframework.ldap.core.ContextSource;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.util.Assert;
@@ -34,8 +34,9 @@ import java.util.Set;
/**
* The default strategy for obtaining user role information from the directory.
- * It obtains roles by performing a search for "groups" the user is a member of.
- *
+ *
+ * It obtains roles by performing a search for "groups" the user is a member of.
+ *
* A typical group search scenario would be where each group/role is specified using the groupOfNames
* (or groupOfUniqueNames) LDAP objectClass and the user's DN is listed in the member (or
* uniqueMember) attribute to indicate that they should be assigned that role. The following LDIF sample has
@@ -48,7 +49,7 @@ import java.util.Set;
* ou: groups
*
* dn: cn=developers,ou=groups,dc=springframework,dc=org
- * objectClass: groupOfNameso
+ * objectClass: groupOfNames
* objectClass: top
* cn: developers
* description: Spring Security Developers
@@ -56,16 +57,15 @@ import java.util.Set;
* member: uid=luke,ou=people,dc=springframework,dc=org
* ou: developer
*
- *
- *
+ *
* The group search is performed within a DN specified by the groupSearchBase property, which should
* be relative to the root DN of its InitialDirContextFactory. If the search base is null, group searching is
* disabled. The filter used in the search is defined by the groupSearchFilter property, with the filter
* argument {0} being the full DN of the user. You can also optionally use the parameter {1}, which will be substituted
* with the username. You can also specify which attribute defines the role name by setting
- * the groupRoleAttribute property (the default is "cn").
- *
- * The configuration below shows how the group search might be performed with the above schema.
+ * the groupRoleAttribute property (the default is "cn").
+ *
+ * The configuration below shows how the group search might be performed with the above schema.
*
* <bean id="ldapAuthoritiesPopulator"
* class="org.springframework.security.providers.ldap.populator.DefaultLdapAuthoritiesPopulator">
@@ -80,8 +80,7 @@ import java.util.Set;
*
* A search for roles for user "uid=ben,ou=people,dc=springframework,dc=org" would return the single granted authority
* "ROLE_DEVELOPER".
- *
- *
+ *
* The single-level search is performed by default. Setting the searchSubTree property to true will enable
* a search of the entire subtree under groupSearchBase.
*
@@ -98,9 +97,9 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
/**
* A default role which will be assigned to all authenticated users if set
*/
- private GrantedAuthority defaultRole = null;
+ private GrantedAuthority defaultRole;
- private ContextSource contextSource = null;
+ private ContextSource contextSource;
private SpringSecurityLdapTemplate ldapTemplate;
@@ -118,7 +117,7 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
/**
* The base DN from which the search for group membership should be performed
*/
- private String groupSearchBase = null;
+ private String groupSearchBase;
/**
* The pattern to be used for the user search. {0} is the user's DN
diff --git a/core/src/main/java/org/springframework/security/providers/ldap/populator/package.html b/core/src/main/java/org/springframework/security/ldap/populator/package.html
similarity index 88%
rename from core/src/main/java/org/springframework/security/providers/ldap/populator/package.html
rename to core/src/main/java/org/springframework/security/ldap/populator/package.html
index 2571b3e762..492914683e 100644
--- a/core/src/main/java/org/springframework/security/providers/ldap/populator/package.html
+++ b/core/src/main/java/org/springframework/security/ldap/populator/package.html
@@ -2,4 +2,4 @@
LdapAuthoritiesPopulator implementations.
-