mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-05-31 09:12:14 +00:00
SEC-1132: More refactoring to remove cycles ad reduce complexity metrics
This commit is contained in:
Luke Taylor
parent
73cfeecd0c
commit
6d655aa514
@ -12,7 +12,7 @@ import org.springframework.beans.factory.xml.ParserContext;
|
||||
import org.springframework.security.authentication.ProviderManager;
|
||||
import org.springframework.security.authentication.concurrent.ConcurrentSessionControllerImpl;
|
||||
import org.springframework.security.authentication.concurrent.SessionRegistryImpl;
|
||||
import org.springframework.security.web.concurrent.ConcurrentSessionFilter;
|
||||
import org.springframework.security.web.authentication.concurrent.ConcurrentSessionFilter;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.w3c.dom.Element;
|
||||
|
||||
|
||||
@ -10,7 +10,7 @@ import org.springframework.beans.factory.BeanFactoryAware;
|
||||
import org.springframework.beans.factory.config.BeanPostProcessor;
|
||||
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.security.web.ExceptionTranslationFilter;
|
||||
import org.springframework.security.web.access.ExceptionTranslationFilter;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
/**
|
||||
|
||||
@ -19,17 +19,17 @@ import org.springframework.core.Ordered;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.authentication.AnonymousAuthenticationToken;
|
||||
import org.springframework.security.config.ConfigUtils.FilterChainList;
|
||||
import org.springframework.security.web.ExceptionTranslationFilter;
|
||||
import org.springframework.security.web.FilterChainProxy;
|
||||
import org.springframework.security.web.SessionFixationProtectionFilter;
|
||||
import org.springframework.security.web.access.ExceptionTranslationFilter;
|
||||
import org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
|
||||
import org.springframework.security.web.authentication.AnonymousProcessingFilter;
|
||||
import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
|
||||
import org.springframework.security.web.authentication.AuthenticationProcessingFilterEntryPoint;
|
||||
import org.springframework.security.web.authentication.DefaultLoginPageGeneratingFilter;
|
||||
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
|
||||
import org.springframework.security.web.authentication.www.BasicProcessingFilter;
|
||||
import org.springframework.security.web.context.SecurityContextPersistenceFilter;
|
||||
import org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.intercept.FilterSecurityInterceptor;
|
||||
import org.springframework.security.web.session.SessionFixationProtectionFilter;
|
||||
import org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter;
|
||||
|
||||
/**
|
||||
|
||||
@ -7,8 +7,8 @@ import org.springframework.beans.factory.support.BeanDefinitionBuilder;
|
||||
import org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser;
|
||||
import org.springframework.beans.factory.xml.ParserContext;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.web.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.intercept.RequestKey;
|
||||
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.access.intercept.RequestKey;
|
||||
import org.springframework.security.web.util.AntUrlPathMatcher;
|
||||
import org.springframework.security.web.util.UrlMatcher;
|
||||
import org.springframework.util.StringUtils;
|
||||
@ -24,7 +24,7 @@ import org.w3c.dom.Element;
|
||||
public class FilterInvocationSecurityMetadataSourceBeanDefinitionParser extends AbstractSingleBeanDefinitionParser {
|
||||
|
||||
protected String getBeanClassName(Element element) {
|
||||
return "org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource";
|
||||
return "org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource";
|
||||
}
|
||||
|
||||
protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
|
||||
|
||||
@ -8,9 +8,9 @@ import org.springframework.beans.factory.support.RootBeanDefinition;
|
||||
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
||||
import org.springframework.beans.factory.xml.ParserContext;
|
||||
import org.springframework.security.web.authentication.AuthenticationProcessingFilterEntryPoint;
|
||||
import org.springframework.security.web.authentication.DefaultLoginPageGeneratingFilter;
|
||||
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
|
||||
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
import org.w3c.dom.Element;
|
||||
|
||||
@ -23,23 +23,23 @@ import org.springframework.security.access.SecurityConfig;
|
||||
import org.springframework.security.access.vote.AccessDecisionVoter;
|
||||
import org.springframework.security.access.vote.AuthenticatedVoter;
|
||||
import org.springframework.security.access.vote.RoleVoter;
|
||||
import org.springframework.security.web.AccessDeniedHandlerImpl;
|
||||
import org.springframework.security.web.ExceptionTranslationFilter;
|
||||
import org.springframework.security.web.FilterChainProxy;
|
||||
import org.springframework.security.web.SessionFixationProtectionFilter;
|
||||
import org.springframework.security.web.authentication.DefaultLoginPageGeneratingFilter;
|
||||
import org.springframework.security.web.access.AccessDeniedHandlerImpl;
|
||||
import org.springframework.security.web.access.ExceptionTranslationFilter;
|
||||
import org.springframework.security.web.access.channel.ChannelDecisionManagerImpl;
|
||||
import org.springframework.security.web.access.channel.ChannelProcessingFilter;
|
||||
import org.springframework.security.web.access.channel.InsecureChannelProcessor;
|
||||
import org.springframework.security.web.access.channel.RetryWithHttpEntryPoint;
|
||||
import org.springframework.security.web.access.channel.RetryWithHttpsEntryPoint;
|
||||
import org.springframework.security.web.access.channel.SecureChannelProcessor;
|
||||
