diff --git a/core/src/test/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluatorTests.java b/core/src/test/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluatorTests.java
index 0c0bbc2d5f..15b5195ce5 100644
--- a/core/src/test/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluatorTests.java
+++ b/core/src/test/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluatorTests.java
@@ -15,11 +15,31 @@
package org.springframework.security.intercept.web;
+import static org.junit.Assert.*;
+import static org.springframework.security.matcher.AuthenticationMatcher.anAuthenticationWithUsername;
+
+import java.util.List;
+
import junit.framework.TestCase;
+import org.jmock.Expectations;
+import org.jmock.Mockery;
+import org.jmock.integration.junit4.JUnit4Mockery;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.springframework.security.AccessDecisionManager;
+import org.springframework.security.AccessDeniedException;
+import org.springframework.security.Authentication;
+import org.springframework.security.AuthenticationManager;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
+import org.springframework.security.MockApplicationEventPublisher;
+import org.springframework.security.RunAsManager;
+import org.springframework.security.ConfigAttribute;
+import org.springframework.security.context.SecurityContextHolder;
+import org.springframework.security.providers.TestingAuthenticationToken;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.util.FilterInvocationUtils;
@@ -34,62 +54,70 @@ import org.springframework.context.support.ClassPathXmlApplicationContext;
* @author Ben Alex
* @version $Id$
*/
-public class WebInvocationPrivilegeEvaluatorTests extends TestCase {
- //~ Constructors ===================================================================================================
-
- public WebInvocationPrivilegeEvaluatorTests() {
- super();
- }
-
- public WebInvocationPrivilegeEvaluatorTests(String arg0) {
- super(arg0);
- }
+public class WebInvocationPrivilegeEvaluatorTests {
+ private Mockery jmock = new JUnit4Mockery();
+ private AuthenticationManager am;
+ private AccessDecisionManager adm;
+ private FilterInvocationDefinitionSource ods;
+ private RunAsManager ram;
+ private FilterSecurityInterceptor interceptor;
//~ Methods ========================================================================================================
- private FilterSecurityInterceptor makeFilterSecurityInterceptor() {
- ApplicationContext context = new ClassPathXmlApplicationContext(
- "org/springframework/security/intercept/web/applicationContext.xml");
-
- return (FilterSecurityInterceptor) context.getBean("securityInterceptor");
+ @Before
+ public final void setUp() throws Exception {
+ interceptor = new FilterSecurityInterceptor();
+ am = jmock.mock(AuthenticationManager.class);
+ ods = jmock.mock(FilterInvocationDefinitionSource.class);
+ adm = jmock.mock(AccessDecisionManager.class);
+ ram = jmock.mock(RunAsManager.class);
+ interceptor.setAuthenticationManager(am);
+ interceptor.setObjectDefinitionSource(ods);
+ interceptor.setAccessDecisionManager(adm);
+ interceptor.setRunAsManager(ram);
+ interceptor.setApplicationEventPublisher(new MockApplicationEventPublisher(true));
+ SecurityContextHolder.clearContext();
}
- public void testAllowsAccess1() throws Exception {
- UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
- new GrantedAuthority[] {new GrantedAuthorityImpl("MOCK_INDEX")});
+ @After
+ public void tearDown() throws Exception {
+ SecurityContextHolder.clearContext();
+ }
+
+ @Test
+ public void allowsAccessIfAccessDecisionMangerDoes() throws Exception {
+ Authentication token = new TestingAuthenticationToken("test", "Password", "MOCK_INDEX");
FilterInvocation fi = FilterInvocationUtils.create("/foo/index.jsp");
- FilterSecurityInterceptor interceptor = makeFilterSecurityInterceptor();
WebInvocationPrivilegeEvaluator wipe = new WebInvocationPrivilegeEvaluator();
wipe.setSecurityInterceptor(interceptor);
wipe.afterPropertiesSet();
+ jmock.checking(new Expectations() {{
+ ignoring(ram); ignoring(ods);
+ oneOf(adm).decide(with(anAuthenticationWithUsername("test")), with(anything()), with(aNonNull(List.class)));
+ }});
+
assertTrue(wipe.isAllowed(fi, token));
