Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-1012: Adding generics and general tidying up of tests etc

This commit is contained in:
Luke Taylor 2008-11-15 13:00:38 +00:00
parent a535c5bd05
commit 67c06d3d52
43 changed files with 427 additions and 514 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
acl/src/main/java/org/springframework/security/acls/domain/BasePermission.java
View File

@ -19,12 +19,12 @@ import org.springframework.security.acls.Permission;
/**
* A set of standard permissions.
*
*
* <p>
* You may subclass this class to add additional permissions, or use this class as a guide
* for creating your own permission classes.
* </p>
*
*
* @author Ben Alex
* @version $Id$
*/
@ -34,25 +34,25 @@ public class BasePermission extends AbstractPermission {
public static final Permission CREATE = new BasePermission(1 << 2, 'C'); // 4
public static final Permission DELETE = new BasePermission(1 << 3, 'D'); // 8
public static final Permission ADMINISTRATION = new BasePermission(1 << 4, 'A'); // 16
protected static DefaultPermissionFactory defaultPermissionFactory = new DefaultPermissionFactory();
/**
protected static DefaultPermissionFactory defaultPermissionFactory = new DefaultPermissionFactory();
/**
* Registers the public static permissions defined on this class. This is mandatory so
* that the static methods will operate correctly.
*/
static {
registerPermissionsFor(BasePermission.class);
registerPermissionsFor(BasePermission.class);
}
protected BasePermission(int mask, char code) {
super(mask, code);
super(mask, code);
}
protected final static void registerPermissionsFor(Class subClass) {
defaultPermissionFactory.registerPublicPermissions(subClass);
protected final static void registerPermissionsFor(Class<?> subClass) {
defaultPermissionFactory.registerPublicPermissions(subClass);
}
public final static Permission buildFromMask(int mask) {
return defaultPermissionFactory.buildFromMask(mask);
}
@ -62,11 +62,11 @@ public class BasePermission extends AbstractPermission {
}
public final static Permission buildFromName(String name) {
return defaultPermissionFactory.buildFromName(name);
return defaultPermissionFactory.buildFromName(name);
}
public final static Permission[] buildFromName(String[] names) {
return defaultPermissionFactory.buildFromName(names);
}
}
}

8
acl/src/main/java/org/springframework/security/afterinvocation/AbstractAclProvider.java
View File

@ -43,7 +43,7 @@ public abstract class AbstractAclProvider implements AfterInvocationProvider {
//~ Instance fields ================================================================================================
protected AclService aclService;
protected Class processDomainObjectClass = Object.class;
protected Class<?> processDomainObjectClass = Object.class;
protected ObjectIdentityRetrievalStrategy objectIdentityRetrievalStrategy = new ObjectIdentityRetrievalStrategyImpl();
protected SidRetrievalStrategy sidRetrievalStrategy = new SidRetrievalStrategyImpl();
protected String processConfigAttribute;
@ -66,7 +66,7 @@ public abstract class AbstractAclProvider implements AfterInvocationProvider {
//~ Methods ========================================================================================================
protected Class getProcessDomainObjectClass() {
protected Class<?> getProcessDomainObjectClass() {
return processDomainObjectClass;
}
@ -99,7 +99,7 @@ public abstract class AbstractAclProvider implements AfterInvocationProvider {
this.processConfigAttribute = processConfigAttribute;
}
public void setProcessDomainObjectClass(Class processDomainObjectClass) {
public void setProcessDomainObjectClass(Class<?> processDomainObjectClass) {
Assert.notNull(processDomainObjectClass, "processDomainObjectClass cannot be set to null");
this.processDomainObjectClass = processDomainObjectClass;
}
@ -120,7 +120,7 @@ public abstract class AbstractAclProvider implements AfterInvocationProvider {
*
* @return always <code>true</code>
*/
public boolean supports(Class<? extends Object> clazz) {
public boolean supports(Class<?> clazz) {
return true;
}
}

2
acl/src/main/java/org/springframework/security/vote/AclEntryVoter.java
View File

@ -173,7 +173,7 @@ public class AclEntryVoter extends AbstractAclVoter {
// Evaluate if we are required to use an inner domain object
if (StringUtils.hasText(internalMethod)) {
try {
Class clazz = domainObject.getClass();
Class<?> clazz = domainObject.getClass();
Method method = clazz.getMethod(internalMethod, new Class[0]);
domainObject = method.invoke(domainObject, new Object[0]);
} catch (NoSuchMethodException nsme) {

2
core/src/main/java/org/springframework/security/AccessDecisionManager.java
View File

@ -63,5 +63,5 @@ public interface AccessDecisionManager {
*
* @return <code>true</code> if the implementation can process the indicated class
*/
boolean supports(Class clazz);
boolean supports(Class<?> clazz);
}

2
core/src/main/java/org/springframework/security/AfterInvocationManager.java
View File

@ -87,5 +87,5 @@ public interface AfterInvocationManager {
*
* @return <code>true</code> if the implementation can process the indicated class
*/
boolean supports(Class clazz);
boolean supports(Class<?> clazz);
}

2
core/src/main/java/org/springframework/security/afterinvocation/AfterInvocationProvider.java
View File

@ -56,5 +56,5 @@ public interface AfterInvocationProvider {
*
* @return true if the implementation can process the indicated class
*/
boolean supports(Class<? extends Object> clazz);
boolean supports(Class<?> clazz);
}

2
core/src/main/java/org/springframework/security/afterinvocation/AfterInvocationProviderManager.java
View File

@ -122,7 +122,7 @@ public class AfterInvocationProviderManager implements AfterInvocationManager, I
* @return if the <code>AfterInvocationProviderManager</code> can support the secure object class, which requires
* every one of its <code>AfterInvocationProvider</code>s to support the secure object class
*/
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
Iterator iter = this.providers.iterator();
while (iter.hasNext()) {

42
core/src/main/java/org/springframework/security/authoritymapping/MapBasedAttributes2GrantedAuthoritiesMapper.java
View File

@ -2,10 +2,11 @@ package org.springframework.security.authoritymapping;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import org.springframework.beans.factory.InitializingBean;
@ -14,7 +15,6 @@ import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
/**
* This class implements the Attributes2GrantedAuthoritiesMapper and
* MappableAttributesRetriever interfaces based on the supplied Map.
@ -27,7 +27,7 @@ import org.springframework.util.StringUtils;
public class MapBasedAttributes2GrantedAuthoritiesMapper implements Attributes2GrantedAuthoritiesMapper, MappableAttributesRetriever, InitializingBean {
private Map<String, Collection<GrantedAuthority>> attributes2grantedAuthoritiesMap = null;
private String stringSeparator = ",";
private String[] mappableAttributes = null;
private Set<String> mappableAttributes = null;
public void afterPropertiesSet() throws Exception {
@ -51,21 +51,17 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper implements Attributes2G
/**
* @return Returns the attributes2grantedAuthoritiesMap.
*/
public Map getAttributes2grantedAuthoritiesMap() {
public Map<String, Collection<GrantedAuthority>> getAttributes2grantedAuthoritiesMap() {
return attributes2grantedAuthoritiesMap;
}
/**
* @param attributes2grantedAuthoritiesMap The attributes2grantedAuthoritiesMap to set.
*/
public void setAttributes2grantedAuthoritiesMap(final Map<String, Object> attributes2grantedAuthoritiesMap) {
public void setAttributes2grantedAuthoritiesMap(final Map attributes2grantedAuthoritiesMap) {
Assert.notEmpty(attributes2grantedAuthoritiesMap,"A non-empty attributes2grantedAuthoritiesMap must be supplied");
this.attributes2grantedAuthoritiesMap = preProcessMap(attributes2grantedAuthoritiesMap);
try {
mappableAttributes = (String[])this.attributes2grantedAuthoritiesMap.keySet().toArray(new String[]{});
} catch ( ArrayStoreException ase ) {
throw new IllegalArgumentException("attributes2grantedAuthoritiesMap contains non-String objects as keys");
}
mappableAttributes = Collections.unmodifiableSet(this.attributes2grantedAuthoritiesMap.keySet());
}
/**
@ -74,11 +70,14 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper implements Attributes2G
* @param orgMap The map to process
* @return the processed Map
*/
private Map<String, Collection<GrantedAuthority>> preProcessMap(Map<String, Object> orgMap) {
Map result = new HashMap(orgMap.size());
private Map<String, Collection<GrantedAuthority>> preProcessMap(Map<?, ?> orgMap) {
Map<String, Collection<GrantedAuthority>> result =
new HashMap<String, Collection<GrantedAuthority>>(orgMap.size());
for(Map.Entry entry : orgMap.entrySet()) {
result.put(entry.getKey(),getGrantedAuthorityCollection(entry.getValue()));
for(Map.Entry<?,?> entry : orgMap.entrySet()) {
Assert.isInstanceOf(String.class, entry.getKey(),
"attributes2grantedAuthoritiesMap contains non-String objects as keys");
result.put((String)entry.getKey(),getGrantedAuthorityCollection(entry.getValue()));
}
return result;
}
@ -90,8 +89,8 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper implements Attributes2G
* The value to convert to a GrantedAuthority Collection
* @return Collection containing the GrantedAuthority Collection
*/
private Collection getGrantedAuthorityCollection(Object value) {
Collection result = new ArrayList();
private Collection<GrantedAuthority> getGrantedAuthorityCollection(Object value) {
Collection<GrantedAuthority> result = new ArrayList<GrantedAuthority>();
addGrantedAuthorityCollection(result,value);
return result;
}
@ -109,7 +108,7 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper implements Attributes2G
return;
}
if ( value instanceof Collection ) {
addGrantedAuthorityCollection(result,(Collection)value);
addGrantedAuthorityCollection(result,(Collection<?>)value);
} else if ( value instanceof Object[] ) {
addGrantedAuthorityCollection(result,(Object[])value);
} else if ( value instanceof String ) {
@ -121,10 +120,9 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper implements Attributes2G
}
}
private void addGrantedAuthorityCollection(Collection<GrantedAuthority> result, Collection value) {
Iterator it = value.iterator();
while ( it.hasNext() ) {
addGrantedAuthorityCollection(result,it.next());
private void addGrantedAuthorityCollection(Collection<GrantedAuthority> result, Collection<?> value) {
for(Object elt : value) {
addGrantedAuthorityCollection(result, elt);
}
}
@ -148,7 +146,7 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper implements Attributes2G
*
* @see org.springframework.security.authoritymapping.MappableAttributesRetriever#getMappableAttributes()
*/
public String[] getMappableAttributes() {
public Set<String> getMappableAttributes() {
return mappableAttributes;
}
/**