import org.springframework.security.web.access.expression.WebExpressionVoter;
|
||||
import org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
|
||||
import org.springframework.security.web.access.intercept.RequestKey;
|
||||
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
|
||||
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
|
||||
import org.springframework.security.web.context.SecurityContextPersistenceFilter;
|
||||
import org.springframework.security.web.expression.WebExpressionVoter;
|
||||
import org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.intercept.FilterSecurityInterceptor;
|
||||
import org.springframework.security.web.intercept.RequestKey;
|
||||
import org.springframework.security.web.securechannel.ChannelDecisionManagerImpl;
|
||||
import org.springframework.security.web.securechannel.ChannelProcessingFilter;
|
||||
import org.springframework.security.web.securechannel.InsecureChannelProcessor;
|
||||
import org.springframework.security.web.securechannel.RetryWithHttpEntryPoint;
|
||||
import org.springframework.security.web.securechannel.RetryWithHttpsEntryPoint;
|
||||
import org.springframework.security.web.securechannel.SecureChannelProcessor;
|
||||
import org.springframework.security.web.session.SessionFixationProtectionFilter;
|
||||
import org.springframework.security.web.util.AntUrlPathMatcher;
|
||||
import org.springframework.security.web.util.RegexUrlPathMatcher;
|
||||
import org.springframework.security.web.util.UrlMatcher;
|
||||
@ -112,8 +112,8 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
||||
static final String OPEN_ID_AUTHENTICATION_PROVIDER_CLASS = "org.springframework.security.openid.OpenIDAuthenticationProvider";
|
||||
static final String AUTHENTICATION_PROCESSING_FILTER_CLASS = "org.springframework.security.web.authentication.AuthenticationProcessingFilter";
|
||||
|
||||
static final String EXPRESSION_FIMDS_CLASS = "org.springframework.security.web.expression.ExpressionBasedFilterInvocationSecurityMetadataSource";
|
||||
static final String EXPRESSION_HANDLER_CLASS = "org.springframework.security.web.expression.DefaultWebSecurityExpressionHandler";
|
||||
static final String EXPRESSION_FIMDS_CLASS = "org.springframework.security.web.access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource";
|
||||
static final String EXPRESSION_HANDLER_CLASS = "org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler";
|
||||
private static final String EXPRESSION_HANDLER_ID = "_webExpressionHandler";
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
|
||||
@ -36,7 +36,7 @@ public class LdapUserServiceBeanDefinitionParser extends AbstractUserDetailsServ
|
||||
public static final String PERSON_MAPPER_CLASS = "org.springframework.security.ldap.userdetails.PersonContextMapper";
|
||||
public static final String INET_ORG_PERSON_MAPPER_CLASS = "org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper";
|
||||
public static final String LDAP_USER_MAPPER_CLASS = "org.springframework.security.ldap.userdetails.LdapUserDetailsMapper";
|
||||
public static final String LDAP_AUTHORITIES_POPULATOR_CLASS = "org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator";
|
||||
public static final String LDAP_AUTHORITIES_POPULATOR_CLASS = "org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator";
|
||||
|
||||
protected String getBeanClassName(Element element) {
|
||||
return "org.springframework.security.ldap.userdetails.LdapUserDetailsService";
|
||||
|
||||
@ -6,8 +6,8 @@ import org.springframework.beans.factory.support.BeanDefinitionBuilder;
|
||||
import org.springframework.beans.factory.support.ManagedList;
|
||||
import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
||||
import org.springframework.beans.factory.xml.ParserContext;
|
||||
import org.springframework.security.web.logout.LogoutFilter;
|
||||
import org.springframework.security.web.logout.SecurityContextLogoutHandler;
|
||||
import org.springframework.security.web.authentication.logout.LogoutFilter;
|
||||
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.w3c.dom.Element;
|
||||
|
||||
|
||||
@ -11,8 +11,8 @@ import org.springframework.beans.factory.config.BeanPostProcessor;
|
||||
import org.springframework.security.authentication.concurrent.ConcurrentSessionController;
|
||||
import org.springframework.security.authentication.concurrent.ConcurrentSessionControllerImpl;
|
||||
import org.springframework.security.authentication.concurrent.SessionRegistry;
|
||||
import org.springframework.security.web.SessionFixationProtectionFilter;
|
||||
import org.springframework.security.web.authentication.AbstractProcessingFilter;
|
||||
import org.springframework.security.web.session.SessionFixationProtectionFilter;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
@ -15,7 +15,7 @@ import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.access.SecurityConfig;
|
||||
import org.springframework.security.config.util.InMemoryXmlApplicationContext;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource;
|
||||
import org.w3c.dom.Element;
|
||||
|
||||
/**
|
||||
@ -59,7 +59,7 @@ public class FilterInvocationSecurityMetadataSourceBeanDefinitionParserTests {
|
||||
public void parsingWithinFilterSecurityInterceptorIsSuccessful() {
|
||||
setContext(
|
||||
"<http auto-config='true'/>" +
|
||||
"<b:bean id='fsi' class='org.springframework.security.web.intercept.FilterSecurityInterceptor' autowire='byType'>" +
|
||||
"<b:bean id='fsi' class='org.springframework.security.web.access.intercept.FilterSecurityInterceptor' autowire='byType'>" +
|
||||
" <b:property name='securityMetadataSource'>" +
|
||||
" <filter-invocation-definition-source>" +
|
||||
" <intercept-url pattern='/secure/extreme/**' access='ROLE_SUPERVISOR'/>" +
|
||||
|
||||
@ -33,35 +33,35 @@ import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.openid.OpenIDAuthenticationProcessingFilter;
