diff --git a/sandbox/other/src/main/java/org/springframework/security/ui/preauth/AttributesSource.java b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/AttributesSource.java new file mode 100644 index 0000000000..69df8cae50 --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/AttributesSource.java @@ -0,0 +1,36 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; + +/** + * Source of the attributes associated with pre-authenticated authentication request. The attributes + * can be supplied in the cookies, request header, or property (configuration file). + * + * @author Valery Tydykov + * + */ +public interface AttributesSource { + /** + * Obtain attributes supplied in the request or property. + * + * @param request with optional attributes + * @return Map of attributes: name/value. + */ + public Map obtainAttributes(HttpServletRequest request); +} diff --git a/sandbox/other/src/main/java/org/springframework/security/ui/preauth/AttributesSourceWebAuthenticationDetailsSource.java b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/AttributesSourceWebAuthenticationDetailsSource.java new file mode 100644 index 0000000000..2143e39e6e --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/AttributesSourceWebAuthenticationDetailsSource.java @@ -0,0 +1,96 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; + +import org.springframework.beans.factory.InitializingBean; +import org.springframework.security.ui.AuthenticationDetailsSource; +import org.springframework.security.ui.WebAuthenticationDetailsSource; +import org.springframework.util.Assert; + +/** + * Implementation of {@link AuthenticationDetailsSource} which builds the details object from an + * HttpServletRequest object. + *

+ * Uses attributesSource to obtain attributes from the request. Adds obtained + * attributes to created details object. The details object must be an instance of + * AuthenticationDetailsImpl, which has additional attributes property. + * + * @author Valery Tydykov + */ +public class AttributesSourceWebAuthenticationDetailsSource extends WebAuthenticationDetailsSource + implements InitializingBean { + + public AttributesSourceWebAuthenticationDetailsSource() { + super(); + setClazz(AuthenticationDetailsImpl.class); + } + + private AttributesSource attributesSource; + + /* + * (non-Javadoc) + * + * @see org.springframework.security.ui.WebAuthenticationDetailsSource#buildDetails(java.lang.Object) + */ + public Object buildDetails(Object context) { + // build AuthenticationDetailsImpl object + Object result = super.buildDetails(context); + + Assert.isInstanceOf(HttpServletRequest.class, context); + HttpServletRequest request = (HttpServletRequest) context; + + // extract attributes from the request + Map attributes = this.getAttributesSource().obtainAttributes(request); + + // add additional attributes to the AuthenticationDetailsImpl object + AuthenticationDetailsImpl authenticationDetails; + { + Assert.isInstanceOf(AuthenticationDetailsImpl.class, result); + authenticationDetails = (AuthenticationDetailsImpl) result; + // add attributes from the AttributesSource to the AuthenticationDetailsImpl object + authenticationDetails.getAttributes().putAll(attributes); + } + + return authenticationDetails; + } + + /** + * @return the attributesSource + */ + public AttributesSource getAttributesSource() { + return this.attributesSource; + } + + /** + * @param attributesSource the attributesSource to set + */ + public void setAttributesSource(AttributesSource attributesSource) { + Assert.notNull(attributesSource, "attributesSource must not be null"); + this.attributesSource = attributesSource; + } + + /* + * (non-Javadoc) + * + * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet() + */ + public void afterPropertiesSet() throws Exception { + Assert.notNull(this.attributesSource, "attributesSource must be set"); + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/ui/preauth/AuthenticationDetailsImpl.java b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/AuthenticationDetailsImpl.java new file mode 100644 index 0000000000..12c189168a --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/AuthenticationDetailsImpl.java @@ -0,0 +1,51 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import java.util.HashMap; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; + +import org.springframework.security.ui.WebAuthenticationDetails; + +/** + * A holder of selected HTTP details related to a web authentication request. + *

+ * Has additional attributes property. + * + * @author Valery Tydykov + */ +public class AuthenticationDetailsImpl extends WebAuthenticationDetails { + public AuthenticationDetailsImpl(HttpServletRequest request) { + super(request); + } + + private Map attributes = new HashMap(); + + /** + * @return the attributes + */ + public Map getAttributes() { + return attributes; + } + + /** + * @param attributes the attributes to set + */ + public void setAttributes(Map attributes) { + this.attributes = attributes; + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/ui/preauth/CookieAttributesSource.java b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/CookieAttributesSource.java new file mode 100644 index 0000000000..80d6ab2422 --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/CookieAttributesSource.java @@ -0,0 +1,78 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import java.util.List; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.beans.factory.InitializingBean; +import org.springframework.security.util.ServletUtils; +import org.springframework.util.Assert; + +/** + * Source of the attributes associated with pre-authenticated authentication request. The attributes + * can be supplied in the cookies. The keys for values to be extracted must be specified as a + * keys property. + * + * @author Valery Tydykov + * + */ +public class CookieAttributesSource implements AttributesSource, InitializingBean { + + /** + * Logger for this class and subclasses + */ + protected final Log logger = LogFactory.getLog(this.getClass()); + + // keys for values to be extracted + private List keys; + + /** + * @return the keys + */ + public List getKeys() { + return this.keys; + } + + /** + * @param keys the keys to set + */ + public void setKeys(List keys) { + this.keys = keys; + } + + /* + * (non-Javadoc) + * + * @see org.springframework.security.ui.preauth.AttributesSource#obtainAttributes(javax.servlet.http.HttpServletRequest) + */ + public Map obtainAttributes(HttpServletRequest request) { + Map attributes = ServletUtils.extractCookiesValues(request, this.getKeys()); + + if (this.logger.isDebugEnabled()) { + this.logger.debug("Obtained attributes=[" + attributes + "] from cookies"); + } + + return attributes; + } + + public void afterPropertiesSet() throws Exception { + Assert.notNull(this.keys, "keys must be not null"); + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/ui/preauth/CookieUsernameSource.java b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/CookieUsernameSource.java new file mode 100644 index 0000000000..e0219d64e7 --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/CookieUsernameSource.java @@ -0,0 +1,70 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.beans.factory.InitializingBean; +import org.springframework.security.util.ServletUtils; +import org.springframework.util.Assert; + +/** + * Source of the username supplied with pre-authenticated authentication request as cookie. The + * usernameKey property must be set, which will be used to extract the username from the + * cookie. + * + * @author Valery Tydykov + * + */ +public class CookieUsernameSource implements UsernameSource, InitializingBean { + /** + * Logger for this class and subclasses + */ + protected final Log logger = LogFactory.getLog(this.getClass()); + + // username key + private String usernameKey; + + public String obtainUsername(HttpServletRequest request) { + String username = ServletUtils.findCookieValue(request, getUsernameKey()); + + if (this.logger.isDebugEnabled()) { + this.logger.debug("Obtained username=[" + username + "] from cookie"); + } + + return username; + } + + /** + * @return the usernameKey + */ + public String getUsernameKey() { + return usernameKey; + } + + /** + * @param usernameKey the usernameKey to set + */ + public void setUsernameKey(String usernameKey) { + Assert.hasLength(usernameKey, "usernameKey must be not empty"); + this.usernameKey = usernameKey; + } + + public void afterPropertiesSet() throws Exception { + Assert.hasLength(this.usernameKey, "usernameKey must be not empty"); + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/ui/preauth/HeaderAttributesSource.java b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/HeaderAttributesSource.java new file mode 100644 index 0000000000..fbbf493f55 --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/HeaderAttributesSource.java @@ -0,0 +1,78 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import java.util.List; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.beans.factory.InitializingBean; +import org.springframework.security.util.ServletUtils; +import org.springframework.util.Assert; + +/** + * Source of the attributes associated with pre-authenticated authentication request. The attributes + * can be supplied in the request header. The keys for values to be extracted must be specified as a + * keys property. + * + * @author Valery Tydykov + * + */ +public class HeaderAttributesSource implements AttributesSource, InitializingBean { + + /** + * Logger for this class and subclasses + */ + protected final Log logger = LogFactory.getLog(this.getClass()); + + // keys for values to be extracted + private List keys; + + /** + * @return the keys + */ + public List getKeys() { + return this.keys; + } + + /** + * @param keys the keys to set + */ + public void setKeys(List keys) { + this.keys = keys; + } + + /* + * (non-Javadoc) + * + * @see org.springframework.security.ui.preauth.AttributesSource#obtainAttributes(javax.servlet.http.HttpServletRequest) + */ + public Map obtainAttributes(HttpServletRequest request) { + Map attributes = ServletUtils.extractHeaderValues(request, this.getKeys()); + + if (this.logger.isDebugEnabled()) { + this.logger.debug("Obtained attributes=[" + attributes + "] from header"); + } + + return attributes; + } + + public void afterPropertiesSet() throws Exception { + Assert.notNull(this.keys, "keys must be not null"); + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/ui/preauth/HeaderUsernameSource.java b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/HeaderUsernameSource.java new file mode 100644 index 0000000000..ffac03129a --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/HeaderUsernameSource.java @@ -0,0 +1,69 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.beans.factory.InitializingBean; +import org.springframework.util.Assert; + +/** + * Source of the username supplied with pre-authenticated authentication request as header value. + * The usernameKey property must be set, which will be used to extract the username from + * the header. + * + * @author Valery Tydykov + * + */ +public class HeaderUsernameSource implements UsernameSource, InitializingBean { + /** + * Logger for this class and subclasses + */ + protected final Log logger = LogFactory.getLog(this.getClass()); + + // username key + private String usernameKey; + + public String obtainUsername(HttpServletRequest request) { + String userName = request.getHeader(getUsernameKey()); + + if (this.logger.isDebugEnabled()) { + this.logger.debug("Obtained username=[" + userName + "] from header"); + } + + return userName; + } + + /** + * @return the usernameKey + */ + public String getUsernameKey() { + return usernameKey; + } + + /** + * @param usernameKey the usernameKey to set + */ + public void setUsernameKey(String usernameKey) { + Assert.hasLength(usernameKey, "usernameKey must be not empty"); + this.usernameKey = usernameKey; + } + + public void afterPropertiesSet() throws Exception { + Assert.hasLength(this.usernameKey, "usernameKey must be not empty"); + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/ui/preauth/PropertyAttributesSource.java