From 6d655aa51479c53bb8ce3bb740b2453e6235e750 Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Mon, 4 May 2009 14:24:54 +0000 Subject: [PATCH] SEC-1132: More refactoring to remove cycles ad reduce complexity metrics --- ...oncurrentSessionsBeanDefinitionParser.java | 2 +- .../EntryPointInjectionBeanPostProcessor.java | 2 +- .../config/FilterChainProxyPostProcessor.java | 10 +- ...ityMetadataSourceBeanDefinitionParser.java | 6 +- .../config/FormLoginBeanDefinitionParser.java | 2 +- .../HttpSecurityBeanDefinitionParser.java | 32 +- .../LdapUserServiceBeanDefinitionParser.java | 2 +- .../config/LogoutBeanDefinitionParser.java | 4 +- ...ionRegistryInjectionBeanPostProcessor.java | 2 +- ...tadataSourceBeanDefinitionParserTests.java | 4 +- ...HttpSecurityBeanDefinitionParserTests.java | 24 +- ...pUserServiceBeanDefinitionParserTests.java | 2 +- .../KeyBasedPersistenceTokenService.java | 1 - .../token}/Sha512DigestUtils.java | 2 +- .../filter-chain-performance-app-context.xml | 8 +- .../AbstractLdapAuthenticator.java | 3 +- .../LdapAuthenticationProvider.java | 5 +- .../LdapAuthenticator.java | 6 +- .../PasswordComparisonAuthenticator.java | 2 +- .../SpringSecurityAuthenticationSource.java | 2 +- ...etailsServiceLdapAuthoritiesPopulator.java | 4 +- .../security/ldap/populator/package.html | 5 - .../search/FilterBasedLdapUserSearch.java | 1 - .../ldap/{ => search}/LdapUserSearch.java | 2 +- .../DefaultLdapAuthoritiesPopulator.java | 3 +- .../LdapAuthoritiesPopulator.java | 2 +- .../userdetails/LdapUserDetailsService.java | 3 +- ...ringSecurityAuthenticationSourceTests.java | 1 + .../LdapAuthenticationProviderTests.java | 3 +- .../ldap/authentication/MockUserSearch.java | 2 +- .../DefaultLdapAuthoritiesPopulatorTests.java | 2 +- ...sServiceLdapAuthoritiesPopulatorTests.java | 1 + .../LdapUserDetailsServiceTests.java | 1 - .../WEB-INF/applicationContext-security.xml | 2 +- .../WEB-INF/applicationContext-security.xml | 8 +- .../web/AuthenticationEntryPoint.java | 1 + .../security/web/FilterChainProxy.java | 2 +- .../web/{ => access}/AccessDeniedHandler.java | 2 +- .../{ => access}/AccessDeniedHandlerImpl.java | 2 +- .../ExceptionTranslationFilter.java | 11 +- .../WebInvocationPrivilegeEvaluator.java | 2 +- .../channel}/AbstractRetryEntryPoint.java | 2 +- .../channel}/ChannelDecisionManager.java | 2 +- .../channel}/ChannelDecisionManagerImpl.java | 2 +- .../channel}/ChannelEntryPoint.java | 2 +- .../channel}/ChannelProcessingFilter.java | 4 +- .../channel}/ChannelProcessor.java | 2 +- .../channel}/InsecureChannelProcessor.java | 2 +- .../channel}/RetryWithHttpEntryPoint.java | 2 +- .../channel}/RetryWithHttpsEntryPoint.java | 2 +- .../channel}/SecureChannelProcessor.java | 2 +- .../channel}/package.html | 0 .../DefaultWebSecurityExpressionHandler.java | 2 +- ...ilterInvocationSecurityMetadataSource.java | 6 +- .../WebExpressionConfigAttribute.java | 2 +- .../expression/WebExpressionVoter.java | 2 +- .../WebSecurityExpressionHandler.java | 2 +- .../expression/WebSecurityExpressionRoot.java | 2 +- ...ilterInvocationSecurityMetadataSource.java | 2 +- ...ilterInvocationSecurityMetadataSource.java | 2 +- .../intercept/FilterSecurityInterceptor.java | 2 +- .../{ => access}/intercept/RequestKey.java | 2 +- .../web/{ => access}/intercept/package.html | 0 ...AuthenticationTargetUrlRequestHandler.java | 5 +- .../AbstractProcessingFilter.java | 2 +- .../AuthenticationProcessingFilter.java | 4 +- ...henticationProcessingFilterEntryPoint.java | 2 +- ...uestAwareAuthenticationSuccessHandler.java | 2 +- ...SimpleUrlAuthenticationSuccessHandler.java | 1 - .../concurrent/ConcurrentSessionFilter.java | 8 +- .../logout/LogoutFilter.java | 2 +- .../logout/LogoutHandler.java | 2 +- .../logout/LogoutSuccessHandler.java | 2 +- .../logout/SecurityContextLogoutHandler.java | 2 +- .../logout/SimpleUrlLogoutSuccessHandler.java | 4 +- ...thenticatedProcessingFilterEntryPoint.java | 2 +- .../AbstractRememberMeServices.java | 2 +- .../DefaultLoginPageGeneratingFilter.java | 4 +- .../security/web/concurrent/package.html | 6 - .../security/web/context/package.html | 2 + .../web/savedrequest/SavedRequest.java | 2 +- .../SessionFixationProtectionFilter.java | 5 +- .../web/{util => session}/SessionUtils.java | 2 +- .../security/web/util/RedirectUtils.java | 2 +- .../web/wrapper/SavedRequestAwareWrapper.java | 696 +++++++++--------- .../ExceptionTranslationFilterTests.java | 6 +- .../WebInvocationPrivilegeEvaluatorTests.java | 6 +- .../ChannelDecisionManagerImplTests.java | 6 +- .../ChannelProcessingFilterTests.java | 8 +- .../InsecureChannelProcessorTests.java | 4 +- .../RetryWithHttpEntryPointTests.java | 4 +- .../RetryWithHttpsEntryPointTests.java | 4 +- .../channel}/SecureChannelProcessorTests.java | 4 +- .../WebSecurityExpressionRootTests.java | 3 +- ...InvocationSecurityMetadataSourceTests.java | 6 +- .../intercept/FilterInvocationTests.java | 2 +- .../FilterSecurityInterceptorTests.java | 4 +- .../intercept/RequestKeyTests.java | 4 +- .../ConcurrentSessionFilterTests.java | 4 +- ...DefaultLoginPageGeneratingFilterTests.java | 1 + .../logout/LogoutHandlerTests.java | 6 +- .../SessionFixationProtectionFilterTests.java | 4 +- .../SavedRequestAwareWrapperTests.java | 1 - ...yContextHolderAwareRequestFilterTests.java | 1 - 104 files changed, 530 insertions(+), 534 deletions(-) rename core/src/main/java/org/springframework/security/{util => core/token}/Sha512DigestUtils.java (97%) rename ldap/src/main/java/org/springframework/security/ldap/{ => authentication}/LdapAuthenticator.java (85%) rename ldap/src/main/java/org/springframework/security/ldap/{ => authentication}/SpringSecurityAuthenticationSource.java (97%) rename ldap/src/main/java/org/springframework/security/ldap/{populator => authentication}/UserDetailsServiceLdapAuthoritiesPopulator.java (88%) delete mode 100644 ldap/src/main/java/org/springframework/security/ldap/populator/package.html rename ldap/src/main/java/org/springframework/security/ldap/{ => search}/LdapUserSearch.java (97%) rename ldap/src/main/java/org/springframework/security/ldap/{populator => userdetails}/DefaultLdapAuthoritiesPopulator.java (99%) rename ldap/src/main/java/org/springframework/security/ldap/{ => userdetails}/LdapAuthoritiesPopulator.java (96%) rename web/src/main/java/org/springframework/security/web/{ => access}/AccessDeniedHandler.java (94%) rename web/src/main/java/org/springframework/security/web/{ => access}/AccessDeniedHandlerImpl.java (96%) rename web/src/main/java/org/springframework/security/web/{ => access}/ExceptionTranslationFilter.java (96%) rename web/src/main/java/org/springframework/security/web/{intercept => access}/WebInvocationPrivilegeEvaluator.java (99%) rename web/src/main/java/org/springframework/security/web/{securechannel => access/channel}/AbstractRetryEntryPoint.java (98%) rename web/src/main/java/org/springframework/security/web/{securechannel => access/channel}/ChannelDecisionManager.java (97%) rename web/src/main/java/org/springframework/security/web/{securechannel => access/channel}/ChannelDecisionManagerImpl.java (98%) rename web/src/main/java/org/springframework/security/web/{securechannel => access/channel}/ChannelEntryPoint.java (97%) rename web/src/main/java/org/springframework/security/web/{securechannel => access/channel}/ChannelProcessingFilter.java (97%) rename web/src/main/java/org/springframework/security/web/{securechannel => access/channel}/ChannelProcessor.java (97%) rename web/src/main/java/org/springframework/security/web/{securechannel => access/channel}/InsecureChannelProcessor.java (98%) rename web/src/main/java/org/springframework/security/web/{securechannel => access/channel}/RetryWithHttpEntryPoint.java (95%) rename web/src/main/java/org/springframework/security/web/{securechannel => access/channel}/RetryWithHttpsEntryPoint.java (95%) rename web/src/main/java/org/springframework/security/web/{securechannel => access/channel}/SecureChannelProcessor.java (98%) rename web/src/main/java/org/springframework/security/web/{securechannel => access/channel}/package.html (100%) rename web/src/main/java/org/springframework/security/web/{ => access}/expression/DefaultWebSecurityExpressionHandler.java (96%) rename web/src/main/java/org/springframework/security/web/{ => access}/expression/ExpressionBasedFilterInvocationSecurityMetadataSource.java (91%) rename web/src/main/java/org/springframework/security/web/{ => access}/expression/WebExpressionConfigAttribute.java (92%) rename web/src/main/java/org/springframework/security/web/{ => access}/expression/WebExpressionVoter.java (97%) rename web/src/main/java/org/springframework/security/web/{ => access}/expression/WebSecurityExpressionHandler.java (91%) rename web/src/main/java/org/springframework/security/web/{ => access}/expression/WebSecurityExpressionRoot.java (97%) rename web/src/main/java/org/springframework/security/web/{ => access}/intercept/DefaultFilterInvocationSecurityMetadataSource.java (99%) rename web/src/main/java/org/springframework/security/web/{ => access}/intercept/FilterInvocationSecurityMetadataSource.java (94%) rename web/src/main/java/org/springframework/security/web/{ => access}/intercept/FilterSecurityInterceptor.java (99%) rename web/src/main/java/org/springframework/security/web/{ => access}/intercept/RequestKey.java (95%) rename web/src/main/java/org/springframework/security/web/{ => access}/intercept/package.html (100%) rename web/src/main/java/org/springframework/security/web/{ => authentication}/AbstractAuthenticationTargetUrlRequestHandler.java (97%) rename web/src/main/java/org/springframework/security/web/{ => authentication}/concurrent/ConcurrentSessionFilter.java (94%) rename web/src/main/java/org/springframework/security/web/{ => authentication}/logout/LogoutFilter.java (96%) rename web/src/main/java/org/springframework/security/web/{ => authentication}/logout/LogoutHandler.java (93%) rename web/src/main/java/org/springframework/security/web/{ => authentication}/logout/LogoutSuccessHandler.java (93%) rename web/src/main/java/org/springframework/security/web/{ => authentication}/logout/SecurityContextLogoutHandler.java (95%) rename web/src/main/java/org/springframework/security/web/{ => authentication}/logout/SimpleUrlLogoutSuccessHandler.java (82%) rename web/src/main/java/org/springframework/security/web/authentication/{ => ui}/DefaultLoginPageGeneratingFilter.java (97%) delete mode 100644 web/src/main/java/org/springframework/security/web/concurrent/package.html create mode 100644 web/src/main/java/org/springframework/security/web/context/package.html rename web/src/main/java/org/springframework/security/web/{ => session}/SessionFixationProtectionFilter.java (96%) rename web/src/main/java/org/springframework/security/web/{util => session}/SessionUtils.java (97%) rename web/src/test/java/org/springframework/security/web/{ => access}/ExceptionTranslationFilterTests.java (98%) rename web/src/test/java/org/springframework/security/web/{intercept => access}/WebInvocationPrivilegeEvaluatorTests.java (93%) rename web/src/test/java/org/springframework/security/web/{securechannel => access/channel}/ChannelDecisionManagerImplTests.java (97%) rename web/src/test/java/org/springframework/security/web/{securechannel => access/channel}/ChannelProcessingFilterTests.java (96%) rename web/src/test/java/org/springframework/security/web/{securechannel => access/channel}/InsecureChannelProcessorTests.java (97%) rename web/src/test/java/org/springframework/security/web/{securechannel => access/channel}/RetryWithHttpEntryPointTests.java (97%) rename web/src/test/java/org/springframework/security/web/{securechannel => access/channel}/RetryWithHttpsEntryPointTests.java (97%) rename web/src/test/java/org/springframework/security/web/{securechannel => access/channel}/SecureChannelProcessorTests.java (97%) rename web/src/test/java/org/springframework/security/web/{ => access}/expression/WebSecurityExpressionRootTests.java (94%) rename web/src/test/java/org/springframework/security/web/{ => access}/intercept/DefaultFilterInvocationSecurityMetadataSourceTests.java (96%) rename web/src/test/java/org/springframework/security/web/{ => access}/intercept/FilterInvocationTests.java (98%) rename web/src/test/java/org/springframework/security/web/{ => access}/intercept/FilterSecurityInterceptorTests.java (95%) rename web/src/test/java/org/springframework/security/web/{ => access}/intercept/RequestKeyTests.java (91%) rename web/src/test/java/org/springframework/security/web/{concurrent => authentication}/ConcurrentSessionFilterTests.java (97%) rename web/src/test/java/org/springframework/security/web/{ => authentication}/logout/LogoutHandlerTests.java (83%) rename web/src/test/java/org/springframework/security/web/{ => session}/SessionFixationProtectionFilterTests.java (95%) diff --git a/config/src/main/java/org/springframework/security/config/ConcurrentSessionsBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/ConcurrentSessionsBeanDefinitionParser.java index 5333c1fc21..c40551f3d9 100644 --- a/config/src/main/java/org/springframework/security/config/ConcurrentSessionsBeanDefinitionParser.java +++ b/config/src/main/java/org/springframework/security/config/ConcurrentSessionsBeanDefinitionParser.java @@ -12,7 +12,7 @@ import org.springframework.beans.factory.xml.ParserContext; import org.springframework.security.authentication.ProviderManager; import org.springframework.security.authentication.concurrent.ConcurrentSessionControllerImpl; import org.springframework.security.authentication.concurrent.SessionRegistryImpl; -import org.springframework.security.web.concurrent.ConcurrentSessionFilter; +import org.springframework.security.web.authentication.concurrent.ConcurrentSessionFilter; import org.springframework.util.StringUtils; import org.w3c.dom.Element; diff --git a/config/src/main/java/org/springframework/security/config/EntryPointInjectionBeanPostProcessor.java b/config/src/main/java/org/springframework/security/config/EntryPointInjectionBeanPostProcessor.java index a407ee172c..8a489f2351 100644 --- a/config/src/main/java/org/springframework/security/config/EntryPointInjectionBeanPostProcessor.java +++ b/config/src/main/java/org/springframework/security/config/EntryPointInjectionBeanPostProcessor.java @@ -10,7 +10,7 @@ import org.springframework.beans.factory.BeanFactoryAware; import org.springframework.beans.factory.config.BeanPostProcessor; import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; import org.springframework.security.web.AuthenticationEntryPoint; -import org.springframework.security.web.ExceptionTranslationFilter; +import org.springframework.security.web.access.ExceptionTranslationFilter; import org.springframework.util.Assert; /** diff --git a/config/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java b/config/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java index 6b981cc512..0727c54a37 100644 --- a/config/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java +++ b/config/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java @@ -19,17 +19,17 @@ import org.springframework.core.Ordered; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.authentication.AnonymousAuthenticationToken; import org.springframework.security.config.ConfigUtils.FilterChainList; -import org.springframework.security.web.ExceptionTranslationFilter; import org.springframework.security.web.FilterChainProxy; -import org.springframework.security.web.SessionFixationProtectionFilter; +import org.springframework.security.web.access.ExceptionTranslationFilter; +import org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource; +import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; import org.springframework.security.web.authentication.AnonymousProcessingFilter; import org.springframework.security.web.authentication.AuthenticationProcessingFilter; import org.springframework.security.web.authentication.AuthenticationProcessingFilterEntryPoint; -import org.springframework.security.web.authentication.DefaultLoginPageGeneratingFilter; +import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter; import org.springframework.security.web.authentication.www.BasicProcessingFilter; import org.springframework.security.web.context.SecurityContextPersistenceFilter; -import org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource; -import org.springframework.security.web.intercept.FilterSecurityInterceptor; +import org.springframework.security.web.session.SessionFixationProtectionFilter; import org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter; /** diff --git a/config/src/main/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParser.java index 58f9c5c551..39a6786934 100644 --- a/config/src/main/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParser.java +++ b/config/src/main/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParser.java @@ -7,8 +7,8 @@ import org.springframework.beans.factory.support.BeanDefinitionBuilder; import org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser; import org.springframework.beans.factory.xml.ParserContext; import org.springframework.security.access.ConfigAttribute; -import org.springframework.security.web.intercept.FilterInvocationSecurityMetadataSource; -import org.springframework.security.web.intercept.RequestKey; +import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; +import org.springframework.security.web.access.intercept.RequestKey; import org.springframework.security.web.util.AntUrlPathMatcher; import org.springframework.security.web.util.UrlMatcher; import org.springframework.util.StringUtils; @@ -24,7 +24,7 @@ import org.w3c.dom.Element; public class FilterInvocationSecurityMetadataSourceBeanDefinitionParser extends AbstractSingleBeanDefinitionParser { protected String getBeanClassName(Element element) { - return "org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource"; + return "org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource"; } protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) { diff --git a/config/src/main/java/org/springframework/security/config/FormLoginBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/FormLoginBeanDefinitionParser.java index d7a82350de..0bcdb713cd 100644 --- a/config/src/main/java/org/springframework/security/config/FormLoginBeanDefinitionParser.java +++ b/config/src/main/java/org/springframework/security/config/FormLoginBeanDefinitionParser.java @@ -8,9 +8,9 @@ import org.springframework.beans.factory.support.RootBeanDefinition; import org.springframework.beans.factory.xml.BeanDefinitionParser; import org.springframework.beans.factory.xml.ParserContext; import org.springframework.security.web.authentication.AuthenticationProcessingFilterEntryPoint; -import org.springframework.security.web.authentication.DefaultLoginPageGeneratingFilter; import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; +import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter; import org.springframework.util.StringUtils; import org.w3c.dom.Element; diff --git a/config/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java index 9f7518bd65..ecbfa980c7 100644 --- a/config/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java +++ b/config/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java @@ -23,23 +23,23 @@ import org.springframework.security.access.SecurityConfig; import org.springframework.security.access.vote.AccessDecisionVoter; import org.springframework.security.access.vote.AuthenticatedVoter; import org.springframework.security.access.vote.RoleVoter; -import org.springframework.security.web.AccessDeniedHandlerImpl; -import org.springframework.security.web.ExceptionTranslationFilter; import org.springframework.security.web.FilterChainProxy; -import org.springframework.security.web.SessionFixationProtectionFilter; -import org.springframework.security.web.authentication.DefaultLoginPageGeneratingFilter; +import org.springframework.security.web.access.AccessDeniedHandlerImpl; +import org.springframework.security.web.access.ExceptionTranslationFilter; +import org.springframework.security.web.access.channel.ChannelDecisionManagerImpl; +import org.springframework.security.web.access.channel.ChannelProcessingFilter; +import org.springframework.security.web.access.channel.InsecureChannelProcessor; +import org.springframework.security.web.access.channel.RetryWithHttpEntryPoint; +import org.springframework.security.web.access.channel.RetryWithHttpsEntryPoint; +import org.springframework.security.web.access.channel.SecureChannelProcessor; +import org.springframework.security.web.access.expression.WebExpressionVoter; +import org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource; +import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; +import org.springframework.security.web.access.intercept.RequestKey; +import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter; import org.springframework.security.web.context.HttpSessionSecurityContextRepository; import org.springframework.security.web.context.SecurityContextPersistenceFilter; -import org.springframework.security.web.expression.WebExpressionVoter; -import org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource; -import org.springframework.security.web.intercept.FilterSecurityInterceptor; -import org.springframework.security.web.intercept.RequestKey; -import org.springframework.security.web.securechannel.ChannelDecisionManagerImpl; -import org.springframework.security.web.securechannel.ChannelProcessingFilter; -import org.springframework.security.web.securechannel.InsecureChannelProcessor; -import org.springframework.security.web.securechannel.RetryWithHttpEntryPoint; -import org.springframework.security.web.securechannel.RetryWithHttpsEntryPoint; -import org.springframework.security.web.securechannel.SecureChannelProcessor; +import org.springframework.security.web.session.SessionFixationProtectionFilter; import org.springframework.security.web.util.AntUrlPathMatcher; import org.springframework.security.web.util.RegexUrlPathMatcher; import org.springframework.security.web.util.UrlMatcher; @@ -112,8 +112,8 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser { static final String OPEN_ID_AUTHENTICATION_PROVIDER_CLASS = "org.springframework.security.openid.OpenIDAuthenticationProvider"; static final String AUTHENTICATION_PROCESSING_FILTER_CLASS = "org.springframework.security.web.authentication.AuthenticationProcessingFilter"; - static final String EXPRESSION_FIMDS_CLASS = "org.springframework.security.web.expression.ExpressionBasedFilterInvocationSecurityMetadataSource"; - static final String EXPRESSION_HANDLER_CLASS = "org.springframework.security.web.expression.DefaultWebSecurityExpressionHandler"; + static final String EXPRESSION_FIMDS_CLASS = "org.springframework.security.web.access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource"; + static final String EXPRESSION_HANDLER_CLASS = "org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler"; private static final String EXPRESSION_HANDLER_ID = "_webExpressionHandler"; @SuppressWarnings("unchecked") diff --git a/config/src/main/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParser.java index 2d19f0cc00..bca4e3d218 100644 --- a/config/src/main/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParser.java +++ b/config/src/main/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParser.java @@ -36,7 +36,7 @@ public class LdapUserServiceBeanDefinitionParser extends AbstractUserDetailsServ public static final String PERSON_MAPPER_CLASS = "org.springframework.security.ldap.userdetails.PersonContextMapper"; public static final String INET_ORG_PERSON_MAPPER_CLASS = "org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper"; public static final String LDAP_USER_MAPPER_CLASS = "org.springframework.security.ldap.userdetails.LdapUserDetailsMapper"; - public static final String LDAP_AUTHORITIES_POPULATOR_CLASS = "org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator"; + public static final String LDAP_AUTHORITIES_POPULATOR_CLASS = "org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator"; protected String getBeanClassName(Element element) { return "org.springframework.security.ldap.userdetails.LdapUserDetailsService"; diff --git a/config/src/main/java/org/springframework/security/config/LogoutBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/LogoutBeanDefinitionParser.java index d89f6c691a..06b850cc71 100644 --- a/config/src/main/java/org/springframework/security/config/LogoutBeanDefinitionParser.java +++ b/config/src/main/java/org/springframework/security/config/LogoutBeanDefinitionParser.java @@ -6,8 +6,8 @@ import org.springframework.beans.factory.support.BeanDefinitionBuilder; import org.springframework.beans.factory.support.ManagedList; import org.springframework.beans.factory.xml.BeanDefinitionParser; import org.springframework.beans.factory.xml.ParserContext; -import org.springframework.security.web.logout.LogoutFilter; -import org.springframework.security.web.logout.SecurityContextLogoutHandler; +import org.springframework.security.web.authentication.logout.LogoutFilter; +import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler; import org.springframework.util.StringUtils; import org.w3c.dom.Element; diff --git a/config/src/main/java/org/springframework/security/config/SessionRegistryInjectionBeanPostProcessor.java b/config/src/main/java/org/springframework/security/config/SessionRegistryInjectionBeanPostProcessor.java index 31731ff644..e9fe1b280d 100644 --- a/config/src/main/java/org/springframework/security/config/SessionRegistryInjectionBeanPostProcessor.java +++ b/config/src/main/java/org/springframework/security/config/SessionRegistryInjectionBeanPostProcessor.java @@ -11,8 +11,8 @@ import org.springframework.beans.factory.config.BeanPostProcessor; import org.springframework.security.authentication.concurrent.ConcurrentSessionController; import org.springframework.security.authentication.concurrent.ConcurrentSessionControllerImpl; import org.springframework.security.authentication.concurrent.SessionRegistry; -import org.springframework.security.web.SessionFixationProtectionFilter; import org.springframework.security.web.authentication.AbstractProcessingFilter; +import org.springframework.security.web.session.SessionFixationProtectionFilter; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; diff --git a/config/src/test/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParserTests.java index f8c35eb468..9d13ac77c9 100644 --- a/config/src/test/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParserTests.java @@ -15,7 +15,7 @@ import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.SecurityConfig; import org.springframework.security.config.util.InMemoryXmlApplicationContext; import org.springframework.security.web.FilterInvocation; -import org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource; +import org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource; import org.w3c.dom.Element; /** @@ -59,7 +59,7 @@ public class FilterInvocationSecurityMetadataSourceBeanDefinitionParserTests { public void parsingWithinFilterSecurityInterceptorIsSuccessful() { setContext( "" + - "" + + "" + " " + " " + " " + diff --git a/config/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java index 443e85c322..a6388d9ebe 100644 --- a/config/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java @@ -33,35 +33,35 @@ import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.openid.OpenIDAuthenticationProcessingFilter; import org.springframework.security.openid.OpenIDAuthenticationProvider; import org.springframework.security.util.FieldUtils; -import org.springframework.security.web.AccessDeniedHandlerImpl; -import org.springframework.security.web.ExceptionTranslationFilter; import org.springframework.security.web.FilterChainProxy; import org.springframework.security.web.FilterInvocation; import org.springframework.security.web.PortMapperImpl; -import org.springframework.security.web.SessionFixationProtectionFilter; +import org.springframework.security.web.access.AccessDeniedHandlerImpl; +import org.springframework.security.web.access.ExceptionTranslationFilter; +import org.springframework.security.web.access.channel.ChannelProcessingFilter; +import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler; +import org.springframework.security.web.access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource; +import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; +import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; import org.springframework.security.web.authentication.AnonymousProcessingFilter; import org.springframework.security.web.authentication.AuthenticationFailureHandler; import org.springframework.security.web.authentication.AuthenticationProcessingFilter; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; -import org.springframework.security.web.authentication.DefaultLoginPageGeneratingFilter; import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; import org.springframework.security.web.authentication.WebAuthenticationDetails; +import org.springframework.security.web.authentication.concurrent.ConcurrentSessionFilter; +import org.springframework.security.web.authentication.logout.LogoutFilter; +import org.springframework.security.web.authentication.logout.LogoutHandler; import org.springframework.security.web.authentication.preauth.x509.X509PreAuthenticatedProcessingFilter; import org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl; import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices; import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices; +import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter; import org.springframework.security.web.authentication.www.BasicProcessingFilter; -import org.springframework.security.web.concurrent.ConcurrentSessionFilter; import org.springframework.security.web.context.HttpSessionSecurityContextRepository; import org.springframework.security.web.context.SecurityContextPersistenceFilter; -import org.springframework.security.web.expression.DefaultWebSecurityExpressionHandler; -import org.springframework.security.web.expression.ExpressionBasedFilterInvocationSecurityMetadataSource; -import org.springframework.security.web.intercept.FilterInvocationSecurityMetadataSource; -import org.springframework.security.web.intercept.FilterSecurityInterceptor; -import org.springframework.security.web.logout.LogoutFilter; -import org.springframework.security.web.logout.LogoutHandler; -import org.springframework.security.web.securechannel.ChannelProcessingFilter; +import org.springframework.security.web.session.SessionFixationProtectionFilter; import org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter; import org.springframework.util.ReflectionUtils; diff --git a/config/src/test/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParserTests.java index 52df2775ae..75c5da3dfa 100644 --- a/config/src/test/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParserTests.java @@ -13,8 +13,8 @@ import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.authority.GrantedAuthorityImpl; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator; import org.springframework.security.ldap.search.FilterBasedLdapUserSearch; +import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator; import org.springframework.security.ldap.userdetails.InetOrgPerson; import org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper; import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper; diff --git a/core/src/main/java/org/springframework/security/core/token/KeyBasedPersistenceTokenService.java b/core/src/main/java/org/springframework/security/core/token/KeyBasedPersistenceTokenService.java index 4ad4939a1c..fd85ac86de 100644 --- a/core/src/main/java/org/springframework/security/core/token/KeyBasedPersistenceTokenService.java +++ b/core/src/main/java/org/springframework/security/core/token/KeyBasedPersistenceTokenService.java @@ -7,7 +7,6 @@ import java.util.Date; import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.Hex; import org.springframework.beans.factory.InitializingBean; -import org.springframework.security.util.Sha512DigestUtils; import org.springframework.util.Assert; import org.springframework.util.StringUtils; diff --git a/core/src/main/java/org/springframework/security/util/Sha512DigestUtils.java b/core/src/main/java/org/springframework/security/core/token/Sha512DigestUtils.java similarity index 97% rename from core/src/main/java/org/springframework/security/util/Sha512DigestUtils.java rename to core/src/main/java/org/springframework/security/core/token/Sha512DigestUtils.java index 2ba2a89fac..deae57745c 100644 --- a/core/src/main/java/org/springframework/security/util/Sha512DigestUtils.java +++ b/core/src/main/java/org/springframework/security/core/token/Sha512DigestUtils.java @@ -1,4 +1,4 @@ -package org.springframework.security.util; +package org.springframework.security.core.token; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; diff --git a/itest/context/src/test/resources/filter-chain-performance-app-context.xml b/itest/context/src/test/resources/filter-chain-performance-app-context.xml index 2ac665b702..aabb0ac0c7 100644 --- a/itest/context/src/test/resources/filter-chain-performance-app-context.xml +++ b/itest/context/src/test/resources/filter-chain-performance-app-context.xml @@ -57,16 +57,16 @@ - + - + - + @@ -88,7 +88,7 @@ - + diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java index 98418647c2..1d4963f61b 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java @@ -16,8 +16,7 @@ package org.springframework.security.ldap.authentication; import org.springframework.security.core.SpringSecurityMessageSource; -import org.springframework.security.ldap.LdapAuthenticator; -import org.springframework.security.ldap.LdapUserSearch; +import org.springframework.security.ldap.search.LdapUserSearch; import org.springframework.beans.factory.InitializingBean; import org.springframework.context.MessageSource; import org.springframework.context.MessageSourceAware; diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java index 6a2c95d91f..1e0a04fcc2 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java @@ -28,9 +28,8 @@ import org.springframework.security.core.SpringSecurityMessageSource; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.security.ldap.LdapAuthenticator; -import org.springframework.security.ldap.LdapAuthoritiesPopulator; -import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator; +import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator; +import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator; import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper; import org.springframework.security.ldap.userdetails.UserDetailsContextMapper; import org.springframework.context.MessageSource; diff --git a/ldap/src/main/java/org/springframework/security/ldap/LdapAuthenticator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticator.java similarity index 85% rename from ldap/src/main/java/org/springframework/security/ldap/LdapAuthenticator.java rename to ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticator.java index 462cea1e30..d7654d2aaf 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/LdapAuthenticator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticator.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.ldap; +package org.springframework.security.ldap.authentication; import org.springframework.security.core.Authentication; import org.springframework.ldap.core.DirContextOperations; @@ -28,8 +28,8 @@ import org.springframework.ldap.core.DirContextOperations; * @author Luke Taylor * @version $Id$ * - * @see org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator - * @see org.springframework.security.ldap.populator.UserDetailsServiceLdapAuthoritiesPopulator + * @see org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator + * @see org.springframework.security.ldap.authentication.UserDetailsServiceLdapAuthoritiesPopulator */ public interface LdapAuthenticator { //~ Methods ======================================================================================================== diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java index 252fdea5a5..dada87b391 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java @@ -32,7 +32,7 @@ import org.springframework.util.Assert; /** - * An {@link org.springframework.security.ldap.LdapAuthenticator LdapAuthenticator} which compares the login + * An {@link org.springframework.security.ldap.authentication.LdapAuthenticator LdapAuthenticator} which compares the login * password with the value stored in the directory using a remote LDAP "compare" operation. * *