|
||||
import org.springframework.security.openid.OpenIDAuthenticationProvider;
|
||||
import org.springframework.security.util.FieldUtils;
|
||||
import org.springframework.security.web.AccessDeniedHandlerImpl;
|
||||
import org.springframework.security.web.ExceptionTranslationFilter;
|
||||
import org.springframework.security.web.FilterChainProxy;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.PortMapperImpl;
|
||||
import org.springframework.security.web.SessionFixationProtectionFilter;
|
||||
import org.springframework.security.web.access.AccessDeniedHandlerImpl;
|
||||
import org.springframework.security.web.access.ExceptionTranslationFilter;
|
||||
import org.springframework.security.web.access.channel.ChannelProcessingFilter;
|
||||
import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
|
||||
import org.springframework.security.web.access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
|
||||
import org.springframework.security.web.authentication.AnonymousProcessingFilter;
|
||||
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
|
||||
import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
|
||||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.authentication.DefaultLoginPageGeneratingFilter;
|
||||
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
|
||||
import org.springframework.security.web.authentication.WebAuthenticationDetails;
|
||||
import org.springframework.security.web.authentication.concurrent.ConcurrentSessionFilter;
|
||||
import org.springframework.security.web.authentication.logout.LogoutFilter;
|
||||
import org.springframework.security.web.authentication.logout.LogoutHandler;
|
||||
import org.springframework.security.web.authentication.preauth.x509.X509PreAuthenticatedProcessingFilter;
|
||||
import org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl;
|
||||
import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices;
|
||||
import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;
|
||||
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
|
||||
import org.springframework.security.web.authentication.www.BasicProcessingFilter;
|
||||
import org.springframework.security.web.concurrent.ConcurrentSessionFilter;
|
||||
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
|
||||
import org.springframework.security.web.context.SecurityContextPersistenceFilter;
|
||||
import org.springframework.security.web.expression.DefaultWebSecurityExpressionHandler;
|
||||
import org.springframework.security.web.expression.ExpressionBasedFilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.intercept.FilterSecurityInterceptor;
|
||||
import org.springframework.security.web.logout.LogoutFilter;
|
||||
import org.springframework.security.web.logout.LogoutHandler;
|
||||
import org.springframework.security.web.securechannel.ChannelProcessingFilter;
|
||||
import org.springframework.security.web.session.SessionFixationProtectionFilter;
|
||||
import org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter;
|
||||
import org.springframework.util.ReflectionUtils;
|
||||
|
||||
|
||||
@ -13,8 +13,8 @@ import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.authority.GrantedAuthorityImpl;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator;
|
||||
import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;
|
||||
import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator;
|
||||
import org.springframework.security.ldap.userdetails.InetOrgPerson;
|
||||
import org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper;
|
||||
import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper;
|
||||
|
||||
@ -7,7 +7,6 @@ import java.util.Date;
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import org.apache.commons.codec.binary.Hex;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.security.util.Sha512DigestUtils;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.util;
|
||||
package org.springframework.security.core.token;
|
||||
|
||||
import java.security.MessageDigest;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
@ -57,16 +57,16 @@
|
||||
<bean id="preAuthenticatedProcessingFilterEntryPoint"
|
||||
class="org.springframework.security.web.authentication.preauth.PreAuthenticatedProcessingFilterEntryPoint"/>
|
||||
|
||||
<bean id="logoutFilter" class="org.springframework.security.web.logout.LogoutFilter">
|
||||
<bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
|
||||
<constructor-arg value="/"/>
|
||||
<constructor-arg>
|
||||
<list>
|
||||
<bean class="org.springframework.security.web.logout.SecurityContextLogoutHandler"/>
|
||||
<bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
|
||||
</list>
|
||||
</constructor-arg>
|
||||
</bean>
|
||||
|
||||
<bean id="etf" class="org.springframework.security.web.ExceptionTranslationFilter">
|
||||
<bean id="etf" class="org.springframework.security.web.access.ExceptionTranslationFilter">
|
||||
<property name="authenticationEntryPoint" ref="preAuthenticatedProcessingFilterEntryPoint"/>
|
||||
</bean>
|
||||
|
||||
@ -88,7 +88,7 @@
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
<bean id="fsi" class="org.springframework.security.web.intercept.FilterSecurityInterceptor">
|
||||
<bean id="fsi" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
|
||||
<property name="authenticationManager" ref="authenticationManager"/>
|
||||
<property name="accessDecisionManager" ref="accessDecisionManager"/>
|
||||
<property name="securityMetadataSource">
|
||||
|
||||
@ -16,8 +16,7 @@
|
||||
package org.springframework.security.ldap.authentication;
|
||||
|
||||
import org.springframework.security.core.SpringSecurityMessageSource;
|
||||
import org.springframework.security.ldap.LdapAuthenticator;
|
||||
import org.springframework.security.ldap.LdapUserSearch;
|
||||
