Tidied up getters/setters in AbstractProcessingFilter. Removed unused getters and reduced the scope of others where possible.

2008-01-07 16:10:50 +00:00 · 2008-01-07 16:10:50 +00:00 · 99b7510482
parent c5bc0fc683
commit 99b7510482
3 changed files with 107 additions and 151 deletions
--- a/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java
+++ b/core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java
@ -63,15 +63,12 @@ import javax.servlet.http.HttpSession;
 * authentication is successful, the resulting {@link Authentication} object
 * will be placed into the <code>SecurityContext</code>, which is guaranteed
 * to have already been created by an earlier filter.
- * </p>
 * <p>
 * If authentication fails, the <code>AuthenticationException</code> will be
 * placed into the <code>HttpSession</code> with the attribute defined by
 * {@link #SPRING_SECURITY_LAST_EXCEPTION_KEY}.
- * </p>
 * <p>
 * To use this filter, it is necessary to specify the following properties:
- * </p>
 * <ul>
 * <li><code>defaultTargetUrl</code> indicates the URL that should be used
 * for redirection if the <code>HttpSession</code> attribute named
@ -110,26 +107,24 @@ import javax.servlet.http.HttpSession;
 * The example above would redirect all
 * {@link org.springframework.security.BadCredentialsException}s thrown, to a page in the
 * web-application called /bad_credentials.jsp.
- * </p>
 * <p>
 * Any {@link AuthenticationException} thrown that cannot be matched in the
 * <code>exceptionMappings</code> will be redirected to the
 * <code>authenticationFailureUrl</code>
- * </p>
 * <p>
 * If authentication is successful, an {@link
 * org.springframework.security.event.authentication.InteractiveAuthenticationSuccessEvent}
 * will be published to the application context. No events will be published if
 * authentication was unsuccessful, because this would generally be recorded via
 * an <code>AuthenticationManager</code>-specific application event.
- * </p>
- *  <p>The filter has an optional attribute <tt>invalidateSessionOnSuccessfulAuthentication</tt> that will invalidate
+ * <p>
+ * The filter has an optional attribute <tt>invalidateSessionOnSuccessfulAuthentication</tt> that will invalidate
 * the current session on successful authentication. This is to protect against session fixation attacks (see
 * <a href="http://en.wikipedia.org/wiki/Session_fixation">this Wikipedia article</a> for more information).
 * The behaviour is turned off by default. Additionally there is a property <tt>migrateInvalidatedSessionAttributes</tt>
 * which tells if on session invalidation we are to migrate all session attributes from the old session to a newly
 * created one. This is turned on by default, but not used unless <tt>invalidateSessionOnSuccessfulAuthentication</tt>
- * is true.</p>
+ * is true.
 *
 * @author Ben Alex
 * @version $Id: AbstractProcessingFilter.java 1909 2007-06-19 04:08:19Z
@ -269,55 +264,6 @@ public abstract class AbstractProcessingFilter extends SpringSecurityFilter impl
 		chain.doFilter(request, response);
 	}

-	public String getAuthenticationFailureUrl() {
-		return authenticationFailureUrl;
-	}
-
-	public AuthenticationManager getAuthenticationManager() {
-		return authenticationManager;
-	}
-
-	/**
-	 * Specifies the default <code>filterProcessesUrl</code> for the
-	 * implementation.
-	 *
-	 * @return the default <code>filterProcessesUrl</code>
-	 */
-	public abstract String getDefaultFilterProcessesUrl();
-
-	/**
-	 * Supplies the default target Url that will be used if no saved request is
-	 * found or the <tt>alwaysUseDefaultTargetUrl</tt> propert is set to true.
-	 * Override this method of you want to provide a customized default Url (for
-	 * example if you want different Urls depending on the authorities of the
-	 * user who has just logged in).
-	 *
-	 * @return the defaultTargetUrl property
-	 */
-	public String getDefaultTargetUrl() {
-		return defaultTargetUrl;
-	}
-
-	public Properties getExceptionMappings() {
-		return new Properties(exceptionMappings);
-	}
-
-	public String getFilterProcessesUrl() {
-		return filterProcessesUrl;
-	}
-
-	public RememberMeServices getRememberMeServices() {
-		return rememberMeServices;
-	}
-
-	public boolean isAlwaysUseDefaultTargetUrl() {
-		return alwaysUseDefaultTargetUrl;
-	}
-
-	public boolean isContinueChainBeforeSuccessfulAuthentication() {
-		return continueChainBeforeSuccessfulAuthentication;
-	}
-
 	public static String obtainFullRequestUrl(HttpServletRequest request) {
 		SavedRequest savedRequest = (SavedRequest) request.getSession().getAttribute(SPRING_SECURITY_SAVED_REQUEST_KEY);

@ -380,63 +326,6 @@ public abstract class AbstractProcessingFilter extends SpringSecurityFilter impl
        RedirectUtils.sendRedirect(request, response, url, useRelativeContext);
 	}