b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/PropertyAttributesSource.java new file mode 100644 index 0000000000..b916f8b6c4 --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/PropertyAttributesSource.java @@ -0,0 +1,67 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import java.util.HashMap; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * Source of the attributes associated with pre-authenticated authentication request. The attributes + * can be supplied in the attributes property (configuration file). + * + * @author Valery Tydykov + * + */ +public class PropertyAttributesSource implements AttributesSource { + + /** + * Logger for this class and subclasses + */ + protected final Log logger = LogFactory.getLog(this.getClass()); + + private Map attributes = new HashMap(); + + /* + * (non-Javadoc) + * + * @see org.springframework.security.ui.preauth.AttributesSource#obtainAttributes(javax.servlet.http.HttpServletRequest) + */ + public Map obtainAttributes(HttpServletRequest request) { + if (this.logger.isDebugEnabled()) { + this.logger.debug("Obtained attributes=[" + attributes + "] from property"); + } + + return attributes; + } + + /** + * @return the attributes + */ + public Map getAttributes() { + return this.attributes; + } + + /** + * @param attributes the attributes to set + */ + public void setAttributes(Map attributes) { + this.attributes = attributes; + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/ui/preauth/RemoteUserUsernameSource.java b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/RemoteUserUsernameSource.java new file mode 100644 index 0000000000..0e7ab1a13f --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/RemoteUserUsernameSource.java @@ -0,0 +1,77 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.security.util.StringUtils; + +/** + * Source of the username supplied with pre-authenticated authentication request as remote user + * header value. Optionally can strip prefix: "domain\\username" -> "username", if + * stripPrefix property value is "true". + * + * @author Valery Tydykov + * + */ +public class RemoteUserUsernameSource implements UsernameSource { + /** + * Logger for this class and subclasses + */ + protected final Log logger = LogFactory.getLog(this.getClass()); + + private boolean stripPrefix = true; + + public String obtainUsername(HttpServletRequest request) { + String username = request.getRemoteUser(); + + if (this.isStripPrefix()) { + username = this.stripPrefix(username); + } + + if (this.logger.isDebugEnabled()) { + this.logger.debug("Obtained username=[" + username + "] from remote user"); + } + + return username; + } + + private String stripPrefix(String userName) { + if (!StringUtils.notNull(userName).equals("")) { + int index = userName.lastIndexOf("\\"); + if (index != -1) { + userName = userName.substring(index + 1); + } + } + + return userName; + } + + /** + * @return the stripPrefix + */ + public boolean isStripPrefix() { + return stripPrefix; + } + + /** + * @param stripPrefix the stripPrefix to set + */ + public void setStripPrefix(boolean stripPrefix) { + this.stripPrefix = stripPrefix; + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/ui/preauth/RequestParameterUsernameSource.java b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/RequestParameterUsernameSource.java new file mode 100644 index 0000000000..dcc75dd93f --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/RequestParameterUsernameSource.java @@ -0,0 +1,68 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.beans.factory.InitializingBean; +import org.springframework.util.Assert; + +/** + * Source of the username supplied with pre-authenticated authentication request as request + * parameter. The usernameKey property must be set, which will be used to extract the + * username from the request parameter. + * + * @author Valery Tydykov + * + */ +public class RequestParameterUsernameSource implements UsernameSource, InitializingBean { + /** + * Logger for this class and subclasses + */ + protected final Log logger = LogFactory.getLog(this.getClass()); + + private String usernameKey; + + public String obtainUsername(HttpServletRequest request) { + String userName = request.getParameter(getUsernameKey()); + + if (this.logger.isDebugEnabled()) { + this.logger.debug("Obtained username=[" + userName + "] from request parameter"); + } + + return userName; + } + + /** + * @return the usernameKey + */ + public String getUsernameKey() { + return this.usernameKey; + } + + /** + * @param usernameKey the usernameKey to set + */ + public void setUsernameKey(String usernameKey) { + Assert.hasLength(usernameKey, "usernameKey must be not empty"); + this.usernameKey = usernameKey; + } + + public void afterPropertiesSet() throws Exception { + Assert.hasLength(usernameKey, "usernameKey must be not empty"); + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/ui/preauth/UsernameSource.java b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/UsernameSource.java new file mode 100644 index 0000000000..9bd39a0f76 --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/UsernameSource.java @@ -0,0 +1,35 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import javax.servlet.http.HttpServletRequest; + +/** + * Source of the username supplied with pre-authenticated authentication request. The username can + * be supplied in the request: in cookie, request header, request parameter or as + * ServletRequest.getRemoteUser(). + * + * @author Valery Tydykov + * + */ +public interface UsernameSource { + /** + * Obtain username supplied in the request. + * + * @param request with username + * @return username or null if not supplied + */ + public String obtainUsername(HttpServletRequest request); +} diff --git a/sandbox/other/src/main/java/org/springframework/security/ui/preauth/UsernameSourcePreAuthenticatedProcessingFilter.java b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/UsernameSourcePreAuthenticatedProcessingFilter.java new file mode 100644 index 0000000000..df6cda339e --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/ui/preauth/UsernameSourcePreAuthenticatedProcessingFilter.java @@ -0,0 +1,103 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import javax.servlet.http.HttpServletRequest; + +import org.springframework.security.ui.FilterChainOrder; +import org.springframework.util.Assert; + +/** + * Flexible pre-authenticated filter which obtains username and other values supplied in the request + * (in headers, or in cookies, or in HttpServletRequest.getRemoteUser()), for use with SSO systems. + *

+ * Has additional usernameSource property. + *

+ * Will create Authentication object (and attach it to the SecurityContextHolder), if such object + * does not exist yet. + *

+ * As with most pre-authenticated scenarios, it is essential that the external authentication system + * is set up correctly as this filter does no authentication whatsoever. All the protection is + * assumed to be provided externally and if this filter is included inappropriately in a + * configuration, it would be possible to assume the identity of a user merely by setting the + * correct header name. This also means it should not be used in combination with other Spring + * Security authentication mechanisms such as form login, as this would imply there was a means of + * bypassing the external system which would be risky. + *

+ * + * @author Valery Tydykov + */ +public class UsernameSourcePreAuthenticatedProcessingFilter extends + AbstractPreAuthenticatedProcessingFilter { + private UsernameSource usernameSource; + + /* + * (non-Javadoc) + * + * @see org.springframework.ui.AbstractProcessingFilter#afterPropertiesSet() + */ + public void afterPropertiesSet() throws Exception { + super.afterPropertiesSet(); + + Assert.notNull(this.getUsernameSource(), "usernameSource must be set"); + } + + /** + * @return the usernameSource + */ + public UsernameSource getUsernameSource() { + return usernameSource; + } + + /** + * @param usernameSource the usernameSource to set + */ + public void setUsernameSource(UsernameSource usernameSource) { + Assert.notNull(usernameSource, "usernameSource must be specified"); + + this.usernameSource = usernameSource; + } + + /* + * (non-Javadoc) + * + * @see org.springframework.security.ui.preauth.AbstractPreAuthenticatedProcessingFilter#getPreAuthenticatedCredentials(javax.servlet.http.HttpServletRequest) + */ + protected Object getPreAuthenticatedCredentials(HttpServletRequest request) { + // no password - user is already authenticated + return "NONE"; + } + + /* + * (non-Javadoc) + * + * @see org.springframework.security.ui.preauth.AbstractPreAuthenticatedProcessingFilter#getPreAuthenticatedPrincipal(javax.servlet.http.HttpServletRequest) + */ + protected Object getPreAuthenticatedPrincipal(HttpServletRequest request) { + // obtain username from request + String username = this.getUsernameSource().obtainUsername(request); + + return username; + } + + /* + * (non-Javadoc) + * + * @see org.springframework.core.Ordered#getOrder() + */ + public int getOrder() { + return FilterChainOrder.PRE_AUTH_FILTER; + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/AccountMapper.java b/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/AccountMapper.java new file mode 100644 index 0000000000..d236c81189 --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/AccountMapper.java @@ -0,0 +1,38 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.ldap; + +import org.springframework.security.AuthenticationException; +import org.springframework.security.userdetails.UserDetails; + +/** + * Maps user (loaded from the primary user accounts repository, e.g. LDAP) to username in secondary + * user accounts repository. + * + * + * @author Valery Tydykov + * + */ +public interface AccountMapper { + + /** + * Map user to username in secondary user accounts repository. + * + * @param user, loaded from the primary user accounts repository. + * @return username for secondary user accounts repository. + * @throws AuthenticationException if can not map given user. + */ + String map(UserDetails user) throws AuthenticationException; +} diff --git a/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/AuthorityByPrefixAccountMapper.java b/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/AuthorityByPrefixAccountMapper.java new file mode 100644 index 0000000000..f4f0939d9e --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/AuthorityByPrefixAccountMapper.java @@ -0,0 +1,91 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.ldap; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.beans.factory.InitializingBean; +import org.springframework.security.AuthenticationException; +import org.springframework.security.GrantedAuthority; +import org.springframework.security.userdetails.UserDetails; +import org.springframework.util.Assert; + +/** + * Maps user (loaded from the primary user accounts repository, e.g. LDAP) to username in secondary + * user accounts repository. Tries to find user's authority with name starting with + * authorityPrefix. + * + * + * @author Valery Tydykov + * + */ +public class AuthorityByPrefixAccountMapper implements AccountMapper, InitializingBean { + /** + * Logger for this class and subclasses + */ + protected final Log logger = LogFactory.getLog(this.getClass()); + + // prefix of the authority to find + private String authorityPrefix; + + /* + * (non-Javadoc) + * + * @see org.springframework.security.userdetails.ldap.AccountMapper#map(org.springframework.security.userdetails.UserDetails) + */ + public String map(UserDetails user) throws AuthenticationException { + if (this.logger.isDebugEnabled()) { + this.logger.debug("Mapping account=[" + user.getUsername() + + "]: search authorities for authority prefix=[" + this.getAuthorityPrefix() + + "]"); + } + + // search authorities for authority prefix + GrantedAuthority[] authorities = user.getAuthorities(); + for (int i = 0; i < authorities.length; i++) { + String authority = authorities[i].getAuthority(); + if (authority.startsWith(this.getAuthorityPrefix())) { + if (this.logger.isDebugEnabled()) { + this.logger.debug("Authority found=[" + authority + "]"); + } + + return authority; + } + } + + // not found + // TODO message with UserDetails and authorityPrefix? + throw new AuthorityNotFoundException(null); + } + + /** + * @return the authorityPrefix + */ + public String getAuthorityPrefix() { + return authorityPrefix; + } + + /** + * @param authorityPrefix the authorityPrefix to set + */ + public void setAuthorityPrefix(String authorityPrefix) { + Assert.hasLength(authorityPrefix, "authorityPrefix must be not empty"); + this.authorityPrefix = authorityPrefix; + } + + public void afterPropertiesSet() throws Exception { + Assert.hasLength(authorityPrefix, "authorityPrefix must be not empty"); + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/AuthorityNotFoundException.java b/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/AuthorityNotFoundException.java new file mode 100644 index 0000000000..9f81ea06c0 --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/AuthorityNotFoundException.java @@ -0,0 +1,35 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.ldap; + +import org.springframework.security.AuthenticationException; +import org.springframework.security.GrantedAuthority; + +/** + * Thrown if an {@link AccountMapper} implementation cannot find a {@link GrantedAuthority} by the + * given prefix. + * + * @author Valery Tydykov + */ +public class AuthorityNotFoundException extends AuthenticationException { + + public AuthorityNotFoundException(String msg, Throwable t) { + super(msg, t); + } + + public AuthorityNotFoundException(String msg) { + super(msg); + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/ReplacingUserDetailsMapper.java b/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/ReplacingUserDetailsMapper.java new file mode 100644 index 0000000000..13cd1fd853 --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/ReplacingUserDetailsMapper.java @@ -0,0 +1,133 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.ldap; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.beans.factory.InitializingBean; +import org.springframework.dao.DataAccessException; +import org.springframework.ldap.core.DirContextOperations; +import org.springframework.security.AuthenticationException; +import org.springframework.security.AuthenticationServiceException; +import org.springframework.security.GrantedAuthority; +import org.springframework.security.userdetails.UserDetails; +import org.springframework.security.userdetails.UserDetailsService; +import org.springframework.util.Assert; + +/** + * The context mapper used by the LDAP authentication provider to create an LDAP user object. + * Creates the final UserDetails object that will be returned by the provider once the + * user has been authenticated, replacing the original UserDetails object. Has additional + * properties userDetailsService and accountMapper, which are used to map + * original user to username in secondary repository and to retrieve UserDetails from the secondary + * account repository. + * + * + * @author Valery Tydykov + * + */ +public class ReplacingUserDetailsMapper extends LdapUserDetailsMapper implements InitializingBean { + + /** + * Logger for this class and subclasses + */ + protected final Log logger = LogFactory.getLog(this.getClass()); + + /** + * service which will be used to retrieve UserDetails from the secondary account repository + */ + private UserDetailsService userDetailsService; + + /** + * mapper which will be used to map original user to username in secondary repository + */ + private AccountMapper accountMapper; + + /** + * @return the userDetailsService + */ + public UserDetailsService getUserDetailsService() { + return this.userDetailsService; + } + + /** + * @param userDetailsService the userDetailsService to set + */ + public void setUserDetailsService(UserDetailsService userDetailsService) { + Assert.notNull(userDetailsService, "UserDetailsService must be supplied"); + this.userDetailsService = userDetailsService; + } + + /** + * @return the accountMapper + */ + public AccountMapper getAccountMapper() { + return this.accountMapper; + } + + /** + * @param accountMapper the accountMapper to set + */ + public void setAccountMapper(AccountMapper accountMapper) { + Assert.notNull(accountMapper, "AccountMapper must be supplied"); + this.accountMapper = accountMapper; + } + + public void afterPropertiesSet() throws Exception { + Assert.notNull(userDetailsService, "UserDetailsService must be supplied"); + Assert.notNull(accountMapper, "AccountMapper must be supplied"); + } + + /* + * Creates the final UserDetails object that will be returned by the provider once + * the user has been authenticated, replacing the original UserDetails object. + */ + public UserDetails mapUserFromContext(DirContextOperations ctx, String username, + GrantedAuthority[] authorities) { + UserDetails userOriginal = super.mapUserFromContext(ctx, username, authorities); + + if (this.logger.isDebugEnabled()) { + this.logger.debug("Replacing UserDetails with username=[" + userOriginal.getUsername() + + "]"); + } + + // map user to secondary username + String usernameMapped = this.getAccountMapper().map(userOriginal); + + // replace original UserDetails with the secondary UserDetails + UserDetails user = retrieveUser(usernameMapped); + + return user; + } + + protected UserDetails retrieveUser(String username) throws AuthenticationException { + UserDetails loadedUser; + + // retrieve UserDetails from the secondary account repository + try { + loadedUser = this.getUserDetailsService().loadUserByUsername(username); + } catch (DataAccessException repositoryProblem) { + throw new AuthenticationServiceException(repositoryProblem.getMessage(), + repositoryProblem); + } + + if (loadedUser == null) { + throw new AuthenticationServiceException( + "UserDetailsService returned null, which is an interface contract violation"); + } + + return loadedUser; + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/UsernameFromPropertyAccountMapper.java b/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/UsernameFromPropertyAccountMapper.java new file mode 100644 index 0000000000..edb9935ad3 --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/UsernameFromPropertyAccountMapper.java @@ -0,0 +1,69 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.ldap; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.beans.factory.InitializingBean; +import org.springframework.security.AuthenticationException; +import org.springframework.security.userdetails.UserDetails; +import org.springframework.util.Assert; + +/** + * Maps user (loaded from the primary user accounts repository, e.g. LDAP) to username in secondary + * user accounts repository. Maps all users to the same username. + * + * + * @author Valery Tydykov + * + */ +public class UsernameFromPropertyAccountMapper implements AccountMapper, InitializingBean { + /** + * Logger for this class and subclasses + */ + protected final Log logger = LogFactory.getLog(this.getClass()); + + // single username to map to + private String username; + + public String map(UserDetails user) throws AuthenticationException { + if (this.logger.isDebugEnabled()) { + this.logger.debug("Mapping account=[" + user.getUsername() + "] to account=[" + + this.getUsername() + "]"); + } + + // map all users to the same userName + return this.getUsername(); + } + + public void afterPropertiesSet() throws Exception { + Assert.hasLength(username, "userName must be not empty"); + } + + /** + * @return the username + */ + public String getUsername() { + return this.username; + } + + /** + * @param username the username to set + */ + public void setUsername(String username) { + Assert.hasLength(username, "userName must be not empty"); + this.username = username; + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/UsernameFromUserdetailsAccountMapper.java b/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/UsernameFromUserdetailsAccountMapper.java new file mode 100644 index 0000000000..b318ffd2dc --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/userdetails/ldap/UsernameFromUserdetailsAccountMapper.java @@ -0,0 +1,47 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.ldap; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.security.AuthenticationException; +import org.springframework.security.userdetails.UserDetails; + +/** + * Maps user (loaded from the primary user accounts repository, e.g. LDAP) to username in secondary + * user accounts repository. One-to-one mapping, e.g. maps user with username to user + * with the same username. + * + * @author Joel Emery + * + */ +public class UsernameFromUserdetailsAccountMapper implements AccountMapper { + /** + * Logger for this class and subclasses + */ + protected final Log logger = LogFactory.getLog(this.getClass()); + + public String map(UserDetails user) throws AuthenticationException { + // get username from UserDetails + String username = user.getUsername(); + + if (this.logger.isDebugEnabled()) { + this.logger.debug("Mapping account=[" + username + "] to account=[" + username + "]"); + } + + // map cn to userName + return username; + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/AccountMapper.java b/sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/AccountMapper.java new file mode 100644 index 0000000000..0ff9f5a837 --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/AccountMapper.java @@ -0,0 +1,37 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.preauth; + +import org.springframework.security.Authentication; +import org.springframework.security.AuthenticationException; + +/** + * Maps username (from the primary user accounts repository, e.g. LDAP) to username in secondary + * user accounts repository. + * + * + * @author Valery Tydykov + * + */ +public interface AccountMapper { + /** + * Map username to username in secondary user accounts repository. + * + * @param authenticationRequest, with username from the primary user accounts repository. + * @return username for secondary user accounts repository. + * @throws AuthenticationException if cannot map given username. + */ + String map(Authentication authenticationRequest) throws AuthenticationException; +} diff --git a/sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/UserDetailsMappingServiceWrapper.java b/sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/UserDetailsMappingServiceWrapper.java new file mode 100644 index 0000000000..e996d140e7 --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/UserDetailsMappingServiceWrapper.java @@ -0,0 +1,96 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.preauth; + +import org.springframework.beans.factory.InitializingBean; +import org.springframework.dao.DataAccessException; +import org.springframework.security.Authentication; +import org.springframework.security.userdetails.AuthenticationUserDetailsService; +import org.springframework.security.userdetails.UserDetails; +import org.springframework.security.userdetails.UserDetailsService; +import org.springframework.security.userdetails.UsernameNotFoundException; +import org.springframework.util.Assert; + +/** + * This implementation for AuthenticationUserDetailsService wraps a regular Spring Security + * UserDetailsService implementation, to retrieve a UserDetails object based on the mapping of the + * user name contained in a PreAuthenticatedAuthenticationToken to user name expected by the + * userDetailsService. + * + * @author Valery Tydykov + */ +public class UserDetailsMappingServiceWrapper implements AuthenticationUserDetailsService, + InitializingBean { + private UserDetailsService userDetailsService; + + private AccountMapper accountMapper; + + /** + * Check whether all required properties have been set. + * + * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet() + */ + public void afterPropertiesSet() throws Exception { + Assert.notNull(this.userDetailsService, "UserDetailsService must be set"); + Assert.notNull(this.accountMapper, "AccountMapper must be set"); + } + + /* + * (non-Javadoc) + * + * @see