import org.springframework.security.ldap.search.LdapUserSearch;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.context.MessageSource;
|
||||
import org.springframework.context.MessageSourceAware;
|
||||
|
||||
@ -28,9 +28,8 @@ import org.springframework.security.core.SpringSecurityMessageSource;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.ldap.LdapAuthenticator;
|
||||
import org.springframework.security.ldap.LdapAuthoritiesPopulator;
|
||||
import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator;
|
||||
import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator;
|
||||
import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;
|
||||
import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper;
|
||||
import org.springframework.security.ldap.userdetails.UserDetailsContextMapper;
|
||||
import org.springframework.context.MessageSource;
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.ldap;
|
||||
package org.springframework.security.ldap.authentication;
|
||||
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.ldap.core.DirContextOperations;
|
||||
@ -28,8 +28,8 @@ import org.springframework.ldap.core.DirContextOperations;
|
||||
* @author Luke Taylor
|
||||
* @version $Id$
|
||||
*
|
||||
* @see org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator
|
||||
* @see org.springframework.security.ldap.populator.UserDetailsServiceLdapAuthoritiesPopulator
|
||||
* @see org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
|
||||
* @see org.springframework.security.ldap.authentication.UserDetailsServiceLdapAuthoritiesPopulator
|
||||
*/
|
||||
public interface LdapAuthenticator {
|
||||
//~ Methods ========================================================================================================
|
||||
@ -32,7 +32,7 @@ import org.springframework.util.Assert;
|
||||
|
||||
|
||||
/**
|
||||
* An {@link org.springframework.security.ldap.LdapAuthenticator LdapAuthenticator} which compares the login
|
||||
* An {@link org.springframework.security.ldap.authentication.LdapAuthenticator LdapAuthenticator} which compares the login
|
||||
* password with the value stored in the directory using a remote LDAP "compare" operation.
|
||||
*
|
||||
* <p>
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.ldap;
|
||||
package org.springframework.security.ldap.authentication;
|
||||
|
||||
import org.springframework.security.authentication.AnonymousAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
@ -1,10 +1,10 @@
|
||||
package org.springframework.security.ldap.populator;
|
||||
package org.springframework.security.ldap.authentication;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.ldap.LdapAuthoritiesPopulator;
|
||||
import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;
|
||||
import org.springframework.ldap.core.DirContextOperations;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
@ -1,5 +0,0 @@
|
||||
<html>
|
||||
<body>
|
||||
LdapAuthoritiesPopulator implementations.
|
||||
</body>
|
||||
</html>
|
||||
@ -17,7 +17,6 @@ package org.springframework.security.ldap.search;
|
||||
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.ldap.SpringSecurityLdapTemplate;
|
||||
import org.springframework.security.ldap.LdapUserSearch;
|
||||
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.ldap;
|
||||
package org.springframework.security.ldap.search;
|
||||
|
||||
import org.springframework.ldap.core.DirContextOperations;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
@ -13,12 +13,11 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.ldap.populator;
|
||||
package org.springframework.security.ldap.userdetails;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.GrantedAuthorityImpl;
|
||||
import org.springframework.security.ldap.SpringSecurityLdapTemplate;
|
||||
import org.springframework.security.ldap.LdapAuthoritiesPopulator;
|
||||
import org.springframework.ldap.core.ContextSource;
|
||||
import org.springframework.ldap.core.DirContextOperations;
|
||||
import org.springframework.ldap.core.LdapTemplate;
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.ldap;
|
||||
package org.springframework.security.ldap.userdetails;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@ -4,8 +4,7 @@ import org.springframework.ldap.core.DirContextOperations;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.ldap.LdapAuthoritiesPopulator;
|
||||
import org.springframework.security.ldap.LdapUserSearch;
|
||||
import org.springframework.security.ldap.search.LdapUserSearch;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
/**
|
||||
|
||||
@ -4,6 +4,7 @@ import org.springframework.security.authentication.AnonymousAuthenticationToken;
|
||||
import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource;
|
||||
import org.springframework.security.ldap.userdetails.LdapUserDetailsImpl;
|
||||
import org.springframework.ldap.core.AuthenticationSource;
|
||||
import org.springframework.ldap.core.DistinguishedName;
|
||||
|
||||
@ -34,8 +34,7 @@ import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.ldap.LdapAuthenticator;
|
||||
import org.springframework.security.ldap.LdapAuthoritiesPopulator;
|
||||
import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;
|
||||
import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper;
|
||||
|
||||
|
||||
|
||||
@ -15,7 +15,7 @@
|
||||
|
||||
package org.springframework.security.ldap.authentication;
|
||||
|
||||
import org.springframework.security.ldap.LdapUserSearch;
|
||||
import org.springframework.security.ldap.search.LdapUserSearch;
|
||||
|
||||
import org.springframework.ldap.core.DirContextOperations;
|
||||
|
||||
|
||||
@ -18,7 +18,7 @@ package org.springframework.security.ldap.populator;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.ldap.AbstractLdapIntegrationTests;
|
||||
import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator;