-	public void setAlwaysUseDefaultTargetUrl(boolean alwaysUseDefaultTargetUrl) {
-		this.alwaysUseDefaultTargetUrl = alwaysUseDefaultTargetUrl;
-	}
-
-	public void setApplicationEventPublisher(ApplicationEventPublisher eventPublisher) {
-		this.eventPublisher = eventPublisher;
-	}
-
-	public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource) {
-		Assert.notNull(authenticationDetailsSource, "AuthenticationDetailsSource required");
-		this.authenticationDetailsSource = authenticationDetailsSource;
-	}
-
-	public void setAuthenticationFailureUrl(String authenticationFailureUrl) {
-		this.authenticationFailureUrl = authenticationFailureUrl;
-	}
-
-	public void setAuthenticationManager(AuthenticationManager authenticationManager) {
-		this.authenticationManager = authenticationManager;
-	}
-
-	public void setContinueChainBeforeSuccessfulAuthentication(boolean continueChainBeforeSuccessfulAuthentication) {
-		this.continueChainBeforeSuccessfulAuthentication = continueChainBeforeSuccessfulAuthentication;
-	}
-
-	public void setDefaultTargetUrl(String defaultTargetUrl) {
-		Assert.isTrue(defaultTargetUrl.startsWith("/") | defaultTargetUrl.startsWith("http"),
-				"defaultTarget must start with '/' or with 'http(s)'");
-		this.defaultTargetUrl = defaultTargetUrl;
-	}
-
-	public void setExceptionMappings(Properties exceptionMappings) {
-		this.exceptionMappings = exceptionMappings;
-	}
-
-	public void setFilterProcessesUrl(String filterProcessesUrl) {
-		this.filterProcessesUrl = filterProcessesUrl;
-	}
-
-	public void setMessageSource(MessageSource messageSource) {
-		this.messages = new MessageSourceAccessor(messageSource);
-	}
-
-	public void setRememberMeServices(RememberMeServices rememberMeServices) {
-		this.rememberMeServices = rememberMeServices;
-	}
-
-
-    public void setInvalidateSessionOnSuccessfulAuthentication(boolean invalidateSessionOnSuccessfulAuthentication) {
-        this.invalidateSessionOnSuccessfulAuthentication = invalidateSessionOnSuccessfulAuthentication;
-    }
-
-
-    public void setMigrateInvalidatedSessionAttributes(boolean migrateInvalidatedSessionAttributes) {
-        this.migrateInvalidatedSessionAttributes = migrateInvalidatedSessionAttributes;
-    }
-
    protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
 			Authentication authResult) throws IOException {
 		if (logger.isDebugEnabled()) {
@ -561,6 +450,106 @@ public abstract class AbstractProcessingFilter extends SpringSecurityFilter impl
        return exceptionMappings.getProperty(failed.getClass().getName(), authenticationFailureUrl);
    }

+    public String getAuthenticationFailureUrl() {
+        return authenticationFailureUrl;
+    }
+
+    public void setAuthenticationFailureUrl(String authenticationFailureUrl) {
+        this.authenticationFailureUrl = authenticationFailureUrl;
+    }
+
+    protected AuthenticationManager getAuthenticationManager() {
+        return authenticationManager;
+    }
+
+    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
+        this.authenticationManager = authenticationManager;
+    }
+
+    /**
+     * Specifies the default <code>filterProcessesUrl</code> for the
+     * implementation.
+     *
+     * @return the default <code>filterProcessesUrl</code>
+     */
+    public abstract String getDefaultFilterProcessesUrl();
+
+    /**
+     * Supplies the default target Url that will be used if no saved request is
+     * found or the <tt>alwaysUseDefaultTargetUrl</tt> propert is set to true.
+     * Override this method of you want to provide a customized default Url (for
+     * example if you want different Urls depending on the authorities of the
+     * user who has just logged in).
+     *
+     * @return the defaultTargetUrl property
+     */
+    public String getDefaultTargetUrl() {
+        return defaultTargetUrl;
+    }
+
+	public void setDefaultTargetUrl(String defaultTargetUrl) {
+		Assert.isTrue(defaultTargetUrl.startsWith("/") | defaultTargetUrl.startsWith("http"),
+				"defaultTarget must start with '/' or with 'http(s)'");
+		this.defaultTargetUrl = defaultTargetUrl;
+	}
+
+    Properties getExceptionMappings() {
+        return new Properties(exceptionMappings);
+    }
+
+    public void setExceptionMappings(Properties exceptionMappings) {
+		this.exceptionMappings = exceptionMappings;
+	}
+
+    public String getFilterProcessesUrl() {
+        return filterProcessesUrl;
+    }
+
+    public void setFilterProcessesUrl(String filterProcessesUrl) {
+        this.filterProcessesUrl = filterProcessesUrl;
+    }
+
+    public RememberMeServices getRememberMeServices() {
+        return rememberMeServices;
+    }
+
+    public void setRememberMeServices(RememberMeServices rememberMeServices) {
+        this.rememberMeServices = rememberMeServices;
+    }
+
+    boolean isAlwaysUseDefaultTargetUrl() {
+        return alwaysUseDefaultTargetUrl;
+    }
+
+    public void setAlwaysUseDefaultTargetUrl(boolean alwaysUseDefaultTargetUrl) {
+		this.alwaysUseDefaultTargetUrl = alwaysUseDefaultTargetUrl;
+	}
+
+    public void setContinueChainBeforeSuccessfulAuthentication(boolean continueChainBeforeSuccessfulAuthentication) {
+        this.continueChainBeforeSuccessfulAuthentication = continueChainBeforeSuccessfulAuthentication;
+    }
+
+    public void setApplicationEventPublisher(ApplicationEventPublisher eventPublisher) {
+		this.eventPublisher = eventPublisher;
+	}
+
+	public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource) {
+		Assert.notNull(authenticationDetailsSource, "AuthenticationDetailsSource required");
+		this.authenticationDetailsSource = authenticationDetailsSource;
+	}
+
+    public void setMessageSource(MessageSource messageSource) {
+		this.messages = new MessageSourceAccessor(messageSource);
+	}
+
+    public void setInvalidateSessionOnSuccessfulAuthentication(boolean invalidateSessionOnSuccessfulAuthentication) {
+        this.invalidateSessionOnSuccessfulAuthentication = invalidateSessionOnSuccessfulAuthentication;
+    }
+
+    public void setMigrateInvalidatedSessionAttributes(boolean migrateInvalidatedSessionAttributes) {
+        this.migrateInvalidatedSessionAttributes = migrateInvalidatedSessionAttributes;
+    }
+
    public AuthenticationDetailsSource getAuthenticationDetailsSource() {
 		// Required due to SEC-310
 		return authenticationDetailsSource;
--- a/core/src/test/java/org/springframework/security/context/SecurityContextHolderTests.java
+++ b/core/src/test/java/org/springframework/security/context/SecurityContextHolderTests.java
@ -34,8 +34,8 @@ public class SecurityContextHolderTests extends TestCase {