8
core/src/main/java/org/springframework/security/authoritymapping/MappableAttributesRetriever.java
View File

@ -1,5 +1,7 @@
package org.springframework.security.authoritymapping;
import java.util.Set;
/**
* Interface to be implemented by classes that can retrieve a list of mappable
* security attribute strings (for example the list of all available J2EE roles in a web or EJB
@ -10,10 +12,10 @@ package org.springframework.security.authoritymapping;
*/
public interface MappableAttributesRetriever {
/**
* Implementations of this method should return a list of all string attributes which
* Implementations of this method should return a set of all string attributes which
* can be mapped to <tt>GrantedAuthority</tt>s.
*
* @return list of all mappable roles
* @return set of all mappable roles
*/
String[] getMappableAttributes();
Set<String> getMappableAttributes();
}

19
core/src/main/java/org/springframework/security/authoritymapping/SimpleMappableAttributesRetriever.java
View File

@ -1,6 +1,9 @@
package org.springframework.security.authoritymapping;
import org.springframework.util.Assert;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
/**
* This class implements the MappableAttributesRetriever interface by just returning
@ -11,23 +14,21 @@ import org.springframework.util.Assert;
* @since 2.0
*/
public class SimpleMappableAttributesRetriever implements MappableAttributesRetriever {
private String[] mappableAttributes = null;
private Set<String> mappableAttributes = null;
/*
* (non-Javadoc)
*
* @see org.springframework.security.authoritymapping.MappableAttributesRetriever#getMappableAttributes()
*/
public String[] getMappableAttributes() {
Assert.notNull(mappableAttributes, "No mappable roles have been set");
String[] copy = new String[mappableAttributes.length];
System.arraycopy(mappableAttributes, 0, copy, 0, copy.length);
return copy;
public Set<String> getMappableAttributes() {
return mappableAttributes;
}
public void setMappableAttributes(String[] aMappableRoles) {
this.mappableAttributes = new String[aMappableRoles.length];
System.arraycopy(aMappableRoles, 0, mappableAttributes, 0, mappableAttributes.length);
mappableAttributes = new HashSet<String>(aMappableRoles.length);
mappableAttributes.addAll(Arrays.asList(aMappableRoles));
mappableAttributes = Collections.unmodifiableSet(mappableAttributes);
}
}

30
core/src/main/java/org/springframework/security/authoritymapping/XmlMappableAttributesRetriever.java
View File

@ -5,7 +5,10 @@ import java.io.IOException;
import java.io.InputStream;
import java.io.StringReader;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
@ -41,7 +44,7 @@ import org.xml.sax.SAXException;
public abstract class XmlMappableAttributesRetriever implements MappableAttributesRetriever, InitializingBean {
private static final Log logger = LogFactory.getLog(XmlMappableAttributesRetriever.class);
private String[] mappableAttributes = null;
private Set<String> mappableAttributes = null;
private InputStream xmlInputStream = null;
@ -55,27 +58,25 @@ public abstract class XmlMappableAttributesRetriever implements MappableAttribut
public void afterPropertiesSet() throws Exception {
Assert.notNull(xmlInputStream, "An XML InputStream must be set");
Assert.notNull(xpathExpression, "An XPath expression must be set");
mappableAttributes = getMappableAttributes(xmlInputStream);
mappableAttributes = Collections.unmodifiableSet(getMappableAttributes(xmlInputStream));
}
public String[] getMappableAttributes() {
String[] copy = new String[mappableAttributes.length];
System.arraycopy(mappableAttributes, 0, copy, 0, copy.length);
return copy;
public Set<String> getMappableAttributes() {
return mappableAttributes;
}
/**
* Get the mappable roles from the specified XML document.
*/
private String[] getMappableAttributes(InputStream aStream) {
private Set<String> getMappableAttributes(InputStream aStream) {
if (logger.isDebugEnabled()) {
logger.debug("Reading mappable attributes from XML document");
}
try {
Document doc = getDocument(aStream);
String[] roles = getMappableAttributes(doc);
Set<String> roles = getMappableAttributes(doc);
if (logger.isDebugEnabled()) {
logger.debug("Mappable attributes from XML document: " + Arrays.asList(roles));
logger.debug("Mappable attributes from XML document: " + roles);
}
return roles;
} finally {
@ -118,13 +119,14 @@ public abstract class XmlMappableAttributesRetriever implements MappableAttribut
* @return String[] the list of roles.
* @throws JaxenException
*/
private String[] getMappableAttributes(Document doc) {
private Set<String> getMappableAttributes(Document doc) {
try {
DOMXPath xpath = new DOMXPath(xpathExpression);
List roleElements = xpath.selectNodes(doc);
String[] roles = new String[roleElements.size()];
for (int i = 0; i < roles.length; i++) {
roles[i] = ((Node) roleElements.get(i)).getNodeValue();
List<Node> roleElements = xpath.selectNodes(doc);
Set<String> roles = new HashSet<String>(roleElements.size());
for (Node n : roleElements) {
roles.add(n.getNodeValue());
}
return roles;
} catch (JaxenException e) {

5
core/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java
View File

@ -43,6 +43,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
private ListableBeanFactory beanFactory;
@SuppressWarnings("unchecked")
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
if(!BeanIds.FILTER_CHAIN_PROXY.equals(beanName)) {
return bean;
@ -51,7 +52,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
FilterChainProxy filterChainProxy = (FilterChainProxy) bean;
FilterChainList filterList = (FilterChainList) beanFactory.getBean(BeanIds.FILTER_LIST);
List filters = new ArrayList(filterList.getFilters());
List<Filter> filters = new ArrayList<Filter>(filterList.getFilters());
Collections.sort(filters, new OrderComparator());
logger.info("Checking sorted filter chain: " + filters);
@ -82,7 +83,7 @@ public class FilterChainProxyPostProcessor implements BeanPostProcessor, BeanFac
checkFilterStack(filters);
// Note that this returns a copy
Map filterMap = filterChainProxy.getFilterChainMap();
Map<String, List<Filter>> filterMap = filterChainProxy.getFilterChainMap();
filterMap.put(filterChainProxy.getMatcher().getUniversalMatchPattern(), filters);
filterChainProxy.setFilterChainMap(filterMap);

108
core/src/main/java/org/springframework/security/config/SessionRegistryInjectionBeanPostProcessor.java
View File

@ -18,16 +18,16 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
/**
* Registered by the <tt>AuthenticationManagerBeanDefinitionParser</tt> if an external
* ConcurrentSessionController is set (and hence an external SessionRegistry).
* Registered by the <tt>AuthenticationManagerBeanDefinitionParser</tt> if an external
* ConcurrentSessionController is set (and hence an external SessionRegistry).
* Its responsibility is to set the SessionRegistry on namespace-registered beans which require access
* to it.
* <p>
* It will attempt to read the registry directly from the registered controller. If that fails, it will look in
* the application context for a registered SessionRegistry bean.
*
* See SEC-879.
*
*
* See SEC-879.
*
* @author Luke Taylor
* @since 2.0.3
*/
@ -38,57 +38,57 @@ class SessionRegistryInjectionBeanPostProcessor implements BeanPostProcessor, Be
private final String controllerBeanName;
SessionRegistryInjectionBeanPostProcessor(String controllerBeanName) {
this.controllerBeanName = controllerBeanName;
this.controllerBeanName = controllerBeanName;
}
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
if (BeanIds.FORM_LOGIN_FILTER.equals(beanName) ||
BeanIds.OPEN_ID_FILTER.equals(beanName)) {
((AbstractProcessingFilter) bean).setSessionRegistry(getSessionRegistry());
} else if (BeanIds.SESSION_FIXATION_PROTECTION_FILTER.equals(beanName)) {
((SessionFixationProtectionFilter)bean).setSessionRegistry(getSessionRegistry());
}
return bean;
}
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
return bean;
}
private SessionRegistry getSessionRegistry() {
if (sessionRegistry != null) {
return sessionRegistry;
}
logger.info("Attempting to read SessionRegistry from registered ConcurrentSessionController bean");
ConcurrentSessionController controller = (ConcurrentSessionController) beanFactory.getBean(controllerBeanName);
if (controller instanceof ConcurrentSessionControllerImpl) {
sessionRegistry = ((ConcurrentSessionControllerImpl)controller).getSessionRegistry();
return sessionRegistry;
}
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
if (BeanIds.FORM_LOGIN_FILTER.equals(beanName) ||
BeanIds.OPEN_ID_FILTER.equals(beanName)) {
((AbstractProcessingFilter) bean).setSessionRegistry(getSessionRegistry());
} else if (BeanIds.SESSION_FIXATION_PROTECTION_FILTER.equals(beanName)) {
((SessionFixationProtectionFilter)bean).setSessionRegistry(getSessionRegistry());
}
logger.info("ConcurrentSessionController is not a standard implementation. SessionRegistry could not be read from it. Looking for it in the context.");
List sessionRegs = new ArrayList(beanFactory.getBeansOfType(SessionRegistry.class).values());
if (sessionRegs.size() == 0) {
throw new SecurityConfigurationException("concurrent-session-controller-ref was set but no SessionRegistry could be obtained from the application context.");
}
if (sessionRegs.size() > 1) {
logger.warn("More than one SessionRegistry instance in application context. Possible configuration errors may result.");
}
sessionRegistry = (SessionRegistry) sessionRegs.get(0);
return sessionRegistry;
}
return bean;
}
public void setBeanFactory(BeanFactory beanFactory) throws BeansException {
this.beanFactory = (ListableBeanFactory) beanFactory;
}
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
return bean;
}
private SessionRegistry getSessionRegistry() {
if (sessionRegistry != null) {
return sessionRegistry;
}
logger.info("Attempting to read SessionRegistry from registered ConcurrentSessionController bean");
ConcurrentSessionController controller = (ConcurrentSessionController) beanFactory.getBean(controllerBeanName);
if (controller instanceof ConcurrentSessionControllerImpl) {
sessionRegistry = ((ConcurrentSessionControllerImpl)controller).getSessionRegistry();
return sessionRegistry;
}
logger.info("ConcurrentSessionController is not a standard implementation. SessionRegistry could not be read from it. Looking for it in the context.");
List<SessionRegistry> sessionRegs = new ArrayList<SessionRegistry>(beanFactory.getBeansOfType(SessionRegistry.class).values());
if (sessionRegs.size() == 0) {
throw new SecurityConfigurationException("concurrent-session-controller-ref was set but no SessionRegistry could be obtained from the application context.");
}
if (sessionRegs.size() > 1) {
logger.warn("More than one SessionRegistry instance in application context. Possible configuration errors may result.");
}
sessionRegistry = (SessionRegistry) sessionRegs.get(0);
return sessionRegistry;
}
public void setBeanFactory(BeanFactory beanFactory) throws BeansException {
this.beanFactory = (ListableBeanFactory) beanFactory;
}
}

2
core/src/main/java/org/springframework/security/expression/method/MethodExpressionAfterInvocationProvider.java
View File

@ -86,7 +86,7 @@ public class MethodExpressionAfterInvocationProvider implements AfterInvocationP
return attribute instanceof PostInvocationExpressionAttribute;
}
public boolean supports(Class<? extends Object> clazz) {
public boolean supports(Class<?> clazz) {
return clazz.isAssignableFrom(MethodInvocation.class);
}

108
core/src/main/java/org/springframework/security/ui/AuthenticationDetailsSourceImpl.java
View File

@ -14,68 +14,68 @@ import org.springframework.util.ReflectionUtils;
* Any object that accepts an <code>Object</code> as its sole constructor can
* be used instead of this default.
* </p>
*
*
* @author Ruud Senden
* @since 2.0
*/
public class AuthenticationDetailsSourceImpl implements AuthenticationDetailsSource {
//~ Instance fields ================================================================================================
//~ Instance fields ================================================================================================
private Class clazz = AuthenticationDetails.class;
//~ Methods ========================================================================================================
private Class<?> clazz = AuthenticationDetails.class;
public Object buildDetails(Object context) {
try {
Constructor constructor = getFirstMatchingConstructor(context);
return constructor.newInstance(new Object[] { context });
} catch (NoSuchMethodException ex) {
ReflectionUtils.handleReflectionException(ex);
} catch (InvocationTargetException ex) {
ReflectionUtils.handleReflectionException(ex);
} catch (InstantiationException ex) {
ReflectionUtils.handleReflectionException(ex);
} catch (IllegalAccessException ex) {
ReflectionUtils.handleReflectionException(ex);
}
//~ Methods ========================================================================================================
return null;
}
public Object buildDetails(Object context) {
try {
Constructor<?> constructor = getFirstMatchingConstructor(context);
return constructor.newInstance(new Object[] { context });
} catch (NoSuchMethodException ex) {
ReflectionUtils.handleReflectionException(ex);
} catch (InvocationTargetException ex) {
ReflectionUtils.handleReflectionException(ex);
} catch (InstantiationException ex) {
ReflectionUtils.handleReflectionException(ex);
} catch (IllegalAccessException ex) {
ReflectionUtils.handleReflectionException(ex);
}
/**
* Return the first matching constructor that can take the given object
* as an argument. Please note that we cannot use
* getDeclaredConstructor(new Class[]{object.getClass()})
* as this will only match if the constructor argument type matches
* the object type exactly (instead of checking whether it is assignable)
*
* @param object the object for which to find a matching constructor
* @return a matching constructor for the given object
* @throws NoSuchMethodException if no matching constructor can be found
*/
private Constructor getFirstMatchingConstructor(Object object) throws NoSuchMethodException {
Constructor[] constructors = clazz.getDeclaredConstructors();
Constructor constructor = null;
for (int i = 0; i < constructors.length; i++) {
Class[] parameterTypes = constructors[i].getParameterTypes();
if (parameterTypes.length == 1 && (object == null || parameterTypes[0].isInstance(object))) {
constructor = constructors[i];
break;
}
}
return null;
}
if (constructor == null) {
if (object == null) {
throw new NoSuchMethodException("No constructor found that can take a single argument");
} else {
throw new NoSuchMethodException("No constructor found that can take a single argument of type " + object.getClass());
}
}
return constructor;
}
/**
* Return the first matching constructor that can take the given object
* as an argument. Please note that we cannot use
* getDeclaredConstructor(new Class[]{object.getClass()})
* as this will only match if the constructor argument type matches
* the object type exactly (instead of checking whether it is assignable)
*
* @param object the object for which to find a matching constructor
* @return a matching constructor for the given object
* @throws NoSuchMethodException if no matching constructor can be found
*/
private Constructor<?> getFirstMatchingConstructor(Object object) throws NoSuchMethodException {
Constructor<?>[] constructors = clazz.getDeclaredConstructors();
Constructor<?> constructor = null;
for (int i = 0; i < constructors.length; i++) {
Class<?>[] parameterTypes = constructors[i].getParameterTypes();
if (parameterTypes.length == 1 && (object == null || parameterTypes[0].isInstance(object))) {
constructor = constructors[i];
break;
}
}
public void setClazz(Class clazz) {
Assert.notNull(clazz, "Class required");
this.clazz = clazz;
}
if (constructor == null) {
if (object == null) {
throw new NoSuchMethodException("No constructor found that can take a single argument");
} else {
throw new NoSuchMethodException("No constructor found that can take a single argument of type " + object.getClass());
}
}
return constructor;
}
public void setClazz(Class<?> clazz) {
Assert.notNull(clazz, "Class required");
this.clazz = clazz;
}
}

8
core/src/main/java/org/springframework/security/ui/WebAuthenticationDetailsSource.java
View File

@ -28,7 +28,7 @@ import javax.servlet.http.HttpServletRequest;
* Implementation of {@link AuthenticationDetailsSource} which builds the details object from
* an <tt>HttpServletRequest</tt> object.
* <p>
* By default will create an instance of <code>WebAuthenticationDetails</code>. Any object that accepts a
* By default will create an instance of <code>WebAuthenticationDetails</code>. Any object that accepts a
* <code>HttpServletRequest</code> as its sole constructor can be used instead of this default.
*
* @author Ben Alex
@ -37,7 +37,7 @@ import javax.servlet.http.HttpServletRequest;
public class WebAuthenticationDetailsSource implements AuthenticationDetailsSource {
//~ Instance fields ================================================================================================
private Class clazz = WebAuthenticationDetails.class;
private Class<?> clazz = WebAuthenticationDetails.class;
//~ Methods ========================================================================================================
@ -47,7 +47,7 @@ public class WebAuthenticationDetailsSource implements AuthenticationDetailsSour
public Object buildDetails(Object context) {
Assert.isInstanceOf(HttpServletRequest.class, context);
try {
Constructor constructor = clazz.getConstructor(new Class[] {HttpServletRequest.class});
Constructor<?> constructor = clazz.getConstructor(new Class[] {HttpServletRequest.class});
return constructor.newInstance(new Object[] {context});
} catch (NoSuchMethodException ex) {
@ -63,7 +63,7 @@ public class WebAuthenticationDetailsSource implements AuthenticationDetailsSour
return null;
}
public void setClazz(Class clazz) {
public void setClazz(Class<?> clazz) {
Assert.notNull(clazz, "Class required");
this.clazz = clazz;
}