org.springframework.security.userdetails.AuthenticationUserDetailsService#loadUserDetails(org.springframework.security.Authentication) + */ + public UserDetails loadUserDetails(Authentication authentication) + throws UsernameNotFoundException, DataAccessException { + + // Determine username for the secondary authentication repository + String username = this.getAccountMapper().map(authentication); + + // get the UserDetails object from the wrapped UserDetailsService implementation + return userDetailsService.loadUserByUsername(username); + } + + /** + * Set the wrapped UserDetailsService implementation + * + * @param aUserDetailsService The wrapped UserDetailsService to set + */ + public void setUserDetailsService(UserDetailsService userDetailsService) { + Assert.notNull(userDetailsService, "UserDetailsService must not be null"); + this.userDetailsService = userDetailsService; + } + + /** + * @return the accountMapper + */ + public AccountMapper getAccountMapper() { + return this.accountMapper; + } + + /** + * @param accountMapper the accountMapper to set + */ + public void setAccountMapper(AccountMapper accountMapper) { + Assert.notNull(accountMapper, "accountMapper must not be null"); + this.accountMapper = accountMapper; + } + + /** + * @return the userDetailsService + */ + public UserDetailsService getUserDetailsService() { + return this.userDetailsService; + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/UsernameFromPropertyAccountMapper.java b/sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/UsernameFromPropertyAccountMapper.java new file mode 100644 index 0000000000..d6fc54c3df --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/UsernameFromPropertyAccountMapper.java @@ -0,0 +1,74 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.preauth; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.beans.factory.InitializingBean; +import org.springframework.security.Authentication; +import org.springframework.security.AuthenticationException; +import org.springframework.util.Assert; + +/** + * Maps username (from the primary user accounts repository, e.g. LDAP) to username in secondary + * user accounts repository. Maps all users to the same username. + * + * + * @author Valery Tydykov + * + */ +public class UsernameFromPropertyAccountMapper implements AccountMapper, InitializingBean { + /** + * Logger for this class and subclasses + */ + protected final Log logger = LogFactory.getLog(this.getClass()); + + // single username to map to + private String username; + + /* + * (non-Javadoc) + * + * @see org.springframework.security.providers.preauth.AccountMapper#map(org.springframework.security.Authentication) + */ + public String map(Authentication authenticationRequest) throws AuthenticationException { + if (this.logger.isDebugEnabled()) { + this.logger.debug("Mapping account=[" + authenticationRequest.getName() + + "] to account=[" + this.getUsername() + "]"); + } + + // map all users to the same userName + return this.getUsername(); + } + + /** + * @return the username + */ + public String getUsername() { + return username; + } + + /** + * @param username the username to set + */ + public void setUsername(String username) { + Assert.hasLength(username, "username must be not empty"); + this.username = username; + } + + public void afterPropertiesSet() throws Exception { + Assert.hasLength(username, "username must be set"); + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/UsernameFromRequestAccountMapper.java b/sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/UsernameFromRequestAccountMapper.java new file mode 100644 index 0000000000..30c0152e99 --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/userdetails/preauth/UsernameFromRequestAccountMapper.java @@ -0,0 +1,51 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.preauth; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.security.Authentication; +import org.springframework.security.AuthenticationException; + +/** + * Maps username (from the primary user accounts repository, e.g. LDAP) to username in secondary + * user accounts repository. Uses username supplied in the authenticationRequest as + * secondary authentication storage username. + * + * + * @author Valery Tydykov + * + */ +public class UsernameFromRequestAccountMapper implements AccountMapper { + /** + * Logger for this class and subclasses + */ + protected final Log logger = LogFactory.getLog(this.getClass()); + + /* + * (non-Javadoc) + * + * @see org.springframework.security.providers.preauth.AccountMapper#map(org.springframework.security.Authentication) + */ + public String map(Authentication authenticationRequest) throws AuthenticationException { + String username = authenticationRequest.getName(); + if (this.logger.isDebugEnabled()) { + this.logger.debug("Mapping account=[" + username + "] to account=[" + username + "]"); + } + + // use SSO username as secondary authentication storage username + return username; + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/util/ServletUtils.java b/sandbox/other/src/main/java/org/springframework/security/util/ServletUtils.java new file mode 100644 index 0000000000..0a0051dc7c --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/util/ServletUtils.java @@ -0,0 +1,99 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.util; + +import java.util.Enumeration; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; + +import org.springframework.util.Assert; + +/** + * Servlet API-related methods. + * + * @author Valery Tydykov + * + */ +public final class ServletUtils { + /** + * This is a static class that should not be instantiated. + */ + private ServletUtils() throws InstantiationException { + } + + public static Map extractHeaderValues(HttpServletRequest request, List keys) { + Assert.notNull(request); + Assert.notNull(keys); + + final Map headerValues = new HashMap(); + // for each header name/value + for (Enumeration en = request.getHeaderNames(); en.hasMoreElements();) { + String key = (String) en.nextElement(); + + if (keys.contains(key)) { + // found key in the list of the keys to return + String value = request.getHeader(key); + headerValues.put(key, value); + } + } + + return headerValues; + } + + public static Map extractCookiesValues(HttpServletRequest request, List keys) { + Assert.notNull(request); + Assert.notNull(keys); + + final Map cookiesValues = new HashMap(); + final Cookie[] cookies = request.getCookies(); + if (cookies != null) { + // for each cookie + for (int i = 0; i < cookies.length; i++) { + String key = cookies[i].getName(); + + if (keys.contains(key)) { + // found key in the list of the keys to return + String value = cookies[i].getValue(); + cookiesValues.put(key, value); + } + } + } + + return cookiesValues; + } + + public static String findCookieValue(final HttpServletRequest request, final String key) { + Assert.notNull(request); + + String value = null; + final Cookie[] cookies = request.getCookies(); + if (cookies != null) { + // find cookie key + for (int i = 0; i < cookies.length; i++) { + if (StringUtils.notNull(cookies[i].getName()).equals(key)) { + // cookie key found + value = cookies[i].getValue(); + break; + } + } + } + + return value; + } +} diff --git a/sandbox/other/src/main/java/org/springframework/security/util/StringUtils.java b/sandbox/other/src/main/java/org/springframework/security/util/StringUtils.java new file mode 100644 index 0000000000..8eeefddd62 --- /dev/null +++ b/sandbox/other/src/main/java/org/springframework/security/util/StringUtils.java @@ -0,0 +1,69 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.util; + +import java.util.ArrayList; +import java.util.List; + +/** + * String manipulation methods. + * + * @author Valery Tydykov + * + */ +public final class StringUtils { + + /** + * This is a static class that should not be instantiated. + */ + private StringUtils() throws InstantiationException { + } + + /** + * Tokenizes source string using another string as separator. + * + * @param source source string + * @param separator separator string + * @return List of tokens found in the source string. + */ + public static List tokenizeString(String source, String separator) { + List tokens = new ArrayList(); + if (source != null && source.length() > 0) { + while (source.indexOf(separator) != -1) { + int index = source.indexOf(separator); + tokens.add(source.substring(0, index)); + source = source.substring(index + separator.length()); + } + tokens.add(source); + } + return tokens; + } + + /** + * Make sure a string is not null. + * + * @param object string, might be null + * @return empty string if the original was null or not String, else the original + */ + public static String notNull(Object object) { + if (object == null) { + return ""; + } else if (!(object instanceof String)) { + return String.valueOf(object); + } else { + return (String) object; + } + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/ui/AllTests.java b/sandbox/other/src/test/java/org/springframework/security/ui/AllTests.java new file mode 100644 index 0000000000..afbfaf16c0 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/ui/AllTests.java @@ -0,0 +1,32 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui; + +import junit.framework.Test; +import junit.framework.TestCase; +import junit.framework.TestSuite; + +public class AllTests extends TestCase { + + public AllTests(String s) { + super(s); + } + + public static Test suite() { + TestSuite suite = new TestSuite(); + suite.addTest(org.springframework.security.ui.preauth.AllTests.suite()); + return suite; + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/ui/preauth/AllTests.java b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/AllTests.java new file mode 100644 index 0000000000..f0f0585a3f --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/AllTests.java @@ -0,0 +1,47 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import junit.framework.Test; +import junit.framework.TestCase; +import junit.framework.TestSuite; + +public class AllTests extends TestCase { + + public AllTests(String s) { + super(s); + } + + public static Test suite() { + TestSuite suite = new TestSuite(); + suite + .addTestSuite(org.springframework.security.ui.preauth.AttributesSourceWebAuthenticationDetailsSourceTest.class); + suite + .addTestSuite(org.springframework.security.ui.preauth.CookieAttributesSourceTest.class); + suite.addTestSuite(org.springframework.security.ui.preauth.CookieUsernameSourceTest.class); + suite + .addTestSuite(org.springframework.security.ui.preauth.HeaderAttributesSourceTest.class); + suite.addTestSuite(org.springframework.security.ui.preauth.HeaderUsernameSourceTest.class); + suite + .addTestSuite(org.springframework.security.ui.preauth.PropertyAttributesSourceTest.class); + suite + .addTestSuite(org.springframework.security.ui.preauth.RemoteUserUsernameSourceTest.class); + suite + .addTestSuite(org.springframework.security.ui.preauth.RequestParameterUsernameSourceTest.class); + suite + .addTestSuite(org.springframework.security.ui.preauth.UsernameSourcePreAuthenticatedProcessingFilterTest.class); + return suite; + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/ui/preauth/AttributesSourceWebAuthenticationDetailsSourceTest.java b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/AttributesSourceWebAuthenticationDetailsSourceTest.java new file mode 100644 index 0000000000..70003e6c0c --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/AttributesSourceWebAuthenticationDetailsSourceTest.java @@ -0,0 +1,176 @@ +/** + * + */ +package org.springframework.security.ui.preauth; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.servlet.http.Cookie; + +import junit.framework.TestCase; + +import org.springframework.mock.web.MockHttpServletRequest; + +/** + * @author Valery Tydykov + * + */ +public class AttributesSourceWebAuthenticationDetailsSourceTest extends TestCase { + + AttributesSourceWebAuthenticationDetailsSource authenticationDetailsSource; + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + authenticationDetailsSource = new AttributesSourceWebAuthenticationDetailsSource(); + } + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#tearDown() + */ + protected void tearDown() throws Exception { + authenticationDetailsSource = null; + } + + /** + * Test method for + * {@link org.springframework.security.ui.preauth.AttributesSourceWebAuthenticationDetailsSource#buildDetails(java.lang.Object)}. + */ + public final void testBuildDetailsObjectHeader() { + authenticationDetailsSource.setClazz(AuthenticationDetailsImpl.class); + + String key1 = "key1"; + String value1 = "value1"; + String key2 = "key2"; + String value2 = "value2"; + String key3 = "key3"; + String value3 = "value3"; + + { + HeaderAttributesSource attributesSource = new HeaderAttributesSource(); + + { + List keys = new ArrayList(); + keys.add(key1); + keys.add(key2); + keys.add(key3); + attributesSource.setKeys(keys); + } + + authenticationDetailsSource.setAttributesSource(attributesSource); + } + + MockHttpServletRequest request = new MockHttpServletRequest(); + request.addHeader(key1, value1); + request.addHeader(key2, value2); + request.addHeader(key3, value3); + AuthenticationDetailsImpl authenticationDetails = (AuthenticationDetailsImpl) authenticationDetailsSource + .buildDetails(request); + + assertEquals(value1, authenticationDetails.getAttributes().get(key1)); + assertEquals(value2, authenticationDetails.getAttributes().get(key2)); + assertEquals(value3, authenticationDetails.getAttributes().get(key3)); + } + + public final void testBuildDetailsObjectCookie() { + authenticationDetailsSource.setClazz(AuthenticationDetailsImpl.class); + + String key1 = "key1"; + String value1 = "value1"; + String key2 = "key2"; + String value2 = "value2"; + String key3 = "key3"; + String value3 = "value3"; + + { + CookieAttributesSource attributesSource = new CookieAttributesSource(); + + { + List keys = new ArrayList(); + keys.add(key1); + keys.add(key2); + keys.add(key3); + attributesSource.setKeys(keys); + } + + authenticationDetailsSource.setAttributesSource(attributesSource); + } + + MockHttpServletRequest request = new MockHttpServletRequest(); + + { + Cookie[] cookies = new Cookie[] { new Cookie(key1, value1), new Cookie(key2, value2), + new Cookie(key3, value3) }; + request.setCookies(cookies); + } + + AuthenticationDetailsImpl authenticationDetails = (AuthenticationDetailsImpl) authenticationDetailsSource + .buildDetails(request); + + assertEquals(value1, authenticationDetails.getAttributes().get(key1)); + assertEquals(value2, authenticationDetails.getAttributes().get(key2)); + assertEquals(value3, authenticationDetails.getAttributes().get(key3)); + } + + public final void testBuildDetailsObjectProperty() { + authenticationDetailsSource.setClazz(AuthenticationDetailsImpl.class); + + String key1 = "key1"; + String value1 = "value1"; + String key2 = "key2"; + String value2 = "value2"; + String key3 = "key3"; + String value3 = "value3"; + + { + PropertyAttributesSource attributesSource = new PropertyAttributesSource(); + + { + Map attributes = new HashMap(); + attributes.put(key1, value1); + attributes.put(key2, value2); + attributes.put(key3, value3); + attributesSource.setAttributes(attributes); + } + + authenticationDetailsSource.setAttributesSource(attributesSource); + } + + MockHttpServletRequest request = new MockHttpServletRequest(); + + AuthenticationDetailsImpl authenticationDetails = (AuthenticationDetailsImpl) authenticationDetailsSource + .buildDetails(request); + + assertEquals(value1, authenticationDetails.getAttributes().get(key1)); + assertEquals(value2, authenticationDetails.getAttributes().get(key2)); + assertEquals(value3, authenticationDetails.getAttributes().get(key3)); + } + + public final void testSetUsername() { + try { + authenticationDetailsSource.setAttributesSource(null); + fail("exception expected"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + } + + public final void testAfterPropertiesSet() { + try { + authenticationDetailsSource.afterPropertiesSet(); + fail("expected exception"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/ui/preauth/CookieAttributesSourceTest.java b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/CookieAttributesSourceTest.java new file mode 100644 index 0000000000..5efe2f8394 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/CookieAttributesSourceTest.java @@ -0,0 +1,80 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import java.util.ArrayList; +import java.util.List; +import java.util.Map; + +import javax.servlet.http.Cookie; + +import junit.framework.TestCase; + +import org.springframework.mock.web.MockHttpServletRequest; + +/** + * @author Valery Tydykov + * + */ +public class CookieAttributesSourceTest extends TestCase { + + CookieAttributesSource attributesSource; + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + attributesSource = new CookieAttributesSource(); + } + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#tearDown() + */ + protected void tearDown() throws Exception { + attributesSource = null; + } + + public final void testObtainAttributes() { + String key1 = "key1"; + String value1 = "value1"; + String key2 = "key2"; + String value2 = "value2"; + String key3 = "key3"; + + { + List keys = new ArrayList(); + keys.add(key1); + keys.add(key2); + keys.add(key3); + attributesSource.setKeys(keys); + } + + MockHttpServletRequest request = new MockHttpServletRequest(); + { + Cookie[] cookies = new Cookie[] { new Cookie(key1, value1), new Cookie(key2, value2) }; + request.setCookies(cookies); + } + + Map attributes = attributesSource.obtainAttributes(request); + + assertEquals(value1, attributes.get(key1)); + assertEquals(value2, attributes.get(key2)); + assertEquals(null, attributes.get(key3)); + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/ui/preauth/CookieUsernameSourceTest.java b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/CookieUsernameSourceTest.java new file mode 100644 index 0000000000..445b05a329 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/CookieUsernameSourceTest.java @@ -0,0 +1,64 @@ +/** + * + */ +package org.springframework.security.ui.preauth; + +import javax.servlet.http.Cookie; + +import junit.framework.TestCase; + +import org.springframework.mock.web.MockHttpServletRequest; + +/** + * @author tydykov + * + */ +public class CookieUsernameSourceTest extends TestCase { + + CookieUsernameSource usernameSource; + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + usernameSource = new CookieUsernameSource(); + } + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#tearDown() + */ + protected void tearDown() throws Exception { + usernameSource = null; + } + + public final void testObtainUsernameSupplied() { + String key1 = "key1"; + String value1 = "value1"; + + MockHttpServletRequest request = new MockHttpServletRequest(); + { + Cookie[] cookies = new Cookie[] { new Cookie(key1, value1) }; + request.setCookies(cookies); + } + + usernameSource.setUsernameKey(key1); + String username = usernameSource.obtainUsername(request); + + assertEquals(value1, username); + } + + public final void testObtainUsernameNotSupplied() { + String key1 = "key1"; + + MockHttpServletRequest request = new MockHttpServletRequest(); + + usernameSource.setUsernameKey(key1); + String username = usernameSource.obtainUsername(request); + + assertEquals(null, username); + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/ui/preauth/HeaderAttributesSourceTest.java b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/HeaderAttributesSourceTest.java new file mode 100644 index 0000000000..96ce49418e --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/HeaderAttributesSourceTest.java @@ -0,0 +1,76 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import java.util.ArrayList; +import java.util.List; +import java.util.Map; + +import junit.framework.TestCase; + +import org.springframework.mock.web.MockHttpServletRequest; + +/** + * @author Valery Tydykov + * + */ +public class HeaderAttributesSourceTest extends TestCase { + + HeaderAttributesSource attributesSource; + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + attributesSource = new HeaderAttributesSource(); + } + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#tearDown() + */ + protected void tearDown() throws Exception { + attributesSource = null; + } + + public final void testObtainAttributes() { + String key1 = "key1"; + String value1 = "value1"; + String key2 = "key2"; + String value2 = "value2"; + String key3 = "key3"; + + { + List keys = new ArrayList(); + keys.add(key1); + keys.add(key2); + keys.add(key3); + attributesSource.setKeys(keys); + } + + MockHttpServletRequest request = new MockHttpServletRequest(); + request.addHeader(key1, value1); + request.addHeader(key2, value2); + + Map attributes = attributesSource.obtainAttributes(request); + + assertEquals(value1, attributes.get(key1)); + assertEquals(value2, attributes.get(key2)); + assertEquals(null, attributes.get(key3)); + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/ui/preauth/HeaderUsernameSourceTest.java b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/HeaderUsernameSourceTest.java new file mode 100644 index 0000000000..0379eb8da8 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/HeaderUsernameSourceTest.java @@ -0,0 +1,70 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import junit.framework.TestCase; + +import org.springframework.mock.web.MockHttpServletRequest; + +/** + * @author Valery Tydykov + * + */ +public class HeaderUsernameSourceTest extends TestCase { + + HeaderUsernameSource usernameSource; + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + usernameSource = new HeaderUsernameSource(); + } + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#tearDown() + */ + protected void tearDown() throws Exception { + usernameSource = null; + } + + public final void testObtainUsernameSupplied() { + String key1 = "key1"; + String value1 = "value1"; + + MockHttpServletRequest request = new MockHttpServletRequest(); + request.addHeader(key1, value1); + + usernameSource.setUsernameKey(key1); + String username = usernameSource.obtainUsername(request); + + assertEquals(value1, username); + } + + public final void testObtainUsernameNotSupplied() { + String key1 = "key1"; + + MockHttpServletRequest request = new MockHttpServletRequest(); + + usernameSource.setUsernameKey(key1); + String username = usernameSource.obtainUsername(request); + + assertEquals(null, username); + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/ui/preauth/PropertyAttributesSourceTest.java b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/PropertyAttributesSourceTest.java new file mode 100644 index 0000000000..4e33c2f790 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/PropertyAttributesSourceTest.java @@ -0,0 +1,74 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import java.util.HashMap; +import java.util.Map; + +import junit.framework.TestCase; + +/** + * @author Valery Tydykov + * + */ +public class PropertyAttributesSourceTest extends TestCase { + + PropertyAttributesSource attributesSource; + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + attributesSource = new PropertyAttributesSource(); + } + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#tearDown() + */ + protected void tearDown() throws Exception { + attributesSource = null; + } + + /** + * Test method for + * {@link org.springframework.security.ui.preauth.PropertyAttributesSource#obtainAttributes(javax.servlet.http.HttpServletRequest)}. + */ + public final void testObtainAttributes() { + String key1 = "key1"; + String value1 = "value1"; + String key2 = "key2"; + String value2 = "value2"; + String key3 = "key3"; + String value3 = "value3"; + + { + Map attributes = new HashMap(); + attributes.put(key1, value1); + attributes.put(key2, value2); + attributes.put(key3, value3); + attributesSource.setAttributes(attributes); + } + + Map attributes = attributesSource.obtainAttributes(null); + + assertEquals(value1, attributes.get(key1)); + assertEquals(value2, attributes.get(key2)); + assertEquals(value3, attributes.get(key3)); + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/ui/preauth/RemoteUserUsernameSourceTest.java b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/RemoteUserUsernameSourceTest.java