mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-02-28 18:39:06 +00:00
SEC-271: Impemented FilterSecurityInovation parser for 'authorization-http-url' tag
This commit is contained in:
Vishal Puri
parent
c658efbc69
commit
b1a39fe1d1
@ -5,40 +5,40 @@
|
||||
<classpathentry kind="src" output="target/test-classes" path="src/test/java"/>
|
||||
<classpathentry excluding="**/*.java" kind="src" output="target/test-classes" path="src/test/resources"/>
|
||||
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
|
||||
<classpathentry kind="var" path="M2_REPO/commons-collections/commons-collections/3.1/commons-collections-3.1.jar" sourcepath="M2_REPO/commons-collections/commons-collections/3.1/commons-collections-3.1-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/cas/casclient/2.0.11/casclient-2.0.11.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-beans/2.0.4/spring-beans-2.0.4.jar" sourcepath="/spring"/>
|
||||
<classpathentry kind="var" path="M2_REPO/jdbm/jdbm/1.0/jdbm-1.0.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/apache/directory/shared/shared-asn1/0.9.5.3/shared-asn1-0.9.5.3.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-support/2.0.4/spring-support-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/commons-logging/commons-logging/1.0.4/commons-logging-1.0.4.jar" sourcepath="M2_REPO/commons-logging/commons-logging/1.0.4/commons-logging-1.0.4-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-mock/2.0.4/spring-mock-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-dao/2.0.4/spring-dao-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/apache/directory/shared/shared-ldap/0.9.5.3/shared-ldap-0.9.5.3.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/javax/servlet/jsp-api/2.0/jsp-api-2.0.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/commons-codec/commons-codec/1.3/commons-codec-1.3.jar" sourcepath="M2_REPO/commons-codec/commons-codec/1.3/commons-codec-1.3-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-jdbc/2.0.4/spring-jdbc-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/slf4j/slf4j-log4j12/1.0.1/slf4j-log4j12-1.0.1.jar" sourcepath="M2_REPO/org/slf4j/slf4j-log4j12/1.0.1/slf4j-log4j12-1.0.1-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/aspectj/aspectjrt/1.2/aspectjrt-1.2.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/antlr/antlr/2.7.6/antlr-2.7.6.jar" sourcepath="M2_REPO/antlr/antlr/2.7.6/antlr-2.7.6-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-aop/2.0.4/spring-aop-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/commons-lang/commons-lang/2.1/commons-lang-2.1.jar" sourcepath="M2_REPO/commons-lang/commons-lang/2.1/commons-lang-2.1-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/javax/servlet/servlet-api/2.4/servlet-api-2.4.jar" sourcepath="M2_REPO/javax/servlet/servlet-api/2.4/servlet-api-2.4-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/log4j/log4j/1.2.9/log4j-1.2.9.jar" sourcepath="M2_REPO/log4j/log4j/1.2.9/log4j-1.2.9-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-web/2.0.4/spring-web-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/oro/oro/2.0.8/oro-2.0.8.jar" sourcepath="M2_REPO/oro/oro/2.0.8/oro-2.0.8-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/junit/junit/3.8.1/junit-3.8.1.jar" sourcepath="M2_REPO/junit/junit/3.8.1/junit-3.8.1-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/acegisecurity/acegi-security-tiger/1.0.5-SNAPSHOT/acegi-security-tiger-1.0.5-SNAPSHOT.jar" sourcepath="M2_REPO/org/acegisecurity/acegi-security-tiger/1.0.5-SNAPSHOT/acegi-security-tiger-1.0.5-SNAPSHOT-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/hsqldb/hsqldb/1.8.0.4/hsqldb-1.8.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-context/2.0.4/spring-context-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/taglibs/standard/1.0.6/standard-1.0.6.jar" sourcepath="M2_REPO/taglibs/standard/1.0.6/standard-1.0.6-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/jmock/jmock/1.0.1/jmock-1.0.1.jar" sourcepath="M2_REPO/jmock/jmock/1.0.1/jmock-1.0.1-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/aopalliance/aopalliance/1.0/aopalliance-1.0.jar" sourcepath="M2_REPO/aopalliance/aopalliance/1.0/aopalliance-1.0-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/apache/directory/server/apacheds-core/1.0.0/apacheds-core-1.0.0.