parent
6f6aadbcff
commit
b1d013e8f0
|
@ -30,3 +30,11 @@ gradle.taskGraph.whenReady { graph ->
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
subprojects {
|
||||||
|
plugins.withType(JavaPlugin) {
|
||||||
|
project.sourceCompatibility='1.8'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
|
@ -137,7 +137,9 @@ public class CasAuthenticationTokenMixinTests {
|
||||||
assertThat(token.getUserDetails()).isNotNull().isInstanceOf(User.class);
|
assertThat(token.getUserDetails()).isNotNull().isInstanceOf(User.class);
|
||||||
assertThat(token.getAssertion()).isNotNull().isInstanceOf(AssertionImpl.class);
|
assertThat(token.getAssertion()).isNotNull().isInstanceOf(AssertionImpl.class);
|
||||||
assertThat(token.getKeyHash()).isEqualTo(KEY.hashCode());
|
assertThat(token.getKeyHash()).isEqualTo(KEY.hashCode());
|
||||||
assertThat(token.getUserDetails().getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER"));
|
assertThat(token.getUserDetails().getAuthorities())
|
||||||
|
.extracting(GrantedAuthority::getAuthority)
|
||||||
|
.containsOnly("ROLE_USER");
|
||||||
assertThat(token.getAssertion().getAuthenticationDate()).isEqualTo(START_DATE);
|
assertThat(token.getAssertion().getAuthenticationDate()).isEqualTo(START_DATE);
|
||||||
assertThat(token.getAssertion().getValidFromDate()).isEqualTo(START_DATE);
|
assertThat(token.getAssertion().getValidFromDate()).isEqualTo(START_DATE);
|
||||||
assertThat(token.getAssertion().getValidUntilDate()).isEqualTo(END_DATE);
|
assertThat(token.getAssertion().getValidUntilDate()).isEqualTo(END_DATE);
|
||||||
|
|
|
@ -36,6 +36,7 @@ dependencies {
|
||||||
testCompile spockDependencies
|
testCompile spockDependencies
|
||||||
testCompile 'ch.qos.logback:logback-classic'
|
testCompile 'ch.qos.logback:logback-classic'
|
||||||
testCompile 'javax.annotation:jsr250-api:1.0'
|
testCompile 'javax.annotation:jsr250-api:1.0'
|
||||||
|
testCompile 'javax.xml.bind:jaxb-api'
|
||||||
testCompile 'ldapsdk:ldapsdk:4.1'
|
testCompile 'ldapsdk:ldapsdk:4.1'
|
||||||
testCompile('net.sourceforge.htmlunit:htmlunit') {
|
testCompile('net.sourceforge.htmlunit:htmlunit') {
|
||||||
exclude group: 'commons-logging', module: 'commons-logging'
|
exclude group: 'commons-logging', module: 'commons-logging'
|
||||||
|
|
|
@ -327,6 +327,7 @@ public class User implements UserDetails, CredentialsContainer {
|
||||||
* acceptable for demos and getting started. For production purposes, ensure the
|
* acceptable for demos and getting started. For production purposes, ensure the
|
||||||
* password is encoded externally. See the method Javadoc for additional details.
|
* password is encoded externally. See the method Javadoc for additional details.
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static UserBuilder withDefaultPasswordEncoder() {
|
public static UserBuilder withDefaultPasswordEncoder() {
|
||||||
logger.warn("User.withDefaultPasswordEncoder() is considered unsafe for production and is only intended for sample applications.");
|
logger.warn("User.withDefaultPasswordEncoder() is considered unsafe for production and is only intended for sample applications.");
|
||||||
PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
|
PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
|
||||||
|
|
|
@ -18,16 +18,28 @@ package org.springframework.security.jackson2;
|
||||||
|
|
||||||
import com.fasterxml.jackson.annotation.JacksonAnnotation;
|
import com.fasterxml.jackson.annotation.JacksonAnnotation;
|
||||||
import com.fasterxml.jackson.annotation.JsonTypeInfo;
|
import com.fasterxml.jackson.annotation.JsonTypeInfo;
|
||||||
import com.fasterxml.jackson.databind.*;
|
import com.fasterxml.jackson.databind.DatabindContext;
|
||||||
|
import com.fasterxml.jackson.databind.DeserializationConfig;
|
||||||
|
import com.fasterxml.jackson.databind.JavaType;
|
||||||
|
import com.fasterxml.jackson.databind.Module;
|
||||||
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||||
import com.fasterxml.jackson.databind.cfg.MapperConfig;
|
import com.fasterxml.jackson.databind.cfg.MapperConfig;
|
||||||
import com.fasterxml.jackson.databind.jsontype.*;
|
import com.fasterxml.jackson.databind.jsontype.NamedType;
|
||||||
|
import com.fasterxml.jackson.databind.jsontype.TypeIdResolver;
|
||||||
|
import com.fasterxml.jackson.databind.jsontype.TypeResolverBuilder;
|
||||||
import org.apache.commons.logging.Log;
|
import org.apache.commons.logging.Log;
|
||||||
import org.apache.commons.logging.LogFactory;
|
import org.apache.commons.logging.LogFactory;
|
||||||
import org.springframework.core.annotation.AnnotationUtils;
|
import org.springframework.core.annotation.AnnotationUtils;
|
||||||
import org.springframework.util.ClassUtils;
|
import org.springframework.util.ClassUtils;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.util.*;
|
import java.util.ArrayList;
|
||||||
|
import java.util.Arrays;
|
||||||
|
import java.util.Collection;
|
||||||
|
import java.util.Collections;
|
||||||
|
import java.util.HashSet;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This utility class will find all the SecurityModules in classpath.
|
* This utility class will find all the SecurityModules in classpath.
|
||||||
|
|
|
@ -16,7 +16,12 @@
|
||||||
|
|
||||||
package org.springframework.security.jackson2;
|
package org.springframework.security.jackson2;
|
||||||
|
|
||||||
import com.fasterxml.jackson.core.JsonProcessingException;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.util.Collection;
|
||||||
|
import java.util.Collections;
|
||||||
|
|
||||||
import org.json.JSONException;
|
import org.json.JSONException;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.skyscreamer.jsonassert.JSONAssert;
|
import org.skyscreamer.jsonassert.JSONAssert;
|
||||||
|
@ -25,10 +30,7 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||||
import org.springframework.security.core.context.SecurityContext;
|
import org.springframework.security.core.context.SecurityContext;
|
||||||
import org.springframework.security.core.context.SecurityContextImpl;
|
import org.springframework.security.core.context.SecurityContextImpl;
|
||||||
|
|
||||||
import java.io.IOException;
|
import com.fasterxml.jackson.core.JsonProcessingException;
|
||||||
import java.util.Collections;
|
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Jitendra Singh
|
* @author Jitendra Singh
|
||||||
|
@ -59,6 +61,8 @@ public class SecurityContextMixinTests extends AbstractMixinTests {
|
||||||
assertThat(context.getAuthentication().getPrincipal()).isEqualTo("admin");
|
assertThat(context.getAuthentication().getPrincipal()).isEqualTo("admin");
|
||||||
assertThat(context.getAuthentication().getCredentials()).isEqualTo("1234");
|
assertThat(context.getAuthentication().getCredentials()).isEqualTo("1234");
|
||||||
assertThat(context.getAuthentication().isAuthenticated()).isTrue();
|
assertThat(context.getAuthentication().isAuthenticated()).isTrue();
|
||||||
assertThat(context.getAuthentication().getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER"));
|
Collection authorities = context.getAuthentication().getAuthorities();
|
||||||
|
assertThat(authorities).hasSize(1);
|
||||||
|
assertThat(authorities).contains(new SimpleGrantedAuthority("ROLE_USER"));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -26,6 +26,7 @@ package org.springframework.security.crypto.codec;
|
||||||
* @since 3.0
|
* @since 3.0
|
||||||
* @deprecated Use java.util.Base64
|
* @deprecated Use java.util.Base64
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public final class Base64 {
|
public final class Base64 {
|
||||||
|
|
||||||
/** No options specified. Value is zero. */
|
/** No options specified. Value is zero. */
|
||||||
|
|
|
@ -2,6 +2,8 @@ apply plugin: 'io.spring.convention.spring-module'
|
||||||
|
|
||||||
dependencies {
|
dependencies {
|
||||||
compile project(':spring-security-core')
|
compile project(':spring-security-core')
|
||||||
|
compile 'javax.xml.bind:jaxb-api'
|
||||||
compile 'org.springframework.data:spring-data-commons'
|
compile 'org.springframework.data:spring-data-commons'
|
||||||
compile 'org.springframework:spring-core'
|
compile 'org.springframework:spring-core'
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -58,6 +58,8 @@ dependencyManagement {
|
||||||
dependency 'com.nimbusds:oauth2-oidc-sdk:5.56'
|
dependency 'com.nimbusds:oauth2-oidc-sdk:5.56'
|
||||||
dependency 'com.squareup.okhttp3:okhttp:3.9.0'
|
dependency 'com.squareup.okhttp3:okhttp:3.9.0'
|
||||||
dependency 'com.squareup.okio:okio:1.13.0'
|
dependency 'com.squareup.okio:okio:1.13.0'
|
||||||
|
dependency 'com.sun.xml.bind:jaxb-core:2.3.0'
|
||||||
|
dependency 'com.sun.xml.bind:jaxb-impl:2.3.0'
|
||||||
dependency 'com.unboundid:unboundid-ldapsdk:4.0.4'
|
dependency 'com.unboundid:unboundid-ldapsdk:4.0.4'
|
||||||
dependency 'com.vaadin.external.google:android-json:0.0.20131108.vaadin1'
|
dependency 'com.vaadin.external.google:android-json:0.0.20131108.vaadin1'
|
||||||
dependency 'commons-cli:commons-cli:1.4'
|
dependency 'commons-cli:commons-cli:1.4'
|
||||||
|
@ -76,6 +78,7 @@ dependencyManagement {
|
||||||
dependency 'javax.servlet.jsp:javax.servlet.jsp-api:2.3.2-b02'
|
dependency 'javax.servlet.jsp:javax.servlet.jsp-api:2.3.2-b02'
|
||||||
dependency 'javax.servlet:javax.servlet-api:4.0.0'
|
dependency 'javax.servlet:javax.servlet-api:4.0.0'
|
||||||
dependency 'javax.validation:validation-api:2.0.1.Final'
|
dependency 'javax.validation:validation-api:2.0.1.Final'
|
||||||
|
dependency 'javax.xml.bind:jaxb-api:2.3.0'
|
||||||
dependency 'junit:junit:4.12'
|
dependency 'junit:junit:4.12'
|
||||||
dependency 'ldapsdk:ldapsdk:4.1'
|
dependency 'ldapsdk:ldapsdk:4.1'
|
||||||
dependency 'net.bytebuddy:byte-buddy-agent:1.7.9'
|
dependency 'net.bytebuddy:byte-buddy-agent:1.7.9'
|
||||||
|
@ -139,16 +142,16 @@ dependencyManagement {
|
||||||
dependency 'org.apache.tomcat.embed:tomcat-embed-logging-log4j:8.0.44'
|
dependency 'org.apache.tomcat.embed:tomcat-embed-logging-log4j:8.0.44'
|
||||||
dependency 'org.apache.tomcat.embed:tomcat-embed-websocket:8.5.23'
|
dependency 'org.apache.tomcat.embed:tomcat-embed-websocket:8.5.23'
|
||||||
dependency 'org.apache.tomcat:tomcat-annotations-api:8.5.23'
|
dependency 'org.apache.tomcat:tomcat-annotations-api:8.5.23'
|
||||||
dependency 'org.aspectj:aspectjrt:1.8.13'
|
dependency 'org.aspectj:aspectjrt:1.9.0.RC2'
|
||||||
dependency 'org.aspectj:aspectjtools:1.8.13'
|
dependency 'org.aspectj:aspectjtools:1.9.0.RC2'
|
||||||
dependency 'org.aspectj:aspectjweaver:1.8.13'
|
dependency 'org.aspectj:aspectjweaver:1.8.13'
|
||||||
dependency 'org.assertj:assertj-core:3.9.0'
|
dependency 'org.assertj:assertj-core:3.9.0'
|
||||||
dependency 'org.attoparser:attoparser:2.0.4.RELEASE'
|
dependency 'org.attoparser:attoparser:2.0.4.RELEASE'
|
||||||
dependency 'org.bouncycastle:bcpkix-jdk15on:1.59'
|
dependency 'org.bouncycastle:bcpkix-jdk15on:1.59'
|
||||||
dependency 'org.bouncycastle:bcprov-jdk15on:1.58'
|
dependency 'org.bouncycastle:bcprov-jdk15on:1.58'
|
||||||
dependency 'org.codehaus.groovy:groovy-all:2.5.0-beta-1'
|
dependency 'org.codehaus.groovy:groovy-all:2.4.14'
|
||||||
dependency 'org.codehaus.groovy:groovy-json:2.5.0-beta-1'
|
dependency 'org.codehaus.groovy:groovy-json:2.4.14'
|
||||||
dependency 'org.codehaus.groovy:groovy:2.5.0-beta-1'
|
dependency 'org.codehaus.groovy:groovy:2.4.14'
|
||||||
dependency 'org.eclipse.jdt:ecj:3.12.3'
|
dependency 'org.eclipse.jdt:ecj:3.12.3'
|
||||||
dependency 'org.eclipse.jetty.websocket:websocket-api:9.4.7.v20170914'
|
dependency 'org.eclipse.jetty.websocket:websocket-api:9.4.7.v20170914'
|
||||||
dependency 'org.eclipse.jetty.websocket:websocket-client:9.4.7.v20170914'
|
dependency 'org.eclipse.jetty.websocket:websocket-client:9.4.7.v20170914'
|
||||||
|
|
|
@ -7,6 +7,7 @@ dependencies {
|
||||||
compile project(':spring-security-web')
|
compile project(':spring-security-web')
|
||||||
compile 'javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api'
|
compile 'javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api'
|
||||||
compile 'javax.validation:validation-api'
|
compile 'javax.validation:validation-api'
|
||||||
|
compile 'javax.xml.bind:jaxb-api'
|
||||||
compile 'org.hibernate:hibernate-validator'
|
compile 'org.hibernate:hibernate-validator'
|
||||||
compile 'org.springframework:spring-jdbc'
|
compile 'org.springframework:spring-jdbc'
|
||||||
compile 'org.springframework:spring-webmvc'
|
compile 'org.springframework:spring-webmvc'
|
||||||
|
|
|
@ -7,6 +7,7 @@ dependencies {
|
||||||
compile project(':spring-security-web')
|
compile project(':spring-security-web')
|
||||||
compile 'javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api'
|
compile 'javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api'
|
||||||
compile 'javax.validation:validation-api'
|
compile 'javax.validation:validation-api'
|
||||||
|
compile 'javax.xml.bind:jaxb-api'
|
||||||
compile 'org.hibernate:hibernate-validator'
|
compile 'org.hibernate:hibernate-validator'
|
||||||
compile 'org.springframework:spring-jdbc'
|
compile 'org.springframework:spring-jdbc'
|
||||||
compile 'org.springframework:spring-webmvc'
|
compile 'org.springframework:spring-webmvc'
|
||||||
|
|
|
@ -24,6 +24,7 @@ dependencies {
|
||||||
compile project(':spring-security-web')
|
compile project(':spring-security-web')
|
||||||
compile 'javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api'
|
compile 'javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api'
|
||||||
compile 'javax.validation:validation-api'
|
compile 'javax.validation:validation-api'
|
||||||
|
compile 'javax.xml.bind:jaxb-api'
|
||||||
compile 'org.hibernate:hibernate-validator'
|
compile 'org.hibernate:hibernate-validator'
|
||||||
compile 'org.springframework:spring-webmvc'
|
compile 'org.springframework:spring-webmvc'
|
||||||
compile apachedsDependencies
|
compile apachedsDependencies
|
||||||
|
|
|
@ -8,6 +8,7 @@ dependencies {
|
||||||
compile project(':spring-security-web')
|
compile project(':spring-security-web')
|
||||||
compile 'javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api'
|
compile 'javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api'
|
||||||
compile 'javax.validation:validation-api'
|
compile 'javax.validation:validation-api'
|
||||||
|
compile 'javax.xml.bind:jaxb-api'
|
||||||
compile 'org.hibernate:hibernate-validator'
|
compile 'org.hibernate:hibernate-validator'
|
||||||
compile 'org.springframework:spring-jdbc'
|
compile 'org.springframework:spring-jdbc'
|
||||||
compile 'org.springframework:spring-webmvc'
|
compile 'org.springframework:spring-webmvc'
|
||||||
|
|
|
@ -19,6 +19,7 @@ apply plugin: 'io.spring.convention.spring-sample-war'
|
||||||
dependencies {
|
dependencies {
|
||||||
compile jstlDependencies
|
compile jstlDependencies
|
||||||
compile slf4jDependencies
|
compile slf4jDependencies
|
||||||
|
compile 'javax.xml.bind:jaxb-api'
|
||||||
|
|
||||||
providedCompile 'javax.servlet:javax.servlet-api'
|
providedCompile 'javax.servlet:javax.servlet-api'
|
||||||
providedCompile 'javax.servlet.jsp:javax.servlet.jsp-api'
|
providedCompile 'javax.servlet.jsp:javax.servlet.jsp-api'
|
||||||
|
|
|
@ -5,6 +5,7 @@ dependencies {
|
||||||
compile slf4jDependencies
|
compile slf4jDependencies
|
||||||
compile 'javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api'
|
compile 'javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api'
|
||||||
compile 'javax.validation:validation-api'
|
compile 'javax.validation:validation-api'
|
||||||
|
compile 'javax.xml.bind:jaxb-api'
|
||||||
compile 'org.hibernate:hibernate-validator'
|
compile 'org.hibernate:hibernate-validator'
|
||||||
compile 'org.springframework:spring-jdbc'
|
compile 'org.springframework:spring-jdbc'
|
||||||
compile 'org.springframework:spring-webmvc'
|
compile 'org.springframework:spring-webmvc'
|
||||||
|
|
|
@ -14,6 +14,7 @@ dependencies {
|
||||||
|
|
||||||
testCompile 'com.fasterxml.jackson.core:jackson-databind'
|
testCompile 'com.fasterxml.jackson.core:jackson-databind'
|
||||||
testCompile 'io.projectreactor:reactor-test'
|
testCompile 'io.projectreactor:reactor-test'
|
||||||
|
testCompile 'javax.xml.bind:jaxb-api'
|
||||||
testCompile 'org.skyscreamer:jsonassert'
|
testCompile 'org.skyscreamer:jsonassert'
|
||||||
testCompile 'org.springframework:spring-webmvc'
|
testCompile 'org.springframework:spring-webmvc'
|
||||||
testCompile 'org.springframework:spring-tx'
|
testCompile 'org.springframework:spring-tx'
|
||||||
|
|
|
@ -101,7 +101,7 @@ public class WithSecurityContextTestExcecutionListenerTests {
|
||||||
SqlScriptsTestExecutionListener sql = new SqlScriptsTestExecutionListener();
|
SqlScriptsTestExecutionListener sql = new SqlScriptsTestExecutionListener();
|
||||||
WithSecurityContextTestExecutionListener security = new WithSecurityContextTestExecutionListener();
|
WithSecurityContextTestExecutionListener security = new WithSecurityContextTestExecutionListener();
|
||||||
|
|
||||||
List<? extends TestExecutionListener> listeners = Arrays.asList(security, sql);
|
List<TestExecutionListener> listeners = Arrays.asList(security, sql);
|
||||||
|
|
||||||
AnnotationAwareOrderComparator.sort(listeners);
|
AnnotationAwareOrderComparator.sort(listeners);
|
||||||
|
|
||||||
|
|
|
@ -24,6 +24,7 @@ import static org.powermock.api.mockito.PowerMockito.when;
|
||||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user;
|
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user;
|
||||||
|
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
|
||||||
|
@ -114,8 +115,8 @@ public class SecurityMockMvcRequestPostProcessorsUserTests {
|
||||||
verify(repository).saveContext(contextCaptor.capture(), eq(request),
|
verify(repository).saveContext(contextCaptor.capture(), eq(request),
|
||||||
any(HttpServletResponse.class));
|
any(HttpServletResponse.class));
|
||||||
SecurityContext context = contextCaptor.getValue();
|
SecurityContext context = contextCaptor.getValue();
|
||||||
assertThat(context.getAuthentication().getAuthorities()).containsOnly(authority1,
|
assertThat((List<GrantedAuthority>) context.getAuthentication().getAuthorities())
|
||||||
authority2);
|
.containsOnly(authority1, authority2);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test(expected = IllegalArgumentException.class)
|
@Test(expected = IllegalArgumentException.class)
|
||||||
|
@ -133,12 +134,12 @@ public class SecurityMockMvcRequestPostProcessorsUserTests {
|
||||||
verify(repository).saveContext(contextCaptor.capture(), eq(request),
|
verify(repository).saveContext(contextCaptor.capture(), eq(request),
|
||||||
any(HttpServletResponse.class));
|
any(HttpServletResponse.class));
|
||||||
SecurityContext context = contextCaptor.getValue();
|
SecurityContext context = contextCaptor.getValue();
|
||||||
assertThat(context.getAuthentication().getAuthorities()).containsOnly(authority1,
|
assertThat((List<GrantedAuthority>) context.getAuthentication().getAuthorities())
|
||||||
authority2);
|
.containsOnly(authority1, authority2);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void mockWebTestUtils() {
|
private void mockWebTestUtils() {
|
||||||
spy(WebTestUtils.class);
|
spy(WebTestUtils.class);
|
||||||
when(WebTestUtils.getSecurityContextRepository(request)).thenReturn(repository);
|
when(WebTestUtils.getSecurityContextRepository(request)).thenReturn(repository);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,12 +21,12 @@ dependencies {
|
||||||
testCompile project(path: ':spring-security-core', configuration: 'tests')
|
testCompile project(path: ':spring-security-core', configuration: 'tests')
|
||||||
testCompile 'commons-codec:commons-codec'
|
testCompile 'commons-codec:commons-codec'
|
||||||
testCompile 'io.projectreactor:reactor-test'
|
testCompile 'io.projectreactor:reactor-test'
|
||||||
|
testCompile 'javax.xml.bind:jaxb-api'
|
||||||
testCompile 'org.codehaus.groovy:groovy-all'
|
testCompile 'org.codehaus.groovy:groovy-all'
|
||||||
testCompile 'org.skyscreamer:jsonassert'
|
testCompile 'org.skyscreamer:jsonassert'
|
||||||
testCompile 'org.springframework:spring-webflux'
|
testCompile 'org.springframework:spring-webflux'
|
||||||
testCompile powerMock2Dependencies
|
testCompile powerMock2Dependencies
|
||||||
testCompile spockDependencies
|
testCompile spockDependencies
|
||||||
testCompile slf4jDependencies
|
|
||||||
|
|
||||||
testRuntime 'org.hsqldb:hsqldb'
|
testRuntime 'org.hsqldb:hsqldb'
|
||||||
}
|
}
|
||||||
|
|
|
@ -25,7 +25,6 @@ import java.util.List;
|
||||||
import javax.naming.Context;
|
import javax.naming.Context;
|
||||||
import javax.naming.InitialContext;
|
import javax.naming.InitialContext;
|
||||||
import javax.naming.NamingException;
|
import javax.naming.NamingException;
|
||||||
import javax.rmi.PortableRemoteObject;
|
|
||||||
import javax.security.auth.Subject;
|
import javax.security.auth.Subject;
|
||||||
|
|
||||||
import org.apache.commons.logging.Log;
|
import org.apache.commons.logging.Log;
|
||||||
|
@ -44,6 +43,8 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups
|
||||||
private static final Log logger = LogFactory
|
private static final Log logger = LogFactory
|
||||||
.getLog(DefaultWASUsernameAndGroupsExtractor.class);
|
.getLog(DefaultWASUsernameAndGroupsExtractor.class);
|
||||||
|
|
||||||
|
private static final String PORTABLE_REMOTE_OBJECT_CLASSNAME = "javax.rmi.PortableRemoteObject";
|
||||||
|
|
||||||
private static final String USER_REGISTRY = "UserRegistry";
|
private static final String USER_REGISTRY = "UserRegistry";
|
||||||
|
|
||||||
private static Method getRunAsSubject = null;
|
private static Method getRunAsSubject = null;
|
||||||
|
@ -52,6 +53,8 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups
|
||||||
|
|
||||||
private static Method getSecurityName = null;
|
private static Method getSecurityName = null;
|
||||||
|
|
||||||
|
private static Method narrow = null;
|
||||||
|
|
||||||
// SEC-803
|
// SEC-803
|
||||||
private static Class<?> wsCredentialClass = null;
|
private static Class<?> wsCredentialClass = null;
|
||||||
|
|
||||||
|
@ -80,7 +83,7 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups
|
||||||
.iterator().next();
|
.iterator().next();
|
||||||
if (credential != null) {
|
if (credential != null) {
|
||||||
userSecurityName = (String) invokeMethod(getSecurityNameMethod(),
|
userSecurityName = (String) invokeMethod(getSecurityNameMethod(),
|
||||||
credential, null);
|
credential);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (logger.isDebugEnabled()) {
|
if (logger.isDebugEnabled()) {
|
||||||
|
@ -125,8 +128,7 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups
|
||||||
// TODO: Cache UserRegistry object
|
// TODO: Cache UserRegistry object
|
||||||
ic = new InitialContext();
|
ic = new InitialContext();
|
||||||
Object objRef = ic.lookup(USER_REGISTRY);
|
Object objRef = ic.lookup(USER_REGISTRY);
|
||||||
Object userReg = PortableRemoteObject.narrow(objRef,
|
Object userReg = invokeMethod(getNarrowMethod(), null , objRef, Class.forName("com.ibm.websphere.security.UserRegistry"));
|
||||||
Class.forName("com.ibm.websphere.security.UserRegistry"));
|
|
||||||
if (logger.isDebugEnabled()) {
|
if (logger.isDebugEnabled()) {
|
||||||
logger.debug("Determining WebSphere groups for user " + securityName
|
logger.debug("Determining WebSphere groups for user " + securityName
|
||||||
+ " using WebSphere UserRegistry " + userReg);
|
+ " using WebSphere UserRegistry " + userReg);
|
||||||
|
@ -156,7 +158,7 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private static Object invokeMethod(Method method, Object instance, Object[] args) {
|
private static Object invokeMethod(Method method, Object instance, Object... args) {
|
||||||
try {
|
try {
|
||||||
return method.invoke(instance, args);
|
return method.invoke(instance, args);
|
||||||
}
|
}
|
||||||
|
@ -230,6 +232,13 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups
|
||||||
return getSecurityName;
|
return getSecurityName;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private static Method getNarrowMethod() {
|
||||||
|
if (narrow == null) {
|
||||||
|
narrow = getMethod(PORTABLE_REMOTE_OBJECT_CLASSNAME, "narrow", new String[] { Object.class.getName() , Class.class.getName()});
|
||||||
|
}
|
||||||
|
return narrow;
|
||||||
|
}
|
||||||
|
|
||||||
// SEC-803
|
// SEC-803
|
||||||
private static Class<?> getWSCredentialClass() {
|
private static Class<?> getWSCredentialClass() {
|
||||||
if (wsCredentialClass == null) {
|
if (wsCredentialClass == null) {
|
||||||
|
|
|
@ -37,6 +37,7 @@ import org.springframework.security.core.Authentication;
|
||||||
@Target({ ElementType.PARAMETER, ElementType.ANNOTATION_TYPE })
|
@Target({ ElementType.PARAMETER, ElementType.ANNOTATION_TYPE })
|
||||||
@Retention(RetentionPolicy.RUNTIME)
|
@Retention(RetentionPolicy.RUNTIME)
|
||||||
@Documented
|
@Documented
|
||||||
|
@Deprecated
|
||||||
public @interface AuthenticationPrincipal {
|
public @interface AuthenticationPrincipal {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -162,6 +162,7 @@ public class ConcurrentSessionFilter extends GenericFilterBean {
|
||||||
* @return the URL for expiration
|
* @return the URL for expiration
|
||||||
* @deprecated Use {@link #ConcurrentSessionFilter(SessionRegistry, SessionInformationExpiredStrategy)} instead.
|
* @deprecated Use {@link #ConcurrentSessionFilter(SessionRegistry, SessionInformationExpiredStrategy)} instead.
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
protected String determineExpiredUrl(HttpServletRequest request,
|
protected String determineExpiredUrl(HttpServletRequest request,
|
||||||
SessionInformation info) {
|
SessionInformation info) {
|
||||||
return expiredUrl;
|
return expiredUrl;
|
||||||
|
@ -182,6 +183,7 @@ public class ConcurrentSessionFilter extends GenericFilterBean {
|
||||||
* @param redirectStrategy the {@link RedirectStrategy} to use
|
* @param redirectStrategy the {@link RedirectStrategy} to use
|
||||||
* @deprecated use {@link #ConcurrentSessionFilter(SessionRegistry, SessionInformationExpiredStrategy)} instead.
|
* @deprecated use {@link #ConcurrentSessionFilter(SessionRegistry, SessionInformationExpiredStrategy)} instead.
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public void setRedirectStrategy(RedirectStrategy redirectStrategy) {
|
public void setRedirectStrategy(RedirectStrategy redirectStrategy) {
|
||||||
this.redirectStrategy = redirectStrategy;
|
this.redirectStrategy = redirectStrategy;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue