From a934f82af4b09d5579eeca51b0aea8f8d4c23b0d Mon Sep 17 00:00:00 2001 From: Vishal Puri Date: Thu, 17 May 2007 13:42:51 +0000 Subject: [PATCH] SEC-271: Fixed IllegalStateException being thrown by LogoutHandlerOrdereResolver and add an assert statement in the unit test --- .../config/LogoutHandlerOrderResolver.java | 14 +- ...LogoutFilterBeanDefinitionParserTests.java | 20 +- .../config/logout-filter-with-handlers.xml | 5 +- .../applicationContext-acegi-security.xml | 320 ++++++++++-------- 4 files changed, 200 insertions(+), 159 deletions(-) diff --git a/core/src/main/java/org/acegisecurity/config/LogoutHandlerOrderResolver.java b/core/src/main/java/org/acegisecurity/config/LogoutHandlerOrderResolver.java index 587715131e..baa3c06a3a 100644 --- a/core/src/main/java/org/acegisecurity/config/LogoutHandlerOrderResolver.java +++ b/core/src/main/java/org/acegisecurity/config/LogoutHandlerOrderResolver.java @@ -67,17 +67,21 @@ public class LogoutHandlerOrderResolver implements BeanFactoryPostProcessor { for (int i = 0, n = names.length; i < n; i++) { RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(names[i]); - if (Ordered.class.isAssignableFrom(definition.getBeanClass())) { - definition.getPropertyValues().addPropertyValue("order", new Integer(getOrder(definition.getBeanClass()))); - } else { - definition.getPropertyValues().addPropertyValue("order", new Integer(Integer.MAX_VALUE)); + if (definition.hasBeanClass()) { + if (Ordered.class.isAssignableFrom(definition.getBeanClass())) { + definition.getPropertyValues().addPropertyValue("order", + new Integer(getOrder(definition.getBeanClass()))); + } + else { + definition.getPropertyValues().addPropertyValue("order", new Integer(Integer.MAX_VALUE)); + } } list.add(definition); } Collections.sort(list, new OrderComparator()); return list; } - + private int getOrder(Class clazz) { if (clazz.getName().equals(TokenBasedRememberMeServices.class.getName())) { return 100; diff --git a/core/src/test/java/org/acegisecurity/config/LogoutFilterBeanDefinitionParserTests.java b/core/src/test/java/org/acegisecurity/config/LogoutFilterBeanDefinitionParserTests.java index 5161fdd470..68a1b7b8ef 100644 --- a/core/src/test/java/org/acegisecurity/config/LogoutFilterBeanDefinitionParserTests.java +++ b/core/src/test/java/org/acegisecurity/config/LogoutFilterBeanDefinitionParserTests.java @@ -3,19 +3,27 @@ */ package org.acegisecurity.config; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; +import java.util.Map; import junit.framework.TestCase; +import org.acegisecurity.ui.logout.LogoutHandler; +import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; +import org.springframework.context.ApplicationContext; +import org.springframework.context.support.ClassPathXmlApplicationContext; + /** * @author vpuri - * + * */ public class LogoutFilterBeanDefinitionParserTests extends TestCase { - - public void testLogoutFilter(){ - ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/logout-filter-with-handlers.xml"); + + public void testLogoutFilter() { + ApplicationContext context = new ClassPathXmlApplicationContext( + "org/acegisecurity/config/logout-filter-with-handlers.xml"); + ConfigurableListableBeanFactory bf = (ConfigurableListableBeanFactory) context.getAutowireCapableBeanFactory(); + Map m = bf.getBeansOfType(LogoutHandler.class); + assertEquals(2, m.size()); } } diff --git a/core/src/test/resources/org/acegisecurity/config/logout-filter-with-handlers.xml b/core/src/test/resources/org/acegisecurity/config/logout-filter-with-handlers.xml index 94208ced75..b58573168e 100644 --- a/core/src/test/resources/org/acegisecurity/config/logout-filter-with-handlers.xml +++ b/core/src/test/resources/org/acegisecurity/config/logout-filter-with-handlers.xml @@ -14,11 +14,14 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc + redirectAfterLogoutUrl="/" logoutUrl="/logout" /> + + diff --git a/samples/tutorial/src/webapp/WEB-INF/applicationContext-acegi-security.xml b/samples/tutorial/src/webapp/WEB-INF/applicationContext-acegi-security.xml index f64466ea77..200ba61d5e 100644 --- a/samples/tutorial/src/webapp/WEB-INF/applicationContext-acegi-security.xml +++ b/samples/tutorial/src/webapp/WEB-INF/applicationContext-acegi-security.xml @@ -1,148 +1,174 @@ - - - - - - - - - - - CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON - PATTERN_TYPE_APACHE_ANT - /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON - PATTERN_TYPE_APACHE_ANT - /secure/extreme/**=ROLE_SUPERVISOR - /secure/**=IS_AUTHENTICATED_REMEMBERED - /**=IS_AUTHENTICATED_ANONYMOUSLY - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON + PATTERN_TYPE_APACHE_ANT + /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON + PATTERN_TYPE_APACHE_ANT + /secure/extreme/**=ROLE_SUPERVISOR + /secure/**=IS_AUTHENTICATED_REMEMBERED + /**=IS_AUTHENTICATED_ANONYMOUSLY + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file