+ jmock.assertIsSatisfied();
}
- public void testAllowsAccess2() throws Exception {
- UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
- new GrantedAuthority[] {new GrantedAuthorityImpl("MOCK_USER")});
- FilterInvocation fi = FilterInvocationUtils.create("/anything.jsp");
- FilterSecurityInterceptor interceptor = makeFilterSecurityInterceptor();
+ @Test
+ public void deniesAccessIfAccessDecisionMangerDoes() throws Exception {
+ Authentication token = new TestingAuthenticationToken("test", "Password", "MOCK_INDEX");
+ FilterInvocation fi = FilterInvocationUtils.create("/foo/index.jsp");
WebInvocationPrivilegeEvaluator wipe = new WebInvocationPrivilegeEvaluator();
wipe.setSecurityInterceptor(interceptor);
wipe.afterPropertiesSet();
- assertTrue(wipe.isAllowed(fi, token));
- }
-
- public void testDeniesAccess1() throws Exception {
- UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
- new GrantedAuthority[] {new GrantedAuthorityImpl("MOCK_NOTHING_USEFUL")});
- FilterInvocation fi = FilterInvocationUtils.create("/anything.jsp");
- FilterSecurityInterceptor interceptor = makeFilterSecurityInterceptor();
-
- WebInvocationPrivilegeEvaluator wipe = new WebInvocationPrivilegeEvaluator();
- wipe.setSecurityInterceptor(interceptor);
- wipe.afterPropertiesSet();
+ jmock.checking(new Expectations() {{
+ ignoring(ram); ignoring(ods);
+ oneOf(adm).decide(with(anAuthenticationWithUsername("test")), with(anything()), with(aNonNull(List.class)));
+ will(throwException(new AccessDeniedException("")));
+ }});
assertFalse(wipe.isAllowed(fi, token));
+ jmock.assertIsSatisfied();
}
}
diff --git a/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java b/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java
index 1ef0407e75..0f762c796f 100644
--- a/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java
+++ b/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java
@@ -85,13 +85,9 @@ public class FilterChainProxyTests {
assertFalse(filter.isWasDestroyed());
}
- @Test
+ @Test(expected=BeanCreationException.class)
public void misplacedUniversalPathShouldBeDetected() throws Exception {
- try {
- appCtx.getBean("newFilterChainProxyWrongPathOrder", FilterChainProxy.class);
- fail("Expected BeanCreationException");
- } catch (BeanCreationException expected) {
- }
+ appCtx.getBean("newFilterChainProxyWrongPathOrder", FilterChainProxy.class);
}
@Test
@@ -100,12 +96,6 @@ public class FilterChainProxyTests {
doNormalOperation(filterChainProxy);
}
- @Test
- public void proxyPathWithoutLowerCaseConversionShouldntMatchDifferentCasePath() throws Exception {
- FilterChainProxy filterChainProxy = (FilterChainProxy) appCtx.getBean("filterChainNonLowerCase", FilterChainProxy.class);
- assertNull(filterChainProxy.getFilters("/some/other/path/blah"));
- }
-
@Test
public void normalOperationWithNewConfig() throws Exception {
FilterChainProxy filterChainProxy = (FilterChainProxy) appCtx.getBean("newFilterChainProxy", FilterChainProxy.class);
diff --git a/core/src/test/resources/org/springframework/security/intercept/web/applicationContext.xml b/core/src/test/resources/org/springframework/security/intercept/web/applicationContext.xml
deleted file mode 100644
index 75a9fcb063..0000000000
--- a/core/src/test/resources/org/springframework/security/intercept/web/applicationContext.xml
+++ /dev/null
@@ -1,41 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
- PATTERN_TYPE_APACHE_ANT
- /foo/index.jsp=MOCK_INDEX
- /hello.htm=MOCK_HELLO
- /**=MOCK_USER
-
-
-
-
-
diff --git a/core/src/test/resources/org/springframework/security/util/filtertest-valid.xml b/core/src/test/resources/org/springframework/security/util/filtertest-valid.xml
index 35d12b18fb..3e74d90f27 100644
--- a/core/src/test/resources/org/springframework/security/util/filtertest-valid.xml
+++ b/core/src/test/resources/org/springframework/security/util/filtertest-valid.xml
@@ -42,28 +42,14 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
-
-
- CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
- PATTERN_TYPE_APACHE_ANT
- /foo/**=mockFilter
- /some/other/path/**=mockFilter
- /do/not/filter=#NONE#
-
-
-
-
-
-
-
- PATTERN_TYPE_APACHE_ANT
- /foo/**=mockFilter
- /SOME/other/path/**=sif,mockFilter,mockFilter2
- /do/not/filter=#NONE#
-
-
+
+
+
+
+
+