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-remoting/2.0.4/spring-remoting-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/acegisecurity/acegi-security/1.0.5-SNAPSHOT/acegi-security-1.0.5-SNAPSHOT.jar" sourcepath="M2_REPO/org/acegisecurity/acegi-security/1.0.5-SNAPSHOT/acegi-security-1.0.5-SNAPSHOT-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/apache/directory/server/apacheds-core-shared/1.0.0/apacheds-core-shared-1.0.0.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/net/sf/ehcache/ehcache/1.2.4/ehcache-1.2.4.jar" sourcepath="M2_REPO/net/sf/ehcache/ehcache/1.2.4/ehcache-1.2.4-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-core/2.0.4/spring-core-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/aspectj/aspectjrt/1.2/aspectjrt-1.2.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-context/2.0.4/spring-context-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/commons-codec/commons-codec/1.3/commons-codec-1.3.jar" sourcepath="M2_REPO/commons-codec/commons-codec/1.3/commons-codec-1.3-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/antlr/antlr/2.7.6/antlr-2.7.6.jar" sourcepath="M2_REPO/antlr/antlr/2.7.6/antlr-2.7.6-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/commons-lang/commons-lang/2.1/commons-lang-2.1.jar" sourcepath="M2_REPO/commons-lang/commons-lang/2.1/commons-lang-2.1-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/slf4j/slf4j-log4j12/1.0.1/slf4j-log4j12-1.0.1.jar" sourcepath="M2_REPO/org/slf4j/slf4j-log4j12/1.0.1/slf4j-log4j12-1.0.1-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/acegisecurity/acegi-security-tiger/1.0.5-SNAPSHOT/acegi-security-tiger-1.0.5-SNAPSHOT.jar" sourcepath="M2_REPO/org/acegisecurity/acegi-security-tiger/1.0.5-SNAPSHOT/acegi-security-tiger-1.0.5-SNAPSHOT-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-beans/2.0.4/spring-beans-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/javax/servlet/jsp-api/2.0/jsp-api-2.0.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-remoting/2.0.4/spring-remoting-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-support/2.0.4/spring-support-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/cas/casclient/2.0.11/casclient-2.0.11.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/aopalliance/aopalliance/1.0/aopalliance-1.0.jar" sourcepath="M2_REPO/aopalliance/aopalliance/1.0/aopalliance-1.0-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-dao/2.0.4/spring-dao-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/apache/directory/server/apacheds-core-shared/1.0.0/apacheds-core-shared-1.0.0.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/jmock/jmock/1.0.1/jmock-1.0.1.jar" sourcepath="M2_REPO/jmock/jmock/1.0.1/jmock-1.0.1-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/acegisecurity/acegi-security/1.0.5-SNAPSHOT/acegi-security-1.0.5-SNAPSHOT.jar" sourcepath="M2_REPO/org/acegisecurity/acegi-security/1.0.5-SNAPSHOT/acegi-security-1.0.5-SNAPSHOT-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/taglibs/standard/1.0.6/standard-1.0.6.jar" sourcepath="M2_REPO/taglibs/standard/1.0.6/standard-1.0.6-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/oro/oro/2.0.8/oro-2.0.8.jar" sourcepath="M2_REPO/oro/oro/2.0.8/oro-2.0.8-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/apache/directory/shared/shared-asn1/0.9.5.3/shared-asn1-0.9.5.3.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-mock/2.0.4/spring-mock-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-jdbc/2.0.4/spring-jdbc-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-aop/2.0.4/spring-aop-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/hsqldb/hsqldb/1.8.0.4/hsqldb-1.8.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/javax/servlet/servlet-api/2.4/servlet-api-2.4.jar" sourcepath="M2_REPO/javax/servlet/servlet-api/2.4/servlet-api-2.4-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/apache/directory/server/apacheds-core/1.0.0/apacheds-core-1.0.0.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/log4j/log4j/1.2.9/log4j-1.2.9.jar" sourcepath="M2_REPO/log4j/log4j/1.2.9/log4j-1.2.9-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/jdbm/jdbm/1.0/jdbm-1.0.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/junit/junit/3.8.1/junit-3.8.1.jar" sourcepath="M2_REPO/junit/junit/3.8.1/junit-3.8.1-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/apache/directory/shared/shared-ldap/0.9.5.3/shared-ldap-0.9.5.3.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/commons-logging/commons-logging/1.0.4/commons-logging-1.0.4.jar" sourcepath="M2_REPO/commons-logging/commons-logging/1.0.4/commons-logging-1.0.4-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-web/2.0.4/spring-web-2.0.4.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/commons-collections/commons-collections/3.1/commons-collections-3.1.jar" sourcepath="M2_REPO/commons-collections/commons-collections/3.1/commons-collections-3.1-sources.jar"/>
|
||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-core/2.0.4/spring-core-2.0.4.jar" sourcepath="/spring"/>
|
||||
<classpathentry kind="output" path="target/classes"/>
|
||||
</classpath>
|
||||
|
||||
@ -1,25 +1,19 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<projectDescription>
|
||||
<name>spring-security-config</name>
|
||||
<comment>Acegi Security System for Spring</comment>
|
||||
<projects>
|
||||
</projects>
|
||||
<buildSpec>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.jdt.core.javabuilder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.wst.validation.validationbuilder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
</buildSpec>
|
||||
<natures>
|
||||
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
|
||||
<nature>org.eclipse.jdt.core.javanature</nature>
|
||||
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
|
||||
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
|
||||
</natures>
|
||||
</projectDescription>
|
||||
<name>spring-security-config</name>
|
||||
<comment>Acegi Security System for Spring</comment>
|
||||
<projects/>
|
||||
<buildSpec>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.jdt.core.javabuilder</name>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.wst.validation.validationbuilder</name>
|
||||
</buildCommand>
|
||||
</buildSpec>
|
||||
<natures>
|
||||
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
|
||||
<nature>org.eclipse.jdt.core.javanature</nature>
|
||||
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
|
||||
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
|
||||
</natures>
|
||||
</projectDescription>
|
||||
@ -49,8 +49,8 @@ public class AuthenticationMechanismBeanDefinitionParser extends AbstractBeanDef
|
||||
// ================================================================================================
|
||||
|
||||
private static final String AUTHENTICATION_JDBC = "authentication-jdbc";
|
||||
|
||||
private static final String AUTHENTICATION_LDAP="authentication-ldap";
|
||||
|
||||
private static final String AUTHENTICATION_LDAP = "authentication-ldap";
|
||||
|
||||
private static final String REF = "ref";
|
||||
|
||||
@ -76,7 +76,8 @@ public class AuthenticationMechanismBeanDefinitionParser extends AbstractBeanDef
|
||||
// create a beandefinition
|
||||
providers.add(new RuntimeBeanReference(attribute));
|
||||
}
|
||||
} else if (AUTHENTICATION_LDAP.equals(node.getLocalName())){
|
||||
}
|
||||
else if (AUTHENTICATION_LDAP.equals(node.getLocalName())) {
|
||||
providers.add(createLdapAuthencticationProviderBeanDefinition(childElement, parserContext));
|
||||
}
|
||||
}
|
||||
@ -114,16 +115,17 @@ public class AuthenticationMechanismBeanDefinitionParser extends AbstractBeanDef
|
||||
Assert.notNull(property);
|
||||
parserContext.getDelegate().parsePropertyElement(property, bindAuthenticator);
|
||||
bindAuthenticator.getConstructorArgumentValues().addIndexedArgumentValue(0, initialDirContextFactory);
|
||||
|
||||
|
||||
// LdapAuthenticator
|
||||
ldapAuthProvider.getConstructorArgumentValues().addIndexedArgumentValue(0, bindAuthenticator);
|
||||
|
||||
ldapAuthoritiesPopulator.getConstructorArgumentValues().addIndexedArgumentValue(0, initialDirContextFactory);
|
||||
BeanDefinitionParserUtils.setConstructorArgumentIfAvailable(1, element, "groupSearchBase", false,
|
||||
ldapAuthoritiesPopulator);
|
||||
BeanDefinitionParserUtils.setPropertyIfAvailable(element, "groupRoleAttribute", "groupRoleAttribute", ldapAuthoritiesPopulator);
|
||||
|
||||
//LdapAuthoritiesPopulator
|
||||
BeanDefinitionParserUtils.setPropertyIfAvailable(element, "groupRoleAttribute", "groupRoleAttribute", false,
|
||||
ldapAuthoritiesPopulator);
|
||||
|
||||
// LdapAuthoritiesPopulator
|
||||
ldapAuthProvider.getConstructorArgumentValues().addIndexedArgumentValue(1, ldapAuthoritiesPopulator);
|
||||
|
||||
return ldapAuthProvider;
|
||||
@ -134,10 +136,10 @@ public class AuthenticationMechanismBeanDefinitionParser extends AbstractBeanDef
|
||||
RootBeanDefinition initialDirContextFactory = new RootBeanDefinition(DefaultInitialDirContextFactory.class);
|
||||
BeanDefinitionParserUtils.setConstructorArgumentIfAvailable(0, element, "ldapUrl", false,
|
||||
initialDirContextFactory);
|
||||
BeanDefinitionParserUtils.setPropertyIfAvailable(element, "managerDn", "managerDn", initialDirContextFactory);
|
||||
BeanDefinitionParserUtils.setPropertyIfAvailable(element, "managerPassword", "managerPassword",
|
||||
BeanDefinitionParserUtils.setPropertyIfAvailable(element, "managerDn", "managerDn", false,
|
||||
initialDirContextFactory);
|
||||
BeanDefinitionParserUtils.setPropertyIfAvailable(element, "managerPassword", "managerPassword", false,
|
||||
initialDirContextFactory);
|
||||
return initialDirContextFactory;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -27,8 +27,8 @@ import org.w3c.dom.NodeList;
|
||||
*/
|
||||
public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDefinitionParser {
|
||||
|
||||
// ~ Instance fields
|
||||
// ================================================================================================
|
||||
// ~ Static fields
|
||||
// =====================================================================================
|
||||
|
||||
private static final String REPOSITORY_BEAN_REF = "repositoryBeanRef";
|
||||
|
||||
@ -50,14 +50,12 @@ public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDe
|
||||
|
||||
// ~ Method
|
||||
// ================================================================================================
|
||||
/**
|
||||
* TODO: Document Me !!!
|
||||
*/
|
||||
|
||||
public AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
|
||||
Assert.notNull(parserContext, "ParserContext must not be null");
|
||||
|
||||
RootBeanDefinition repositoryBeanDef = new RootBeanDefinition(DaoAuthenticationProvider.class);
|
||||
|
||||
|
||||
// check if saltSource is defined
|
||||
Element saltSourceEle = DomUtils.getChildElementByTagName(element, SALT_SOURCE_ELEMENT);
|
||||
setSaltSourceProperty(repositoryBeanDef, saltSourceEle);
|
||||
@ -186,7 +184,7 @@ public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDe
|
||||
saltSourceTypeElement.getAttribute("systemWideSalt"));
|
||||
return definition;
|
||||
}
|
||||
|
||||
|
||||
protected static RootBeanDefinition createBeanDefinitionWithDefaults() {
|
||||
RootBeanDefinition repositoryBeanDef = new RootBeanDefinition(DaoAuthenticationProvider.class);
|
||||
return repositoryBeanDef;
|
||||
|
||||
@ -39,12 +39,18 @@ import org.w3c.dom.Element;
|
||||
*/
|
||||
public class AutoConfigBeanDefinitionParser implements BeanDefinitionParser {
|
||||
|
||||
// ~ instance fields
|
||||
// ================================================================================================
|
||||
|
||||
private RootBeanDefinition authenticationManager;
|
||||
|
||||
private RootBeanDefinition rememberMeServices;
|
||||
|
||||
private ManagedList decisionVoters = new ManagedList();
|
||||
|
||||
// ~ Method
|
||||
// ================================================================================================
|
||||
|
||||
public BeanDefinition parse(Element element, ParserContext parserContext) {
|
||||
// authentication manager
|
||||
this.authenticationManager = AuthenticationMechanismBeanDefinitionParser
|
||||
|
||||
@ -23,6 +23,9 @@ import org.w3c.dom.NamedNodeMap;
|
||||
*/
|
||||
public class ContextIntegrationBeanDefinitionParser extends AbstractSingleBeanDefinitionParser {
|
||||
|
||||
// ~ Static fields/initializers
|
||||
// =====================================================================================
|
||||
|
||||
private static final String HTTP_SESSION_CONTEXT_INTEGRATION = "session-context-integration";
|
||||
|
||||
private static final String SESSION_CREATION = "sessionCreation";
|
||||
@ -35,7 +38,8 @@ public class ContextIntegrationBeanDefinitionParser extends AbstractSingleBeanDe
|
||||
|
||||
private static final String ALLOW_SESSION_CREATION = "allowSessionCreation";
|
||||
|
||||
private BeanDefinitionBuilder builder;
|
||||
// ~ Methods
|
||||
// ========================================================================================================
|
||||
|
||||
protected Class getBeanClass(Element element) {
|
||||
return HttpSessionContextIntegrationFilter.class;
|
||||
|
||||
@ -53,6 +53,9 @@ import org.w3c.dom.Element;
|
||||
*/
|
||||
public class ExceptionTranslationFilterBeanDefinitionParser extends AbstractBeanDefinitionParser {
|
||||
|
||||
// ~ Static fields
|
||||
// =====================================================================================
|
||||
|
||||
private static final String ACCESS_DENIED = "access-denied";
|
||||
|
||||
private static final String ACCESS_DENIED_REF = "accessDeniedBeanRef";
|
||||
@ -67,6 +70,9 @@ public class ExceptionTranslationFilterBeanDefinitionParser extends AbstractBean
|
||||
|
||||
private static final String LOGIN_FORM_URL_VALUE = "/acegilogin.jsp";
|
||||
|
||||
// ~ Method
|
||||
// ================================================================================================
|
||||
|
||||
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
|
||||
|
||||
RootBeanDefinition exceptionFilterDef = new RootBeanDefinition(ExceptionTranslationFilter.class);
|
||||
|
||||
@ -70,10 +70,10 @@ public class LogoutHandlerOrderResolver implements BeanFactoryPostProcessor {
|
||||
if (definition.hasBeanClass()) {
|
||||
if (Ordered.class.isAssignableFrom(definition.getBeanClass())) {
|
||||
definition.getPropertyValues().addPropertyValue("order",
|
||||
new Integer(getOrder(definition.getBeanClass())));
|
||||
Integer.valueOf(getOrder(definition.getBeanClass())));
|
||||
}
|
||||
else {
|
||||
definition.getPropertyValues().addPropertyValue("order", new Integer(Integer.MAX_VALUE));
|
||||
definition.getPropertyValues().addPropertyValue("order", Integer.valueOf(Integer.MAX_VALUE));
|
||||
}
|
||||
}
|
||||
list.add(definition);
|
||||
|
||||
@ -28,6 +28,7 @@ public class SecurityNamespaceHandler extends NamespaceHandlerSupport {
|
||||
registerBeanDefinitionParser("logout-support", new LogoutFilterBeanDefinitionParser());
|
||||
registerBeanDefinitionParser("exception-translation", new ExceptionTranslationFilterBeanDefinitionParser());
|
||||
registerBeanDefinitionParser("authentication-form", new AuthenticationProcessingFilterBeanDefinitionParser());
|
||||
registerBeanDefinitionParser("authorization-http-url", new FilterSecurityInterceptorBeanDefinitionParser());
|
||||
registerBeanDefinitionParser("autoconfig", new AutoConfigBeanDefinitionParser());
|
||||
}
|
||||
|
||||
|
||||
@ -14,29 +14,43 @@ import org.w3c.dom.Element;
|
||||
*
|
||||
*/
|
||||
public class BeanDefinitionParserUtils {
|
||||
// ~ Constructor
|
||||
// ================================================================================================
|
||||
|
||||
/**
|
||||
* Prevents instantiation
|
||||
*/
|
||||
private BeanDefinitionParserUtils() {
|
||||
}
|
||||
|
||||
// ~ Method
|
||||
// ================================================================================================
|
||||
|
||||
public static void setConstructorArgumentIfAvailable(int index, Element element, String attribute,
|
||||
boolean isRunTimeBeanReference, RootBeanDefinition definition) {
|
||||
String propertyValue = element.getAttribute(attribute);
|
||||
if (StringUtils.hasText(propertyValue)) {
|
||||
if(!isRunTimeBeanReference){
|
||||
if (!isRunTimeBeanReference) {
|
||||
definition.getConstructorArgumentValues().addIndexedArgumentValue(index, propertyValue);
|
||||
} else {
|
||||
definition.getConstructorArgumentValues().addIndexedArgumentValue(index, new RuntimeBeanNameReference(propertyValue));
|
||||
}
|
||||
else {
|
||||
definition.getConstructorArgumentValues().addIndexedArgumentValue(index,
|
||||
new RuntimeBeanNameReference(propertyValue));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public static void setPropertyIfAvailable(Element element, String attribute, String property,
|
||||
RootBeanDefinition definition) {
|
||||
boolean isRunTimeBeanReference, RootBeanDefinition definition) {
|
||||
String propertyValue = element.getAttribute(attribute);
|
||||
if (StringUtils.hasText(propertyValue)) {
|
||||
definition.getPropertyValues().addPropertyValue(property, propertyValue);
|
||||
if (!isRunTimeBeanReference) {
|
||||
definition.getPropertyValues().addPropertyValue(property, propertyValue);
|
||||
}
|
||||
else {
|
||||
definition.getPropertyValues().addPropertyValue(property, new RuntimeBeanNameReference(propertyValue));
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -13,6 +13,7 @@ import org.springframework.util.ReflectionUtils;
|
||||
* {@link Ordered} interface.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @author Vishal Puri
|
||||
*/
|
||||
public abstract class OrderedUtils {
|
||||
/**
|
||||
@ -59,7 +60,7 @@ public abstract class OrderedUtils {
|
||||
Assert.notNull(destinationObject, "Destination object required");
|
||||
Method m = ReflectionUtils.findMethod(destinationObject.getClass(), "setOrder", new Class[] {int.class});
|
||||
Assert.notNull(m, "Method setOrder(int) not found on " + destinationObject.getClass());
|
||||
ReflectionUtils.invokeMethod(m, destinationObject, new Object[] {new Integer(sourceObject.getOrder())});
|
||||
ReflectionUtils.invokeMethod(m, destinationObject, new Object[] { Integer.valueOf((sourceObject.getOrder()))});
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -294,7 +294,7 @@
|
||||
</xsd:annotation>
|
||||
|
||||
<xsd:complexType>
|
||||
|
||||
|
||||
<xsd:sequence>
|
||||
<xsd:element name="property">
|
||||
<xsd:complexType>
|
||||
@ -504,6 +504,64 @@
|
||||
</xsd:attribute>
|
||||
</xsd:attributeGroup>
|
||||
|
||||
<xsd:element name="authorization-http-url"
|
||||
type="AuthorizationHttpUrlType">
|
||||
<xsd:annotation>
|
||||
<xsd:documentation>
|
||||
<![CDATA[
|
||||
Specify security:uri-patterns in order of processing; each pattern must specify EITHER a
|
||||
regularExpression OR a path, but not both and ALL patterns in the url-mapping MUST be of the
|
||||
SAME type (ie cannot mix a regular expression and Ant Path) - exception will be thrown if tried
|
||||
]]>
|
||||
</xsd:documentation>
|
||||
</xsd:annotation>
|
||||
</xsd:element>
|
||||
|
||||
<xsd:complexType name="AuthorizationHttpUrlType">
|
||||
<xsd:sequence minOccurs="1" maxOccurs="1">
|
||||
<xsd:element name="url-mapping" type="UrlMappingType"></xsd:element>
|
||||
</xsd:sequence>
|
||||
<xsd:attribute name="id" type="xsd:ID">
|
||||
<xsd:annotation>
|
||||
<xsd:documentation>
|
||||
<![CDATA[
|
||||
The unique identifier for a bean.
|
||||
]]>
|
||||
</xsd:documentation>
|
||||
</xsd:annotation>
|
||||
</xsd:attribute>
|
||||
</xsd:complexType>
|
||||
|
||||
<xsd:complexType name="UrlMappingType">
|
||||
<xsd:sequence minOccurs="1" maxOccurs="unbounded">
|
||||
<xsd:element name="uri-pattern" type="UriPatternType" />
|
||||
</xsd:sequence>
|
||||
<xsd:attribute name="source" type="xsd:string" default="xml" />
|
||||
<xsd:attribute name="sourceBeanId" type="xsd:string">
|
||||
<xsd:annotation>
|
||||
<xsd:documentation>
|
||||
<![CDATA[
|
||||
Reference to an external ObjectDefinitionSource.
|
||||
]]>
|
||||
</xsd:documentation>
|
||||
</xsd:annotation>
|
||||
</xsd:attribute>
|
||||
</xsd:complexType>
|
||||
|
||||
<xsd:complexType name="UriPatternType">
|
||||
<xsd:sequence minOccurs="1" maxOccurs="unbounded">
|
||||
<xsd:element name="configuration-attribute"
|
||||
type="ConfigurationAttributeType" />
|
||||
</xsd:sequence>
|
||||
<xsd:attribute name="path" type="xsd:string" use="optional"/>
|
||||
<xsd:attribute name="regularExpression" type="xsd:string" use="optional"/>
|
||||
</xsd:complexType>
|
||||
|
||||
<xsd:complexType name="ConfigurationAttributeType">
|
||||
<xsd:attribute name="attribute" type="xsd:string" />
|
||||
</xsd:complexType>
|
||||
|
||||
|
||||
<!-- simple internal types -->
|
||||
<xsd:simpleType name="defaultable-boolean">
|
||||
<xsd:restriction base="xsd:NMTOKEN">
|
||||
|
||||
@ -30,7 +30,7 @@ public class AutoConfigBeanDefinitionParserTests extends TestCase {
|
||||
|
||||
private ApplicationContext context;
|
||||
|
||||
ConfigurableListableBeanFactory bf;
|
||||
private ConfigurableListableBeanFactory bf;
|
||||
|
||||
// ~ Methods
|
||||
// ========================================================================================================
|
||||
@ -89,7 +89,6 @@ public class AutoConfigBeanDefinitionParserTests extends TestCase {
|
||||
Field transactionAttributeSource = makeAccessibleAndGetFieldByName(advisor.getClass().getDeclaredFields(), "transactionAttributeSource");
|
||||
assertNotNull(transactionAttributeSource);
|
||||
assertTrue(transactionAttributeSource.get(advisor) instanceof MethodDefinitionSource);
|
||||
|
||||
}
|
||||
|
||||
private Field makeAccessibleAndGetFieldByName(Field[] declaredFields, String name) {
|
||||
|
||||
@ -12,7 +12,7 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
|
||||
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
||||
|
||||
<!-- ======================== AUTHENTICATION ======================= -->
|
||||
|
||||
|
||||
<!-- makes the filter, but does little else, as it auto-detects everything -->
|
||||
<security:authentication-remember-me-filter id="rememberMeFilter" />
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
@ -36,7 +36,8 @@
|
||||
superclass AbstractAccessDecisionManager requires refactoring so if no setProvider(List) given, it introspects app ctx for all AccessDecisionVoters
|
||||
and uses their Ordered interface to apply them; if one doesn't implement Ordered, assume it is Integer.MAX_VALUE -->
|
||||
<security:authorization-manager id="id"
|
||||
strategy="consensus|unanimous|affirmative" />t
|
||||
strategy="consensus|unanimous|affirmative" />
|
||||
t
|
||||
|
||||
<!-- ======================== AUTHENTICATION ======================= -->
|
||||
|
||||
@ -90,7 +91,7 @@
|
||||
x="you can do the attributes and suitable nested elements" />
|
||||
<security:properties
|
||||
location="resourceStringToPropertiesFile">
|
||||
<!-- if they specify a resource attrib, that means throw exception if they nest some user-definition data) -->
|
||||
<!-- if they specify a resource attrib, that means throw exception if they nest some user-definition data) -->
|
||||
<security:user-definition username="ben"
|
||||
password="nottellingYou" enabled="true"
|
||||
it="more stuff if you want">
|
||||
@ -129,13 +130,15 @@
|
||||
|
||||
<!-- any kind of ACL support is out of scope; frankly it is too hard for 1.1.0 -->
|
||||
|
||||
<!-- ensure element name is not overlapping with portlet or spring web flow or tapestry URI patterns, as this filter is incompatible with them -->
|
||||
<!-- ensure element name is not overlapping with portlet or spring web flow or tapestry URI patterns,
|
||||
as this filter is incompatible with them -->
|
||||
<security:authorization-http-url>
|
||||
<security:url-mapping
|
||||
source="xml - the default and no other options"
|
||||
sourceBeanId="referenceToTheirObjectDefinitionSource">
|
||||
<!-- Specify security:uri-patterns in order of processing; each pattern must specify EITHER a regularExpression OR a path, but not both
|
||||
and ALL patterns in the url-mapping MUST be of the SAME type (ie cannot mix a regular expression and Ant Path) - give exception if tried -->
|
||||
<!-- Specify security:uri-patterns in order of processing; each pattern must specify EITHER a
|
||||
regularExpression OR a path, but not both and ALL patterns in the url-mapping MUST be of the
|
||||
SAME type (ie cannot mix a regular expression and Ant Path) - give exception if tried -->
|
||||
<security:uri-pattern path="/index.jsp"
|
||||
regularExpression="whatever">
|
||||
<security:configuration-attribute attribute="ROLE_A" />
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user