Create a NullRunAsManager, which is used by default by the AbstractSecurityInterceptor.

2004-05-06 23:13:32 +00:00 · 2004-05-06 23:13:32 +00:00 · 614f12448e
parent 9b0ce184ca
commit 614f12448e
6 changed files with 120 additions and 15 deletions
--- a/core/src/main/java/org/acegisecurity/intercept/AbstractSecurityInterceptor.java
+++ b/core/src/main/java/org/acegisecurity/intercept/AbstractSecurityInterceptor.java
@ -25,6 +25,7 @@ import net.sf.acegisecurity.RunAsManager;
 import net.sf.acegisecurity.context.Context;
 import net.sf.acegisecurity.context.ContextHolder;
 import net.sf.acegisecurity.context.SecureContext;
+import net.sf.acegisecurity.runas.NullRunAsManager;

 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@ -124,7 +125,7 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean {

    private AccessDecisionManager accessDecisionManager;
    private AuthenticationManager authenticationManager;
-    private RunAsManager runAsManager;
+    private RunAsManager runAsManager = new NullRunAsManager();
    private boolean validateConfigAttributes = true;

    //~ Methods ================================================================
--- a/core/src/main/java/org/acegisecurity/runas/NullRunAsManager.java
+++ b/core/src/main/java/org/acegisecurity/runas/NullRunAsManager.java
@ -0,0 +1,50 @@
+/* Copyright 2004 Acegi Technology Pty Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package net.sf.acegisecurity.runas;
+
+import net.sf.acegisecurity.Authentication;
+import net.sf.acegisecurity.ConfigAttribute;
+import net.sf.acegisecurity.ConfigAttributeDefinition;
+import net.sf.acegisecurity.RunAsManager;
+
+
+/**
+ * Implementation of a {@link RunAsManager} that does nothing.
+ * 
+ * <p>
+ * This class should be used if you do not require run-as authenticaiton
+ * replacement functionality.
+ * </p>
+ *
+ * @author Ben Alex
+ * @version $Id$
+ */
+public class NullRunAsManager implements RunAsManager {
+    //~ Methods ================================================================
+
+    public Authentication buildRunAs(Authentication authentication,
+        Object object, ConfigAttributeDefinition config) {
+        return null;
+    }
+
+    public boolean supports(ConfigAttribute attribute) {
+        return false;
+    }
+
+    public boolean supports(Class clazz) {
+        return true;
+    }
+}
--- a/core/src/test/java/org/acegisecurity/intercept/method/MethodSecurityInterceptorTests.java
+++ b/core/src/test/java/org/acegisecurity/intercept/method/MethodSecurityInterceptorTests.java
@ -36,6 +36,7 @@ import net.sf.acegisecurity.context.SecureContext;
 import net.sf.acegisecurity.context.SecureContextImpl;
 import net.sf.acegisecurity.intercept.SecurityInterceptorCallback;
 import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
+import net.sf.acegisecurity.runas.RunAsManagerImpl;

 import org.aopalliance.intercept.MethodInvocation;

@ -336,7 +337,6 @@ public class MethodSecurityInterceptorTests extends TestCase {
    public void testStartupCheckForMethodDefinitionSource() {
        MethodSecurityInterceptor si = new MethodSecurityInterceptor();
        si.setAccessDecisionManager(new MockAccessDecisionManager());
-        si.setRunAsManager(new MockRunAsManager());
        si.setAuthenticationManager(new MockAuthenticationManager());

        try {
@ -352,6 +352,7 @@ public class MethodSecurityInterceptorTests extends TestCase {
        MethodSecurityInterceptor si = new MethodSecurityInterceptor();
        si.setAccessDecisionManager(new MockAccessDecisionManager());
        si.setAuthenticationManager(new MockAuthenticationManager());
+        si.setRunAsManager(null); // Overriding the default

        si.setObjectDefinitionSource(new MockMethodDefinitionSource(false, true));