|
||||
import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator;
|
||||
|
||||
import org.springframework.ldap.core.DirContextAdapter;
|
||||
import org.springframework.ldap.core.DistinguishedName;
|
||||
|
||||
@ -11,6 +11,7 @@ import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.ldap.authentication.UserDetailsServiceLdapAuthoritiesPopulator;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
|
||||
@ -13,7 +13,6 @@ import org.springframework.ldap.core.DistinguishedName;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.ldap.LdapAuthoritiesPopulator;
|
||||
import org.springframework.security.ldap.authentication.MockUserSearch;
|
||||
import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper;
|
||||
import org.springframework.security.ldap.userdetails.LdapUserDetailsService;
|
||||
|
||||
@ -48,7 +48,7 @@
|
||||
</bean>
|
||||
</constructor-arg>
|
||||
<constructor-arg>
|
||||
<bean class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
|
||||
<bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
|
||||
<constructor-arg ref="contextSource" />
|
||||
<constructor-arg value="ou=groups" />
|
||||
<property name="groupSearchFilter" value="(member={0})"/>
|
||||
|
||||
@ -38,11 +38,11 @@
|
||||
<bean id="preAuthenticatedProcessingFilterEntryPoint"
|
||||
class="org.springframework.security.web.authentication.preauth.PreAuthenticatedProcessingFilterEntryPoint"/>
|
||||
|
||||
<bean id="logoutFilter" class="org.springframework.security.web.logout.LogoutFilter">
|
||||
<bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
|
||||
<constructor-arg value="/"/>
|
||||
<constructor-arg>
|
||||
<list>
|
||||
<bean class="org.springframework.security.web.logout.SecurityContextLogoutHandler"/>
|
||||
<bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
|
||||
</list>
|
||||
</constructor-arg>
|
||||
</bean>
|
||||
@ -69,7 +69,7 @@
|
||||
|
||||
<bean id="servletContext" class="org.springframework.web.context.support.ServletContextFactoryBean"/>
|
||||
|
||||
<bean id="etf" class="org.springframework.security.web.ExceptionTranslationFilter">
|
||||
<bean id="etf" class="org.springframework.security.web.access.ExceptionTranslationFilter">
|
||||
<property name="authenticationEntryPoint" ref="preAuthenticatedProcessingFilterEntryPoint"/>
|
||||
</bean>
|
||||
|
||||
@ -82,7 +82,7 @@
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
<bean id="fsi" class="org.springframework.security.web.intercept.FilterSecurityInterceptor">
|
||||
<bean id="fsi" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
|
||||
<property name="authenticationManager" ref="authenticationManager"/>
|
||||
<property name="accessDecisionManager" ref="httpRequestAccessDecisionManager"/>
|
||||
<property name="securityMetadataSource">
|
||||
|
||||
@ -16,6 +16,7 @@
|
||||
package org.springframework.security.web;
|
||||
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.access.ExceptionTranslationFilter;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ import javax.servlet.ServletResponse;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.security.web.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.util.AntUrlPathMatcher;
|
||||
import org.springframework.security.web.util.UrlMatcher;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web;
|
||||
package org.springframework.security.web.access;
|
||||
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web;
|
||||
package org.springframework.security.web.access;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web;
|
||||
package org.springframework.security.web.access;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
@ -29,6 +29,11 @@ import org.springframework.security.authentication.AuthenticationTrustResolverIm
|
||||
import org.springframework.security.authentication.InsufficientAuthenticationException;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.security.web.FilterChainOrder;
|
||||
import org.springframework.security.web.PortResolver;
|
||||
import org.springframework.security.web.PortResolverImpl;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.savedrequest.SavedRequest;
|
||||
import org.springframework.security.web.util.ThrowableAnalyzer;
|
||||
import org.springframework.security.web.util.ThrowableCauseExtractor;
|
||||
@ -47,8 +52,8 @@ import org.springframework.util.Assert;
|
||||
* <p>
|
||||
* If an {@link AccessDeniedException} is detected, the filter will determine whether or not the user is an anonymous
|
||||
* user. If they are an anonymous user, the <code>authenticationEntryPoint</code> will be launched. If they are not
|
||||
* an anonymous user, the filter will delegate to the {@link org.springframework.security.web.AccessDeniedHandler}.
|
||||
* By default the filter will use {@link org.springframework.security.web.AccessDeniedHandlerImpl}.
|
||||
* an anonymous user, the filter will delegate to the {@link org.springframework.security.web.access.AccessDeniedHandler}.
|
||||
* By default the filter will use {@link org.springframework.security.web.access.AccessDeniedHandlerImpl}.
|
||||
* <p>
|
||||
* To use this filter, it is necessary to specify the following properties:
|
||||
* <ul>
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.intercept;
|
||||
package org.springframework.security.web.access;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
import org.springframework.security.web.PortMapper;
|
||||
import org.springframework.security.web.PortMapperImpl;
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Collection;
|
||||
@ -31,7 +31,7 @@ import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.web.FilterChainOrder;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
|
||||
/**
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
/**
|
||||
* Commences a secure channel by retrying the original request using HTTPS.