new file mode 100644 index 0000000000..db178dea4a --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/RemoteUserUsernameSourceTest.java @@ -0,0 +1,65 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import junit.framework.TestCase; + +import org.springframework.mock.web.MockHttpServletRequest; + +/** + * @author Valery Tydykov + * + */ +public class RemoteUserUsernameSourceTest extends TestCase { + + RemoteUserUsernameSource usernameSource; + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + usernameSource = new RemoteUserUsernameSource(); + } + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#tearDown() + */ + protected void tearDown() throws Exception { + usernameSource = null; + } + + public final void testObtainUsernameSupplied() { + String value1 = "value1"; + + MockHttpServletRequest request = new MockHttpServletRequest(); + request.setRemoteUser(value1); + + String username = usernameSource.obtainUsername(request); + + assertEquals(value1, username); + } + + public final void testObtainUsernameNotSupplied() { + MockHttpServletRequest request = new MockHttpServletRequest(); + + String username = usernameSource.obtainUsername(request); + + assertEquals(null, username); + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/ui/preauth/RequestParameterUsernameSourceTest.java b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/RequestParameterUsernameSourceTest.java new file mode 100644 index 0000000000..ad740e63c2 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/RequestParameterUsernameSourceTest.java @@ -0,0 +1,70 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import junit.framework.TestCase; + +import org.springframework.mock.web.MockHttpServletRequest; + +/** + * @author Valery Tydykov + * + */ +public class RequestParameterUsernameSourceTest extends TestCase { + + RequestParameterUsernameSource usernameSource; + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + usernameSource = new RequestParameterUsernameSource(); + } + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#tearDown() + */ + protected void tearDown() throws Exception { + usernameSource = null; + } + + public final void testObtainUsernameSupplied() { + String key1 = "key1"; + String value1 = "value1"; + + MockHttpServletRequest request = new MockHttpServletRequest(); + request.addParameter(key1, value1); + + usernameSource.setUsernameKey(key1); + String username = usernameSource.obtainUsername(request); + + assertEquals(value1, username); + } + + public final void testObtainUsernameNotSupplied() { + String key1 = "key1"; + + MockHttpServletRequest request = new MockHttpServletRequest(); + + usernameSource.setUsernameKey(key1); + String username = usernameSource.obtainUsername(request); + + assertEquals(null, username); + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/ui/preauth/UsernameSourcePreAuthenticatedProcessingFilterTest.java b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/UsernameSourcePreAuthenticatedProcessingFilterTest.java new file mode 100644 index 0000000000..77f1bdf096 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/ui/preauth/UsernameSourcePreAuthenticatedProcessingFilterTest.java @@ -0,0 +1,232 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.ui.preauth; + +import java.util.ArrayList; +import java.util.List; + +import javax.servlet.FilterChain; +import javax.servlet.http.Cookie; + +import junit.framework.TestCase; + +import org.springframework.mock.web.MockFilterChain; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.security.Authentication; +import org.springframework.security.MockAuthenticationManager; +import org.springframework.security.context.SecurityContextHolder; +import org.springframework.security.ui.WebAuthenticationDetails; + +/** + * + * @author Valery Tydykov + */ +public class UsernameSourcePreAuthenticatedProcessingFilterTest extends TestCase { + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + super.setUp(); + // crear security context + SecurityContextHolder.getContext().setAuthentication(null); + } + + public static final String PROJECT_ID_KEY = "projectIdKey"; + + public static final String PROJECT_ID = "projectId"; + + public static final String USERNAME_KEY = "usernameKey"; + + public static final String USERNAME = "username"; + + public void tearDown() throws Exception { + // crear security context + SecurityContextHolder.getContext().setAuthentication(null); + super.tearDown(); + } + + public void testAttemptAuthenticationNormalOperation() throws Exception { + MockHttpServletRequest request = new MockHttpServletRequest(); + // supply username in request header + request.addHeader(USERNAME_KEY, USERNAME); + + UsernameSourcePreAuthenticatedProcessingFilter filter = new UsernameSourcePreAuthenticatedProcessingFilter(); + { + MockAuthenticationManager authMgr = new MockAuthenticationManager(true); + filter.setAuthenticationManager(authMgr); + } + { + HeaderUsernameSource usernameSource = new HeaderUsernameSource(); + usernameSource.setUsernameKey(USERNAME_KEY); + filter.setUsernameSource(usernameSource); + } + + FilterChain filterChain = new MockFilterChain(); + MockHttpServletResponse response = new MockHttpServletResponse(); + filter.doFilterHttp(request, response, filterChain); + + Authentication result = SecurityContextHolder.getContext().getAuthentication(); + + assertTrue(result != null); + assertEquals(USERNAME, result.getPrincipal()); + assertEquals("127.0.0.1", ((WebAuthenticationDetails) result.getDetails()) + .getRemoteAddress()); + } + + public void testAttemptAuthenticationNoUsername() throws Exception { + MockHttpServletRequest request = new MockHttpServletRequest(); + // no username in request + + UsernameSourcePreAuthenticatedProcessingFilter filter = new UsernameSourcePreAuthenticatedProcessingFilter(); + { + HeaderUsernameSource usernameSource = new HeaderUsernameSource(); + usernameSource.setUsernameKey(USERNAME_KEY); + filter.setUsernameSource(usernameSource); + } + + FilterChain filterChain = new MockFilterChain(); + MockHttpServletResponse response = new MockHttpServletResponse(); + + filter.doFilterHttp(request, response, filterChain); + + Authentication result = SecurityContextHolder.getContext().getAuthentication(); + assertTrue(result == null); + } + + public void testAttemptAuthenticationContextPopulatingWebAuthenticationDetailsSourceFromHeader() + throws Exception { + MockHttpServletRequest request = new MockHttpServletRequest(); + + request.addHeader(USERNAME_KEY, USERNAME); + request.addHeader(PROJECT_ID_KEY, PROJECT_ID); + + String key3 = "key3"; + String value3 = "value3"; + request.addHeader(key3, value3); + + UsernameSourcePreAuthenticatedProcessingFilter filter = new UsernameSourcePreAuthenticatedProcessingFilter(); + + { + MockAuthenticationManager authMgr = new MockAuthenticationManager(true); + filter.setAuthenticationManager(authMgr); + } + { + AttributesSourceWebAuthenticationDetailsSource authenticationDetailsSource = new AttributesSourceWebAuthenticationDetailsSource(); + authenticationDetailsSource.setClazz(AuthenticationDetailsImpl.class); + { + HeaderAttributesSource attributesSource = new HeaderAttributesSource(); + + { + List keys = new ArrayList(); + keys.add(PROJECT_ID_KEY); + keys.add(key3); + attributesSource.setKeys(keys); + } + + authenticationDetailsSource.setAttributesSource(attributesSource); + } + + filter.setAuthenticationDetailsSource(authenticationDetailsSource); + } + { + HeaderUsernameSource usernameSource = new HeaderUsernameSource(); + usernameSource.setUsernameKey(USERNAME_KEY); + filter.setUsernameSource(usernameSource); + } + + FilterChain filterChain = new MockFilterChain(); + MockHttpServletResponse response = new MockHttpServletResponse(); + filter.doFilterHttp(request, response, filterChain); + + Authentication result = SecurityContextHolder.getContext().getAuthentication(); + + assertTrue(result != null); + assertEquals(USERNAME, result.getPrincipal()); + assertEquals("127.0.0.1", ((WebAuthenticationDetails) result.getDetails()) + .getRemoteAddress()); + assertEquals(PROJECT_ID, ((AuthenticationDetailsImpl) result.getDetails()).getAttributes() + .get(PROJECT_ID_KEY)); + assertEquals(value3, ((AuthenticationDetailsImpl) result.getDetails()).getAttributes().get( + key3)); + } + + public void testAttemptAuthenticationContextPopulatingWebAuthenticationDetailsSourceFromCookies() + throws Exception { + MockHttpServletRequest request = new MockHttpServletRequest(); + String usernameKey = "usernameKey1"; + String username = "username1"; + request.addHeader(usernameKey, username); + + String key2 = "key2"; + String value2 = "value2"; + String key3 = "key3"; + String value3 = "value3"; + + { + Cookie[] cookies = new Cookie[] { new Cookie(key2, value2), new Cookie(key3, value3) }; + request.setCookies(cookies); + } + + UsernameSourcePreAuthenticatedProcessingFilter filter = new UsernameSourcePreAuthenticatedProcessingFilter(); + { + MockAuthenticationManager authMgr = new MockAuthenticationManager(true); + filter.setAuthenticationManager(authMgr); + } + { + AttributesSourceWebAuthenticationDetailsSource authenticationDetailsSource = new AttributesSourceWebAuthenticationDetailsSource(); + authenticationDetailsSource.setClazz(AuthenticationDetailsImpl.class); + + { + CookieAttributesSource attributesSource = new CookieAttributesSource(); + + { + List keys = new ArrayList(); + keys.add(key2); + keys.add(key3); + attributesSource.setKeys(keys); + } + + authenticationDetailsSource.setAttributesSource(attributesSource); + } + + filter.setAuthenticationDetailsSource(authenticationDetailsSource); + } + { + HeaderUsernameSource usernameSource = new HeaderUsernameSource(); + usernameSource.setUsernameKey(usernameKey); + filter.setUsernameSource(usernameSource); + } + + FilterChain filterChain = new MockFilterChain(); + MockHttpServletResponse response = new MockHttpServletResponse(); + filter.doFilterHttp(request, response, filterChain); + + Authentication result = SecurityContextHolder.getContext().getAuthentication(); + + assertTrue(result != null); + assertEquals(username, result.getPrincipal()); + assertEquals("127.0.0.1", ((WebAuthenticationDetails) result.getDetails()) + .getRemoteAddress()); + assertEquals(value2, ((AuthenticationDetailsImpl) result.getDetails()).getAttributes().get( + key2)); + assertEquals(value3, ((AuthenticationDetailsImpl) result.getDetails()).getAttributes().get( + key3)); + + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/userdetails/AllTests.java b/sandbox/other/src/test/java/org/springframework/security/userdetails/AllTests.java new file mode 100644 index 0000000000..25913eb1c1 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/userdetails/AllTests.java @@ -0,0 +1,33 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails; + +import junit.framework.Test; +import junit.framework.TestCase; +import junit.framework.TestSuite; + +public class AllTests extends TestCase { + + public AllTests(String s) { + super(s); + } + + public static Test suite() { + TestSuite suite = new TestSuite(); + suite.addTest(org.springframework.security.userdetails.ldap.AllTests.suite()); + suite.addTest(org.springframework.security.userdetails.preauth.AllTests.suite()); + return suite; + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/AllTests.java b/sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/AllTests.java new file mode 100644 index 0000000000..0a5ecdf337 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/AllTests.java @@ -0,0 +1,37 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.ldap; + +import junit.framework.Test; +import junit.framework.TestCase; +import junit.framework.TestSuite; + +public class AllTests extends TestCase { + + public AllTests(String s) { + super(s); + } + + public static Test suite() { + TestSuite suite = new TestSuite(); + suite + .addTestSuite(org.springframework.security.userdetails.ldap.AuthorityByPrefixAccountMapperTest.class); + suite + .addTestSuite(org.springframework.security.userdetails.ldap.ReplacingUserDetailsMapperTest.class); + suite + .addTestSuite(org.springframework.security.userdetails.ldap.UsernameFromPropertyAccountMapperTest.class); + return suite; + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/AuthorityByPrefixAccountMapperTest.java b/sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/AuthorityByPrefixAccountMapperTest.java new file mode 100644 index 0000000000..e22c12992d --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/AuthorityByPrefixAccountMapperTest.java @@ -0,0 +1,103 @@ +/** + * + */ +package org.springframework.security.userdetails.ldap; + +import junit.framework.TestCase; + +import org.springframework.security.GrantedAuthority; +import org.springframework.security.GrantedAuthorityImpl; +import org.springframework.security.userdetails.User; +import org.springframework.security.userdetails.UserDetails; + +/** + * @author Valery Tydykov + * + */ +public class AuthorityByPrefixAccountMapperTest extends TestCase { + AuthorityByPrefixAccountMapper mapper; + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + mapper = new AuthorityByPrefixAccountMapper(); + } + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#tearDown() + */ + protected void tearDown() throws Exception { + mapper = null; + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.ldap.AuthorityByPrefixAccountMapper#map(org.springframework.security.userdetails.UserDetails)}. + */ + public final void testNormalOperation() { + String expectedAuthority = "prefix1_role1"; + GrantedAuthority[] authorities = { new GrantedAuthorityImpl(expectedAuthority), + new GrantedAuthorityImpl("prefix1_role2") }; + UserDetails user = new User("username1", "password1", false, authorities); + mapper.setAuthorityPrefix("prefix1_"); + String authority = mapper.map(user); + + assertEquals(expectedAuthority, authority); + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.ldap.AuthorityByPrefixAccountMapper#map(org.springframework.security.userdetails.UserDetails)}. + */ + public final void testAuthorityNotFoundThrowsException() { + String expectedAuthority = "prefix1_role1"; + GrantedAuthority[] authorities = { new GrantedAuthorityImpl(expectedAuthority) }; + UserDetails user = new User("username1", "password1", false, authorities); + mapper.setAuthorityPrefix("NoMatchPrefix"); + + try { + mapper.map(user); + fail("exception expected"); + } catch (AuthorityNotFoundException expected) { + } catch (Exception unexpected) { + fail("map throws unexpected exception"); + } + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.ldap.AuthorityByPrefixAccountMapper#afterPropertiesSet()}. + */ + public final void testAfterPropertiesSet() { + try { + mapper.afterPropertiesSet(); + fail("exception expected"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + } + + public final void testEmptyPrefixThrowsException() { + try { + mapper.setAuthorityPrefix(""); + fail("expected exception"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + + try { + mapper.setAuthorityPrefix(null); + fail("AfterPropertiesSet didn't throw expected exception"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("AfterPropertiesSet throws unexpected exception"); + } + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/ReplacingUserDetailsMapperTest.java b/sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/ReplacingUserDetailsMapperTest.java new file mode 100644 index 0000000000..d148940baa --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/ReplacingUserDetailsMapperTest.java @@ -0,0 +1,154 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.ldap; + +import junit.framework.TestCase; + +import org.springframework.ldap.core.DirContextAdapter; +import org.springframework.security.GrantedAuthority; +import org.springframework.security.userdetails.UserDetails; +import org.springframework.security.userdetails.UsernameNotFoundException; +import org.springframework.security.userdetails.memory.InMemoryDaoImpl; +import org.springframework.security.userdetails.memory.UserMap; +import org.springframework.security.userdetails.memory.UserMapEditor; + +/** + * @author Valery Tydykov + * + */ +public class ReplacingUserDetailsMapperTest extends TestCase { + + ReplacingUserDetailsMapper mapper; + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + mapper = new ReplacingUserDetailsMapper(); + } + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#tearDown() + */ + protected void tearDown() throws Exception { + mapper = null; + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.ldap.ReplacingUserDetailsMapper#setUserDetailsService(org.springframework.security.userdetails.UserDetailsService)}. + */ + public final void testSetUserDetailsServiceNullThrowsException() { + try { + mapper.setUserDetailsService(null); + fail("exception expected"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.ldap.ReplacingUserDetailsMapper#setAccountMapper(org.springframework.security.userdetails.ldap.AccountMapper)}. + */ + public final void testSetAccountMapperNullThrowsException() { + try { + mapper.setAccountMapper(null); + fail("exception expected"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.ldap.ReplacingUserDetailsMapper#afterPropertiesSet()}. + */ + public final void testAfterPropertiesSet() { + try { + mapper.afterPropertiesSet(); + fail("expected exception"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.ldap.ReplacingUserDetailsMapper#mapUserFromContext(org.springframework.ldap.core.DirContextOperations, java.lang.String, org.springframework.security.GrantedAuthority[])}. + */ + public final void testNormalOperation() { + String userName = "rod,ok"; + UsernameFromPropertyAccountMapper accountMapper = new UsernameFromPropertyAccountMapper(); + accountMapper.setUsername(userName); + mapper.setAccountMapper(accountMapper); + mapper.setConvertToUpperCase(false); + + { + // create secondary user accounts repository + InMemoryDaoImpl dao = new InMemoryDaoImpl(); + UserMapEditor editor = new UserMapEditor(); + editor.setAsText("rod,ok=koala,ROLE_ONE,ROLE_TWO,enabled\r\n"); + dao.setUserMap((UserMap) editor.getValue()); + + mapper.setUserDetailsService(dao); + } + + DirContextAdapter ctx = new DirContextAdapter(); + + ctx.setAttributeValues("userRole", new String[] { "X", "Y", "Z" }); + ctx.setAttributeValue("uid", "ani"); + + UserDetails userDetails = mapper.mapUserFromContext(ctx, "ani", new GrantedAuthority[0]); + // verify that userDetails came from the secondary repository + assertEquals("ROLE_ONE", userDetails.getAuthorities()[0].getAuthority()); + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.ldap.ReplacingUserDetailsMapper#retrieveUser(java.lang.String)}. + */ + public final void testRetrieveUser() { + String username = "rod,ok"; + { + // secondary user accounts repository + InMemoryDaoImpl dao = new InMemoryDaoImpl(); + UserMapEditor editor = new UserMapEditor(); + editor.setAsText("rod,ok=koala,ROLE_ONE,ROLE_TWO,enabled\r\n"); + dao.setUserMap((UserMap) editor.getValue()); + + mapper.setUserDetailsService(dao); + } + + UserDetails userDetails = mapper.retrieveUser(username); + + assertEquals("ROLE_ONE", userDetails.getAuthorities()[0].getAuthority()); + + try { + mapper.retrieveUser("noMatchUsername"); + fail("exception expected"); + } catch (UsernameNotFoundException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/UsernameFromPropertyAccountMapperTest.java b/sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/UsernameFromPropertyAccountMapperTest.java new file mode 100644 index 0000000000..dfda437670 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/userdetails/ldap/UsernameFromPropertyAccountMapperTest.java @@ -0,0 +1,89 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.ldap; + +import junit.framework.TestCase; + +import org.springframework.security.GrantedAuthority; +import org.springframework.security.userdetails.User; +import org.springframework.security.userdetails.UserDetails; + +/** + * @author Valery Tydykov + * + */ +public class UsernameFromPropertyAccountMapperTest extends TestCase { + + UsernameFromPropertyAccountMapper mapper; + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + mapper = new UsernameFromPropertyAccountMapper(); + } + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#tearDown() + */ + protected void tearDown() throws Exception { + mapper = null; + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.ldap.UsernameFromPropertyAccountMapper#map(org.springframework.security.userdetails.UserDetails)}. + */ + public final void testNormalOperation() { + String usernameExpected = "username1"; + UserDetails user = new User(usernameExpected, "password1", false, new GrantedAuthority[0]); + mapper.setUsername(usernameExpected); + String username = mapper.map(user); + + assertEquals(usernameExpected, username); + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.ldap.UsernameFromPropertyAccountMapper#setUsername(java.lang.String)}. + */ + public final void testSetUserName() { + try { + mapper.setUsername(null); + fail("exception expected"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.ldap.UsernameFromPropertyAccountMapper#afterPropertiesSet()}. + */ + public final void testAfterPropertiesSet() { + try { + mapper.afterPropertiesSet(); + fail("expected exception"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/AllTests.java b/sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/AllTests.java new file mode 100644 index 0000000000..298e21e555 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/AllTests.java @@ -0,0 +1,37 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.preauth; + +import junit.framework.Test; +import junit.framework.TestCase; +import junit.framework.TestSuite; + +public class AllTests extends TestCase { + + public AllTests(String s) { + super(s); + } + + public static Test suite() { + TestSuite suite = new TestSuite(); + suite + .addTestSuite(org.springframework.security.userdetails.preauth.UserDetailsMappingServiceWrapperTest.class); + suite + .addTestSuite(org.springframework.security.userdetails.preauth.UsernameFromPropertyAccountMapperTest.class); + suite + .addTestSuite(org.springframework.security.userdetails.preauth.UsernameFromRequestAccountMapperTest.class); + return suite; + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/UserDetailsMappingServiceWrapperTest.java b/sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/UserDetailsMappingServiceWrapperTest.java new file mode 100644 index 0000000000..2ca8f80201 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/UserDetailsMappingServiceWrapperTest.java @@ -0,0 +1,121 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.preauth; + +import junit.framework.TestCase; + +import org.springframework.security.Authentication; +import org.springframework.security.providers.TestingAuthenticationToken; +import org.springframework.security.userdetails.UserDetails; +import org.springframework.security.userdetails.memory.InMemoryDaoImpl; +import org.springframework.security.userdetails.memory.UserMap; +import org.springframework.security.userdetails.memory.UserMapEditor; + +/** + * @author Valery Tydykov + * + */ +public class UserDetailsMappingServiceWrapperTest extends TestCase { + + UserDetailsMappingServiceWrapper service; + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + service = new UserDetailsMappingServiceWrapper(); + } + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#tearDown() + */ + protected void tearDown() throws Exception { + service = null; + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.preauth.UserDetailsMappingServiceWrapper#afterPropertiesSet()}. + */ + public final void testAfterPropertiesSet() { + try { + service.afterPropertiesSet(); + fail("expected exception"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.preauth.UserDetailsMappingServiceWrapper#loadUserDetails(org.springframework.security.Authentication)}. + */ + public final void testLoadUserDetails() { + String username = "rod,ok"; + UsernameFromPropertyAccountMapper accountMapper = new UsernameFromPropertyAccountMapper(); + accountMapper.setUsername(username); + + service.setAccountMapper(accountMapper); + + // secondary user accounts repository + { + InMemoryDaoImpl dao = new InMemoryDaoImpl(); + UserMapEditor