@ -366,8 +367,8 @@ public class MethodSecurityInterceptorTests extends TestCase {
    public void testValidationFailsIfInvalidAttributePresented() {
        MethodSecurityInterceptor si = new MethodSecurityInterceptor();
        si.setAccessDecisionManager(new MockAccessDecisionManager());
-        si.setRunAsManager(new MockRunAsManager());
        si.setAuthenticationManager(new MockAuthenticationManager());
+        si.setRunAsManager(new RunAsManagerImpl());

        assertTrue(si.isValidateConfigAttributes()); // check default
        si.setObjectDefinitionSource(new MockMethodDefinitionSource(true, true));
@ -384,7 +385,6 @@ public class MethodSecurityInterceptorTests extends TestCase {
    public void testValidationNotAttemptedIfIsValidateConfigAttributesSetToFalse() {
        MethodSecurityInterceptor si = new MethodSecurityInterceptor();
        si.setAccessDecisionManager(new MockAccessDecisionManager());
-        si.setRunAsManager(new MockRunAsManager());
        si.setAuthenticationManager(new MockAuthenticationManager());

        assertTrue(si.isValidateConfigAttributes()); // check default
--- a/core/src/test/java/org/acegisecurity/intercept/method/MockMethodDefinitionSource.java
+++ b/core/src/test/java/org/acegisecurity/intercept/method/MockMethodDefinitionSource.java
@ -57,7 +57,7 @@ public class MockMethodDefinitionSource extends AbstractMethodDefinitionSource {

        ConfigAttributeDefinition def3 = new ConfigAttributeDefinition();
        def3.addConfigAttribute(new SecurityConfig("MOCK_UPPER"));
-        def3.addConfigAttribute(new SecurityConfig("RUN_AS"));
+        def3.addConfigAttribute(new SecurityConfig("RUN_AS_"));
        list.add(def3);

        if (includeInvalidAttributes) {
--- a/core/src/test/java/org/acegisecurity/runas/NullRunAsManagerTests.java
+++ b/core/src/test/java/org/acegisecurity/runas/NullRunAsManagerTests.java
@ -0,0 +1,64 @@
+/* Copyright 2004 Acegi Technology Pty Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package net.sf.acegisecurity.runas;
+
+import junit.framework.TestCase;
+
+import net.sf.acegisecurity.SecurityConfig;
+
+
+/**
+ * Tests {@link NullRunAsManager}.
+ *
+ * @author Ben Alex
+ * @version $Id$
+ */
+public class NullRunAsManagerTests extends TestCase {
+    //~ Constructors ===========================================================
+
+    public NullRunAsManagerTests() {
+        super();
+    }
+
+    public NullRunAsManagerTests(String arg0) {
+        super(arg0);
+    }
+
+    //~ Methods ================================================================
+
+    public final void setUp() throws Exception {
+        super.setUp();
+    }
+
+    public static void main(String[] args) {
+        junit.textui.TestRunner.run(NullRunAsManagerTests.class);
+    }
+
+    public void testAlwaysReturnsNull() {
+        NullRunAsManager runAs = new NullRunAsManager();
+        assertNull(runAs.buildRunAs(null, null, null));
+    }
+
+    public void testAlwaysSupportsClass() {
+        NullRunAsManager runAs = new NullRunAsManager();
+        assertTrue(runAs.supports(String.class));
+    }
+
+    public void testNeverSupportsAttribute() {
+        NullRunAsManager runAs = new NullRunAsManager();
+        assertFalse(runAs.supports(new SecurityConfig("X")));
+    }
+}
--- a/samples/quick-start/war-root/WEB-INF/applicationContext.xml
+++ b/samples/quick-start/war-root/WEB-INF/applicationContext.xml
@ -32,7 +32,6 @@
 	<bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
    	<property name="authenticationManager"><ref bean="authenticationManager"/></property>
    	<property name="accessDecisionManager"><ref bean="accessDecisionManager"/></property>
-    	<property name="runAsManager"><ref bean="runAsManager"/></property>
 		<property name="objectDefinitionSource">
 			<value>
 			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
@ -50,18 +49,9 @@
 		<property name="key"><value>my_password</value></property>
 	</bean>

-	<bean id="runAsManager" class="net.sf.acegisecurity.runas.RunAsManagerImpl">
-     	<property name="key"><value>my_run_as_password</value></property>
- 	</bean>
-
-	<bean id="runAsAuthenticationProvider" class="net.sf.acegisecurity.runas.RunAsImplAuthenticationProvider">
-     	<property name="key"><value>my_run_as_password</value></property>
- 	</bean>
-
 	<bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
 		<property name="providers">
 		  <list>
-		    <ref bean="runAsAuthenticationProvider"/>
 		    <ref bean="daoAuthenticationProvider"/>
 		  </list>
 		</property>