From 9b4bb0ffd8520d8ee386e476eadc2e73d4e73f74 Mon Sep 17 00:00:00 2001
From: Ben Alex <ben.alex@springsource.com>
Date: Tue, 4 Dec 2007 05:58:54 +0000
Subject: [PATCH] <repository> element and JdbcUserDetailsManager support.

---
 .../config/CustomUserDetailsService.java      | 39 ++++++++++
 .../config/CustomUserDetailsTests.java        | 48 ++++++++++++
 .../security/config/DataSourcePopulator.java  | 74 +++++++++++++++++++
 .../security/config/JdbcUserDetailsTests.java | 49 ++++++++++++
 .../security/config/custom-user-details.xml   | 15 ++++
 .../security/config/jdbc-user-details.xml     | 24 ++++++
 6 files changed, 249 insertions(+)
 create mode 100644 core/src/test/java/org/springframework/security/config/CustomUserDetailsService.java
 create mode 100644 core/src/test/java/org/springframework/security/config/CustomUserDetailsTests.java
 create mode 100644 core/src/test/java/org/springframework/security/config/DataSourcePopulator.java
 create mode 100644 core/src/test/java/org/springframework/security/config/JdbcUserDetailsTests.java
 create mode 100644 core/src/test/resources/org/springframework/security/config/custom-user-details.xml
 create mode 100644 core/src/test/resources/org/springframework/security/config/jdbc-user-details.xml

diff --git a/core/src/test/java/org/springframework/security/config/CustomUserDetailsService.java b/core/src/test/java/org/springframework/security/config/CustomUserDetailsService.java
new file mode 100644
index 0000000000..8914365b4d
--- /dev/null
+++ b/core/src/test/java/org/springframework/security/config/CustomUserDetailsService.java
@@ -0,0 +1,39 @@
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.config;
+
+import org.springframework.dao.DataAccessException;
+import org.springframework.security.GrantedAuthority;
+import org.springframework.security.GrantedAuthorityImpl;
+import org.springframework.security.userdetails.User;
+import org.springframework.security.userdetails.UserDetails;
+import org.springframework.security.userdetails.UserDetailsService;
+import org.springframework.security.userdetails.UsernameNotFoundException;
+
+
+/**
+ * @author Ben Alex
+ * @version $Id: DataSourcePopulator.java 2291 2007-12-03 02:56:52Z benalex $
+ */
+public class CustomUserDetailsService implements UserDetailsService {
+
+	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
+		if ("rod".equals(username)) {
+			return new User("rod", "koala", true, true, true, true, new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_FOO")});
+		}
+		throw new UsernameNotFoundException("unsupported by stub");
+	}
+	
+}
diff --git a/core/src/test/java/org/springframework/security/config/CustomUserDetailsTests.java b/core/src/test/java/org/springframework/security/config/CustomUserDetailsTests.java
new file mode 100644
index 0000000000..dcf7a3ea49
--- /dev/null
+++ b/core/src/test/java/org/springframework/security/config/CustomUserDetailsTests.java
@@ -0,0 +1,48 @@
+package org.springframework.security.config;
+
+import static org.junit.Assert.assertTrue;
+
+import java.util.List;
+
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.springframework.context.support.ClassPathXmlApplicationContext;
+import org.springframework.security.providers.ProviderManager;
+import org.springframework.security.providers.dao.DaoAuthenticationProvider;
+
+/**
+ * @author Ben Alex
+ * @version $Id$
+ */
+public class CustomUserDetailsTests {
+    private static ClassPathXmlApplicationContext appContext;
+
+    @BeforeClass
+    public static void loadContext() {
+        appContext = new ClassPathXmlApplicationContext("org/springframework/security/config/custom-user-details.xml");
+    }
+
+    @AfterClass
+    public static void closeAppContext() {
+        if (appContext != null) {
+            appContext.close();
+        }
+    }
+
+    @Test
+    public void testUsersFound() {
+    	CustomUserDetailsService mgr = (CustomUserDetailsService) appContext.getBean("myDetails");
+    	assertTrue(mgr.loadUserByUsername("rod") != null);
+    }
+    
+    @Test
+    public void testProviderManagerSetup() {
+    	ProviderManager manager = (ProviderManager) appContext.getBean(ConfigUtils.DEFAULT_AUTH_MANAGER_ID);
+    	List providers = manager.getProviders();
+    	assertTrue(providers.size() == 1);
+    	assertTrue(providers.iterator().next() instanceof DaoAuthenticationProvider);
+    	DaoAuthenticationProvider provider = (DaoAuthenticationProvider) providers.iterator().next();
+    	assertTrue(provider.getUserDetailsService() instanceof CustomUserDetailsService);
+    }
+}
diff --git a/core/src/test/java/org/springframework/security/config/DataSourcePopulator.java b/core/src/test/java/org/springframework/security/config/DataSourcePopulator.java
new file mode 100644
index 0000000000..f6b77e1a21
--- /dev/null
+++ b/core/src/test/java/org/springframework/security/config/DataSourcePopulator.java
@@ -0,0 +1,74 @@
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.config;
+
+import javax.sql.DataSource;
+
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.util.Assert;
+
+
+/**
+ * Populates a database with test data for JDBC testing.