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web.expression;
|
||||
package org.springframework.security.web.access.expression;
|
||||
|
||||
import org.springframework.expression.EvaluationContext;
|
||||
import org.springframework.expression.ExpressionParser;
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web.expression;
|
||||
package org.springframework.security.web.access.expression;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.LinkedHashMap;
|
||||
@ -10,8 +10,8 @@ import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.expression.ExpressionParser;
|
||||
import org.springframework.expression.ParseException;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.intercept.RequestKey;
|
||||
import org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.access.intercept.RequestKey;
|
||||
import org.springframework.security.web.util.UrlMatcher;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web.expression;
|
||||
package org.springframework.security.web.access.expression;
|
||||
|
||||
import org.springframework.expression.Expression;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web.expression;
|
||||
package org.springframework.security.web.access.expression;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web.expression;
|
||||
package org.springframework.security.web.access.expression;
|
||||
|
||||
import org.springframework.expression.EvaluationContext;
|
||||
import org.springframework.expression.ExpressionParser;
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web.expression;
|
||||
package org.springframework.security.web.access.expression;
|
||||
|
||||
import java.net.InetAddress;
|
||||
import java.net.UnknownHostException;
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.intercept;
|
||||
package org.springframework.security.web.access.intercept;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.intercept;
|
||||
package org.springframework.security.web.access.intercept;
|
||||
|
||||
import org.springframework.security.access.intercept.SecurityMetadataSource;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.intercept;
|
||||
package org.springframework.security.web.access.intercept;
|
||||
|
||||
import org.springframework.security.access.intercept.AbstractSecurityInterceptor;
|
||||
import org.springframework.security.access.intercept.InterceptorStatusToken;
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web.intercept;
|
||||
package org.springframework.security.web.access.intercept;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web;
|
||||
package org.springframework.security.web.authentication;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
@ -11,8 +11,7 @@ import javax.servlet.http.HttpServletResponse;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.logout.LogoutHandler;
|
||||
import org.springframework.security.web.authentication.logout.LogoutHandler;
|
||||
import org.springframework.security.web.util.RedirectUtils;
|
||||
import org.springframework.security.web.util.UrlUtils;
|
||||
import org.springframework.util.Assert;
|
||||
@ -38,7 +38,7 @@ import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.SpringSecurityMessageSource;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.util.SessionUtils;
|
||||
import org.springframework.security.web.session.SessionUtils;
|
||||
import org.springframework.security.web.util.UrlUtils;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
|
||||
@ -172,11 +172,11 @@ public class AuthenticationProcessingFilter extends AbstractProcessingFilter {
|
||||
return FilterChainOrder.AUTHENTICATION_PROCESSING_FILTER;
|
||||
}
|
||||
|
||||
String getUsernameParameter() {
|
||||
public final String getUsernameParameter() {
|
||||
return usernameParameter;
|
||||
}
|
||||
|
||||
String getPasswordParameter() {
|
||||
public final String getPasswordParameter() {
|
||||
return passwordParameter;
|
||||
}
|
||||
}
|
||||
|
||||
@ -19,11 +19,11 @@ package org.springframework.security.web.authentication;
|
||||
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.security.web.ExceptionTranslationFilter;
|
||||
import org.springframework.security.web.PortMapper;
|
||||
import org.springframework.security.web.PortMapperImpl;
|
||||
import org.springframework.security.web.PortResolver;
|
||||
import org.springframework.security.web.PortResolverImpl;
|
||||
import org.springframework.security.web.access.ExceptionTranslationFilter;
|
||||
import org.springframework.security.web.util.RedirectUrlBuilder;
|
||||
import org.springframework.security.web.util.UrlUtils;
|
||||
|
||||
|
||||
@ -8,7 +8,7 @@ import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.ExceptionTranslationFilter;
|
||||
import org.springframework.security.web.access.ExceptionTranslationFilter;
|
||||
import org.springframework.security.web.savedrequest.SavedRequest;
|
||||
import org.springframework.security.web.util.RedirectUtils;
|
||||
import org.springframework.security.web.wrapper.SavedRequestAwareWrapper;
|
||||
|
||||
@ -7,7 +7,6 @@ import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.AbstractAuthenticationTargetUrlRequestHandler;
|
||||
|
||||
public class SimpleUrlAuthenticationSuccessHandler extends AbstractAuthenticationTargetUrlRequestHandler implements AuthenticationSuccessHandler {
|
||||
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.concurrent;
|
||||
package org.springframework.security.web.authentication.concurrent;
|
||||
|
||||
import org.springframework.security.authentication.concurrent.SessionInformation;
|
||||
import org.springframework.security.authentication.concurrent.SessionRegistry;
|
||||
@ -21,8 +21,8 @@ import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.FilterChainOrder;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.logout.LogoutHandler;
|
||||
import org.springframework.security.web.logout.SecurityContextLogoutHandler;
|
||||
import org.springframework.security.web.authentication.logout.LogoutHandler;
|
||||
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
|
||||
import org.springframework.security.web.util.UrlUtils;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.util.Assert;
|
||||
@ -44,7 +44,7 @@ import java.io.IOException;
|
||||
* {@link org.springframework.security.authentication.concurrent.SessionInformation} from the <code>SessionRegistry</code>
|
||||
* for each request and checks if the session has been marked as expired.
|
||||
* If it has been marked as expired, the configured logout handlers will be called (as happens with
|
||||
* {@link org.springframework.security.web.logout.LogoutFilter}), typically to invalidate the session.
|
||||
* {@link org.springframework.security.web.authentication.logout.LogoutFilter}), typically to invalidate the session.