editor = new UserMapEditor(); + editor.setAsText("rod,ok=koala,ROLE_ONE,ROLE_TWO,enabled\r\n"); + dao.setUserMap((UserMap) editor.getValue()); + + service.setUserDetailsService(dao); + } + + Authentication authentication = new TestingAuthenticationToken("any", "any", null); + UserDetails user = service.loadUserDetails(authentication); + + // verify that userDetails came from the secondary repository + assertEquals("ROLE_ONE", user.getAuthorities()[0].getAuthority()); + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.preauth.UserDetailsMappingServiceWrapper#setUserDetailsService(org.springframework.security.userdetails.UserDetailsService)}. + */ + public final void testSetUserDetailsService() { + try { + service.setUserDetailsService(null); + fail("exception expected"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.preauth.UserDetailsMappingServiceWrapper#setAccountMapper(org.springframework.security.userdetails.preauth.AccountMapper)}. + */ + public final void testSetAccountMapper() { + try { + service.setAccountMapper(null); + fail("exception expected"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/UsernameFromPropertyAccountMapperTest.java b/sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/UsernameFromPropertyAccountMapperTest.java new file mode 100644 index 0000000000..cda2b212d0 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/UsernameFromPropertyAccountMapperTest.java @@ -0,0 +1,89 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.preauth; + +import junit.framework.TestCase; + +import org.springframework.security.Authentication; +import org.springframework.security.providers.TestingAuthenticationToken; + +/** + * @author Valery Tydykov + * + */ +public class UsernameFromPropertyAccountMapperTest extends TestCase { + + UsernameFromPropertyAccountMapper mapper; + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + mapper = new UsernameFromPropertyAccountMapper(); + } + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#tearDown() + */ + protected void tearDown() throws Exception { + mapper = null; + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.preauth.UsernameFromPropertyAccountMapper#map(org.springframework.security.Authentication)}. + */ + public final void testNormalOperation() { + String usernameExpected = "username1"; + Authentication authenticationRequest = new TestingAuthenticationToken("any", "any", null); + mapper.setUsername(usernameExpected); + + String username = mapper.map(authenticationRequest); + + assertEquals(usernameExpected, username); + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.preauth.UsernameFromPropertyAccountMapper#setUsername(java.lang.String)}. + */ + public final void testSetUsername() { + try { + mapper.setUsername(null); + fail("exception expected"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.preauth.UsernameFromPropertyAccountMapper#afterPropertiesSet()}. + */ + public final void testAfterPropertiesSet() { + try { + mapper.afterPropertiesSet(); + fail("expected exception"); + } catch (IllegalArgumentException expected) { + } catch (Exception unexpected) { + fail("unexpected exception"); + } + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/UsernameFromRequestAccountMapperTest.java b/sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/UsernameFromRequestAccountMapperTest.java new file mode 100644 index 0000000000..b856974aa4 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/userdetails/preauth/UsernameFromRequestAccountMapperTest.java @@ -0,0 +1,60 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.userdetails.preauth; + +import junit.framework.TestCase; + +import org.springframework.security.Authentication; +import org.springframework.security.providers.TestingAuthenticationToken; + +/** + * @author Valery Tydykov + * + */ +public class UsernameFromRequestAccountMapperTest extends TestCase { + + UsernameFromRequestAccountMapper mapper; + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#setUp() + */ + protected void setUp() throws Exception { + mapper = new UsernameFromRequestAccountMapper(); + } + + /* + * (non-Javadoc) + * + * @see junit.framework.TestCase#tearDown() + */ + protected void tearDown() throws Exception { + mapper = null; + } + + /** + * Test method for + * {@link org.springframework.security.userdetails.preauth.UsernameFromRequestAccountMapper#map(org.springframework.security.Authentication)}. + */ + public final void testNormalOperation() { + String usernameExpected = "username1"; + Authentication authenticationRequest = new TestingAuthenticationToken(usernameExpected, + "password1", null); + String username = mapper.map(authenticationRequest); + + assertEquals(usernameExpected, username); + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/util/AllTests.java b/sandbox/other/src/test/java/org/springframework/security/util/AllTests.java new file mode 100644 index 0000000000..03c57a269e --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/util/AllTests.java @@ -0,0 +1,33 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.util; + +import junit.framework.Test; +import junit.framework.TestCase; +import junit.framework.TestSuite; + +public class AllTests extends TestCase { + + public AllTests(String s) { + super(s); + } + + public static Test suite() { + TestSuite suite = new TestSuite(); + suite.addTestSuite(org.springframework.security.util.ServletUtilsTest.class); + suite.addTestSuite(org.springframework.security.util.StringUtilsTest.class); + return suite; + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/util/ServletUtilsTest.java b/sandbox/other/src/test/java/org/springframework/security/util/ServletUtilsTest.java new file mode 100644 index 0000000000..6172440ee3 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/util/ServletUtilsTest.java @@ -0,0 +1,124 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.util; + +import java.util.ArrayList; +import java.util.List; +import java.util.Map; + +import javax.servlet.http.Cookie; + +import junit.framework.TestCase; + +import org.springframework.mock.web.MockHttpServletRequest; + +/** + * @author Valery Tydykov + * + */ +public class ServletUtilsTest extends TestCase { + + /** + * Test method for + * {@link org.springframework.security.util.ServletUtils#extractHeaderValues(javax.servlet.http.HttpServletRequest, java.util.List)}. + */ + public final void testExtractHeaderValues() { + List keys = new ArrayList(); + String key1 = "key1"; + keys.add(key1); + String key2 = "key2"; + keys.add(key2); + String key3 = "key3"; + keys.add(key3); + + MockHttpServletRequest request = new MockHttpServletRequest(); + String value1 = "value1"; + request.addHeader(key1, value1); + String value2 = "value2"; + request.addHeader(key2, value2); + + Map values = ServletUtils.extractHeaderValues(request, keys); + + assertEquals(value1, values.get(key1)); + assertEquals(value2, values.get(key2)); + assertEquals(null, values.get(key3)); + } + + /** + * Test method for + * {@link org.springframework.security.util.ServletUtils#extractCookiesValues(javax.servlet.http.HttpServletRequest, java.util.List)}. + */ + public final void testExtractCookiesValues() { + List keys = new ArrayList(); + String key1 = "key1"; + keys.add(key1); + String key2 = "key2"; + keys.add(key2); + String key3 = "key3"; + keys.add(key3); + + MockHttpServletRequest request = new MockHttpServletRequest(); + String value1 = "value1"; + String value2 = "value2"; + + { + Cookie[] cookies = new Cookie[] { new Cookie(key1, value1), new Cookie(key2, value2) }; + request.setCookies(cookies); + } + + Map values = ServletUtils.extractCookiesValues(request, keys); + + assertEquals(value1, values.get(key1)); + assertEquals(value2, values.get(key2)); + assertEquals(null, values.get(key3)); + } + + /** + * Test method for + * {@link org.springframework.security.util.ServletUtils#findCookieValue(javax.servlet.http.HttpServletRequest, java.lang.String)}. + */ + public final void testFindCookieValue() { + List keys = new ArrayList(); + String key1 = "key1"; + keys.add(key1); + + MockHttpServletRequest request = new MockHttpServletRequest(); + String valueExpected = "value1"; + { + Cookie[] cookies = new Cookie[] { new Cookie(key1, valueExpected), }; + request.setCookies(cookies); + } + + String value = ServletUtils.findCookieValue(request, key1); + + assertEquals(valueExpected, value); + } + + public final void testFindCookieValueNotFound() { + List keys = new ArrayList(); + String key1 = "key1"; + keys.add(key1); + + MockHttpServletRequest request = new MockHttpServletRequest(); + { + Cookie[] cookies = new Cookie[0]; + request.setCookies(cookies); + } + + String value = ServletUtils.findCookieValue(request, key1); + + assertEquals(null, value); + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/util/StringUtilsTest.java b/sandbox/other/src/test/java/org/springframework/security/util/StringUtilsTest.java new file mode 100644 index 0000000000..dc1aff3023 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/util/StringUtilsTest.java @@ -0,0 +1,79 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.util; + +import java.util.List; + +import junit.framework.TestCase; + +/** + * @author Valery Tydykov + * + */ +public class StringUtilsTest extends TestCase { + + /** + * Test method for + * {@link org.springframework.security.util.StringUtils#tokenizeString(java.lang.String, java.lang.String)}. + */ + public final void testTokenizeString() { + { + String source = "one,two,three"; + String separator = ","; + List result = StringUtils.tokenizeString(source, separator); + + assertTrue(result.contains("one")); + assertTrue(result.contains("two")); + assertTrue(result.contains("three")); + } + { + String source = null; + String separator = null; + List result = StringUtils.tokenizeString(source, separator); + + assertTrue(result.isEmpty()); + } + { + String source = "one,two,three"; + String separator = "noMatch"; + List result = StringUtils.tokenizeString(source, separator); + + assertTrue(result.contains(source)); + } + } + + /** + * Test method for + * {@link org.springframework.security.util.StringUtils#notNull(java.lang.Object)}. + */ + public final void testNotNull() { + { + Object object = null; + String result = StringUtils.notNull(object); + assertEquals("", result); + } + { + Object object = "myString"; + String result = StringUtils.notNull(object); + assertEquals(object, result); + } + { + String expected = "12345"; + Object object = new Integer(expected); + String result = StringUtils.notNull(object); + assertEquals(expected, result); + } + } +} diff --git a/sandbox/other/src/test/java/org/springframework/security/vote/FirstDecisionBased.java b/sandbox/other/src/test/java/org/springframework/security/vote/FirstDecisionBased.java new file mode 100644 index 0000000000..2756317914 --- /dev/null +++ b/sandbox/other/src/test/java/org/springframework/security/vote/FirstDecisionBased.java @@ -0,0 +1,51 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.springframework.security.vote; + +import java.util.Iterator; + +import org.springframework.security.AccessDeniedException; +import org.springframework.security.Authentication; +import org.springframework.security.ConfigAttributeDefinition; + +/** + * AccessDecisionManager which bases its result on the first non-abstention from + * its list of voters. + * + * @author Janning Vygen + */ +public class FirstDecisionBased extends AbstractAccessDecisionManager { + + public void decide(Authentication authentication, Object object, ConfigAttributeDefinition config ) throws AccessDeniedException { + Iterator voters = this.getDecisionVoters().iterator(); + + while (voters.hasNext()) { + AccessDecisionVoter voter = (AccessDecisionVoter) voters.next(); + int result = voter.vote(authentication, object, config); + + switch (result) { + case AccessDecisionVoter.ACCESS_GRANTED: + return; + + case AccessDecisionVoter.ACCESS_DENIED: + throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied", "Access is denied")); + } + } + + // To get this far, every AccessDecisionVoter abstained + checkAllowIfAllAbstainDecisions(); + } +} \ No newline at end of file