+ *
+ * @author Ben Alex
+ * @version $Id: DataSourcePopulator.java 2291 2007-12-03 02:56:52Z benalex $
+ */
+public class DataSourcePopulator implements InitializingBean {
+    //~ Instance fields ================================================================================================
+
+    JdbcTemplate template;
+
+    public void afterPropertiesSet() throws Exception {
+        Assert.notNull(template, "dataSource required");
+
+        template.execute("CREATE TABLE USERS(USERNAME VARCHAR_IGNORECASE(50) NOT NULL PRIMARY KEY,PASSWORD VARCHAR_IGNORECASE(50) NOT NULL,ENABLED BOOLEAN NOT NULL);");
+        template.execute("CREATE TABLE AUTHORITIES(USERNAME VARCHAR_IGNORECASE(50) NOT NULL,AUTHORITY VARCHAR_IGNORECASE(50) NOT NULL,CONSTRAINT FK_AUTHORITIES_USERS FOREIGN KEY(USERNAME) REFERENCES USERS(USERNAME));");
+        template.execute("CREATE UNIQUE INDEX IX_AUTH_USERNAME ON AUTHORITIES(USERNAME,AUTHORITY);");
+
+        /*
+           Passwords encoded using MD5, NOT in Base64 format, with null as salt
+           Encoded password for rod is "koala"
+           Encoded password for dianne is "emu"
+           Encoded password for scott is "wombat"
+           Encoded password for peter is "opal" (but user is disabled)
+           Encoded password for bill is "wombat"
+           Encoded password for bob is "wombat"
+           Encoded password for jane is "wombat"
+
+         */
+        template.execute("INSERT INTO USERS VALUES('rod','a564de63c2d0da68cf47586ee05984d7',TRUE);");
+        template.execute("INSERT INTO USERS VALUES('dianne','65d15fe9156f9c4bbffd98085992a44e',TRUE);");
+        template.execute("INSERT INTO USERS VALUES('scott','2b58af6dddbd072ed27ffc86725d7d3a',TRUE);");
+        template.execute("INSERT INTO USERS VALUES('peter','22b5c9accc6e1ba628cedc63a72d57f8',FALSE);");
+        template.execute("INSERT INTO USERS VALUES('bill','2b58af6dddbd072ed27ffc86725d7d3a',TRUE);");
+        template.execute("INSERT INTO USERS VALUES('bob','2b58af6dddbd072ed27ffc86725d7d3a',TRUE);");
+        template.execute("INSERT INTO USERS VALUES('jane','2b58af6dddbd072ed27ffc86725d7d3a',TRUE);");
+        template.execute("INSERT INTO AUTHORITIES VALUES('rod','ROLE_USER');");
+        template.execute("INSERT INTO AUTHORITIES VALUES('rod','ROLE_SUPERVISOR');");
+        template.execute("INSERT INTO AUTHORITIES VALUES('dianne','ROLE_USER');");
+        template.execute("INSERT INTO AUTHORITIES VALUES('scott','ROLE_USER');");
+        template.execute("INSERT INTO AUTHORITIES VALUES('peter','ROLE_USER');");
+        template.execute("INSERT INTO AUTHORITIES VALUES('bill','ROLE_USER');");
+        template.execute("INSERT INTO AUTHORITIES VALUES('bob','ROLE_USER');");
+        template.execute("INSERT INTO AUTHORITIES VALUES('jane','ROLE_USER');");
+    }
+
+    public void setDataSource(DataSource dataSource) {
+        this.template = new JdbcTemplate(dataSource);
+    }
+
+}
diff --git a/core/src/test/java/org/springframework/security/config/JdbcUserDetailsTests.java b/core/src/test/java/org/springframework/security/config/JdbcUserDetailsTests.java
new file mode 100644
index 0000000000..caa34ad222
--- /dev/null
+++ b/core/src/test/java/org/springframework/security/config/JdbcUserDetailsTests.java
@@ -0,0 +1,49 @@
+package org.springframework.security.config;
+
+import static org.junit.Assert.assertTrue;
+
+import java.util.List;
+
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.springframework.context.support.ClassPathXmlApplicationContext;
+import org.springframework.security.providers.ProviderManager;
+import org.springframework.security.providers.dao.DaoAuthenticationProvider;
+import org.springframework.security.userdetails.jdbc.JdbcUserDetailsManager;
+
+/**
+ * @author Ben Alex
+ * @version $Id$
+ */
+public class JdbcUserDetailsTests {
+    private static ClassPathXmlApplicationContext appContext;
+
+    @BeforeClass
+    public static void loadContext() {
+        appContext = new ClassPathXmlApplicationContext("org/springframework/security/config/jdbc-user-details.xml");
+    }
+
+    @AfterClass
+    public static void closeAppContext() {
+        if (appContext != null) {
+            appContext.close();
+        }
+    }
+
+    @Test
+    public void testUsersFound() {
+    	JdbcUserDetailsManager mgr = (JdbcUserDetailsManager) appContext.getBean(BeanIds.JDBC_USER_DETAILS_MANAGER);
+    	assertTrue(mgr.loadUserByUsername("rod") != null);
+    }
+    
+    @Test
+    public void testProviderManagerSetup() {
+    	ProviderManager manager = (ProviderManager) appContext.getBean(ConfigUtils.DEFAULT_AUTH_MANAGER_ID);
+    	List providers = manager.getProviders();
+    	assertTrue(providers.size() == 1);
+    	assertTrue(providers.iterator().next() instanceof DaoAuthenticationProvider);
+    	DaoAuthenticationProvider provider = (DaoAuthenticationProvider) providers.iterator().next();
+    	assertTrue(provider.getUserDetailsService() instanceof JdbcUserDetailsManager);
+    }
+}
diff --git a/core/src/test/resources/org/springframework/security/config/custom-user-details.xml b/core/src/test/resources/org/springframework/security/config/custom-user-details.xml
new file mode 100644
index 0000000000..e7e7d446d8
--- /dev/null
+++ b/core/src/test/resources/org/springframework/security/config/custom-user-details.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<beans:beans xmlns="http://www.springframework.org/schema/security"
+    xmlns:beans="http://www.springframework.org/schema/beans"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
+
+	<beans:bean id="myDetails" class="org.springframework.security.config.CustomUserDetailsService"/>
+
+    <repository>
+        <custom-user-service id="myDetails"/>
+    </repository>
+
+</beans:beans>
\ No newline at end of file
diff --git a/core/src/test/resources/org/springframework/security/config/jdbc-user-details.xml b/core/src/test/resources/org/springframework/security/config/jdbc-user-details.xml
new file mode 100644
index 0000000000..285cffc495
--- /dev/null
+++ b/core/src/test/resources/org/springframework/security/config/jdbc-user-details.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<beans:beans xmlns="http://www.springframework.org/schema/security"
+    xmlns:beans="http://www.springframework.org/schema/beans"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
+
+	<beans:bean id="populator" class="org.springframework.security.config.DataSourcePopulator">
+		<beans:property name="dataSource" ref="dataSource"/>
+	</beans:bean>
+
+	<beans:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
+		<beans:property name="driverClassName" value="org.hsqldb.jdbcDriver"/>
+		<beans:property name="url" value="jdbc:hsqldb:mem:jdbcnamespaces"/>
+		<beans:property name="username" value="sa"/>
+		<beans:property name="password" value=""/>
+	</beans:bean>
+
+    <repository>
+        <jdbc-user-service dataSource="dataSource"/>
+    </repository>
+
+</beans:beans>
\ No newline at end of file