|
||||
* A redirect to the expiredURL specified will be performed, and the session invalidation will cause an
|
||||
* {@link org.springframework.security.web.session.HttpSessionDestroyedEvent} to be published via the
|
||||
* {@link org.springframework.security.web.session.HttpSessionEventPublisher} registered in <code>web.xml</code>.</p>
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.logout;
|
||||
package org.springframework.security.web.authentication.logout;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Arrays;
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.logout;
|
||||
package org.springframework.security.web.authentication.logout;
|
||||
|
||||
import org.springframework.security.core.Authentication;
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web.logout;
|
||||
package org.springframework.security.web.authentication.logout;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.logout;
|
||||
package org.springframework.security.web.authentication.logout;
|
||||
|
||||
|
||||
import org.springframework.security.core.Authentication;
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web.logout;
|
||||
package org.springframework.security.web.authentication.logout;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
@ -7,7 +7,7 @@ import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.AbstractAuthenticationTargetUrlRequestHandler;
|
||||
import org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler;
|
||||
|
||||
/**
|
||||
* Handles the navigation on logout by delegating to the {@link AbstractAuthenticationTargetUrlRequestHandler}
|
||||
@ -31,7 +31,7 @@ import org.springframework.core.Ordered;
|
||||
* This code is based on
|
||||
* {@link org.springframework.security.ui.x509.X509ProcessingFilterEntryPoint}.
|
||||
*
|
||||
* @see org.springframework.security.web.ExceptionTranslationFilter
|
||||
* @see org.springframework.security.web.access.ExceptionTranslationFilter
|
||||
*
|
||||
* @author Luke Taylor
|
||||
* @author Ruud Senden
|
||||
|
||||
@ -17,7 +17,7 @@ import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.web.authentication.RememberMeServices;
|
||||
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
||||
import org.springframework.security.web.logout.LogoutHandler;
|
||||
import org.springframework.security.web.authentication.logout.LogoutHandler;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web.authentication;
|
||||
package org.springframework.security.web.authentication.ui;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
@ -12,6 +12,8 @@ import org.springframework.beans.BeanWrapperImpl;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.FilterChainOrder;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.authentication.AbstractProcessingFilter;
|
||||
import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
|
||||
import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
|
||||
|
||||
/**
|
||||
@ -1,6 +0,0 @@
|
||||
<html>
|
||||
<body>
|
||||
Concurrent session control and registration classes.
|
||||
</body>
|
||||
</html>
|
||||
|
||||
@ -0,0 +1,2 @@
|
||||
Classes which are responsible for maintaining the security context
|
||||
between HTTP requests.
|
||||
@ -37,7 +37,7 @@ import java.util.TreeMap;
|
||||
* Represents central information from a <code>HttpServletRequest</code>.<p>This class is used by {@link
|
||||
* org.springframework.security.web.authentication.AbstractProcessingFilter} and {@link org.springframework.security.web.wrapper.SavedRequestAwareWrapper} to
|
||||
* reproduce the request after successful authentication. An instance of this class is stored at the time of an
|
||||
* authentication exception by {@link org.springframework.security.web.ExceptionTranslationFilter}.</p>
|
||||
* authentication exception by {@link org.springframework.security.web.access.ExceptionTranslationFilter}.</p>
|
||||
* <p><em>IMPLEMENTATION NOTE</em>: It is assumed that this object is accessed only from the context of a single
|
||||
* thread, so no synchronization around internal collection classes is performed.</p>
|
||||
* <p>This class is based on code in Apache Tomcat.</p>
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web;
|
||||
package org.springframework.security.web.session;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
@ -14,8 +14,9 @@ import org.springframework.security.authentication.concurrent.SessionRegistry;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.FilterChainOrder;
|
||||
import org.springframework.security.web.SpringSecurityFilter;
|
||||
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
|
||||
import org.springframework.security.web.util.SessionUtils;
|
||||
|
||||
/**
|
||||
* Detects that a user has been authenticated since the start of the request and starts a new session.
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web.util;
|
||||
package org.springframework.security.web.session;
|
||||
|
||||
import java.util.Enumeration;
|
||||
import java.util.HashMap;
|
||||
@ -1,7 +1,7 @@
|
||||
package org.springframework.security.web.util;
|
||||
|
||||
import org.springframework.security.web.authentication.AbstractProcessingFilter;
|
||||
import org.springframework.security.web.logout.LogoutFilter;
|
||||
import org.springframework.security.web.authentication.logout.LogoutFilter;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web;
|
||||
package org.springframework.security.web.access;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
@ -35,8 +35,8 @@ import org.springframework.security.authentication.AnonymousAuthenticationToken;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.AccessDeniedHandlerImpl;
|
||||
import org.springframework.security.web.ExceptionTranslationFilter;
|
||||
import org.springframework.security.web.access.AccessDeniedHandlerImpl;
|
||||
import org.springframework.security.web.access.ExceptionTranslationFilter;
|
||||
import org.springframework.security.web.savedrequest.SavedRequest;
|
||||
|
||||
/**
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.intercept;
|
||||
package org.springframework.security.web.access;
|
||||
|
||||
import static org.junit.Assert.*;
|
||||
import static org.mockito.Matchers.*;
|
||||
@ -32,10 +32,12 @@ import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link org.springframework.security.web.intercept.WebInvocationPrivilegeEvaluator}.
|
||||
* Tests {@link org.springframework.security.web.access.WebInvocationPrivilegeEvaluator}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
||||
@ -32,8 +32,8 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.access.SecurityConfig;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.securechannel.ChannelDecisionManagerImpl;
|
||||
import org.springframework.security.web.securechannel.ChannelProcessor;
|
||||
import org.springframework.security.web.access.channel.ChannelDecisionManagerImpl;
|
||||
import org.springframework.security.web.access.channel.ChannelProcessor;
|
||||
|
||||
|
||||
/**
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.mockito.Mockito.mock;
|
||||
@ -31,9 +31,9 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.access.SecurityConfig;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.securechannel.ChannelDecisionManager;
|
||||
import org.springframework.security.web.securechannel.ChannelProcessingFilter;
|
||||
import org.springframework.security.web.access.channel.ChannelDecisionManager;
|
||||
import org.springframework.security.web.access.channel.ChannelProcessingFilter;
|
||||
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
||||
|
||||
|
||||
/**
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
||||
@ -25,7 +25,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.access.SecurityConfig;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.securechannel.InsecureChannelProcessor;
|
||||
import org.springframework.security.web.access.channel.InsecureChannelProcessor;
|
||||
|
||||
|
||||
/**
|
||||
@ -13,14 +13,14 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
import org.springframework.security.MockPortResolver;
|
||||
|
||||
import org.springframework.security.web.PortMapperImpl;
|
||||
import org.springframework.security.web.securechannel.RetryWithHttpEntryPoint;
|
||||
import org.springframework.security.web.access.channel.RetryWithHttpEntryPoint;
|
||||
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
@ -13,14 +13,14 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
import org.springframework.security.MockPortResolver;
|
||||
|
||||
import org.springframework.security.web.PortMapperImpl;
|
||||
import org.springframework.security.web.securechannel.RetryWithHttpsEntryPoint;
|
||||
import org.springframework.security.web.access.channel.RetryWithHttpsEntryPoint;
|
||||
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.securechannel;
|
||||
package org.springframework.security.web.access.channel;
|
||||
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
||||
@ -25,7 +25,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.access.SecurityConfig;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.securechannel.SecureChannelProcessor;
|
||||
import org.springframework.security.web.access.channel.SecureChannelProcessor;
|
||||
|
||||
|
||||
/**
|
||||
@ -1,4 +1,4 @@
|
||||
package org.springframework.security.web.expression;
|
||||
package org.springframework.security.web.access.expression;
|
||||
|
||||
import static org.junit.Assert.*;
|
||||
import static org.mockito.Mockito.mock;
|
||||
@ -10,6 +10,7 @@ import org.junit.Test;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.access.expression.WebSecurityExpressionRoot;
|
||||
|
||||
/**
|
||||
* Tests for {@link WebSecurityExpressionRoot}.
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.intercept;
|
||||
package org.springframework.security.web.access.intercept;
|
||||
|
||||
import static org.junit.Assert.*;
|
||||
import static org.mockito.Mockito.mock;
|
||||
@ -29,8 +29,8 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.access.SecurityConfig;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.intercept.RequestKey;
|
||||
import org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.access.intercept.RequestKey;
|
||||
import org.springframework.security.web.util.AntUrlPathMatcher;
|
||||
|
||||
/**
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.intercept;
|
||||
package org.springframework.security.web.access.intercept;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.mockito.Mockito.mock;
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.intercept;
|
||||
package org.springframework.security.web.access.intercept;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@ -38,6 +38,8 @@ import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
|
||||
|
||||
|
||||
/**
|
||||
@ -1,9 +1,9 @@
|
||||
package org.springframework.security.web.intercept;
|
||||
package org.springframework.security.web.access.intercept;
|
||||
|
||||
import static org.junit.Assert.*;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.springframework.security.web.intercept.RequestKey;
|
||||
import org.springframework.security.web.access.intercept.RequestKey;
|
||||
|
||||
/**
|
||||
*
|
||||
@ -13,7 +13,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.concurrent;
|
||||
package org.springframework.security.web.authentication;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
import org.springframework.mock.web.MockFilterConfig;
|
||||
@ -22,7 +22,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.mock.web.MockHttpSession;
|
||||
import org.springframework.security.authentication.concurrent.SessionRegistry;
|
||||
import org.springframework.security.authentication.concurrent.SessionRegistryImpl;
|
||||
import org.springframework.security.web.concurrent.ConcurrentSessionFilter;
|
||||
import org.springframework.security.web.authentication.concurrent.ConcurrentSessionFilter;
|
||||
|
||||
import javax.servlet.Filter;
|
||||
import javax.servlet.FilterChain;
|
||||
@ -17,6 +17,7 @@ import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.SpringSecurityMessageSource;
|
||||
import org.springframework.security.web.FilterChainOrder;
|
||||
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
|
||||
|
||||
/**
|
||||
*
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
package org.springframework.security.web.logout;
|
||||
package org.springframework.security.web.authentication.logout;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.web.logout.LogoutFilter;
|
||||
import org.springframework.security.web.logout.SecurityContextLogoutHandler;
|
||||
import org.springframework.security.web.authentication.logout.LogoutFilter;
|
||||
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user