SEC-1036: Removed references to SpringSecurityContextSource

2008-11-29 12:15:51 +00:00 · 2008-11-29 12:15:51 +00:00 · b25d6958d7
parent 5c29dfbc20
commit b25d6958d7
4 changed files with 35 additions and 73 deletions
--- a/core/src/main/java/org/springframework/security/config/LdapConfigUtils.java
+++ b/core/src/main/java/org/springframework/security/config/LdapConfigUtils.java
@ -7,7 +7,7 @@ import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
 import org.springframework.beans.factory.support.BeanDefinitionRegistry;
 import org.springframework.beans.factory.support.RootBeanDefinition;
 import org.springframework.core.Ordered;
-import org.springframework.security.ldap.SpringSecurityContextSource;
+import org.springframework.ldap.core.support.BaseLdapPathContextSource;

 /**
 * @author Luke Taylor
@ -16,35 +16,35 @@ import org.springframework.security.ldap.SpringSecurityContextSource;
 */
 class LdapConfigUtils {

-    /** 
-     * Checks for the presence of a ContextSource instance. Also supplies the standard reference to any 
-     * unconfigured <ldap-authentication-provider> or <ldap-user-service> beans. This is 
+    /**
+     * Checks for the presence of a ContextSource instance. Also supplies the standard reference to any
+     * unconfigured <ldap-authentication-provider> or <ldap-user-service> beans. This is
     * necessary in cases where the user has given the server a specific Id, but hasn't used
     * the server-ref attribute to link this to the other ldap definitions. See SEC-799.
     */
    private static class ContextSourceSettingPostProcessor implements BeanFactoryPostProcessor, Ordered {
-        /** If set to true, a bean parser has indicated that the default context source name needs to be set */  
+        /** If set to true, a bean parser has indicated that the default context source name needs to be set */
        private boolean defaultNameRequired;
-        
+
        public void postProcessBeanFactory(ConfigurableListableBeanFactory bf) throws BeansException {
-            String[] sources = bf.getBeanNamesForType(SpringSecurityContextSource.class);
+            String[] sources = bf.getBeanNamesForType(BaseLdapPathContextSource.class);

            if (sources.length == 0) {
-                throw new SecurityConfigurationException("No SpringSecurityContextSource instances found. Have you " +
+                throw new SecurityConfigurationException("No BaseLdapPathContextSource instances found. Have you " +
                        "added an <" + Elements.LDAP_SERVER + " /> element to your application context?");
            }
-            
+
            if (!bf.containsBean(BeanIds.CONTEXT_SOURCE) && defaultNameRequired) {
                if (sources.length > 1) {
-                    throw new SecurityConfigurationException("More than one SpringSecurityContextSource instance found. " +
-                            "Please specify a specific server id using the 'server-ref' attribute when configuring your <" + 
+                    throw new SecurityConfigurationException("More than one BaseLdapPathContextSource instance found. " +
+                            "Please specify a specific server id using the 'server-ref' attribute when configuring your <" +
                            Elements.LDAP_PROVIDER + "> " + "or <" + Elements.LDAP_USER_SERVICE + ">.");
                }
-                
+
                bf.registerAlias(sources[0], BeanIds.CONTEXT_SOURCE);
            }
        }
-        
+
        public void setDefaultNameRequired(boolean defaultNameRequired) {
            this.defaultNameRequired = defaultNameRequired;
        }
@ -53,7 +53,7 @@ class LdapConfigUtils {
            return LOWEST_PRECEDENCE;
        }
    }
-    
+
    static void registerPostProcessorIfNecessary(BeanDefinitionRegistry registry, boolean defaultNameRequired) {
        if (registry.containsBeanDefinition(BeanIds.CONTEXT_SOURCE_SETTING_POST_PROCESSOR)) {
            if (defaultNameRequired) {
@ -63,7 +63,7 @@ class LdapConfigUtils {
            return;
        }

-        BeanDefinition bd = new RootBeanDefinition(ContextSourceSettingPostProcessor.class); 
+        BeanDefinition bd = new RootBeanDefinition(ContextSourceSettingPostProcessor.class);
        registry.registerBeanDefinition(BeanIds.CONTEXT_SOURCE_SETTING_POST_PROCESSOR, bd);
        bd.getPropertyValues().addPropertyValue("defaultNameRequired", Boolean.valueOf(defaultNameRequired));
    }
--- a/core/src/main/java/org/springframework/security/ldap/DefaultSpringSecurityContextSource.java
+++ b/core/src/main/java/org/springframework/security/ldap/DefaultSpringSecurityContextSource.java
@ -1,39 +1,30 @@
 package org.springframework.security.ldap;

-import org.springframework.security.BadCredentialsException;
-import org.springframework.security.SpringSecurityMessageSource;
-import org.springframework.context.MessageSource;
-import org.springframework.context.MessageSourceAware;
-import org.springframework.context.support.MessageSourceAccessor;
-import org.springframework.ldap.core.support.LdapContextSource;
-import org.springframework.util.Assert;
+import java.util.ArrayList;
+import java.util.StringTokenizer;

 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-
-import javax.naming.Context;
-import javax.naming.directory.DirContext;
-import java.util.ArrayList;
-import java.util.Hashtable;
-import java.util.StringTokenizer;
+import org.springframework.ldap.core.support.LdapContextSource;
+import org.springframework.util.Assert;

 /**
- * SpringSecurityContextSource implementation which uses Spring LDAP's <tt>LdapContextSource</tt> as a base
- * class. Intended as a replacement for <tt>DefaultInitialDirContextFactory</tt> from versions of the framework prior
- * to 2.0.
+ * ContextSource implementation which uses Spring LDAP's <tt>LdapContextSource</tt> as a base
+ * class. Used internally by the Spring Security LDAP namespace configuration.
+ * <p>
+ * From Spring Security 2.5, Spring LDAP 1.3 is used and the <tt>ContextSource</tt> interface
+ * provides support for binding with a username and password. As a result, Spring LDAP <tt>ContextSource</tt>
+ * implementations such as <tt>LdapContextSource</tt> may be used directly with Spring Security.
 *
 * @author Luke Taylor
 * @version $Id$
 * @since 2.0
 */
-public class DefaultSpringSecurityContextSource extends LdapContextSource implements SpringSecurityContextSource,
-        MessageSourceAware {
+public class DefaultSpringSecurityContextSource extends LdapContextSource {

    private static final Log logger = LogFactory.getLog(DefaultSpringSecurityContextSource.class);
    private String rootDn;

-    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
-
    /**
     * Create and initialize an instance which will connect to the supplied LDAP URL.
     *
@ -65,31 +56,4 @@ public class DefaultSpringSecurityContextSource extends LdapContextSource implem
        super.setUrls(urls.toArray(new String[urls.size()]));
        super.setBase(rootDn);
    }
-
-    @SuppressWarnings("unchecked")
-    public DirContext getReadWriteContext(String userDn, Object credentials) {
-        Hashtable env = new Hashtable(getAnonymousEnv());
-
-        env.put(Context.SECURITY_PRINCIPAL, userDn);
-        env.put(Context.SECURITY_CREDENTIALS, credentials);
-
-        if (logger.isDebugEnabled()) {
-            logger.debug("Creating context with principal: '" + userDn + "'");
-        }
-
-        try {
-            return createContext(env);
-        } catch (org.springframework.ldap.NamingException e) {
-            if ((e instanceof org.springframework.ldap.AuthenticationException)
-                    || (e instanceof org.springframework.ldap.OperationNotSupportedException)) {
-                throw new BadCredentialsException(
-                        messages.getMessage("DefaultSpringSecurityContextSource.badCredentials", "Bad credentials"), e);
-            }
-            throw e;
-        }
-    }
-
-    public void setMessageSource(MessageSource messageSource) {
-        this.messages = new MessageSourceAccessor(messageSource);
-    }
 }
--- a/core/src/main/java/org/springframework/security/providers/ldap/authenticator/BindAuthenticator.java
+++ b/core/src/main/java/org/springframework/security/providers/ldap/authenticator/BindAuthenticator.java
@ -48,9 +48,9 @@ public class BindAuthenticator extends AbstractLdapAuthenticator {
    //~ Constructors ===================================================================================================

    /**
-     * Create an initialized instance using the {@link SpringSecurityContextSource} provided.
+     * Create an initialized instance using the {@link BaseLdapPathContextSource} provided.
     *
-     * @param contextSource the SpringSecurityContextSource instance against which bind operations will be
+     * @param contextSource the BaseLdapPathContextSource instance against which bind operations will be
     * performed.
     *
     */
--- a/core/src/test/java/org/springframework/security/config/LdapServerBeanDefinitionParserTests.java
+++ b/core/src/test/java/org/springframework/security/config/LdapServerBeanDefinitionParserTests.java
@ -1,12 +1,10 @@
 package org.springframework.security.config;

-import org.springframework.security.util.InMemoryXmlApplicationContext;
-import org.springframework.security.ldap.SpringSecurityContextSource;
-
-import org.springframework.ldap.core.LdapTemplate;
-
-import org.junit.Test;
 import org.junit.After;
+import org.junit.Test;
+import org.springframework.ldap.core.LdapTemplate;
+import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
+import org.springframework.security.util.InMemoryXmlApplicationContext;

 /**
 * @author Luke Taylor
@ -27,7 +25,7 @@ public class LdapServerBeanDefinitionParserTests {
    public void embeddedServerCreationContainsExpectedContextSourceAndData() {
        appCtx = new InMemoryXmlApplicationContext("<ldap-server />");

-        SpringSecurityContextSource contextSource = (SpringSecurityContextSource) appCtx.getBean(BeanIds.CONTEXT_SOURCE);
+        DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) appCtx.getBean(BeanIds.CONTEXT_SOURCE);

        // Check data is loaded
        LdapTemplate template = new LdapTemplate(contextSource);
@ -43,7 +41,7 @@ public class LdapServerBeanDefinitionParserTests {
        // Check the default context source is still there.
        appCtx.getBean(BeanIds.CONTEXT_SOURCE);

-        SpringSecurityContextSource contextSource = (SpringSecurityContextSource) appCtx.getBean("blah");
+        DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) appCtx.getBean("blah");

        // Check data is loaded as before
        LdapTemplate template = new LdapTemplate(contextSource);
@ -54,7 +52,7 @@ public class LdapServerBeanDefinitionParserTests {
    public void loadingSpecificLdifFileIsSuccessful() {
        appCtx = new InMemoryXmlApplicationContext(
                "<ldap-server ldif='classpath*:test-server2.xldif' root='dc=monkeymachine,dc=co,dc=uk' />");
-        SpringSecurityContextSource contextSource = (SpringSecurityContextSource) appCtx.getBean(BeanIds.CONTEXT_SOURCE);
+        DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) appCtx.getBean(BeanIds.CONTEXT_SOURCE);

        LdapTemplate template = new LdapTemplate(contextSource);
        template.lookup("uid=pg,ou=gorillas");