    private static int errors = 0;

-    private static final int NUM_OPS = 25;
-    private static final int NUM_THREADS = 10;
+    private static final int NUM_OPS = 5;
+    private static final int NUM_THREADS = 5;

    //~ Constructors ===================================================================================================

--- a/core/src/test/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilterTests.java
+++ b/core/src/test/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilterTests.java
@ -28,7 +28,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
 *
 * @author Ben Alex
 * @author <a href="mailto:scott@mccrory.us">Scott McCrory</a>
- * @version CVS $Id$
+ * @version $Id$
 */
 public class SiteminderAuthenticationProcessingFilterTests extends TestCase {
    //~ Constructors ===================================================================================================
@ -37,7 +37,6 @@ public class SiteminderAuthenticationProcessingFilterTests extends TestCase {
     * Basic constructor.
     */
    public SiteminderAuthenticationProcessingFilterTests() {
-        super();
    }

    /**
@ -51,44 +50,12 @@ public class SiteminderAuthenticationProcessingFilterTests extends TestCase {

    //~ Methods ========================================================================================================

-    /**
-     * Runs the tests as a command-line program.
-     *
-     * @param args
-     */
-    public static void main(String[] args) {
-        junit.textui.TestRunner.run(SiteminderAuthenticationProcessingFilterTests.class);
-    }
-
-    /**
-     *
-     * @see junit.framework.TestCase#setUp()
-     */
-    public final void setUp() throws Exception {
-        super.setUp();
-    }
-
    /**
     * Tests the class' getters.
     */
    public void testAccessors() {
        SiteminderAuthenticationProcessingFilter filter = new SiteminderAuthenticationProcessingFilter();

-        filter.setAlwaysUseDefaultTargetUrl(true);
-        assertTrue(filter.isAlwaysUseDefaultTargetUrl());
-
-        filter.setAuthenticationFailureUrl("foo");
-        assertEquals("foo", filter.getAuthenticationFailureUrl());
-
-        filter.setContinueChainBeforeSuccessfulAuthentication(true);
-        assertTrue(filter.isContinueChainBeforeSuccessfulAuthentication());
-
-        filter.setDefaultTargetUrl("/bar");
-        assertEquals("/bar", filter.getDefaultTargetUrl());
-
-        filter.setFilterProcessesUrl("foobar");
-        assertEquals("foobar", filter.getFilterProcessesUrl());
-
        filter.setFormUsernameParameterKey("usernameParamKey");
        assertEquals("usernameParamKey", filter.getFormUsernameParameterKey());

@ -184,7 +151,7 @@ public class SiteminderAuthenticationProcessingFilterTests extends TestCase {
        assertFalse(requiresAuthentication);

        // Requests for the filter processing URI SHOULD require (re)authentication
-        request.setRequestURI(request.getContextPath() + filter.getFilterProcessesUrl());
+        request.setRequestURI(request.getContextPath() + "/j_spring_security_check");
        requiresAuthentication = filter.requiresAuthentication(request, response);
        assertTrue(requiresAuthentication);