6
core/src/main/java/org/springframework/security/ui/preauth/j2ee/AbstractPreAuthenticatedAuthenticationDetailsSource.java
View File

@ -1,8 +1,8 @@
package org.springframework.security.ui.preauth.j2ee;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@ -26,7 +26,7 @@ import org.springframework.util.Assert;
*/
public abstract class AbstractPreAuthenticatedAuthenticationDetailsSource extends AuthenticationDetailsSourceImpl {
protected final Log logger = LogFactory.getLog(getClass());
protected String[] j2eeMappableRoles;
protected Set<String> j2eeMappableRoles;
protected Attributes2GrantedAuthoritiesMapper j2eeUserRoles2GrantedAuthoritiesMapper =
new SimpleAttributes2GrantedAuthoritiesMapper();
@ -72,7 +72,7 @@ public abstract class AbstractPreAuthenticatedAuthenticationDetailsSource extend
* @param mappableRoles the possible roles as determined by the MappableAttributesRetriever
* @return the subset of mappable roles which the current user has.
*/
protected abstract Collection<String> getUserRoles(Object context, String[] mappableRoles);
protected abstract Collection<String> getUserRoles(Object context, Set<String> mappableRoles);
/**
* @param aJ2eeMappableRolesRetriever

9
core/src/main/java/org/springframework/security/ui/preauth/j2ee/J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource.java
View File

@ -5,6 +5,7 @@ import org.springframework.security.authoritymapping.SimpleAttributes2GrantedAut
import java.util.ArrayList;
import java.util.Collection;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
@ -36,12 +37,12 @@ public class J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource extends Abs
* returned by the MappableAttributesRetriever.
* @return GrantedAuthority[] mapped from the user's J2EE roles.
*/
protected Collection<String> getUserRoles(Object context, String[] mappableRoles) {
protected Collection<String> getUserRoles(Object context, Set<String> mappableRoles) {
ArrayList<String> j2eeUserRolesList = new ArrayList<String>();
for (int i = 0; i < mappableRoles.length; i++) {
if (((HttpServletRequest)context).isUserInRole(mappableRoles[i])) {
j2eeUserRolesList.add(mappableRoles[i]);
for (String role : mappableRoles) {
if (((HttpServletRequest)context).isUserInRole(role)) {
j2eeUserRolesList.add(role);
}
}

2
core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserAuthorityChanger.java
View File

@ -28,5 +28,5 @@ public interface SwitchUserAuthorityChanger {
*
* @return the modified list of granted authorities.
*/
List modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, List authoritiesToBeGranted);
List<GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, List<GrantedAuthority> authoritiesToBeGranted);
}

19
core/src/main/java/org/springframework/security/userdetails/memory/UserAttribute.java
View File

@ -33,14 +33,13 @@ import java.util.Vector;
public class UserAttribute {
//~ Instance fields ================================================================================================
private List authorities = new Vector();
private List<GrantedAuthority> authorities = new Vector<GrantedAuthority>();
private String password;
private boolean enabled = true;
//~ Constructors ===================================================================================================
public UserAttribute() {
super();
}
//~ Methods ========================================================================================================
@ -52,7 +51,7 @@ public class UserAttribute {
public GrantedAuthority[] getAuthorities() {
GrantedAuthority[] toReturn = {new GrantedAuthorityImpl("demo")};
return (GrantedAuthority[]) this.authorities.toArray(toReturn);
return this.authorities.toArray(toReturn);
}
/**
@ -61,7 +60,7 @@ public class UserAttribute {
* @param authorities {@link List} &lt;{@link GrantedAuthority}>
* @since 1.1
*/
public void setAuthorities(List authorities) {
public void setAuthorities(List<GrantedAuthority> authorities) {
this.authorities = authorities;
}
@ -69,15 +68,13 @@ public class UserAttribute {
* Set all authorities for this user from String values.
* It will create the necessary {@link GrantedAuthority} objects.
*
* @param authoritiesAsString {@link List} &lt;{@link String}>
* @param authoritiesAsStrings {@link List} &lt;{@link String}>
* @since 1.1
*/
public void setAuthoritiesAsString(List authoritiesAsString) {
setAuthorities(new ArrayList(authoritiesAsString.size()));
Iterator it = authoritiesAsString.iterator();
while (it.hasNext()) {
GrantedAuthority grantedAuthority = new GrantedAuthorityImpl((String) it.next());
addAuthority(grantedAuthority);
public void setAuthoritiesAsString(List<String> authoritiesAsStrings) {
setAuthorities(new ArrayList<GrantedAuthority>(authoritiesAsStrings.size()));
for(String authority : authoritiesAsStrings) {
addAuthority(new GrantedAuthorityImpl(authority));
}
}

6
core/src/main/java/org/springframework/security/userdetails/memory/UserAttributeEditor.java
View File

@ -35,7 +35,7 @@ public class UserAttributeEditor extends PropertyEditorSupport {
String[] tokens = StringUtils.commaDelimitedListToStringArray(s);
UserAttribute userAttrib = new UserAttribute();
List authoritiesAsString = new ArrayList();
List<String> authoritiesAsStrings = new ArrayList<String>();
for (int i = 0; i < tokens.length; i++) {
String currentToken = tokens[i].trim();
@ -48,11 +48,11 @@ public class UserAttributeEditor extends PropertyEditorSupport {
} else if (currentToken.toLowerCase().equals("disabled")) {
userAttrib.setEnabled(false);
} else {
authoritiesAsString.add(currentToken);
authoritiesAsStrings.add(currentToken);
}
}
}
userAttrib.setAuthoritiesAsString(authoritiesAsString);
userAttrib.setAuthoritiesAsString(authoritiesAsStrings);
if (userAttrib.isValid()) {
setValue(userAttrib);

59
core/src/main/java/org/springframework/security/util/MethodInvocationUtils.java
View File

@ -27,7 +27,8 @@ import org.springframework.util.Assert;
/**
* Static utility methods for creating <code>MethodInvocation</code>s usable within Spring Security.
* <p>All methods of this class return a {@link org.springframework.security.util.SimpleMethodInvocation}.</p>
* <p>
* All methods of this class return a {@link org.springframework.security.util.SimpleMethodInvocation}.
*
* @author Ben Alex
* @version $Id$
@ -40,58 +41,46 @@ public final class MethodInvocationUtils {
//~ Methods ========================================================================================================
/**
* Generates a <code>MethodInvocation</code> for specified <code>methodName</code> on the passed object.
*
* @param object the object that will be used to find the relevant <code>Method</code>
* @param methodName the name of the method to find
*
* @return a <code>MethodInvocation</code>, or <code>null</code> if there was a problem
*/
public static MethodInvocation create(Object object, String methodName) {
return create(object, methodName, null);
}
/**
* Generates a <code>MethodInvocation</code> for specified <code>methodName</code> on the passed object,
* using the <code>args</code> to locate the method.
*
* @param object the object that will be used to find the relevant <code>Method</code>
* @param methodName the name of the method to find
* @param args arguments that are required as part of the method signature
* @param args arguments that are required as part of the method signature (can be empty)
*
* @return a <code>MethodInvocation</code>, or <code>null</code> if there was a problem
*/
public static MethodInvocation create(Object object, String methodName, Object[] args) {
public static MethodInvocation create(Object object, String methodName, Object... args) {
Assert.notNull(object, "Object required");
Class[] classArgs = null;
Class<?>[] classArgs = null;
if (args != null) {
List list = new ArrayList();
List<Class<?>> list = new ArrayList<Class<?>>();
for (int i = 0; i < args.length; i++) {
list.add(args[i].getClass());
}
classArgs = (Class[]) list.toArray(new Class[] {});
classArgs = list.toArray(new Class[] {});
}
// Determine the type that declares the requested method, taking into account proxies
Class target = AopUtils.getTargetClass(object);
Class<?> target = AopUtils.getTargetClass(object);
if (object instanceof Advised) {
Advised a = (Advised) object;
if (!a.isProxyTargetClass()) {
Class[] possibleInterfaces = a.getProxiedInterfaces();
for (int i = 0; i < possibleInterfaces.length; i++) {
try {
possibleInterfaces[i].getMethod(methodName, classArgs);
// to get here means no exception happened
target = possibleInterfaces[i];
break;
} catch (Exception tryTheNextOne) {}
}
}
Advised a = (Advised) object;
if (!a.isProxyTargetClass()) {
Class<?>[] possibleInterfaces = a.getProxiedInterfaces();
for (int i = 0; i < possibleInterfaces.length; i++) {
try {
possibleInterfaces[i].getMethod(methodName, classArgs);
// to get here means no exception happened
target = possibleInterfaces[i];
break;
} catch (Exception tryTheNextOne) {}
}
}
}
return createFromClass(object, target, methodName, classArgs, args);
@ -105,7 +94,7 @@ public final class MethodInvocationUtils {
*
* @return a <code>MethodInvocation</code>, or <code>null</code> if there was a problem
*/
public static MethodInvocation createFromClass(Class clazz, String methodName) {
public static MethodInvocation createFromClass(Class<?> clazz, String methodName) {
return createFromClass(null, clazz, methodName, null, null);
}
@ -120,8 +109,8 @@ public final class MethodInvocationUtils {
* @param args the actual arguments that should be passed to SimpleMethodInvocation
* @return a <code>MethodInvocation</code>, or <code>null</code> if there was a problem
*/
public static MethodInvocation createFromClass(Object targetObject, Class clazz, String methodName, Class[] classArgs, Object[] args) {
Assert.notNull(clazz, "Class required");
public static MethodInvocation createFromClass(Object targetObject, Class<?> clazz, String methodName, Class<?>[] classArgs, Object[] args) {
Assert.notNull(clazz, "Class required");
Assert.hasText(methodName, "MethodName required");
Method method;