diff --git a/ldap/src/main/java/org/springframework/security/ldap/SpringSecurityAuthenticationSource.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/SpringSecurityAuthenticationSource.java similarity index 97% rename from ldap/src/main/java/org/springframework/security/ldap/SpringSecurityAuthenticationSource.java rename to ldap/src/main/java/org/springframework/security/ldap/authentication/SpringSecurityAuthenticationSource.java index 4fbfaffced..18127ffe29 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/SpringSecurityAuthenticationSource.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/SpringSecurityAuthenticationSource.java @@ -1,4 +1,4 @@ -package org.springframework.security.ldap; +package org.springframework.security.ldap.authentication; import org.springframework.security.authentication.AnonymousAuthenticationToken; import org.springframework.security.core.Authentication; diff --git a/ldap/src/main/java/org/springframework/security/ldap/populator/UserDetailsServiceLdapAuthoritiesPopulator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/UserDetailsServiceLdapAuthoritiesPopulator.java similarity index 88% rename from ldap/src/main/java/org/springframework/security/ldap/populator/UserDetailsServiceLdapAuthoritiesPopulator.java rename to ldap/src/main/java/org/springframework/security/ldap/authentication/UserDetailsServiceLdapAuthoritiesPopulator.java index d9ca859bd5..22713e3f51 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/populator/UserDetailsServiceLdapAuthoritiesPopulator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/UserDetailsServiceLdapAuthoritiesPopulator.java @@ -1,10 +1,10 @@ -package org.springframework.security.ldap.populator; +package org.springframework.security.ldap.authentication; import java.util.List; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.ldap.LdapAuthoritiesPopulator; +import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator; import org.springframework.ldap.core.DirContextOperations; import org.springframework.util.Assert; diff --git a/ldap/src/main/java/org/springframework/security/ldap/populator/package.html b/ldap/src/main/java/org/springframework/security/ldap/populator/package.html deleted file mode 100644 index 492914683e..0000000000 --- a/ldap/src/main/java/org/springframework/security/ldap/populator/package.html +++ /dev/null @@ -1,5 +0,0 @@ - - -LdapAuthoritiesPopulator implementations. - - \ No newline at end of file diff --git a/ldap/src/main/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearch.java b/ldap/src/main/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearch.java index 06beb39bfd..5f04faba47 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearch.java +++ b/ldap/src/main/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearch.java @@ -17,7 +17,6 @@ package org.springframework.security.ldap.search; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.ldap.SpringSecurityLdapTemplate; -import org.springframework.security.ldap.LdapUserSearch; import org.apache.commons.logging.Log; diff --git a/ldap/src/main/java/org/springframework/security/ldap/LdapUserSearch.java b/ldap/src/main/java/org/springframework/security/ldap/search/LdapUserSearch.java similarity index 97% rename from ldap/src/main/java/org/springframework/security/ldap/LdapUserSearch.java rename to ldap/src/main/java/org/springframework/security/ldap/search/LdapUserSearch.java index 88ed1c2f41..c28a175dc4 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/LdapUserSearch.java +++ b/ldap/src/main/java/org/springframework/security/ldap/search/LdapUserSearch.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.ldap; +package org.springframework.security.ldap.search; import org.springframework.ldap.core.DirContextOperations; import org.springframework.security.core.userdetails.UsernameNotFoundException; diff --git a/ldap/src/main/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulator.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java similarity index 99% rename from ldap/src/main/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulator.java rename to ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java index caa4938b0f..344ff2ff31 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java @@ -13,12 +13,11 @@ * limitations under the License. */ -package org.springframework.security.ldap.populator; +package org.springframework.security.ldap.userdetails; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.GrantedAuthorityImpl; import org.springframework.security.ldap.SpringSecurityLdapTemplate; -import org.springframework.security.ldap.LdapAuthoritiesPopulator; import org.springframework.ldap.core.ContextSource; import org.springframework.ldap.core.DirContextOperations; import org.springframework.ldap.core.LdapTemplate; diff --git a/ldap/src/main/java/org/springframework/security/ldap/LdapAuthoritiesPopulator.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapAuthoritiesPopulator.java similarity index 96% rename from ldap/src/main/java/org/springframework/security/ldap/LdapAuthoritiesPopulator.java rename to ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapAuthoritiesPopulator.java index 83a0823213..bedb09b0bc 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/LdapAuthoritiesPopulator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapAuthoritiesPopulator.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.ldap; +package org.springframework.security.ldap.userdetails; import java.util.List; diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsService.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsService.java index 4dfcb39fdc..dc9d72ed32 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsService.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsService.java @@ -4,8 +4,7 @@ import org.springframework.ldap.core.DirContextOperations; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.security.ldap.LdapAuthoritiesPopulator; -import org.springframework.security.ldap.LdapUserSearch; +import org.springframework.security.ldap.search.LdapUserSearch; import org.springframework.util.Assert; /** diff --git a/ldap/src/test/java/org/springframework/security/ldap/SpringSecurityAuthenticationSourceTests.java b/ldap/src/test/java/org/springframework/security/ldap/SpringSecurityAuthenticationSourceTests.java index 7184dd9e98..fb5f3d5cb1 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/SpringSecurityAuthenticationSourceTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/SpringSecurityAuthenticationSourceTests.java @@ -4,6 +4,7 @@ import org.springframework.security.authentication.AnonymousAuthenticationToken; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource; import org.springframework.security.ldap.userdetails.LdapUserDetailsImpl; import org.springframework.ldap.core.AuthenticationSource; import org.springframework.ldap.core.DistinguishedName; diff --git a/ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java b/ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java index 286f4ac03b..47c212467c 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java @@ -34,8 +34,7 @@ import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.security.ldap.LdapAuthenticator; -import org.springframework.security.ldap.LdapAuthoritiesPopulator; +import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator; import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper; diff --git a/ldap/src/test/java/org/springframework/security/ldap/authentication/MockUserSearch.java b/ldap/src/test/java/org/springframework/security/ldap/authentication/MockUserSearch.java index 53711ba8be..9ff3037ac1 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/authentication/MockUserSearch.java +++ b/ldap/src/test/java/org/springframework/security/ldap/authentication/MockUserSearch.java @@ -15,7 +15,7 @@ package org.springframework.security.ldap.authentication; -import org.springframework.security.ldap.LdapUserSearch; +import org.springframework.security.ldap.search.LdapUserSearch; import org.springframework.ldap.core.DirContextOperations; diff --git a/ldap/src/test/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulatorTests.java b/ldap/src/test/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulatorTests.java index 81a56a7dd3..8651c89022 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulatorTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulatorTests.java @@ -18,7 +18,7 @@ package org.springframework.security.ldap.populator; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.ldap.AbstractLdapIntegrationTests; -import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator; +import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator; import org.springframework.ldap.core.DirContextAdapter; import org.springframework.ldap.core.DistinguishedName; diff --git a/ldap/src/test/java/org/springframework/security/ldap/populator/UserDetailsServiceLdapAuthoritiesPopulatorTests.java b/ldap/src/test/java/org/springframework/security/ldap/populator/UserDetailsServiceLdapAuthoritiesPopulatorTests.java index f4207f5902..6b0fb00f27 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/populator/UserDetailsServiceLdapAuthoritiesPopulatorTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/populator/UserDetailsServiceLdapAuthoritiesPopulatorTests.java @@ -11,6 +11,7 @@ import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.ldap.authentication.UserDetailsServiceLdapAuthoritiesPopulator; /** * @author Luke Taylor diff --git a/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsServiceTests.java b/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsServiceTests.java index 582ee5a88c..90aca563b7 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsServiceTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsServiceTests.java @@ -13,7 +13,6 @@ import org.springframework.ldap.core.DistinguishedName; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.ldap.LdapAuthoritiesPopulator; import org.springframework.security.ldap.authentication.MockUserSearch; import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper; import org.springframework.security.ldap.userdetails.LdapUserDetailsService; diff --git a/samples/ldap/src/main/webapp/WEB-INF/applicationContext-security.xml b/samples/ldap/src/main/webapp/WEB-INF/applicationContext-security.xml index 9e523b5ec1..19471b2ec2 100644 --- a/samples/ldap/src/main/webapp/WEB-INF/applicationContext-security.xml +++ b/samples/ldap/src/main/webapp/WEB-INF/applicationContext-security.xml @@ -48,7 +48,7 @@ - + diff --git a/samples/preauth/src/main/webapp/WEB-INF/applicationContext-security.xml b/samples/preauth/src/main/webapp/WEB-INF/applicationContext-security.xml index 3d6f603a4b..b833d160e3 100644 --- a/samples/preauth/src/main/webapp/WEB-INF/applicationContext-security.xml +++ b/samples/preauth/src/main/webapp/WEB-INF/applicationContext-security.xml @@ -38,11 +38,11 @@ - + - + @@ -69,7 +69,7 @@ - + @@ -82,7 +82,7 @@ - + diff --git a/web/src/main/java/org/springframework/security/web/AuthenticationEntryPoint.java b/web/src/main/java/org/springframework/security/web/AuthenticationEntryPoint.java index 355739b2c6..71077c0466 100644 --- a/web/src/main/java/org/springframework/security/web/AuthenticationEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/AuthenticationEntryPoint.java @@ -16,6 +16,7 @@ package org.springframework.security.web; import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.access.ExceptionTranslationFilter; import java.io.IOException; diff --git a/web/src/main/java/org/springframework/security/web/FilterChainProxy.java b/web/src/main/java/org/springframework/security/web/FilterChainProxy.java index ac6940c0a0..3c9c2e5f4a 100644 --- a/web/src/main/java/org/springframework/security/web/FilterChainProxy.java +++ b/web/src/main/java/org/springframework/security/web/FilterChainProxy.java @@ -34,7 +34,7 @@ import javax.servlet.ServletResponse; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.springframework.beans.factory.InitializingBean; -import org.springframework.security.web.intercept.FilterInvocationSecurityMetadataSource; +import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; import org.springframework.security.web.util.AntUrlPathMatcher; import org.springframework.security.web.util.UrlMatcher; import org.springframework.util.Assert; diff --git a/web/src/main/java/org/springframework/security/web/AccessDeniedHandler.java b/web/src/main/java/org/springframework/security/web/access/AccessDeniedHandler.java similarity index 94% rename from web/src/main/java/org/springframework/security/web/AccessDeniedHandler.java rename to web/src/main/java/org/springframework/security/web/access/AccessDeniedHandler.java index 158c59f6b9..162d9a7efe 100644 --- a/web/src/main/java/org/springframework/security/web/AccessDeniedHandler.java +++ b/web/src/main/java/org/springframework/security/web/access/AccessDeniedHandler.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web; +package org.springframework.security.web.access; import org.springframework.security.access.AccessDeniedException; diff --git a/web/src/main/java/org/springframework/security/web/AccessDeniedHandlerImpl.java b/web/src/main/java/org/springframework/security/web/access/AccessDeniedHandlerImpl.java similarity index 96% rename from web/src/main/java/org/springframework/security/web/AccessDeniedHandlerImpl.java rename to web/src/main/java/org/springframework/security/web/access/AccessDeniedHandlerImpl.java index 7a86470e41..d5cff8a3be 100644 --- a/web/src/main/java/org/springframework/security/web/AccessDeniedHandlerImpl.java +++ b/web/src/main/java/org/springframework/security/web/access/AccessDeniedHandlerImpl.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web; +package org.springframework.security.web.access; import java.io.IOException; diff --git a/web/src/main/java/org/springframework/security/web/ExceptionTranslationFilter.java b/web/src/main/java/org/springframework/security/web/access/ExceptionTranslationFilter.java similarity index 96% rename from web/src/main/java/org/springframework/security/web/ExceptionTranslationFilter.java rename to web/src/main/java/org/springframework/security/web/access/ExceptionTranslationFilter.java index 12ca38fd1d..b3d1b1f700 100644 --- a/web/src/main/java/org/springframework/security/web/ExceptionTranslationFilter.java +++ b/web/src/main/java/org/springframework/security/web/access/ExceptionTranslationFilter.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web; +package org.springframework.security.web.access; import java.io.IOException; @@ -29,6 +29,11 @@ import org.springframework.security.authentication.AuthenticationTrustResolverIm import org.springframework.security.authentication.InsufficientAuthenticationException; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.web.AuthenticationEntryPoint; +import org.springframework.security.web.FilterChainOrder; +import org.springframework.security.web.PortResolver; +import org.springframework.security.web.PortResolverImpl; +import org.springframework.security.web.SpringSecurityFilter; import org.springframework.security.web.savedrequest.SavedRequest; import org.springframework.security.web.util.ThrowableAnalyzer; import org.springframework.security.web.util.ThrowableCauseExtractor; @@ -47,8 +52,8 @@ import org.springframework.util.Assert; *