2
core/src/main/java/org/springframework/security/vote/AbstractAccessDecisionManager.java
View File

@ -113,7 +113,7 @@ public abstract class AbstractAccessDecisionManager implements AccessDecisionMan
* @param clazz the type of secured object being presented
* @return true if this type is supported
*/
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
Iterator<AccessDecisionVoter> iter = this.decisionVoters.iterator();
while (iter.hasNext()) {

2
core/src/test/java/org/springframework/security/MockAccessDecisionManager.java
View File

@ -52,7 +52,7 @@ public class MockAccessDecisionManager implements AccessDecisionManager {
}
}
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
return true;
}
}

2
core/src/test/java/org/springframework/security/MockAfterInvocationManager.java
View File

@ -53,7 +53,7 @@ public class MockAfterInvocationManager implements AfterInvocationManager {
}
}
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
return true;
}
}

2
core/src/test/java/org/springframework/security/afterinvocation/AfterInvocationProviderManagerTests.java
View File

@ -159,7 +159,7 @@ public class AfterInvocationProviderManagerTests extends TestCase {
return returnedObject;
}
public boolean supports(Class<? extends Object> clazz) {
public boolean supports(Class<?> clazz) {
return secureObject.isAssignableFrom(clazz);
}

4
core/src/test/java/org/springframework/security/annotation/BusinessService.java
View File

@ -51,10 +51,10 @@ public interface BusinessService {
public int someOther(int input);
public List<Object> methodReturningAList(List<Object> someList);
public List<?> methodReturningAList(List<?> someList);
public Object[] methodReturningAnArray(Object[] someArray);
public List<Object> methodReturningAList(String userName, String extraParam);
public List<?> methodReturningAList(String userName, String extraParam);
}

2
core/src/test/java/org/springframework/security/annotation/BusinessServiceImpl.java
View File

@ -37,7 +37,7 @@ public class BusinessServiceImpl<E extends Entity> implements BusinessService {
return input;
}
public List<Object> methodReturningAList(List<Object> someList) {
public List<?> methodReturningAList(List<?> someList) {
return someList;
}

2
core/src/test/java/org/springframework/security/annotation/ExpressionProtectedBusinessServiceImpl.java
View File

@ -30,7 +30,7 @@ public class ExpressionProtectedBusinessServiceImpl implements BusinessService {
@PreFilter(filterTarget="someList", value="filterObject == authentication.name or filterObject == 'sam'")
@PostFilter("filterObject == 'bob'")
public List<Object> methodReturningAList(List<Object> someList) {
public List<?> methodReturningAList(List<?> someList) {
return someList;
}

6
core/src/test/java/org/springframework/security/annotation/Jsr250BusinessServiceImpl.java
View File

@ -38,12 +38,12 @@ public class Jsr250BusinessServiceImpl implements BusinessService {
return input;
}
public List<Object> methodReturningAList(List<Object> someList) {
public List<?> methodReturningAList(List<?> someList) {
return someList;
}
public List<Object> methodReturningAList(String userName, String arg2) {
return new ArrayList();
public List<?> methodReturningAList(String userName, String arg2) {
return new ArrayList<Object>();
}
public Object[] methodReturningAnArray(Object[] someArray) {

20
core/src/test/java/org/springframework/security/authoritymapping/SimpleMappableRolesRetrieverTests.java
View File

@ -2,6 +2,7 @@ package org.springframework.security.authoritymapping;
import java.util.Arrays;
import java.util.Collection;
import java.util.Set;
import junit.framework.TestCase;
@ -12,15 +13,14 @@ import junit.framework.TestCase;
*/
public class SimpleMappableRolesRetrieverTests extends TestCase {
public final void testGetSetMappableRoles() {
String[] roles = new String[] { "Role1", "Role2" };
SimpleMappableAttributesRetriever r = new SimpleMappableAttributesRetriever();
r.setMappableAttributes(roles);
String[] result = r.getMappableAttributes();
Collection resultColl = Arrays.asList(result);
Collection rolesColl = Arrays.asList(roles);
assertTrue("Role collections do not match; result: " + resultColl + ", expected: " + rolesColl, rolesColl.containsAll(resultColl)
&& resultColl.containsAll(rolesColl));
}
public final void testGetSetMappableRoles() {
String[] roles = new String[] { "Role1", "Role2" };
SimpleMappableAttributesRetriever r = new SimpleMappableAttributesRetriever();
r.setMappableAttributes(roles);
Set<String> result = r.getMappableAttributes();
Collection<String> rolesColl = Arrays.asList(roles);
assertTrue("Role collections do not match; result: " + result + ", expected: " + rolesColl, rolesColl.containsAll(result)
&& result.containsAll(rolesColl));
}
}

4
core/src/test/java/org/springframework/security/authoritymapping/SimpleRoles2GrantedAuthoritiesMapperTests.java
View File

@ -100,11 +100,11 @@ public class SimpleRoles2GrantedAuthoritiesMapperTests extends TestCase {
private void testGetGrantedAuthorities(SimpleAttributes2GrantedAuthoritiesMapper mapper, String[] roles, String[] expectedGas) {
List<GrantedAuthority> result = mapper.getGrantedAuthorities(Arrays.asList(roles));
Collection resultColl = new ArrayList(result.size());
Collection<String> resultColl = new ArrayList<String>(result.size());
for (int i = 0; i < result.size(); i++) {
resultColl.add(result.get(i).getAuthority());
}
Collection expectedColl = Arrays.asList(expectedGas);
Collection<String> expectedColl = Arrays.asList(expectedGas);
assertTrue("Role collections do not match; result: " + resultColl + ", expected: " + expectedColl, expectedColl
.containsAll(resultColl)
&& resultColl.containsAll(expectedColl));

138
core/src/test/java/org/springframework/security/authoritymapping/XmlMappableRolesRetrieverTests.java
View File

@ -5,96 +5,96 @@ import java.io.IOException;
import java.io.InputStream;
import java.util.Arrays;
import java.util.Collection;
import java.util.Set;
import junit.framework.TestCase;
/**
*
*
* @author TSARDD
* @since 18-okt-2007
*/
public class XmlMappableRolesRetrieverTests extends TestCase {
private static final String DEFAULT_XML = "<roles><role>Role1</role><role>Role2</role></roles>";
private static final String DEFAULT_XML = "<roles><role>Role1</role><role>Role2</role></roles>";
private static final String DEFAULT_XPATH = "/roles/role/text()";
private static final String DEFAULT_XPATH = "/roles/role/text()";
private static final String[] DEFAULT_EXPECTED_ROLES = new String[] { "Role1", "Role2" };
private static final String[] DEFAULT_EXPECTED_ROLES = new String[] { "Role1", "Role2" };
public final void testAfterPropertiesSetException() {
TestXmlMappableAttributesRetriever t = new TestXmlMappableAttributesRetriever();
try {
t.afterPropertiesSet();
fail("AfterPropertiesSet didn't throw expected exception");
} catch (IllegalArgumentException expected) {
} catch (Exception unexpected) {
fail("AfterPropertiesSet throws unexpected exception");
}
}
public final void testAfterPropertiesSetException() {
TestXmlMappableAttributesRetriever t = new TestXmlMappableAttributesRetriever();
try {
t.afterPropertiesSet();
fail("AfterPropertiesSet didn't throw expected exception");
} catch (IllegalArgumentException expected) {
} catch (Exception unexpected) {
fail("AfterPropertiesSet throws unexpected exception");
}
}
public void testGetMappableRoles() {
XmlMappableAttributesRetriever r = getXmlMappableRolesRetriever(true, getDefaultInputStream(), DEFAULT_XPATH);
String[] resultRoles = r.getMappableAttributes();
assertNotNull("Result roles should not be null", resultRoles);
assertTrue("Number of result roles doesn't match expected number of roles", resultRoles.length == DEFAULT_EXPECTED_ROLES.length);
Collection resultRolesColl = Arrays.asList(resultRoles);
Collection expectedRolesColl = Arrays.asList(DEFAULT_EXPECTED_ROLES);
assertTrue("Role collections do not match", expectedRolesColl.containsAll(resultRolesColl)
&& resultRolesColl.containsAll(expectedRolesColl));
}
public void testGetMappableRoles() {
XmlMappableAttributesRetriever r = getXmlMappableRolesRetriever(true, getDefaultInputStream(), DEFAULT_XPATH);
Set<String> resultRoles = r.getMappableAttributes();
assertNotNull("Result roles should not be null", resultRoles);
assertEquals("Number of result roles doesn't match expected number of roles", DEFAULT_EXPECTED_ROLES.length, resultRoles.size());
Collection expectedRolesColl = Arrays.asList(DEFAULT_EXPECTED_ROLES);
assertTrue("Role collections do not match", expectedRolesColl.containsAll(resultRoles)
&& resultRoles.containsAll(expectedRolesColl));
}
public void testCloseInputStream() {
testCloseInputStream(true);
}
public void testCloseInputStream() {
testCloseInputStream(true);
}
public void testDontCloseInputStream() {
testCloseInputStream(false);
}
public void testDontCloseInputStream() {
testCloseInputStream(false);
}
private void testCloseInputStream(boolean closeAfterRead) {
CloseableByteArrayInputStream is = getDefaultInputStream();
XmlMappableAttributesRetriever r = getXmlMappableRolesRetriever(closeAfterRead, is, DEFAULT_XPATH);
r.getMappableAttributes();
assertEquals(is.isClosed(), closeAfterRead);
}
private void testCloseInputStream(boolean closeAfterRead) {
CloseableByteArrayInputStream is = getDefaultInputStream();
XmlMappableAttributesRetriever r = getXmlMappableRolesRetriever(closeAfterRead, is, DEFAULT_XPATH);
r.getMappableAttributes();
assertEquals(is.isClosed(), closeAfterRead);
}
private XmlMappableAttributesRetriever getXmlMappableRolesRetriever(boolean closeInputStream, InputStream is, String xpath) {
XmlMappableAttributesRetriever result = new TestXmlMappableAttributesRetriever();
result.setCloseInputStream(closeInputStream);
result.setXmlInputStream(is);
result.setXpathExpression(xpath);
try {
result.afterPropertiesSet();
} catch (Exception e) {
fail("Unexpected exception" + e.toString());
}
return result;
}
private XmlMappableAttributesRetriever getXmlMappableRolesRetriever(boolean closeInputStream, InputStream is, String xpath) {
XmlMappableAttributesRetriever result = new TestXmlMappableAttributesRetriever();
result.setCloseInputStream(closeInputStream);
result.setXmlInputStream(is);
result.setXpathExpression(xpath);
try {
result.afterPropertiesSet();
} catch (Exception e) {
fail("Unexpected exception" + e.toString());
}
return result;
}
private CloseableByteArrayInputStream getDefaultInputStream() {
return getInputStream(DEFAULT_XML);
}
private CloseableByteArrayInputStream getDefaultInputStream() {
return getInputStream(DEFAULT_XML);
}
private CloseableByteArrayInputStream getInputStream(String data) {
return new CloseableByteArrayInputStream(data.getBytes());
}
private CloseableByteArrayInputStream getInputStream(String data) {
return new CloseableByteArrayInputStream(data.getBytes());
}
private static final class TestXmlMappableAttributesRetriever extends XmlMappableAttributesRetriever {
}
private static final class TestXmlMappableAttributesRetriever extends XmlMappableAttributesRetriever {
}
private static final class CloseableByteArrayInputStream extends ByteArrayInputStream {
private boolean closed = false;
private static final class CloseableByteArrayInputStream extends ByteArrayInputStream {
private boolean closed = false;
public CloseableByteArrayInputStream(byte[] buf) {
super(buf);
}
public CloseableByteArrayInputStream(byte[] buf) {
super(buf);
}
public void close() throws IOException {
super.close();
closed = true;
}
public void close() throws IOException {
super.close();
closed = true;
}
public boolean isClosed() {
return closed;
}
}
public boolean isClosed() {
return closed;
}
}
}

4
core/src/test/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParserTests.java
View File

@ -221,11 +221,11 @@ public class GlobalMethodSecurityBeanDefinitionParserTests {
AUTH_PROVIDER_XML);
SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("bob","bobspassword"));
target = (BusinessService) appContext.getBean("target");
List arg = new ArrayList();
List<String> arg = new ArrayList<String>();
arg.add("joe");
arg.add("bob");
arg.add("sam");
List result = target.methodReturningAList(arg);
List<?> result = target.methodReturningAList(arg);
// Expression is (filterObject == name or filterObject == 'sam'), so "joe" should be gone after pre-filter
// PostFilter should remove sam from the return object
assertEquals(1, result.size());

2
core/src/test/java/org/springframework/security/config/MockAfterInvocationProvider.java
View File

@ -18,7 +18,7 @@ public class MockAfterInvocationProvider implements AfterInvocationProvider {
return true;
}
public boolean supports(Class<? extends Object> clazz) {
public boolean supports(Class<?> clazz) {
return true;
}

60
core/src/test/java/org/springframework/security/intercept/method/MethodInvocationPrivilegeEvaluatorTests.java
View File

@ -15,23 +15,18 @@
package org.springframework.security.intercept.method;
import junit.framework.TestCase;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.ITargetObject;
import org.springframework.security.OtherTargetObject;
import org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.util.MethodInvocationUtils;
import static org.junit.Assert.*;
import org.aopalliance.intercept.MethodInvocation;
import org.junit.Test;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.security.ITargetObject;
import org.springframework.security.OtherTargetObject;
import org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.util.AuthorityUtils;
import org.springframework.security.util.MethodInvocationUtils;
/**
@ -40,16 +35,7 @@ import org.springframework.context.support.ClassPathXmlApplicationContext;
* @author Ben Alex
* @version $Id$
*/
public class MethodInvocationPrivilegeEvaluatorTests extends TestCase {
//~ Constructors ===================================================================================================
public MethodInvocationPrivilegeEvaluatorTests() {
super();
}
public MethodInvocationPrivilegeEvaluatorTests(String arg0) {
super(arg0);
}
public class MethodInvocationPrivilegeEvaluatorTests {
//~ Methods ========================================================================================================
@ -60,10 +46,6 @@ public class MethodInvocationPrivilegeEvaluatorTests extends TestCase {
return context.getBean("target");
}
public static void main(String[] args) {
junit.textui.TestRunner.run(MethodInvocationPrivilegeEvaluatorTests.class);
}
private MethodSecurityInterceptor makeSecurityInterceptor() {
ApplicationContext context = new ClassPathXmlApplicationContext(
"org/springframework/security/intercept/method/aopalliance/applicationContext.xml");
@ -71,11 +53,12 @@ public class MethodInvocationPrivilegeEvaluatorTests extends TestCase {
return (MethodSecurityInterceptor) context.getBean("securityInterceptor");
}
public void testAllowsAccessUsingCreate() throws Exception {
@Test
public void allowsAccessUsingCreate() throws Exception {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("MOCK_LOWER")});
AuthorityUtils.createAuthorityList("MOCK_LOWER"));
Object object = lookupTargetObject();
MethodInvocation mi = MethodInvocationUtils.create(object, "makeLowerCase", new Object[] {"foobar"});
MethodInvocation mi = MethodInvocationUtils.create(object, "makeLowerCase", "foobar");
MethodSecurityInterceptor interceptor = makeSecurityInterceptor();
MethodInvocationPrivilegeEvaluator mipe = new MethodInvocationPrivilegeEvaluator();
@ -85,10 +68,10 @@ public class MethodInvocationPrivilegeEvaluatorTests extends TestCase {
assertTrue(mipe.isAllowed(mi, token));
}
public void testAllowsAccessUsingCreateFromClass()
throws Exception {
@Test
public void allowsAccessUsingCreateFromClass() throws Exception {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("MOCK_LOWER")});
AuthorityUtils.createAuthorityList("MOCK_LOWER"));
MethodInvocation mi = MethodInvocationUtils.createFromClass(new OtherTargetObject(), ITargetObject.class, "makeLowerCase",
new Class[] {String.class}, new Object[] {"Hello world"});
MethodSecurityInterceptor interceptor = makeSecurityInterceptor();
@ -100,9 +83,10 @@ public class MethodInvocationPrivilegeEvaluatorTests extends TestCase {
assertTrue(mipe.isAllowed(mi, token));
}
public void testDeclinesAccessUsingCreate() throws Exception {
@Test
public void declinesAccessUsingCreate() throws Exception {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_NOT_HELD")});
AuthorityUtils.createAuthorityList("ROLE_NOT_HELD"));
Object object = lookupTargetObject();
MethodInvocation mi = MethodInvocationUtils.create(object, "makeLowerCase", new Object[] {"foobar"});
MethodSecurityInterceptor interceptor = makeSecurityInterceptor();
@ -114,10 +98,10 @@ public class MethodInvocationPrivilegeEvaluatorTests extends TestCase {
assertFalse(mipe.isAllowed(mi, token));
}
public void testDeclinesAccessUsingCreateFromClass()
throws Exception {
@Test
public void declinesAccessUsingCreateFromClass() throws Exception {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_NOT_HELD")});
AuthorityUtils.createAuthorityList("ROLE_NOT_HELD"));
MethodInvocation mi = MethodInvocationUtils.createFromClass(new OtherTargetObject(), ITargetObject.class, "makeLowerCase",
new Class[] {String.class}, new Object[] {"helloWorld"});
MethodSecurityInterceptor interceptor = makeSecurityInterceptor();

4
core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorTests.java
View File

@ -407,7 +407,7 @@ public class MethodSecurityInterceptorTests extends TestCase {
throw new UnsupportedOperationException("mock method not implemented");
}
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
if (String.class.isAssignableFrom(clazz)) {
return true;
} else {
@ -426,7 +426,7 @@ public class MethodSecurityInterceptorTests extends TestCase {
throw new UnsupportedOperationException("mock method not implemented");
}
public boolean supports(Class clazz) {
public boolean supports(Class<?> clazz) {
if (String.class.isAssignableFrom(clazz)) {
return true;
} else {

21
core/src/test/java/org/springframework/security/intercept/method/aspectj/AspectJSecurityInterceptorTests.java
View File

@ -42,26 +42,9 @@ import org.springframework.security.util.AuthorityUtils;
* @version $Id$
*/
public class AspectJSecurityInterceptorTests extends TestCase {
//~ Constructors ===================================================================================================
public AspectJSecurityInterceptorTests() {
}
public AspectJSecurityInterceptorTests(String arg0) {
super(arg0);
}
//~ Methods ========================================================================================================
public final void setUp() throws Exception {
super.setUp();
}
protected void tearDown() throws Exception {
super.tearDown();
SecurityContextHolder.clearContext();
}
public void testCallbackIsInvokedWhenPermissionGranted() throws Exception {
AspectJSecurityInterceptor si = new AspectJSecurityInterceptor();
si.setApplicationEventPublisher(new MockApplicationEventPublisher(true));
@ -78,7 +61,7 @@ public class AspectJSecurityInterceptorTests extends TestCase {
si.afterPropertiesSet();
Class clazz = TargetObject.class;
Class<TargetObject> clazz = TargetObject.class;
Method method = clazz.getMethod("countLength", new Class[] {String.class});
MockJoinPoint joinPoint = new MockJoinPoint(new TargetObject(), method);
@ -108,7 +91,7 @@ public class AspectJSecurityInterceptorTests extends TestCase {
si.afterPropertiesSet();
Class clazz = TargetObject.class;
Class<TargetObject> clazz = TargetObject.class;
Method method = clazz.getMethod("countLength", new Class[] {String.class});
MockJoinPoint joinPoint = new MockJoinPoint(new TargetObject(), method);

48
core/src/test/java/org/springframework/security/providers/UsernamePasswordAuthenticationTokenTests.java
View File

@ -15,10 +15,11 @@
package org.springframework.security.providers;
import junit.framework.TestCase;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.junit.Test;
import org.springframework.security.util.AuthorityUtils;
@ -28,28 +29,12 @@ import org.springframework.security.util.AuthorityUtils;
* @author Ben Alex
* @version $Id$
*/
public class UsernamePasswordAuthenticationTokenTests extends TestCase {
//~ Constructors ===================================================================================================
public UsernamePasswordAuthenticationTokenTests() {
super();
}
public UsernamePasswordAuthenticationTokenTests(String arg0) {
super(arg0);
}
public class UsernamePasswordAuthenticationTokenTests {
//~ Methods ========================================================================================================
public static void main(String[] args) {
junit.textui.TestRunner.run(UsernamePasswordAuthenticationTokenTests.class);
}
public final void setUp() throws Exception {
super.setUp();
}
public void testAuthenticated() {
@Test
public void authenticatedPropertyContractIsSatisfied() {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password", AuthorityUtils.NO_AUTHORITIES);
// check default given we passed some GrantedAuthorty[]s (well, we passed empty list)
@ -73,27 +58,22 @@ public class UsernamePasswordAuthenticationTokenTests extends TestCase {
token.setAuthenticated(true);
fail("Should have prohibited setAuthenticated(true)");
} catch (IllegalArgumentException expected) {
assertTrue(true);
}
}
public void testGetters() {
@Test
public void gettersReturnCorrectData() {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
assertEquals("Test", token.getPrincipal());
assertEquals("Password", token.getCredentials());
assertEquals("ROLE_ONE", token.getAuthorities().get(0).getAuthority());
assertEquals("ROLE_TWO", token.getAuthorities().get(1).getAuthority());
}
public void testNoArgConstructorDoesntExist() {
Class clazz = UsernamePasswordAuthenticationToken.class;
try {
clazz.getDeclaredConstructor((Class[]) null);
fail("Should have thrown NoSuchMethodException");
} catch (NoSuchMethodException expected) {
assertTrue(true);
}
@Test(expected=NoSuchMethodException.class)
public void testNoArgConstructorDoesntExist() throws Exception {
Class<?> clazz = UsernamePasswordAuthenticationToken.class;
clazz.getDeclaredConstructor((Class[]) null);
}
}

58
core/src/test/java/org/springframework/security/providers/anonymous/AnonymousAuthenticationTokenTests.java
View File

@ -15,6 +15,8 @@
package org.springframework.security.providers.anonymous;
import java.util.List;
import junit.framework.TestCase;
import org.springframework.security.GrantedAuthority;
@ -30,60 +32,46 @@ import org.springframework.security.util.AuthorityUtils;
* @version $Id$
*/
public class AnonymousAuthenticationTokenTests extends TestCase {
private final static List<GrantedAuthority> ROLES_12 = AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO");
//~ Methods ========================================================================================================
public void testConstructorRejectsNulls() {
try {
new AnonymousAuthenticationToken(null, "Test",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
new AnonymousAuthenticationToken(null, "Test", ROLES_12);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertTrue(true);
}
try {
new AnonymousAuthenticationToken("key", null,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
new AnonymousAuthenticationToken("key", null, ROLES_12);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertTrue(true);
}
// try {
// new AnonymousAuthenticationToken("key", "Test", null);
// fail("Should have thrown IllegalArgumentException");
// } catch (IllegalArgumentException expected) {
// assertTrue(true);
// }
try {
new AnonymousAuthenticationToken("key", "Test", new GrantedAuthority[] {null});
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertTrue(true);
}
try {
new AnonymousAuthenticationToken("key", "Test", AuthorityUtils.NO_AUTHORITIES );
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertTrue(true);
}
}
public void testEqualsWhenEqual() {
AnonymousAuthenticationToken token1 = new AnonymousAuthenticationToken("key", "Test",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AnonymousAuthenticationToken token2 = new AnonymousAuthenticationToken("key", "Test",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AnonymousAuthenticationToken token1 = new AnonymousAuthenticationToken("key", "Test", ROLES_12);
AnonymousAuthenticationToken token2 = new AnonymousAuthenticationToken("key", "Test", ROLES_12);
assertEquals(token1, token2);
}
public void testGetters() {
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("key", "Test",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("key", "Test", ROLES_12);
assertEquals("key".hashCode(), token.getKeyHash());
assertEquals("Test", token.getPrincipal());
@ -94,49 +82,39 @@ public class AnonymousAuthenticationTokenTests extends TestCase {
}
public void testNoArgConstructorDoesntExist() {
Class clazz = AnonymousAuthenticationToken.class;
Class<?> clazz = AnonymousAuthenticationToken.class;
try {
clazz.getDeclaredConstructor((Class[]) null);
fail("Should have thrown NoSuchMethodException");
} catch (NoSuchMethodException expected) {
assertTrue(true);
}
}
public void testNotEqualsDueToAbstractParentEqualsCheck() {
AnonymousAuthenticationToken token1 = new AnonymousAuthenticationToken("key", "Test",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AnonymousAuthenticationToken token2 = new AnonymousAuthenticationToken("key", "DIFFERENT_PRINCIPAL",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AnonymousAuthenticationToken token1 = new AnonymousAuthenticationToken("key", "Test", ROLES_12);
AnonymousAuthenticationToken token2 = new AnonymousAuthenticationToken("key", "DIFFERENT_PRINCIPAL", ROLES_12);
assertFalse(token1.equals(token2));
}
public void testNotEqualsDueToDifferentAuthenticationClass() {
AnonymousAuthenticationToken token1 = new AnonymousAuthenticationToken("key", "Test",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
UsernamePasswordAuthenticationToken token2 = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AnonymousAuthenticationToken token1 = new AnonymousAuthenticationToken("key", "Test", ROLES_12);
UsernamePasswordAuthenticationToken token2 = new UsernamePasswordAuthenticationToken("Test", "Password", ROLES_12);
assertFalse(token1.equals(token2));
}
public void testNotEqualsDueToKey() {
AnonymousAuthenticationToken token1 = new AnonymousAuthenticationToken("key", "Test",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AnonymousAuthenticationToken token1 = new AnonymousAuthenticationToken("key", "Test", ROLES_12);
AnonymousAuthenticationToken token2 = new AnonymousAuthenticationToken("DIFFERENT_KEY", "Test",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AnonymousAuthenticationToken token2 = new AnonymousAuthenticationToken("DIFFERENT_KEY", "Test", ROLES_12);
assertFalse(token1.equals(token2));
}
public void testSetAuthenticatedIgnored() {
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("key", "Test",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("key", "Test", ROLES_12);
assertTrue(token.isAuthenticated());
token.setAuthenticated(false);
assertTrue(!token.isAuthenticated());

44
core/src/test/java/org/springframework/security/ui/preauth/j2ee/WebXmlJ2eeDefinedRolesRetrieverTests.java
View File

@ -3,32 +3,32 @@ package org.springframework.security.ui.preauth.j2ee;
import java.io.InputStream;
import java.util.Arrays;
import java.util.List;
import java.util.Set;
import junit.framework.TestCase;
public class WebXmlJ2eeDefinedRolesRetrieverTests extends TestCase {
public final void testRole1To4Roles() throws Exception {
final List ROLE1TO4_EXPECTED_ROLES = Arrays.asList(new String[] { "Role1", "Role2", "Role3", "Role4" });
InputStream role1to4InputStream = Thread.currentThread().getContextClassLoader().getResourceAsStream("webxml/Role1-4.web.xml");
WebXmlMappableAttributesRetriever rolesRetriever = new WebXmlMappableAttributesRetriever();
rolesRetriever.setWebXmlInputStream(role1to4InputStream);
rolesRetriever.afterPropertiesSet();
String[] j2eeRoles = rolesRetriever.getMappableAttributes();
assertNotNull(j2eeRoles);
List j2eeRolesList = Arrays.asList(j2eeRoles);
assertTrue("J2eeRoles expected size: " + ROLE1TO4_EXPECTED_ROLES.size() + ", actual size: " + j2eeRolesList.size(), j2eeRolesList
.size() == ROLE1TO4_EXPECTED_ROLES.size());
assertTrue("J2eeRoles expected contents (arbitrary order): " + ROLE1TO4_EXPECTED_ROLES + ", actual content: " + j2eeRolesList,
j2eeRolesList.containsAll(ROLE1TO4_EXPECTED_ROLES));
}
public final void testRole1To4Roles() throws Exception {
final List<String> ROLE1TO4_EXPECTED_ROLES = Arrays.asList(new String[] { "Role1", "Role2", "Role3", "Role4" });
InputStream role1to4InputStream = Thread.currentThread().getContextClassLoader().getResourceAsStream("webxml/Role1-4.web.xml");
WebXmlMappableAttributesRetriever rolesRetriever = new WebXmlMappableAttributesRetriever();
rolesRetriever.setWebXmlInputStream(role1to4InputStream);
rolesRetriever.afterPropertiesSet();
Set<String> j2eeRoles = rolesRetriever.getMappableAttributes();
assertNotNull(j2eeRoles);
assertTrue("J2eeRoles expected size: " + ROLE1TO4_EXPECTED_ROLES.size() + ", actual size: " + j2eeRoles.size(),
j2eeRoles.size() == ROLE1TO4_EXPECTED_ROLES.size());
assertTrue("J2eeRoles expected contents (arbitrary order): " + ROLE1TO4_EXPECTED_ROLES + ", actual content: " + j2eeRoles,
j2eeRoles.containsAll(ROLE1TO4_EXPECTED_ROLES));
}
public final void testGetZeroJ2eeRoles() throws Exception {
InputStream noRolesInputStream = Thread.currentThread().getContextClassLoader().getResourceAsStream("webxml/NoRoles.web.xml");
WebXmlMappableAttributesRetriever rolesRetriever = new WebXmlMappableAttributesRetriever();
rolesRetriever.setWebXmlInputStream(noRolesInputStream);
rolesRetriever.afterPropertiesSet();
String[] j2eeRoles = rolesRetriever.getMappableAttributes();
assertTrue("J2eeRoles expected size: 0, actual size: " + j2eeRoles.length, j2eeRoles.length == 0);
}
public final void testGetZeroJ2eeRoles() throws Exception {
InputStream noRolesInputStream = Thread.currentThread().getContextClassLoader().getResourceAsStream("webxml/NoRoles.web.xml");
WebXmlMappableAttributesRetriever rolesRetriever = new WebXmlMappableAttributesRetriever();
rolesRetriever.setWebXmlInputStream(noRolesInputStream);
rolesRetriever.afterPropertiesSet();
Set<String> j2eeRoles = rolesRetriever.getMappableAttributes();
assertEquals("J2eeRoles expected size: 0, actual size: " + j2eeRoles.size(), 0, j2eeRoles.size());
}
}

32
core/src/test/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests.java
View File

@ -40,6 +40,7 @@ import org.springframework.security.userdetails.User;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.userdetails.UsernameNotFoundException;
import org.springframework.security.util.AuthorityUtils;
import org.springframework.security.util.FieldUtils;
import org.springframework.security.util.MockFilterChain;
@ -52,6 +53,7 @@ import org.springframework.security.util.MockFilterChain;
* @version $Id$
*/
public class SwitchUserProcessingFilterTests {
private final static List<GrantedAuthority> ROLES_12 = AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO");
@Before
public void authenticateCurrentUser() {
@ -199,16 +201,14 @@ public class SwitchUserProcessingFilterTests {
@Test
public void exitUserJackLordToDanoSucceeds() throws Exception {
// original user
GrantedAuthority[] auths = {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")};
UsernamePasswordAuthenticationToken source = new UsernamePasswordAuthenticationToken("dano", "hawaii50", auths);
UsernamePasswordAuthenticationToken source = new UsernamePasswordAuthenticationToken("dano", "hawaii50", ROLES_12);
// set current user (Admin)
GrantedAuthority[] adminAuths = {
new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO"),
new SwitchUserGrantedAuthority("PREVIOUS_ADMINISTRATOR", source)
};
UsernamePasswordAuthenticationToken admin = new UsernamePasswordAuthenticationToken("jacklord", "hawaii50",
adminAuths);
List<GrantedAuthority> adminAuths = new ArrayList<GrantedAuthority>();
adminAuths.addAll(ROLES_12);
adminAuths.add(new SwitchUserGrantedAuthority("PREVIOUS_ADMINISTRATOR", source));
UsernamePasswordAuthenticationToken admin =
new UsernamePasswordAuthenticationToken("jacklord", "hawaii50", adminAuths);
SecurityContextHolder.getContext().setAuthentication(admin);
@ -333,8 +333,8 @@ public class SwitchUserProcessingFilterTests {
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
filter.setUserDetailsService(new MockUserDetailsService());
filter.setSwitchUserAuthorityChanger(new SwitchUserAuthorityChanger() {
public List modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, List authoritiesToBeGranted) {
List auths = new ArrayList();
public List<GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, List<GrantedAuthority> authoritiesToBeGranted) {
List <GrantedAuthority>auths = new ArrayList<GrantedAuthority>();
auths.add(new GrantedAuthorityImpl("ROLE_NEW"));
return auths;
}
@ -358,17 +358,13 @@ public class SwitchUserProcessingFilterTests {
// wofat (account expired)
// steve (credentials expired)
if ("jacklord".equals(username) || "dano".equals(username)) {
return new User(username, password, true, true, true, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
return new User(username, password, true, true, true, true, ROLES_12);
} else if ("mcgarrett".equals(username)) {
return new User(username, password, false, true, true, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
return new User(username, password, false, true, true, true, ROLES_12);
} else if ("wofat".equals(username)) {
return new User(username, password, true, false, true, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
return new User(username, password, true, false, true, true, ROLES_12);
} else if ("steve".equals(username)) {
return new User(username, password, true, true, false, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
return new User(username, password, true, true, false, true, ROLES_12);
} else {
throw new UsernameNotFoundException("Could not find: " + username);
}

11
portlet/src/main/java/org/springframework/security/ui/portlet/PortletPreAuthenticatedAuthenticationDetailsSource.java
View File

@ -2,6 +2,7 @@ package org.springframework.security.ui.portlet;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Set;
import javax.portlet.PortletRequest;
@ -13,12 +14,12 @@ public class PortletPreAuthenticatedAuthenticationDetailsSource extends Abstract
setClazz(PortletPreAuthenticatedAuthenticationDetails.class);
}
protected Collection<String> getUserRoles(Object context, String[] mappableRoles) {
ArrayList portletRoles = new ArrayList();
protected Collection<String> getUserRoles(Object context, Set<String> mappableRoles) {
ArrayList<String> portletRoles = new ArrayList<String>();
for (int i = 0; i < mappableRoles.length; i++) {
if (((PortletRequest)context).isUserInRole(mappableRoles[i])) {
portletRoles.add(mappableRoles[i]);
for (String role : mappableRoles) {
if (((PortletRequest)context).isUserInRole(role)) {
portletRoles.add(role);
}
}
portletRoles.trimToSize();