* If an {@link AccessDeniedException} is detected, the filter will determine whether or not the user is an anonymous * user. If they are an anonymous user, the authenticationEntryPoint will be launched. If they are not - * an anonymous user, the filter will delegate to the {@link org.springframework.security.web.AccessDeniedHandler}. - * By default the filter will use {@link org.springframework.security.web.AccessDeniedHandlerImpl}. + * an anonymous user, the filter will delegate to the {@link org.springframework.security.web.access.AccessDeniedHandler}. + * By default the filter will use {@link org.springframework.security.web.access.AccessDeniedHandlerImpl}. *

* To use this filter, it is necessary to specify the following properties: *

    diff --git a/web/src/main/java/org/springframework/security/web/intercept/WebInvocationPrivilegeEvaluator.java b/web/src/main/java/org/springframework/security/web/access/WebInvocationPrivilegeEvaluator.java similarity index 99% rename from web/src/main/java/org/springframework/security/web/intercept/WebInvocationPrivilegeEvaluator.java rename to web/src/main/java/org/springframework/security/web/access/WebInvocationPrivilegeEvaluator.java index ae82ecb834..3aaafc4c11 100644 --- a/web/src/main/java/org/springframework/security/web/intercept/WebInvocationPrivilegeEvaluator.java +++ b/web/src/main/java/org/springframework/security/web/access/WebInvocationPrivilegeEvaluator.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.intercept; +package org.springframework.security.web.access; import java.io.IOException; import java.util.List; diff --git a/web/src/main/java/org/springframework/security/web/securechannel/AbstractRetryEntryPoint.java b/web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java similarity index 98% rename from web/src/main/java/org/springframework/security/web/securechannel/AbstractRetryEntryPoint.java rename to web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java index 13f49d7125..8ec3292075 100644 --- a/web/src/main/java/org/springframework/security/web/securechannel/AbstractRetryEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java @@ -1,4 +1,4 @@ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; import org.springframework.security.web.PortMapper; import org.springframework.security.web.PortMapperImpl; diff --git a/web/src/main/java/org/springframework/security/web/securechannel/ChannelDecisionManager.java b/web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManager.java similarity index 97% rename from web/src/main/java/org/springframework/security/web/securechannel/ChannelDecisionManager.java rename to web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManager.java index 7fb7194aa7..a49d0b4e76 100644 --- a/web/src/main/java/org/springframework/security/web/securechannel/ChannelDecisionManager.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManager.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.web.FilterInvocation; diff --git a/web/src/main/java/org/springframework/security/web/securechannel/ChannelDecisionManagerImpl.java b/web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManagerImpl.java similarity index 98% rename from web/src/main/java/org/springframework/security/web/securechannel/ChannelDecisionManagerImpl.java rename to web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManagerImpl.java index 118e4c9706..729128f38e 100644 --- a/web/src/main/java/org/springframework/security/web/securechannel/ChannelDecisionManagerImpl.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManagerImpl.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; import org.springframework.security.access.ConfigAttribute; diff --git a/web/src/main/java/org/springframework/security/web/securechannel/ChannelEntryPoint.java b/web/src/main/java/org/springframework/security/web/access/channel/ChannelEntryPoint.java similarity index 97% rename from web/src/main/java/org/springframework/security/web/securechannel/ChannelEntryPoint.java rename to web/src/main/java/org/springframework/security/web/access/channel/ChannelEntryPoint.java index e349116db7..41a7ddcd54 100644 --- a/web/src/main/java/org/springframework/security/web/securechannel/ChannelEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/ChannelEntryPoint.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; import java.io.IOException; diff --git a/web/src/main/java/org/springframework/security/web/securechannel/ChannelProcessingFilter.java b/web/src/main/java/org/springframework/security/web/access/channel/ChannelProcessingFilter.java similarity index 97% rename from web/src/main/java/org/springframework/security/web/securechannel/ChannelProcessingFilter.java rename to web/src/main/java/org/springframework/security/web/access/channel/ChannelProcessingFilter.java index 0bdae6fe56..6c9faa9d19 100644 --- a/web/src/main/java/org/springframework/security/web/securechannel/ChannelProcessingFilter.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/ChannelProcessingFilter.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; import java.io.IOException; import java.util.Collection; @@ -31,7 +31,7 @@ import org.springframework.security.access.ConfigAttribute; import org.springframework.security.web.FilterChainOrder; import org.springframework.security.web.FilterInvocation; import org.springframework.security.web.SpringSecurityFilter; -import org.springframework.security.web.intercept.FilterInvocationSecurityMetadataSource; +import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; import org.springframework.util.Assert; diff --git a/web/src/main/java/org/springframework/security/web/securechannel/ChannelProcessor.java b/web/src/main/java/org/springframework/security/web/access/channel/ChannelProcessor.java similarity index 97% rename from web/src/main/java/org/springframework/security/web/securechannel/ChannelProcessor.java rename to web/src/main/java/org/springframework/security/web/access/channel/ChannelProcessor.java index 93865710a3..c7abc0d5d9 100644 --- a/web/src/main/java/org/springframework/security/web/securechannel/ChannelProcessor.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/ChannelProcessor.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.web.FilterInvocation; diff --git a/web/src/main/java/org/springframework/security/web/securechannel/InsecureChannelProcessor.java b/web/src/main/java/org/springframework/security/web/access/channel/InsecureChannelProcessor.java similarity index 98% rename from web/src/main/java/org/springframework/security/web/securechannel/InsecureChannelProcessor.java rename to web/src/main/java/org/springframework/security/web/access/channel/InsecureChannelProcessor.java index f6b2b8b294..4dd38a5eb5 100644 --- a/web/src/main/java/org/springframework/security/web/securechannel/InsecureChannelProcessor.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/InsecureChannelProcessor.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; import java.io.IOException; import java.util.List; diff --git a/web/src/main/java/org/springframework/security/web/securechannel/RetryWithHttpEntryPoint.java b/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpEntryPoint.java similarity index 95% rename from web/src/main/java/org/springframework/security/web/securechannel/RetryWithHttpEntryPoint.java rename to web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpEntryPoint.java index 032788dee8..f1fbed5ea2 100644 --- a/web/src/main/java/org/springframework/security/web/securechannel/RetryWithHttpEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpEntryPoint.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; /** diff --git a/web/src/main/java/org/springframework/security/web/securechannel/RetryWithHttpsEntryPoint.java b/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpsEntryPoint.java similarity index 95% rename from web/src/main/java/org/springframework/security/web/securechannel/RetryWithHttpsEntryPoint.java rename to web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpsEntryPoint.java index 40fe3fdbcf..e11a07b010 100644 --- a/web/src/main/java/org/springframework/security/web/securechannel/RetryWithHttpsEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/RetryWithHttpsEntryPoint.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; /** * Commences a secure channel by retrying the original request using HTTPS. diff --git a/web/src/main/java/org/springframework/security/web/securechannel/SecureChannelProcessor.java b/web/src/main/java/org/springframework/security/web/access/channel/SecureChannelProcessor.java similarity index 98% rename from web/src/main/java/org/springframework/security/web/securechannel/SecureChannelProcessor.java rename to web/src/main/java/org/springframework/security/web/access/channel/SecureChannelProcessor.java index f9dd5d7629..68b64bf519 100644 --- a/web/src/main/java/org/springframework/security/web/securechannel/SecureChannelProcessor.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/SecureChannelProcessor.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; import java.io.IOException; import java.util.List; diff --git a/web/src/main/java/org/springframework/security/web/securechannel/package.html b/web/src/main/java/org/springframework/security/web/access/channel/package.html similarity index 100% rename from web/src/main/java/org/springframework/security/web/securechannel/package.html rename to web/src/main/java/org/springframework/security/web/access/channel/package.html diff --git a/web/src/main/java/org/springframework/security/web/expression/DefaultWebSecurityExpressionHandler.java b/web/src/main/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandler.java similarity index 96% rename from web/src/main/java/org/springframework/security/web/expression/DefaultWebSecurityExpressionHandler.java rename to web/src/main/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandler.java index cfc8e9b57f..e21d529118 100644 --- a/web/src/main/java/org/springframework/security/web/expression/DefaultWebSecurityExpressionHandler.java +++ b/web/src/main/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandler.java @@ -1,4 +1,4 @@ -package org.springframework.security.web.expression; +package org.springframework.security.web.access.expression; import org.springframework.expression.EvaluationContext; import org.springframework.expression.ExpressionParser; diff --git a/web/src/main/java/org/springframework/security/web/expression/ExpressionBasedFilterInvocationSecurityMetadataSource.java b/web/src/main/java/org/springframework/security/web/access/expression/ExpressionBasedFilterInvocationSecurityMetadataSource.java similarity index 91% rename from web/src/main/java/org/springframework/security/web/expression/ExpressionBasedFilterInvocationSecurityMetadataSource.java rename to web/src/main/java/org/springframework/security/web/access/expression/ExpressionBasedFilterInvocationSecurityMetadataSource.java index f6d6e2e63e..de6a7cc15e 100644 --- a/web/src/main/java/org/springframework/security/web/expression/ExpressionBasedFilterInvocationSecurityMetadataSource.java +++ b/web/src/main/java/org/springframework/security/web/access/expression/ExpressionBasedFilterInvocationSecurityMetadataSource.java @@ -1,4 +1,4 @@ -package org.springframework.security.web.expression; +package org.springframework.security.web.access.expression; import java.util.ArrayList; import java.util.LinkedHashMap; @@ -10,8 +10,8 @@ import org.apache.commons.logging.LogFactory; import org.springframework.expression.ExpressionParser; import org.springframework.expression.ParseException; import org.springframework.security.access.ConfigAttribute; -import org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource; -import org.springframework.security.web.intercept.RequestKey; +import org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource; +import org.springframework.security.web.access.intercept.RequestKey; import org.springframework.security.web.util.UrlMatcher; import org.springframework.util.Assert; diff --git a/web/src/main/java/org/springframework/security/web/expression/WebExpressionConfigAttribute.java b/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionConfigAttribute.java similarity index 92% rename from web/src/main/java/org/springframework/security/web/expression/WebExpressionConfigAttribute.java rename to web/src/main/java/org/springframework/security/web/access/expression/WebExpressionConfigAttribute.java index e5c7218e08..ebbd9ab355 100644 --- a/web/src/main/java/org/springframework/security/web/expression/WebExpressionConfigAttribute.java +++ b/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionConfigAttribute.java @@ -1,4 +1,4 @@ -package org.springframework.security.web.expression; +package org.springframework.security.web.access.expression; import org.springframework.expression.Expression; import org.springframework.security.access.ConfigAttribute; diff --git a/web/src/main/java/org/springframework/security/web/expression/WebExpressionVoter.java b/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionVoter.java similarity index 97% rename from web/src/main/java/org/springframework/security/web/expression/WebExpressionVoter.java rename to web/src/main/java/org/springframework/security/web/access/expression/WebExpressionVoter.java index 3c28e78ba8..88c0a7e778 100644 --- a/web/src/main/java/org/springframework/security/web/expression/WebExpressionVoter.java +++ b/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionVoter.java @@ -1,4 +1,4 @@ -package org.springframework.security.web.expression; +package org.springframework.security.web.access.expression; import java.util.List; diff --git a/web/src/main/java/org/springframework/security/web/expression/WebSecurityExpressionHandler.java b/web/src/main/java/org/springframework/security/web/access/expression/WebSecurityExpressionHandler.java similarity index 91% rename from web/src/main/java/org/springframework/security/web/expression/WebSecurityExpressionHandler.java rename to web/src/main/java/org/springframework/security/web/access/expression/WebSecurityExpressionHandler.java index 1e2b72b602..c06a656883 100644 --- a/web/src/main/java/org/springframework/security/web/expression/WebSecurityExpressionHandler.java +++ b/web/src/main/java/org/springframework/security/web/access/expression/WebSecurityExpressionHandler.java @@ -1,4 +1,4 @@ -package org.springframework.security.web.expression; +package org.springframework.security.web.access.expression; import org.springframework.expression.EvaluationContext; import org.springframework.expression.ExpressionParser; diff --git a/web/src/main/java/org/springframework/security/web/expression/WebSecurityExpressionRoot.java b/web/src/main/java/org/springframework/security/web/access/expression/WebSecurityExpressionRoot.java similarity index 97% rename from web/src/main/java/org/springframework/security/web/expression/WebSecurityExpressionRoot.java rename to web/src/main/java/org/springframework/security/web/access/expression/WebSecurityExpressionRoot.java index 9ae8b3c434..34aa53f1bc 100644 --- a/web/src/main/java/org/springframework/security/web/expression/WebSecurityExpressionRoot.java +++ b/web/src/main/java/org/springframework/security/web/access/expression/WebSecurityExpressionRoot.java @@ -1,4 +1,4 @@ -package org.springframework.security.web.expression; +package org.springframework.security.web.access.expression; import java.net.InetAddress; import java.net.UnknownHostException; diff --git a/web/src/main/java/org/springframework/security/web/intercept/DefaultFilterInvocationSecurityMetadataSource.java b/web/src/main/java/org/springframework/security/web/access/intercept/DefaultFilterInvocationSecurityMetadataSource.java similarity index 99% rename from web/src/main/java/org/springframework/security/web/intercept/DefaultFilterInvocationSecurityMetadataSource.java rename to web/src/main/java/org/springframework/security/web/access/intercept/DefaultFilterInvocationSecurityMetadataSource.java index 253dcc57cf..3d3b83bdd2 100644 --- a/web/src/main/java/org/springframework/security/web/intercept/DefaultFilterInvocationSecurityMetadataSource.java +++ b/web/src/main/java/org/springframework/security/web/access/intercept/DefaultFilterInvocationSecurityMetadataSource.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.intercept; +package org.springframework.security.web.access.intercept; import java.util.Arrays; import java.util.Collection; diff --git a/web/src/main/java/org/springframework/security/web/intercept/FilterInvocationSecurityMetadataSource.java b/web/src/main/java/org/springframework/security/web/access/intercept/FilterInvocationSecurityMetadataSource.java similarity index 94% rename from web/src/main/java/org/springframework/security/web/intercept/FilterInvocationSecurityMetadataSource.java rename to web/src/main/java/org/springframework/security/web/access/intercept/FilterInvocationSecurityMetadataSource.java index 504d78dad4..7da006b5af 100644 --- a/web/src/main/java/org/springframework/security/web/intercept/FilterInvocationSecurityMetadataSource.java +++ b/web/src/main/java/org/springframework/security/web/access/intercept/FilterInvocationSecurityMetadataSource.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.intercept; +package org.springframework.security.web.access.intercept; import org.springframework.security.access.intercept.SecurityMetadataSource; import org.springframework.security.web.FilterInvocation; diff --git a/web/src/main/java/org/springframework/security/web/intercept/FilterSecurityInterceptor.java b/web/src/main/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptor.java similarity index 99% rename from web/src/main/java/org/springframework/security/web/intercept/FilterSecurityInterceptor.java rename to web/src/main/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptor.java index e7dbaa767f..23e816b09e 100644 --- a/web/src/main/java/org/springframework/security/web/intercept/FilterSecurityInterceptor.java +++ b/web/src/main/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptor.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.intercept; +package org.springframework.security.web.access.intercept; import org.springframework.security.access.intercept.AbstractSecurityInterceptor; import org.springframework.security.access.intercept.InterceptorStatusToken; diff --git a/web/src/main/java/org/springframework/security/web/intercept/RequestKey.java b/web/src/main/java/org/springframework/security/web/access/intercept/RequestKey.java similarity index 95% rename from web/src/main/java/org/springframework/security/web/intercept/RequestKey.java rename to web/src/main/java/org/springframework/security/web/access/intercept/RequestKey.java index d1b9d1fcd5..27c47b9da1 100644 --- a/web/src/main/java/org/springframework/security/web/intercept/RequestKey.java +++ b/web/src/main/java/org/springframework/security/web/access/intercept/RequestKey.java @@ -1,4 +1,4 @@ -package org.springframework.security.web.intercept; +package org.springframework.security.web.access.intercept; /** * @author Luke Taylor diff --git a/web/src/main/java/org/springframework/security/web/intercept/package.html b/web/src/main/java/org/springframework/security/web/access/intercept/package.html similarity index 100% rename from web/src/main/java/org/springframework/security/web/intercept/package.html rename to web/src/main/java/org/springframework/security/web/access/intercept/package.html diff --git a/web/src/main/java/org/springframework/security/web/AbstractAuthenticationTargetUrlRequestHandler.java b/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java similarity index 97% rename from web/src/main/java/org/springframework/security/web/AbstractAuthenticationTargetUrlRequestHandler.java rename to web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java index 4217255809..3348fd5a37 100644 --- a/web/src/main/java/org/springframework/security/web/AbstractAuthenticationTargetUrlRequestHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java @@ -1,4 +1,4 @@ -package org.springframework.security.web; +package org.springframework.security.web.authentication; import java.io.IOException; import java.io.UnsupportedEncodingException; @@ -11,8 +11,7 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.springframework.security.core.Authentication; -import org.springframework.security.web.authentication.AuthenticationSuccessHandler; -import org.springframework.security.web.logout.LogoutHandler; +import org.springframework.security.web.authentication.logout.LogoutHandler; import org.springframework.security.web.util.RedirectUtils; import org.springframework.security.web.util.UrlUtils; import org.springframework.util.Assert; diff --git a/web/src/main/java/org/springframework/security/web/authentication/AbstractProcessingFilter.java b/web/src/main/java/org/springframework/security/web/authentication/AbstractProcessingFilter.java index 52daaae338..05ad766d04 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/AbstractProcessingFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/AbstractProcessingFilter.java @@ -38,7 +38,7 @@ import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.SpringSecurityMessageSource; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.SpringSecurityFilter; -import org.springframework.security.web.util.SessionUtils; +import org.springframework.security.web.session.SessionUtils; import org.springframework.security.web.util.UrlUtils; import org.springframework.util.Assert; diff --git a/web/src/main/java/org/springframework/security/web/authentication/AuthenticationProcessingFilter.java b/web/src/main/java/org/springframework/security/web/authentication/AuthenticationProcessingFilter.java index c97e91cdb4..107cf553ca 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/AuthenticationProcessingFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/AuthenticationProcessingFilter.java @@ -172,11 +172,11 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter { return FilterChainOrder.AUTHENTICATION_PROCESSING_FILTER; } - String getUsernameParameter() { + public final String getUsernameParameter() { return usernameParameter; } - String getPasswordParameter() { + public final String getPasswordParameter() { return passwordParameter; } } diff --git a/web/src/main/java/org/springframework/security/web/authentication/AuthenticationProcessingFilterEntryPoint.java b/web/src/main/java/org/springframework/security/web/authentication/AuthenticationProcessingFilterEntryPoint.java index e5b0cfd8c3..e01679f2ce 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/AuthenticationProcessingFilterEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/authentication/AuthenticationProcessingFilterEntryPoint.java @@ -19,11 +19,11 @@ package org.springframework.security.web.authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.AuthenticationEntryPoint; -import org.springframework.security.web.ExceptionTranslationFilter; import org.springframework.security.web.PortMapper; import org.springframework.security.web.PortMapperImpl; import org.springframework.security.web.PortResolver; import org.springframework.security.web.PortResolverImpl; +import org.springframework.security.web.access.ExceptionTranslationFilter; import org.springframework.security.web.util.RedirectUrlBuilder; import org.springframework.security.web.util.UrlUtils; diff --git a/web/src/main/java/org/springframework/security/web/authentication/SavedRequestAwareAuthenticationSuccessHandler.java b/web/src/main/java/org/springframework/security/web/authentication/SavedRequestAwareAuthenticationSuccessHandler.java index 1284dc987e..e333fed821 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/SavedRequestAwareAuthenticationSuccessHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/SavedRequestAwareAuthenticationSuccessHandler.java @@ -8,7 +8,7 @@ import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.springframework.security.core.Authentication; -import org.springframework.security.web.ExceptionTranslationFilter; +import org.springframework.security.web.access.ExceptionTranslationFilter; import org.springframework.security.web.savedrequest.SavedRequest; import org.springframework.security.web.util.RedirectUtils; import org.springframework.security.web.wrapper.SavedRequestAwareWrapper; diff --git a/web/src/main/java/org/springframework/security/web/authentication/SimpleUrlAuthenticationSuccessHandler.java b/web/src/main/java/org/springframework/security/web/authentication/SimpleUrlAuthenticationSuccessHandler.java index 4b4ec759f1..f3a48ab274 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/SimpleUrlAuthenticationSuccessHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/SimpleUrlAuthenticationSuccessHandler.java @@ -7,7 +7,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.security.core.Authentication; -import org.springframework.security.web.AbstractAuthenticationTargetUrlRequestHandler; public class SimpleUrlAuthenticationSuccessHandler extends AbstractAuthenticationTargetUrlRequestHandler implements AuthenticationSuccessHandler { diff --git a/web/src/main/java/org/springframework/security/web/concurrent/ConcurrentSessionFilter.java b/web/src/main/java/org/springframework/security/web/authentication/concurrent/ConcurrentSessionFilter.java similarity index 94% rename from web/src/main/java/org/springframework/security/web/concurrent/ConcurrentSessionFilter.java rename to web/src/main/java/org/springframework/security/web/authentication/concurrent/ConcurrentSessionFilter.java index f07ed3d2cd..ddd3a2453a 100644 --- a/web/src/main/java/org/springframework/security/web/concurrent/ConcurrentSessionFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/concurrent/ConcurrentSessionFilter.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.concurrent; +package org.springframework.security.web.authentication.concurrent; import org.springframework.security.authentication.concurrent.SessionInformation; import org.springframework.security.authentication.concurrent.SessionRegistry; @@ -21,8 +21,8 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.FilterChainOrder; import org.springframework.security.web.SpringSecurityFilter; -import org.springframework.security.web.logout.LogoutHandler; -import org.springframework.security.web.logout.SecurityContextLogoutHandler; +import org.springframework.security.web.authentication.logout.LogoutHandler; +import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler; import org.springframework.security.web.util.UrlUtils; import org.springframework.beans.factory.InitializingBean; import org.springframework.util.Assert; @@ -44,7 +44,7 @@ import java.io.IOException; * {@link org.springframework.security.authentication.concurrent.SessionInformation} from the SessionRegistry * for each request and checks if the session has been marked as expired. * If it has been marked as expired, the configured logout handlers will be called (as happens with - * {@link org.springframework.security.web.logout.LogoutFilter}), typically to invalidate the session. + * {@link org.springframework.security.web.authentication.logout.LogoutFilter}), typically to invalidate the session. * A redirect to the expiredURL specified will be performed, and the session invalidation will cause an * {@link org.springframework.security.web.session.HttpSessionDestroyedEvent} to be published via the * {@link org.springframework.security.web.session.HttpSessionEventPublisher} registered in web.xml.

    diff --git a/web/src/main/java/org/springframework/security/web/logout/LogoutFilter.java b/web/src/main/java/org/springframework/security/web/authentication/logout/LogoutFilter.java similarity index 96% rename from web/src/main/java/org/springframework/security/web/logout/LogoutFilter.java rename to web/src/main/java/org/springframework/security/web/authentication/logout/LogoutFilter.java index 3a1e806eec..681f145db5 100644 --- a/web/src/main/java/org/springframework/security/web/logout/LogoutFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/logout/LogoutFilter.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.logout; +package org.springframework.security.web.authentication.logout; import java.io.IOException; import java.util.Arrays; diff --git a/web/src/main/java/org/springframework/security/web/logout/LogoutHandler.java b/web/src/main/java/org/springframework/security/web/authentication/logout/LogoutHandler.java similarity index 93% rename from web/src/main/java/org/springframework/security/web/logout/LogoutHandler.java rename to web/src/main/java/org/springframework/security/web/authentication/logout/LogoutHandler.java index 6e788439e3..c7195b14f0 100644 --- a/web/src/main/java/org/springframework/security/web/logout/LogoutHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/logout/LogoutHandler.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.logout; +package org.springframework.security.web.authentication.logout; import org.springframework.security.core.Authentication; diff --git a/web/src/main/java/org/springframework/security/web/logout/LogoutSuccessHandler.java b/web/src/main/java/org/springframework/security/web/authentication/logout/LogoutSuccessHandler.java similarity index 93% rename from web/src/main/java/org/springframework/security/web/logout/LogoutSuccessHandler.java rename to web/src/main/java/org/springframework/security/web/authentication/logout/LogoutSuccessHandler.java index e74b214b51..1999d7dafd 100644 --- a/web/src/main/java/org/springframework/security/web/logout/LogoutSuccessHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/logout/LogoutSuccessHandler.java @@ -1,4 +1,4 @@ -package org.springframework.security.web.logout; +package org.springframework.security.web.authentication.logout; import java.io.IOException; diff --git a/web/src/main/java/org/springframework/security/web/logout/SecurityContextLogoutHandler.java b/web/src/main/java/org/springframework/security/web/authentication/logout/SecurityContextLogoutHandler.java similarity index 95% rename from web/src/main/java/org/springframework/security/web/logout/SecurityContextLogoutHandler.java rename to web/src/main/java/org/springframework/security/web/authentication/logout/SecurityContextLogoutHandler.java index d24f498269..c60fee46cb 100644 --- a/web/src/main/java/org/springframework/security/web/logout/SecurityContextLogoutHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/logout/SecurityContextLogoutHandler.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.logout; +package org.springframework.security.web.authentication.logout; import org.springframework.security.core.Authentication; diff --git a/web/src/main/java/org/springframework/security/web/logout/SimpleUrlLogoutSuccessHandler.java b/web/src/main/java/org/springframework/security/web/authentication/logout/SimpleUrlLogoutSuccessHandler.java similarity index 82% rename from web/src/main/java/org/springframework/security/web/logout/SimpleUrlLogoutSuccessHandler.java rename to web/src/main/java/org/springframework/security/web/authentication/logout/SimpleUrlLogoutSuccessHandler.java index daef682ee9..0e64dcefb4 100644 --- a/web/src/main/java/org/springframework/security/web/logout/SimpleUrlLogoutSuccessHandler.java +++ b/web/src/main/java/org/springframework/security/web/authentication/logout/SimpleUrlLogoutSuccessHandler.java @@ -1,4 +1,4 @@ -package org.springframework.security.web.logout; +package org.springframework.security.web.authentication.logout; import java.io.IOException; @@ -7,7 +7,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.security.core.Authentication; -import org.springframework.security.web.AbstractAuthenticationTargetUrlRequestHandler; +import org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler; /** * Handles the navigation on logout by delegating to the {@link AbstractAuthenticationTargetUrlRequestHandler} diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedProcessingFilterEntryPoint.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedProcessingFilterEntryPoint.java index 8be7abf432..2b52bd92e8 100755 --- a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedProcessingFilterEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedProcessingFilterEntryPoint.java @@ -31,7 +31,7 @@ import org.springframework.core.Ordered; * This code is based on * {@link org.springframework.security.ui.x509.X509ProcessingFilterEntryPoint}. * - * @see org.springframework.security.web.ExceptionTranslationFilter + * @see org.springframework.security.web.access.ExceptionTranslationFilter * * @author Luke Taylor * @author Ruud Senden diff --git a/web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java b/web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java index 5aeec57639..147d2aa115 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java +++ b/web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java @@ -17,7 +17,7 @@ import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.web.authentication.RememberMeServices; import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; -import org.springframework.security.web.logout.LogoutHandler; +import org.springframework.security.web.authentication.logout.LogoutHandler; import org.springframework.util.Assert; import org.springframework.util.StringUtils; diff --git a/web/src/main/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilter.java b/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java similarity index 97% rename from web/src/main/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilter.java rename to web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java index 2874b8cfe1..66002a006e 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java @@ -1,4 +1,4 @@ -package org.springframework.security.web.authentication; +package org.springframework.security.web.authentication.ui; import java.io.IOException; @@ -12,6 +12,8 @@ import org.springframework.beans.BeanWrapperImpl; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.FilterChainOrder; import org.springframework.security.web.SpringSecurityFilter; +import org.springframework.security.web.authentication.AbstractProcessingFilter; +import org.springframework.security.web.authentication.AuthenticationProcessingFilter; import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices; /** diff --git a/web/src/main/java/org/springframework/security/web/concurrent/package.html b/web/src/main/java/org/springframework/security/web/concurrent/package.html deleted file mode 100644 index 9235ec5043..0000000000 --- a/web/src/main/java/org/springframework/security/web/concurrent/package.html +++ /dev/null @@ -1,6 +0,0 @@ - - -Concurrent session control and registration classes. - - - diff --git a/web/src/main/java/org/springframework/security/web/context/package.html b/web/src/main/java/org/springframework/security/web/context/package.html new file mode 100644 index 0000000000..634435bbff --- /dev/null +++ b/web/src/main/java/org/springframework/security/web/context/package.html @@ -0,0 +1,2 @@ +Classes which are responsible for maintaining the security context +between HTTP requests. diff --git a/web/src/main/java/org/springframework/security/web/savedrequest/SavedRequest.java b/web/src/main/java/org/springframework/security/web/savedrequest/SavedRequest.java index f9324ab145..757ba86200 100644 --- a/web/src/main/java/org/springframework/security/web/savedrequest/SavedRequest.java +++ b/web/src/main/java/org/springframework/security/web/savedrequest/SavedRequest.java @@ -37,7 +37,7 @@ import java.util.TreeMap; * Represents central information from a HttpServletRequest.

    This class is used by {@link * org.springframework.security.web.authentication.AbstractProcessingFilter} and {@link org.springframework.security.web.wrapper.SavedRequestAwareWrapper} to * reproduce the request after successful authentication. An instance of this class is stored at the time of an - * authentication exception by {@link org.springframework.security.web.ExceptionTranslationFilter}.

    + * authentication exception by {@link org.springframework.security.web.access.ExceptionTranslationFilter}.

    *

    IMPLEMENTATION NOTE: It is assumed that this object is accessed only from the context of a single * thread, so no synchronization around internal collection classes is performed.

    *

    This class is based on code in Apache Tomcat.

    diff --git a/web/src/main/java/org/springframework/security/web/SessionFixationProtectionFilter.java b/web/src/main/java/org/springframework/security/web/session/SessionFixationProtectionFilter.java similarity index 96% rename from web/src/main/java/org/springframework/security/web/SessionFixationProtectionFilter.java rename to web/src/main/java/org/springframework/security/web/session/SessionFixationProtectionFilter.java index 60cc4ada7f..f88429d5f1 100644 --- a/web/src/main/java/org/springframework/security/web/SessionFixationProtectionFilter.java +++ b/web/src/main/java/org/springframework/security/web/session/SessionFixationProtectionFilter.java @@ -1,4 +1,4 @@ -package org.springframework.security.web; +package org.springframework.security.web.session; import java.io.IOException; @@ -14,8 +14,9 @@ import org.springframework.security.authentication.concurrent.SessionRegistry; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.web.FilterChainOrder; +import org.springframework.security.web.SpringSecurityFilter; import org.springframework.security.web.context.HttpSessionSecurityContextRepository; -import org.springframework.security.web.util.SessionUtils; /** * Detects that a user has been authenticated since the start of the request and starts a new session. diff --git a/web/src/main/java/org/springframework/security/web/util/SessionUtils.java b/web/src/main/java/org/springframework/security/web/session/SessionUtils.java similarity index 97% rename from web/src/main/java/org/springframework/security/web/util/SessionUtils.java rename to web/src/main/java/org/springframework/security/web/session/SessionUtils.java index cf557c45b8..f51ff20c32 100644 --- a/web/src/main/java/org/springframework/security/web/util/SessionUtils.java +++ b/web/src/main/java/org/springframework/security/web/session/SessionUtils.java @@ -1,4 +1,4 @@ -package org.springframework.security.web.util; +package org.springframework.security.web.session; import java.util.Enumeration; import java.util.HashMap; diff --git a/web/src/main/java/org/springframework/security/web/util/RedirectUtils.java b/web/src/main/java/org/springframework/security/web/util/RedirectUtils.java index cda2d6d848..54b57d105a 100644 --- a/web/src/main/java/org/springframework/security/web/util/RedirectUtils.java +++ b/web/src/main/java/org/springframework/security/web/util/RedirectUtils.java @@ -1,7 +1,7 @@ package org.springframework.security.web.util; import org.springframework.security.web.authentication.AbstractProcessingFilter; -import org.springframework.security.web.logout.LogoutFilter; +import org.springframework.security.web.authentication.logout.LogoutFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; diff --git a/web/src/main/java/org/springframework/security/web/wrapper/SavedRequestAwareWrapper.java b/web/src/main/java/org/springframework/security/web/wrapper/SavedRequestAwareWrapper.java index 89b67805a3..bcf8c3e4d8 100644 --- a/web/src/main/java/org/springframework/security/web/wrapper/SavedRequestAwareWrapper.java +++ b/web/src/main/java/org/springframework/security/web/wrapper/SavedRequestAwareWrapper.java @@ -1,348 +1,348 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.web.wrapper; - -import java.text.SimpleDateFormat; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Enumeration; -import java.util.HashMap; -import java.util.HashSet; -import java.util.Iterator; -import java.util.List; -import java.util.Locale; -import java.util.Map; -import java.util.Set; -import java.util.TimeZone; - -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpSession; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.springframework.security.web.PortResolver; -import org.springframework.security.web.savedrequest.Enumerator; -import org.springframework.security.web.savedrequest.FastHttpDateFormat; -import org.springframework.security.web.savedrequest.SavedRequest; - - -/** - * Provides request parameters, headers and cookies from either an original request or a saved request. - * - *

    Note that not all request parameters in the original request are emulated by this wrapper. - * Nevertheless, the important data from the original request is emulated and this should prove - * adequate for most purposes (in particular standard HTTP GET and POST operations).

    - * - *

    Added into a request by {@link org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter}.

    - * - * - * @see SecurityContextHolderAwareRequestFilter - * - * @author Andrey Grebnev - * @author Ben Alex - * @version $Id$ - */ -public class SavedRequestAwareWrapper extends SecurityContextHolderAwareRequestWrapper { - //~ Static fields/initializers ===================================================================================== - - protected static final Log logger = LogFactory.getLog(SavedRequestAwareWrapper.class); - protected static final TimeZone GMT_ZONE = TimeZone.getTimeZone("GMT"); - - /** The default Locale if none are specified. */ - protected static Locale defaultLocale = Locale.getDefault(); - - //~ Instance fields ================================================================================================ - - protected SavedRequest savedRequest = null; - - /** - * The set of SimpleDateFormat formats to use in getDateHeader(). Notice that because SimpleDateFormat is - * not thread-safe, we can't declare formats[] as a static variable. - */ - protected SimpleDateFormat[] formats = new SimpleDateFormat[3]; - - //~ Constructors =================================================================================================== - - public SavedRequestAwareWrapper(HttpServletRequest request, PortResolver portResolver, String rolePrefix) { - super(request, portResolver, rolePrefix); - - HttpSession session = request.getSession(false); - - if (session == null) { - if (logger.isDebugEnabled()) { - logger.debug("Wrapper not replaced; no session available for SavedRequest extraction"); - } - - return; - } - - SavedRequest saved = (SavedRequest) session.getAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY); - - if ((saved != null) && saved.doesRequestMatch(request, portResolver)) { - if (logger.isDebugEnabled()) { - logger.debug("Wrapper replaced; SavedRequest was: " + saved); - } - - savedRequest = saved; - session.removeAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY); - - formats[0] = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss zzz", Locale.US); - formats[1] = new SimpleDateFormat("EEEEEE, dd-MMM-yy HH:mm:ss zzz", Locale.US); - formats[2] = new SimpleDateFormat("EEE MMMM d HH:mm:ss yyyy", Locale.US); - - formats[0].setTimeZone(GMT_ZONE); - formats[1].setTimeZone(GMT_ZONE); - formats[2].setTimeZone(GMT_ZONE); - } else { - if (logger.isDebugEnabled()) { - logger.debug("Wrapper not replaced; SavedRequest was: " + saved); - } - } - } - - //~ Methods ======================================================================================================== - - @Override - public Cookie[] getCookies() { - if (savedRequest == null) { - return super.getCookies(); - } else { - List cookies = savedRequest.getCookies(); - - return cookies.toArray(new Cookie[cookies.size()]); - } - } - - @Override - public long getDateHeader(String name) { - if (savedRequest == null) { - return super.getDateHeader(name); - } else { - String value = getHeader(name); - - if (value == null) { - return -1L; - } - - // Attempt to convert the date header in a variety of formats - long result = FastHttpDateFormat.parseDate(value, formats); - - if (result != -1L) { - return result; - } - - throw new IllegalArgumentException(value); - } - } - - @Override - public String getHeader(String name) { - if (savedRequest == null) { - return super.getHeader(name); - } else { - String header = null; - Iterator iterator = savedRequest.getHeaderValues(name); - - while (iterator.hasNext()) { - header = iterator.next(); - - break; - } - - return header; - } - } - - @Override - @SuppressWarnings("unchecked") - public Enumeration getHeaderNames() { - if (savedRequest == null) { - return super.getHeaderNames(); - } else { - return new Enumerator(savedRequest.getHeaderNames()); - } - } - - @Override - @SuppressWarnings("unchecked") - public Enumeration getHeaders(String name) { - if (savedRequest == null) { - return super.getHeaders(name); - } else { - return new Enumerator(savedRequest.getHeaderValues(name)); - } - } - - @Override - public int getIntHeader(String name) { - if (savedRequest == null) { - return super.getIntHeader(name); - } else { - String value = getHeader(name); - - if (value == null) { - return -1; - } else { - return Integer.parseInt(value); - } - } - } - - @Override - public Locale getLocale() { - if (savedRequest == null) { - return super.getLocale(); - } else { - Locale locale = null; - Iterator iterator = savedRequest.getLocales(); - - while (iterator.hasNext()) { - locale = (Locale) iterator.next(); - - break; - } - - if (locale == null) { - return defaultLocale; - } else { - return locale; - } - } - } - - @Override - @SuppressWarnings("unchecked") - public Enumeration getLocales() { - if (savedRequest == null) { - return super.getLocales(); - } - - Iterator iterator = savedRequest.getLocales(); - - if (iterator.hasNext()) { - return new Enumerator(iterator); - } - // Fall back to default locale - ArrayList results = new ArrayList(1); - results.add(defaultLocale); - - return new Enumerator(results.iterator()); - } - - @Override - public String getMethod() { - if (savedRequest == null) { - return super.getMethod(); - } else { - return savedRequest.getMethod(); - } - } - - /** - * If the parameter is available from the wrapped request then either - *
      - *
    1. There is no saved request (it a normal request)
      2. - *
    2. There is a saved request, but the request has been forwarded/included to a URL with parameters, either - * supplementing or overriding the saved request values.
      3. - *
    - * In both cases the value from the wrapped request should be used. - *

    - * If the value from the wrapped request is null, an attempt will be made to retrieve the parameter - * from the SavedRequest, if available.. - */ - @Override - public String getParameter(String name) { - String value = super.getParameter(name); - - if (value != null || savedRequest == null) { - return value; - } - - String[] values = savedRequest.getParameterValues(name); - if (values == null || values.length == 0) { - return null; - } - - return values[0]; - } - - @Override - @SuppressWarnings("unchecked") - public Map getParameterMap() { - if (savedRequest == null) { - return super.getParameterMap(); - } - - Set names = getCombinedParameterNames(); - Map parameterMap = new HashMap(names.size()); - - for (String name : names) { - parameterMap.put(name, getParameterValues(name)); - } - - return parameterMap; - } - - @SuppressWarnings("unchecked") - private Set getCombinedParameterNames() { - Set names = new HashSet(); - names.addAll(super.getParameterMap().keySet()); - - if (savedRequest != null) { - names.addAll(savedRequest.getParameterMap().keySet()); - } - - return names; - } - - @Override - @SuppressWarnings("unchecked") - public Enumeration getParameterNames() { - return new Enumerator(getCombinedParameterNames()); - } - - @Override - public String[] getParameterValues(String name) { - if (savedRequest == null) { - return super.getParameterValues(name); - } - - String[] savedRequestParams = savedRequest.getParameterValues(name); - String[] wrappedRequestParams = super.getParameterValues(name); - - if (savedRequestParams == null) { - return wrappedRequestParams; - } - - if (wrappedRequestParams == null) { - return savedRequestParams; - } - - // We have parameters in both saved and wrapped requests so have to merge them - List wrappedParamsList = Arrays.asList(wrappedRequestParams); - List combinedParams = new ArrayList(wrappedParamsList); - - // We want to add all parameters of the saved request *apart from* duplicates of those already added - for (int i = 0; i < savedRequestParams.length; i++) { - if (!wrappedParamsList.contains(savedRequestParams[i])) { - combinedParams.add(savedRequestParams[i]); - } - } - - return combinedParams.toArray(new String[combinedParams.size()]); - } -} +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.springframework.security.web.wrapper; + +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; +import java.util.List; +import java.util.Locale; +import java.util.Map; +import java.util.Set; +import java.util.TimeZone; + +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.security.web.PortResolver; +import org.springframework.security.web.savedrequest.Enumerator; +import org.springframework.security.web.savedrequest.FastHttpDateFormat; +import org.springframework.security.web.savedrequest.SavedRequest; + + +/** + * Provides request parameters, headers and cookies from either an original request or a saved request. + * + *

    Note that not all request parameters in the original request are emulated by this wrapper. + * Nevertheless, the important data from the original request is emulated and this should prove + * adequate for most purposes (in particular standard HTTP GET and POST operations).

    + * + *

    Added into a request by {@link org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter}.

    + * + * + * @see SecurityContextHolderAwareRequestFilter + * + * @author Andrey Grebnev + * @author Ben Alex + * @version $Id$ + */ +public class SavedRequestAwareWrapper extends SecurityContextHolderAwareRequestWrapper { + //~ Static fields/initializers ===================================================================================== + + protected static final Log logger = LogFactory.getLog(SavedRequestAwareWrapper.class); + protected static final TimeZone GMT_ZONE = TimeZone.getTimeZone("GMT"); + + /** The default Locale if none are specified. */ + protected static Locale defaultLocale = Locale.getDefault(); + + //~ Instance fields ================================================================================================ + + protected SavedRequest savedRequest = null; + + /** + * The set of SimpleDateFormat formats to use in getDateHeader(). Notice that because SimpleDateFormat is + * not thread-safe, we can't declare formats[] as a static variable. + */ + protected SimpleDateFormat[] formats = new SimpleDateFormat[3]; + + //~ Constructors =================================================================================================== + + public SavedRequestAwareWrapper(HttpServletRequest request, PortResolver portResolver, String rolePrefix) { + super(request, portResolver, rolePrefix); + + HttpSession session = request.getSession(false); + + if (session == null) { + if (logger.isDebugEnabled()) { + logger.debug("Wrapper not replaced; no session available for SavedRequest extraction"); + } + + return; + } + + SavedRequest saved = (SavedRequest) session.getAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY); + + if ((saved != null) && saved.doesRequestMatch(request, portResolver)) { + if (logger.isDebugEnabled()) { + logger.debug("Wrapper replaced; SavedRequest was: " + saved); + } + + savedRequest = saved; + session.removeAttribute(SavedRequest.SPRING_SECURITY_SAVED_REQUEST_KEY); + + formats[0] = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss zzz", Locale.US); + formats[1] = new SimpleDateFormat("EEEEEE, dd-MMM-yy HH:mm:ss zzz", Locale.US); + formats[2] = new SimpleDateFormat("EEE MMMM d HH:mm:ss yyyy", Locale.US); + + formats[0].setTimeZone(GMT_ZONE); + formats[1].setTimeZone(GMT_ZONE); + formats[2].setTimeZone(GMT_ZONE); + } else { + if (logger.isDebugEnabled()) { + logger.debug("Wrapper not replaced; SavedRequest was: " + saved); + } + } + } + + //~ Methods ======================================================================================================== + + @Override + public Cookie[] getCookies() { + if (savedRequest == null) { + return super.getCookies(); + } else { + List cookies = savedRequest.getCookies(); + + return cookies.toArray(new Cookie[cookies.size()]); + } + } + + @Override + public long getDateHeader(String name) { + if (savedRequest == null) { + return super.getDateHeader(name); + } else { + String value = getHeader(name); + + if (value == null) { + return -1L; + } + + // Attempt to convert the date header in a variety of formats + long result = FastHttpDateFormat.parseDate(value, formats); + + if (result != -1L) { + return result; + } + + throw new IllegalArgumentException(value); + } + } + + @Override + public String getHeader(String name) { + if (savedRequest == null) { + return super.getHeader(name); + } else { + String header = null; + Iterator iterator = savedRequest.getHeaderValues(name); + + while (iterator.hasNext()) { + header = iterator.next(); + + break; + } + + return header; + } + } + + @Override + @SuppressWarnings("unchecked") + public Enumeration getHeaderNames() { + if (savedRequest == null) { + return super.getHeaderNames(); + } else { + return new Enumerator(savedRequest.getHeaderNames()); + } + } + + @Override + @SuppressWarnings("unchecked") + public Enumeration getHeaders(String name) { + if (savedRequest == null) { + return super.getHeaders(name); + } else { + return new Enumerator(savedRequest.getHeaderValues(name)); + } + } + + @Override + public int getIntHeader(String name) { + if (savedRequest == null) { + return super.getIntHeader(name); + } else { + String value = getHeader(name); + + if (value == null) { + return -1; + } else { + return Integer.parseInt(value); + } + } + } + + @Override + public Locale getLocale() { + if (savedRequest == null) { + return super.getLocale(); + } else { + Locale locale = null; + Iterator iterator = savedRequest.getLocales(); + + while (iterator.hasNext()) { + locale = (Locale) iterator.next(); + + break; + } + + if (locale == null) { + return defaultLocale; + } else { + return locale; + } + } + } + + @Override + @SuppressWarnings("unchecked") + public Enumeration getLocales() { + if (savedRequest == null) { + return super.getLocales(); + } + + Iterator iterator = savedRequest.getLocales(); + + if (iterator.hasNext()) { + return new Enumerator(iterator); + } + // Fall back to default locale + ArrayList results = new ArrayList(1); + results.add(defaultLocale); + + return new Enumerator(results.iterator()); + } + + @Override + public String getMethod() { + if (savedRequest == null) { + return super.getMethod(); + } else { + return savedRequest.getMethod(); + } + } + + /** + * If the parameter is available from the wrapped request then either + *
      + *
    1. There is no saved request (it a normal request)
      2. + *
    2. There is a saved request, but the request has been forwarded/included to a URL with parameters, either + * supplementing or overriding the saved request values.
      3. + *
    + * In both cases the value from the wrapped request should be used. + *

    + * If the value from the wrapped request is null, an attempt will be made to retrieve the parameter + * from the SavedRequest, if available.. + */ + @Override + public String getParameter(String name) { + String value = super.getParameter(name); + + if (value != null || savedRequest == null) { + return value; + } + + String[] values = savedRequest.getParameterValues(name); + if (values == null || values.length == 0) { + return null; + } + + return values[0]; + } + + @Override + @SuppressWarnings("unchecked") + public Map getParameterMap() { + if (savedRequest == null) { + return super.getParameterMap(); + } + + Set names = getCombinedParameterNames(); + Map parameterMap = new HashMap(names.size()); + + for (String name : names) { + parameterMap.put(name, getParameterValues(name)); + } + + return parameterMap; + } + + @SuppressWarnings("unchecked") + private Set getCombinedParameterNames() { + Set names = new HashSet(); + names.addAll(super.getParameterMap().keySet()); + + if (savedRequest != null) { + names.addAll(savedRequest.getParameterMap().keySet()); + } + + return names; + } + + @Override + @SuppressWarnings("unchecked") + public Enumeration getParameterNames() { + return new Enumerator(getCombinedParameterNames()); + } + + @Override + public String[] getParameterValues(String name) { + if (savedRequest == null) { + return super.getParameterValues(name); + } + + String[] savedRequestParams = savedRequest.getParameterValues(name); + String[] wrappedRequestParams = super.getParameterValues(name); + + if (savedRequestParams == null) { + return wrappedRequestParams; + } + + if (wrappedRequestParams == null) { + return savedRequestParams; + } + + // We have parameters in both saved and wrapped requests so have to merge them + List wrappedParamsList = Arrays.asList(wrappedRequestParams); + List combinedParams = new ArrayList(wrappedParamsList); + + // We want to add all parameters of the saved request *apart from* duplicates of those already added + for (int i = 0; i < savedRequestParams.length; i++) { + if (!wrappedParamsList.contains(savedRequestParams[i])) { + combinedParams.add(savedRequestParams[i]); + } + } + + return combinedParams.toArray(new String[combinedParams.size()]); + } +} diff --git a/web/src/test/java/org/springframework/security/web/ExceptionTranslationFilterTests.java b/web/src/test/java/org/springframework/security/web/access/ExceptionTranslationFilterTests.java similarity index 98% rename from web/src/test/java/org/springframework/security/web/ExceptionTranslationFilterTests.java rename to web/src/test/java/org/springframework/security/web/access/ExceptionTranslationFilterTests.java index dfb696d89d..bd74be4ff4 100644 --- a/web/src/test/java/org/springframework/security/web/ExceptionTranslationFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/access/ExceptionTranslationFilterTests.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web; +package org.springframework.security.web.access; import java.io.IOException; @@ -35,8 +35,8 @@ import org.springframework.security.authentication.AnonymousAuthenticationToken; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.web.AccessDeniedHandlerImpl; -import org.springframework.security.web.ExceptionTranslationFilter; +import org.springframework.security.web.access.AccessDeniedHandlerImpl; +import org.springframework.security.web.access.ExceptionTranslationFilter; import org.springframework.security.web.savedrequest.SavedRequest; /** diff --git a/web/src/test/java/org/springframework/security/web/intercept/WebInvocationPrivilegeEvaluatorTests.java b/web/src/test/java/org/springframework/security/web/access/WebInvocationPrivilegeEvaluatorTests.java similarity index 93% rename from web/src/test/java/org/springframework/security/web/intercept/WebInvocationPrivilegeEvaluatorTests.java rename to web/src/test/java/org/springframework/security/web/access/WebInvocationPrivilegeEvaluatorTests.java index ba7dd98a11..3bd44e8e3a 100644 --- a/web/src/test/java/org/springframework/security/web/intercept/WebInvocationPrivilegeEvaluatorTests.java +++ b/web/src/test/java/org/springframework/security/web/access/WebInvocationPrivilegeEvaluatorTests.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.intercept; +package org.springframework.security.web.access; import static org.junit.Assert.*; import static org.mockito.Matchers.*; @@ -32,10 +32,12 @@ import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; +import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; /** - * Tests {@link org.springframework.security.web.intercept.WebInvocationPrivilegeEvaluator}. + * Tests {@link org.springframework.security.web.access.WebInvocationPrivilegeEvaluator}. * * @author Ben Alex * @version $Id$ diff --git a/web/src/test/java/org/springframework/security/web/securechannel/ChannelDecisionManagerImplTests.java b/web/src/test/java/org/springframework/security/web/access/channel/ChannelDecisionManagerImplTests.java similarity index 97% rename from web/src/test/java/org/springframework/security/web/securechannel/ChannelDecisionManagerImplTests.java rename to web/src/test/java/org/springframework/security/web/access/channel/ChannelDecisionManagerImplTests.java index 013e7a198e..3c4dc3c433 100644 --- a/web/src/test/java/org/springframework/security/web/securechannel/ChannelDecisionManagerImplTests.java +++ b/web/src/test/java/org/springframework/security/web/access/channel/ChannelDecisionManagerImplTests.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; import static org.mockito.Mockito.mock; @@ -32,8 +32,8 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.SecurityConfig; import org.springframework.security.web.FilterInvocation; -import org.springframework.security.web.securechannel.ChannelDecisionManagerImpl; -import org.springframework.security.web.securechannel.ChannelProcessor; +import org.springframework.security.web.access.channel.ChannelDecisionManagerImpl; +import org.springframework.security.web.access.channel.ChannelProcessor; /** diff --git a/web/src/test/java/org/springframework/security/web/securechannel/ChannelProcessingFilterTests.java b/web/src/test/java/org/springframework/security/web/access/channel/ChannelProcessingFilterTests.java similarity index 96% rename from web/src/test/java/org/springframework/security/web/securechannel/ChannelProcessingFilterTests.java rename to web/src/test/java/org/springframework/security/web/access/channel/ChannelProcessingFilterTests.java index 14a4e9447d..871ff21773 100644 --- a/web/src/test/java/org/springframework/security/web/securechannel/ChannelProcessingFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/access/channel/ChannelProcessingFilterTests.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; import static org.junit.Assert.assertTrue; import static org.mockito.Mockito.mock; @@ -31,9 +31,9 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.SecurityConfig; import org.springframework.security.web.FilterInvocation; -import org.springframework.security.web.intercept.FilterInvocationSecurityMetadataSource; -import org.springframework.security.web.securechannel.ChannelDecisionManager; -import org.springframework.security.web.securechannel.ChannelProcessingFilter; +import org.springframework.security.web.access.channel.ChannelDecisionManager; +import org.springframework.security.web.access.channel.ChannelProcessingFilter; +import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; /** diff --git a/web/src/test/java/org/springframework/security/web/securechannel/InsecureChannelProcessorTests.java b/web/src/test/java/org/springframework/security/web/access/channel/InsecureChannelProcessorTests.java similarity index 97% rename from web/src/test/java/org/springframework/security/web/securechannel/InsecureChannelProcessorTests.java rename to web/src/test/java/org/springframework/security/web/access/channel/InsecureChannelProcessorTests.java index ea842f1a6f..0245026f37 100644 --- a/web/src/test/java/org/springframework/security/web/securechannel/InsecureChannelProcessorTests.java +++ b/web/src/test/java/org/springframework/security/web/access/channel/InsecureChannelProcessorTests.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; import static org.mockito.Mockito.mock; @@ -25,7 +25,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.access.SecurityConfig; import org.springframework.security.web.FilterInvocation; -import org.springframework.security.web.securechannel.InsecureChannelProcessor; +import org.springframework.security.web.access.channel.InsecureChannelProcessor; /** diff --git a/web/src/test/java/org/springframework/security/web/securechannel/RetryWithHttpEntryPointTests.java b/web/src/test/java/org/springframework/security/web/access/channel/RetryWithHttpEntryPointTests.java similarity index 97% rename from web/src/test/java/org/springframework/security/web/securechannel/RetryWithHttpEntryPointTests.java rename to web/src/test/java/org/springframework/security/web/access/channel/RetryWithHttpEntryPointTests.java index d541277f9b..5c6df52a59 100644 --- a/web/src/test/java/org/springframework/security/web/securechannel/RetryWithHttpEntryPointTests.java +++ b/web/src/test/java/org/springframework/security/web/access/channel/RetryWithHttpEntryPointTests.java @@ -13,14 +13,14 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; import junit.framework.TestCase; import org.springframework.security.MockPortResolver; import org.springframework.security.web.PortMapperImpl; -import org.springframework.security.web.securechannel.RetryWithHttpEntryPoint; +import org.springframework.security.web.access.channel.RetryWithHttpEntryPoint; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; diff --git a/web/src/test/java/org/springframework/security/web/securechannel/RetryWithHttpsEntryPointTests.java b/web/src/test/java/org/springframework/security/web/access/channel/RetryWithHttpsEntryPointTests.java similarity index 97% rename from web/src/test/java/org/springframework/security/web/securechannel/RetryWithHttpsEntryPointTests.java rename to web/src/test/java/org/springframework/security/web/access/channel/RetryWithHttpsEntryPointTests.java index 2cd5811371..0618d67721 100644 --- a/web/src/test/java/org/springframework/security/web/securechannel/RetryWithHttpsEntryPointTests.java +++ b/web/src/test/java/org/springframework/security/web/access/channel/RetryWithHttpsEntryPointTests.java @@ -13,14 +13,14 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; import junit.framework.TestCase; import org.springframework.security.MockPortResolver; import org.springframework.security.web.PortMapperImpl; -import org.springframework.security.web.securechannel.RetryWithHttpsEntryPoint; +import org.springframework.security.web.access.channel.RetryWithHttpsEntryPoint; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; diff --git a/web/src/test/java/org/springframework/security/web/securechannel/SecureChannelProcessorTests.java b/web/src/test/java/org/springframework/security/web/access/channel/SecureChannelProcessorTests.java similarity index 97% rename from web/src/test/java/org/springframework/security/web/securechannel/SecureChannelProcessorTests.java rename to web/src/test/java/org/springframework/security/web/access/channel/SecureChannelProcessorTests.java index 8e1b6cbae9..49791cb665 100644 --- a/web/src/test/java/org/springframework/security/web/securechannel/SecureChannelProcessorTests.java +++ b/web/src/test/java/org/springframework/security/web/access/channel/SecureChannelProcessorTests.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.securechannel; +package org.springframework.security.web.access.channel; import static org.mockito.Mockito.mock; @@ -25,7 +25,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.access.SecurityConfig; import org.springframework.security.web.FilterInvocation; -import org.springframework.security.web.securechannel.SecureChannelProcessor; +import org.springframework.security.web.access.channel.SecureChannelProcessor; /** diff --git a/web/src/test/java/org/springframework/security/web/expression/WebSecurityExpressionRootTests.java b/web/src/test/java/org/springframework/security/web/access/expression/WebSecurityExpressionRootTests.java similarity index 94% rename from web/src/test/java/org/springframework/security/web/expression/WebSecurityExpressionRootTests.java rename to web/src/test/java/org/springframework/security/web/access/expression/WebSecurityExpressionRootTests.java index f65612d666..ddc57e88d6 100644 --- a/web/src/test/java/org/springframework/security/web/expression/WebSecurityExpressionRootTests.java +++ b/web/src/test/java/org/springframework/security/web/access/expression/WebSecurityExpressionRootTests.java @@ -1,4 +1,4 @@ -package org.springframework.security.web.expression; +package org.springframework.security.web.access.expression; import static org.junit.Assert.*; import static org.mockito.Mockito.mock; @@ -10,6 +10,7 @@ import org.junit.Test; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.security.core.Authentication; import org.springframework.security.web.FilterInvocation; +import org.springframework.security.web.access.expression.WebSecurityExpressionRoot; /** * Tests for {@link WebSecurityExpressionRoot}. diff --git a/web/src/test/java/org/springframework/security/web/intercept/DefaultFilterInvocationSecurityMetadataSourceTests.java b/web/src/test/java/org/springframework/security/web/access/intercept/DefaultFilterInvocationSecurityMetadataSourceTests.java similarity index 96% rename from web/src/test/java/org/springframework/security/web/intercept/DefaultFilterInvocationSecurityMetadataSourceTests.java rename to web/src/test/java/org/springframework/security/web/access/intercept/DefaultFilterInvocationSecurityMetadataSourceTests.java index 8d60afb12c..865363dc0d 100644 --- a/web/src/test/java/org/springframework/security/web/intercept/DefaultFilterInvocationSecurityMetadataSourceTests.java +++ b/web/src/test/java/org/springframework/security/web/access/intercept/DefaultFilterInvocationSecurityMetadataSourceTests.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.intercept; +package org.springframework.security.web.access.intercept; import static org.junit.Assert.*; import static org.mockito.Mockito.mock; @@ -29,8 +29,8 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.SecurityConfig; import org.springframework.security.web.FilterInvocation; -import org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource; -import org.springframework.security.web.intercept.RequestKey; +import org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource; +import org.springframework.security.web.access.intercept.RequestKey; import org.springframework.security.web.util.AntUrlPathMatcher; /** diff --git a/web/src/test/java/org/springframework/security/web/intercept/FilterInvocationTests.java b/web/src/test/java/org/springframework/security/web/access/intercept/FilterInvocationTests.java similarity index 98% rename from web/src/test/java/org/springframework/security/web/intercept/FilterInvocationTests.java rename to web/src/test/java/org/springframework/security/web/access/intercept/FilterInvocationTests.java index 94f7ac5d72..1d64a66fd2 100644 --- a/web/src/test/java/org/springframework/security/web/intercept/FilterInvocationTests.java +++ b/web/src/test/java/org/springframework/security/web/access/intercept/FilterInvocationTests.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.intercept; +package org.springframework.security.web.access.intercept; import static org.junit.Assert.assertEquals; import static org.mockito.Mockito.mock; diff --git a/web/src/test/java/org/springframework/security/web/intercept/FilterSecurityInterceptorTests.java b/web/src/test/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptorTests.java similarity index 95% rename from web/src/test/java/org/springframework/security/web/intercept/FilterSecurityInterceptorTests.java rename to web/src/test/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptorTests.java index 2951e347df..2e7261c877 100644 --- a/web/src/test/java/org/springframework/security/web/intercept/FilterSecurityInterceptorTests.java +++ b/web/src/test/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptorTests.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.intercept; +package org.springframework.security.web.access.intercept; import java.util.List; @@ -38,6 +38,8 @@ import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.FilterInvocation; +import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; +import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; /** diff --git a/web/src/test/java/org/springframework/security/web/intercept/RequestKeyTests.java b/web/src/test/java/org/springframework/security/web/access/intercept/RequestKeyTests.java similarity index 91% rename from web/src/test/java/org/springframework/security/web/intercept/RequestKeyTests.java rename to web/src/test/java/org/springframework/security/web/access/intercept/RequestKeyTests.java index 38bef09bd2..ddf3aeec9a 100644 --- a/web/src/test/java/org/springframework/security/web/intercept/RequestKeyTests.java +++ b/web/src/test/java/org/springframework/security/web/access/intercept/RequestKeyTests.java @@ -1,9 +1,9 @@ -package org.springframework.security.web.intercept; +package org.springframework.security.web.access.intercept; import static org.junit.Assert.*; import org.junit.Test; -import org.springframework.security.web.intercept.RequestKey; +import org.springframework.security.web.access.intercept.RequestKey; /** * diff --git a/web/src/test/java/org/springframework/security/web/concurrent/ConcurrentSessionFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/ConcurrentSessionFilterTests.java similarity index 97% rename from web/src/test/java/org/springframework/security/web/concurrent/ConcurrentSessionFilterTests.java rename to web/src/test/java/org/springframework/security/web/authentication/ConcurrentSessionFilterTests.java index fde20d7bdf..df9b173de6 100644 --- a/web/src/test/java/org/springframework/security/web/concurrent/ConcurrentSessionFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/ConcurrentSessionFilterTests.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package org.springframework.security.web.concurrent; +package org.springframework.security.web.authentication; import junit.framework.TestCase; import org.springframework.mock.web.MockFilterConfig; @@ -22,7 +22,7 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.mock.web.MockHttpSession; import org.springframework.security.authentication.concurrent.SessionRegistry; import org.springframework.security.authentication.concurrent.SessionRegistryImpl; -import org.springframework.security.web.concurrent.ConcurrentSessionFilter; +import org.springframework.security.web.authentication.concurrent.ConcurrentSessionFilter; import javax.servlet.Filter; import javax.servlet.FilterChain; diff --git a/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java index bb2ca3e710..205c1d970d 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java @@ -17,6 +17,7 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.SpringSecurityMessageSource; import org.springframework.security.web.FilterChainOrder; +import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter; /** * diff --git a/web/src/test/java/org/springframework/security/web/logout/LogoutHandlerTests.java b/web/src/test/java/org/springframework/security/web/authentication/logout/LogoutHandlerTests.java similarity index 83% rename from web/src/test/java/org/springframework/security/web/logout/LogoutHandlerTests.java rename to web/src/test/java/org/springframework/security/web/authentication/logout/LogoutHandlerTests.java index e90a6ea6e6..ac359b59d8 100644 --- a/web/src/test/java/org/springframework/security/web/logout/LogoutHandlerTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/logout/LogoutHandlerTests.java @@ -1,11 +1,11 @@ -package org.springframework.security.web.logout; +package org.springframework.security.web.authentication.logout; import junit.framework.TestCase; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; -import org.springframework.security.web.logout.LogoutFilter; -import org.springframework.security.web.logout.SecurityContextLogoutHandler; +import org.springframework.security.web.authentication.logout.LogoutFilter; +import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler; /** * @author Luke Taylor diff --git a/web/src/test/java/org/springframework/security/web/SessionFixationProtectionFilterTests.java b/web/src/test/java/org/springframework/security/web/session/SessionFixationProtectionFilterTests.java similarity index 95% rename from web/src/test/java/org/springframework/security/web/SessionFixationProtectionFilterTests.java rename to web/src/test/java/org/springframework/security/web/session/SessionFixationProtectionFilterTests.java index fcc4ed79f3..3f37f039b3 100644 --- a/web/src/test/java/org/springframework/security/web/SessionFixationProtectionFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/session/SessionFixationProtectionFilterTests.java @@ -1,4 +1,4 @@ -package org.springframework.security.web; +package org.springframework.security.web.session; import static org.junit.Assert.*; @@ -11,8 +11,8 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.web.SessionFixationProtectionFilter; import org.springframework.security.web.context.HttpSessionSecurityContextRepository; +import org.springframework.security.web.session.SessionFixationProtectionFilter; /** * diff --git a/web/src/test/java/org/springframework/security/web/wrapper/SavedRequestAwareWrapperTests.java b/web/src/test/java/org/springframework/security/web/wrapper/SavedRequestAwareWrapperTests.java index 22531fb93a..2d2d1af038 100644 --- a/web/src/test/java/org/springframework/security/web/wrapper/SavedRequestAwareWrapperTests.java +++ b/web/src/test/java/org/springframework/security/web/wrapper/SavedRequestAwareWrapperTests.java @@ -14,7 +14,6 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.security.web.PortResolverImpl; import org.springframework.security.web.savedrequest.FastHttpDateFormat; import org.springframework.security.web.savedrequest.SavedRequest; -import org.springframework.security.web.wrapper.SavedRequestAwareWrapper; public class SavedRequestAwareWrapperTests { diff --git a/web/src/test/java/org/springframework/security/web/wrapper/SecurityContextHolderAwareRequestFilterTests.java b/web/src/test/java/org/springframework/security/web/wrapper/SecurityContextHolderAwareRequestFilterTests.java index 8ac8db640d..53839fbf12 100644 --- a/web/src/test/java/org/springframework/security/web/wrapper/SecurityContextHolderAwareRequestFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/wrapper/SecurityContextHolderAwareRequestFilterTests.java @@ -26,7 +26,6 @@ import org.junit.Test; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.web.PortResolverImpl; -import org.springframework.security.web.wrapper.SavedRequestAwareWrapper; import org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter;