Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-30 16:52:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Change to Apache License version 2.0.

Browse Source
This commit is contained in:
Ben Alex 2004-03-23 04:44:48 +00:00
parent 3a72fc6bb9
commit c3507b26c9
114 changed files with 1745 additions and 690 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
adapters/catalina/src/main/java/org/acegisecurity/adapters/catalina/CatalinaAcegiUserRealm.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.adapters.catalina; package net.sf.acegisecurity.adapters.catalina;

16
adapters/jboss/src/main/java/org/acegisecurity/adapters/jboss/JbossAcegiLoginModule.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.adapters.jboss; package net.sf.acegisecurity.adapters.jboss;

21
adapters/jboss/src/main/java/org/acegisecurity/adapters/jboss/JbossIntegrationFilter.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.adapters.jboss; package net.sf.acegisecurity.adapters.jboss;
@ -45,7 +53,7 @@ public class JbossIntegrationFilter extends AbstractIntegrationFilter {
} catch (NamingException ne) { } catch (NamingException ne) {
if (super.logger.isDebugEnabled()) { if (super.logger.isDebugEnabled()) {
super.logger.warn("Lookup on Subject failed " super.logger.warn("Lookup on Subject failed "
+ ne.getLocalizedMessage()); + ne.getLocalizedMessage());
} }
} }
@ -57,8 +65,7 @@ public class JbossIntegrationFilter extends AbstractIntegrationFilter {
if (super.logger.isDebugEnabled()) { if (super.logger.isDebugEnabled()) {
super.logger.debug("Found Principal in container (" super.logger.debug("Found Principal in container ("
+ p.getClass().getName() + ") : " + p.getClass().getName() + ") : " + p.getName());
+ p.getName());
} }
if (p instanceof Authentication) { if (p instanceof Authentication) {

16
adapters/jetty/src/main/java/org/acegisecurity/adapters/jetty/JettyAcegiUserRealm.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.adapters.jetty; package net.sf.acegisecurity.adapters.jetty;

16
adapters/jetty/src/main/java/org/acegisecurity/adapters/jetty/JettyAcegiUserToken.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.adapters.jetty; package net.sf.acegisecurity.adapters.jetty;

16
adapters/resin/src/main/java/org/acegisecurity/adapters/resin/ResinAcegiAuthenticator.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.adapters.resin; package net.sf.acegisecurity.adapters.resin;

23
core/src/main/java/org/acegisecurity/AccessDecisionManager.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;
@ -30,15 +38,14 @@ public interface AccessDecisionManager {
* @throws AccessDeniedException if access is denied * @throws AccessDeniedException if access is denied
*/ */
public void decide(Authentication authentication, public void decide(Authentication authentication,
MethodInvocation invocation, MethodInvocation invocation, ConfigAttributeDefinition config)
ConfigAttributeDefinition config) throws AccessDeniedException;
throws AccessDeniedException;
/** /**
* Indicates whether this <code>AccessDecisionManager</code> is able to * Indicates whether this <code>AccessDecisionManager</code> is able to
* process authorization requests presented with the passed * process authorization requests presented with the passed
* <code>ConfigAttribute</code>. * <code>ConfigAttribute</code>.
* *
* <p> * <p>
* This allows the <code>SecurityInterceptor</code> to check every * This allows the <code>SecurityInterceptor</code> to check every
* configuration attribute can be consumed by the configured * configuration attribute can be consumed by the configured

16
core/src/main/java/org/acegisecurity/AccessDeniedException.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

18
core/src/main/java/org/acegisecurity/AcegiSecurityException.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;
@ -13,7 +21,7 @@ import org.springframework.core.NestedRuntimeException;
/** /**
* Abstract superclass for all exceptions thrown in the security package and * Abstract superclass for all exceptions thrown in the security package and
* subpackages. * subpackages.
* *
* <p> * <p>
* Note that this is a runtime (unchecked) exception. Security exceptions are * Note that this is a runtime (unchecked) exception. Security exceptions are
* usually fatal; there is no reason for them to be checked. * usually fatal; there is no reason for them to be checked.

16
core/src/main/java/org/acegisecurity/Authentication.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

16
core/src/main/java/org/acegisecurity/AuthenticationCredentialsNotFoundException.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

16
core/src/main/java/org/acegisecurity/AuthenticationException.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

18
core/src/main/java/org/acegisecurity/AuthenticationManager.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;
@ -57,5 +65,5 @@ public interface AuthenticationManager {
* @throws AuthenticationException if authentication fails * @throws AuthenticationException if authentication fails
*/ */
public Authentication authenticate(Authentication authentication) public Authentication authenticate(Authentication authentication)
throws AuthenticationException; throws AuthenticationException;
} }

16
core/src/main/java/org/acegisecurity/AuthenticationServiceException.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

16
core/src/main/java/org/acegisecurity/BadCredentialsException.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

16
core/src/main/java/org/acegisecurity/ConfigAttribute.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

16
core/src/main/java/org/acegisecurity/ConfigAttributeDefinition.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

19
core/src/main/java/org/acegisecurity/ConfigAttributeEditor.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;
@ -30,7 +38,8 @@ public class ConfigAttributeEditor extends PropertyEditorSupport {
ConfigAttributeDefinition configDefinition = new ConfigAttributeDefinition(); ConfigAttributeDefinition configDefinition = new ConfigAttributeDefinition();
for (int i = 0; i < tokens.length; i++) { for (int i = 0; i < tokens.length; i++) {
configDefinition.addConfigAttribute(new SecurityConfig(tokens[i])); configDefinition.addConfigAttribute(new SecurityConfig(
tokens[i]));
} }
setValue(configDefinition); setValue(configDefinition);

16
core/src/main/java/org/acegisecurity/DisabledException.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

16
core/src/main/java/org/acegisecurity/GrantedAuthority.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

16
core/src/main/java/org/acegisecurity/GrantedAuthorityImpl.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

16
core/src/main/java/org/acegisecurity/LockedException.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

28
core/src/main/java/org/acegisecurity/MethodDefinitionAttributes.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;
@ -71,12 +79,12 @@ public class MethodDefinitionAttributes implements MethodDefinitionSource {
} }
private void addClassAttributes(ConfigAttributeDefinition definition, private void addClassAttributes(ConfigAttributeDefinition definition,
Class clazz) { Class clazz) {
addClassAttributes(definition, new Class[] {clazz}); addClassAttributes(definition, new Class[] {clazz});
} }
private void addClassAttributes(ConfigAttributeDefinition definition, private void addClassAttributes(ConfigAttributeDefinition definition,
Class[] clazz) { Class[] clazz) {
for (int i = 0; i < clazz.length; i++) { for (int i = 0; i < clazz.length; i++) {
Collection classAttributes = attributes.getAttributes(clazz[i]); Collection classAttributes = attributes.getAttributes(clazz[i]);
@ -86,8 +94,8 @@ public class MethodDefinitionAttributes implements MethodDefinitionSource {
} }
} }
private void addInterfaceMethodAttributes(ConfigAttributeDefinition definition, private void addInterfaceMethodAttributes(
Method method) { ConfigAttributeDefinition definition, Method method) {
Class[] interfaces = method.getDeclaringClass().getInterfaces(); Class[] interfaces = method.getDeclaringClass().getInterfaces();
for (int i = 0; i < interfaces.length; i++) { for (int i = 0; i < interfaces.length; i++) {
@ -95,7 +103,7 @@ public class MethodDefinitionAttributes implements MethodDefinitionSource {
try { try {
Method m = clazz.getDeclaredMethod(method.getName(), Method m = clazz.getDeclaredMethod(method.getName(),
method.getParameterTypes()); method.getParameterTypes());
addMethodAttributes(definition, m); addMethodAttributes(definition, m);
} catch (Exception e) { } catch (Exception e) {
// this won't happen since we are getting a method from an interface that // this won't happen since we are getting a method from an interface that
@ -105,7 +113,7 @@ public class MethodDefinitionAttributes implements MethodDefinitionSource {
} }
private void addMethodAttributes(ConfigAttributeDefinition definition, private void addMethodAttributes(ConfigAttributeDefinition definition,
Method method) { Method method) {
// add the method level attributes // add the method level attributes
Collection methodAttributes = attributes.getAttributes(method); Collection methodAttributes = attributes.getAttributes(method);

59
core/src/main/java/org/acegisecurity/MethodDefinitionMap.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;
@ -45,7 +53,7 @@ public class MethodDefinitionMap implements MethodDefinitionSource {
public ConfigAttributeDefinition getAttributes(MethodInvocation invocation) { public ConfigAttributeDefinition getAttributes(MethodInvocation invocation) {
return (ConfigAttributeDefinition) this.methodMap.get(invocation return (ConfigAttributeDefinition) this.methodMap.get(invocation
.getMethod()); .getMethod());
} }
public Iterator getConfigAttributeDefinitions() { public Iterator getConfigAttributeDefinitions() {
@ -61,7 +69,7 @@ public class MethodDefinitionMap implements MethodDefinitionSource {
*/ */
public void addSecureMethod(Method method, ConfigAttributeDefinition attr) { public void addSecureMethod(Method method, ConfigAttributeDefinition attr) {
logger.info("Adding secure method [" + method + "] with attributes [" logger.info("Adding secure method [" + method + "] with attributes ["
+ attr + "]"); + attr + "]");
this.methodMap.put(method, attr); this.methodMap.put(method, attr);
} }
@ -79,7 +87,7 @@ public class MethodDefinitionMap implements MethodDefinitionSource {
if (lastDotIndex == -1) { if (lastDotIndex == -1) {
throw new IllegalArgumentException("'" + name throw new IllegalArgumentException("'" + name
+ "' is not a valid method name: format is FQN.methodName"); + "' is not a valid method name: format is FQN.methodName");
} }
String className = name.substring(0, lastDotIndex); String className = name.substring(0, lastDotIndex);
@ -87,12 +95,11 @@ public class MethodDefinitionMap implements MethodDefinitionSource {
try { try {
Class clazz = Class.forName(className, true, Class clazz = Class.forName(className, true,
Thread.currentThread() Thread.currentThread().getContextClassLoader());
.getContextClassLoader());
addSecureMethod(clazz, methodName, attr); addSecureMethod(clazz, methodName, attr);
} catch (ClassNotFoundException ex) { } catch (ClassNotFoundException ex) {
throw new IllegalArgumentException("Class '" + className throw new IllegalArgumentException("Class '" + className
+ "' not found"); + "' not found");
} }
} }
@ -107,12 +114,12 @@ public class MethodDefinitionMap implements MethodDefinitionSource {
* @throws IllegalArgumentException DOCUMENT ME! * @throws IllegalArgumentException DOCUMENT ME!
*/ */
public void addSecureMethod(Class clazz, String mappedName, public void addSecureMethod(Class clazz, String mappedName,
ConfigAttributeDefinition attr) { ConfigAttributeDefinition attr) {
String name = clazz.getName() + '.' + mappedName; String name = clazz.getName() + '.' + mappedName;
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("Adding secure method [" + name logger.debug("Adding secure method [" + name
+ "] with attributes [" + attr + "]"); + "] with attributes [" + attr + "]");
} }
Method[] methods = clazz.getDeclaredMethods(); Method[] methods = clazz.getDeclaredMethods();
@ -120,14 +127,14 @@ public class MethodDefinitionMap implements MethodDefinitionSource {
for (int i = 0; i < methods.length; i++) { for (int i = 0; i < methods.length; i++) {
if (methods[i].getName().equals(mappedName) if (methods[i].getName().equals(mappedName)
|| isMatch(methods[i].getName(), mappedName)) { || isMatch(methods[i].getName(), mappedName)) {
matchingMethods.add(methods[i]); matchingMethods.add(methods[i]);
} }
} }
if (matchingMethods.isEmpty()) { if (matchingMethods.isEmpty()) {
throw new IllegalArgumentException("Couldn't find method '" throw new IllegalArgumentException("Couldn't find method '"
+ mappedName + "' on " + clazz); + mappedName + "' on " + clazz);
} }
// register all matching methods // register all matching methods
@ -136,15 +143,14 @@ public class MethodDefinitionMap implements MethodDefinitionSource {
String regMethodName = (String) this.nameMap.get(method); String regMethodName = (String) this.nameMap.get(method);
if ((regMethodName == null) if ((regMethodName == null)
|| (!regMethodName.equals(name) || (!regMethodName.equals(name)
&& (regMethodName.length() <= name.length()))) { && (regMethodName.length() <= name.length()))) {
// no already registered method name, or more specific // no already registered method name, or more specific
// method name specification now -> (re-)register method // method name specification now -> (re-)register method
if (logger.isDebugEnabled() && (regMethodName != null)) { if (logger.isDebugEnabled() && (regMethodName != null)) {
logger.debug("Replacing attributes for secure method [" logger.debug("Replacing attributes for secure method ["
+ method + "]: current name [" + name + method + "]: current name [" + name
+ "] is more specific than [" + regMethodName + "] is more specific than [" + regMethodName + "]");
+ "]");
} }
this.nameMap.put(method, name); this.nameMap.put(method, name);
@ -152,9 +158,8 @@ public class MethodDefinitionMap implements MethodDefinitionSource {
} else { } else {
if (logger.isDebugEnabled() && (regMethodName != null)) { if (logger.isDebugEnabled() && (regMethodName != null)) {
logger.debug("Keeping attributes for secure method [" logger.debug("Keeping attributes for secure method ["
+ method + "]: current name [" + name + method + "]: current name [" + name
+ "] is not more specific than [" + "] is not more specific than [" + regMethodName + "]");
+ regMethodName + "]");
} }
} }
} }
@ -171,11 +176,9 @@ public class MethodDefinitionMap implements MethodDefinitionSource {
*/ */
private boolean isMatch(String methodName, String mappedName) { private boolean isMatch(String methodName, String mappedName) {
return (mappedName.endsWith("*") return (mappedName.endsWith("*")
&& methodName.startsWith(mappedName.substring(0, && methodName.startsWith(mappedName.substring(0, mappedName.length()
mappedName.length() - 1)))
- 1))) || (mappedName.startsWith("*")
|| (mappedName.startsWith("*") && methodName.endsWith(mappedName.substring(1, mappedName.length())));
&& methodName.endsWith(mappedName.substring(1,
mappedName.length())));
} }
} }

16
core/src/main/java/org/acegisecurity/MethodDefinitionSource.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

18
core/src/main/java/org/acegisecurity/MethodDefinitionSourceEditor.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;
@ -58,7 +66,7 @@ public class MethodDefinitionSourceEditor extends PropertyEditorSupport {
configAttribEd.setAsText(value); configAttribEd.setAsText(value);
ConfigAttributeDefinition attr = (ConfigAttributeDefinition) configAttribEd ConfigAttributeDefinition attr = (ConfigAttributeDefinition) configAttribEd
.getValue(); .getValue();
// Register name and attribute // Register name and attribute
source.addSecureMethod(name, attr); source.addSecureMethod(name, attr);

19
core/src/main/java/org/acegisecurity/RunAsManager.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;
@ -67,8 +75,7 @@ public interface RunAsManager {
* invocation * invocation
*/ */
public Authentication buildRunAs(Authentication authentication, public Authentication buildRunAs(Authentication authentication,
MethodInvocation invocation, MethodInvocation invocation, ConfigAttributeDefinition config);
ConfigAttributeDefinition config);
/** /**
* Indicates whether this <code>RunAsManager</code> is able to process the * Indicates whether this <code>RunAsManager</code> is able to process the

16
core/src/main/java/org/acegisecurity/SecurityConfig.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

16
core/src/main/java/org/acegisecurity/SecurityInterceptor.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

18
core/src/main/java/org/acegisecurity/adapters/AbstractAdapterAuthenticationToken.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.adapters; package net.sf.acegisecurity.adapters;
@ -39,7 +47,7 @@ public abstract class AbstractAdapterAuthenticationToken
* @param authorities the authorities granted to this principal * @param authorities the authorities granted to this principal
*/ */
protected AbstractAdapterAuthenticationToken(String key, protected AbstractAdapterAuthenticationToken(String key,
GrantedAuthority[] authorities) { GrantedAuthority[] authorities) {
super(); super();
this.keyHash = key.hashCode(); this.keyHash = key.hashCode();
this.authorities = authorities; this.authorities = authorities;

34
core/src/main/java/org/acegisecurity/adapters/AbstractIntegrationFilter.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.adapters; package net.sf.acegisecurity.adapters;
@ -60,14 +68,14 @@ public abstract class AbstractIntegrationFilter implements Filter {
public void destroy() {} public void destroy() {}
public void doFilter(ServletRequest request, ServletResponse response, public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) FilterChain chain) throws IOException, ServletException {
throws IOException, ServletException {
// Populate authentication information // Populate authentication information
Object extracted = this.extractFromContainer(request); Object extracted = this.extractFromContainer(request);
if (extracted instanceof Authentication) { if (extracted instanceof Authentication) {
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("Authentication added to ContextHolder from container"); logger.debug(
"Authentication added to ContextHolder from container");
} }
Authentication auth = (Authentication) extracted; Authentication auth = (Authentication) extracted;
@ -76,7 +84,7 @@ public abstract class AbstractIntegrationFilter implements Filter {
SecureContext secureContext = null; SecureContext secureContext = null;
if ((ContextHolder.getContext() == null) if ((ContextHolder.getContext() == null)
|| !(ContextHolder.getContext() instanceof SecureContext)) { || !(ContextHolder.getContext() instanceof SecureContext)) {
secureContext = new SecureContextImpl(); secureContext = new SecureContextImpl();
} else { } else {
secureContext = (SecureContext) ContextHolder.getContext(); secureContext = (SecureContext) ContextHolder.getContext();
@ -87,7 +95,8 @@ public abstract class AbstractIntegrationFilter implements Filter {
ContextHolder.setContext((Context) secureContext); ContextHolder.setContext((Context) secureContext);
} else { } else {
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("Authentication not added to ContextHolder (could not extract an authentication object from the container which is an instance of Authentication)"); logger.debug(
"Authentication not added to ContextHolder (could not extract an authentication object from the container which is an instance of Authentication)");
} }
} }
@ -96,19 +105,20 @@ public abstract class AbstractIntegrationFilter implements Filter {
// Remove authentication information // Remove authentication information
if ((ContextHolder.getContext() != null) if ((ContextHolder.getContext() != null)
&& ContextHolder.getContext() instanceof SecureContext) { && ContextHolder.getContext() instanceof SecureContext) {
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("Removing Authentication from ContextHolder"); logger.debug("Removing Authentication from ContextHolder");
} }
// Get context holder and remove authentication information // Get context holder and remove authentication information
SecureContext secureContext = (SecureContext) ContextHolder SecureContext secureContext = (SecureContext) ContextHolder
.getContext(); .getContext();
secureContext.setAuthentication(null); secureContext.setAuthentication(null);
ContextHolder.setContext((Context) secureContext); ContextHolder.setContext((Context) secureContext);
} else { } else {
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("ContextHolder does not contain any authentication information"); logger.debug(
"ContextHolder does not contain any authentication information");
} }
} }
} }

16
core/src/main/java/org/acegisecurity/adapters/AuthByAdapter.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.adapters; package net.sf.acegisecurity.adapters;

29
core/src/main/java/org/acegisecurity/adapters/AuthByAdapterProvider.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.adapters; package net.sf.acegisecurity.adapters;
@ -27,15 +35,14 @@ import org.springframework.beans.factory.InitializingBean;
* </p> * </p>
* *
* <P> * <P>
* If the key does not match, a <code>BadCredentialsException</code> is * If the key does not match, a <code>BadCredentialsException</code> is thrown.
* thrown.
* </p> * </p>
* *
* @author Ben Alex * @author Ben Alex
* @version $Id$ * @version $Id$
*/ */
public class AuthByAdapterProvider implements InitializingBean, public class AuthByAdapterProvider implements InitializingBean,
AuthenticationProvider { AuthenticationProvider {
//~ Instance fields ======================================================== //~ Instance fields ========================================================
private String key; private String key;
@ -52,18 +59,20 @@ public class AuthByAdapterProvider implements InitializingBean,
public void afterPropertiesSet() throws Exception { public void afterPropertiesSet() throws Exception {
if (key == null) { if (key == null) {
throw new IllegalArgumentException("A Key is required and should match that configured for the adapters"); throw new IllegalArgumentException(
"A Key is required and should match that configured for the adapters");
} }
} }
public Authentication authenticate(Authentication authentication) public Authentication authenticate(Authentication authentication)
throws AuthenticationException { throws AuthenticationException {
AuthByAdapter token = (AuthByAdapter) authentication; AuthByAdapter token = (AuthByAdapter) authentication;
if (token.getKeyHash() == key.hashCode()) { if (token.getKeyHash() == key.hashCode()) {
return authentication; return authentication;
} else { } else {
throw new BadCredentialsException("The presented AuthByAdapter implementation does not contain the expected key"); throw new BadCredentialsException(
"The presented AuthByAdapter implementation does not contain the expected key");
} }
} }

16
core/src/main/java/org/acegisecurity/adapters/AutoIntegrationFilter.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.adapters; package net.sf.acegisecurity.adapters;

16
core/src/main/java/org/acegisecurity/adapters/HttpRequestIntegrationFilter.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.adapters; package net.sf.acegisecurity.adapters;

16
core/src/main/java/org/acegisecurity/adapters/PrincipalAcegiUserToken.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.adapters; package net.sf.acegisecurity.adapters;

20
core/src/main/java/org/acegisecurity/context/Context.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.context; package net.sf.acegisecurity.context;
@ -28,8 +36,8 @@ public interface Context extends Serializable {
* Check the <code>Context</code> is properly configured. * Check the <code>Context</code> is properly configured.
* *
* <P> * <P>
* This allows implementations to confirm they are valid, as this method * This allows implementations to confirm they are valid, as this method is
* is automatically called by the {@link ContextInterceptor}. * automatically called by the {@link ContextInterceptor}.
* </p> * </p>
* *
* @throws ContextInvalidException if the <code>Context</code> is invalid. * @throws ContextInvalidException if the <code>Context</code> is invalid.

18
core/src/main/java/org/acegisecurity/context/ContextException.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.context; package net.sf.acegisecurity.context;
@ -13,7 +21,7 @@ import org.springframework.core.NestedRuntimeException;
/** /**
* Abstract superclass for all exceptions thrown in the context package and * Abstract superclass for all exceptions thrown in the context package and
* subpackages. * subpackages.
* *
* <p> * <p>
* Note that this is a runtime (unchecked) exception. * Note that this is a runtime (unchecked) exception.
* </p> * </p>

16
core/src/main/java/org/acegisecurity/context/ContextHolder.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.context; package net.sf.acegisecurity.context;

16
core/src/main/java/org/acegisecurity/context/ContextHolderEmptyException.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.context; package net.sf.acegisecurity.context;

16
core/src/main/java/org/acegisecurity/context/ContextImpl.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.context; package net.sf.acegisecurity.context;

18
core/src/main/java/org/acegisecurity/context/ContextInterceptor.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.context; package net.sf.acegisecurity.context;
@ -38,7 +46,7 @@ public class ContextInterceptor implements MethodInterceptor {
public Object invoke(MethodInvocation mi) throws Throwable { public Object invoke(MethodInvocation mi) throws Throwable {
if (ContextHolder.getContext() == null) { if (ContextHolder.getContext() == null) {
throw new ContextHolderEmptyException("ContextHolder does not contain a Context", throw new ContextHolderEmptyException("ContextHolder does not contain a Context",
null); null);
} }
ContextHolder.getContext().validate(); ContextHolder.getContext().validate();

16
core/src/main/java/org/acegisecurity/context/ContextInvalidException.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.context; package net.sf.acegisecurity.context;

16
core/src/main/java/org/acegisecurity/context/SecureContext.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.context; package net.sf.acegisecurity.context;

16
core/src/main/java/org/acegisecurity/context/SecureContextImpl.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.context; package net.sf.acegisecurity.context;

16
core/src/main/java/org/acegisecurity/providers/AbstractAuthenticationToken.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers; package net.sf.acegisecurity.providers;

18
core/src/main/java/org/acegisecurity/providers/AuthenticationProvider.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers; package net.sf.acegisecurity.providers;
@ -32,7 +40,7 @@ public interface AuthenticationProvider {
* @throws AuthenticationException if authentication fails. * @throws AuthenticationException if authentication fails.
*/ */
public Authentication authenticate(Authentication authentication) public Authentication authenticate(Authentication authentication)
throws AuthenticationException; throws AuthenticationException;
/** /**
* Returns true if this <Code>AuthenticationProvider</code> supports the * Returns true if this <Code>AuthenticationProvider</code> supports the

32
core/src/main/java/org/acegisecurity/providers/ProviderManager.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers; package net.sf.acegisecurity.providers;
@ -60,9 +68,8 @@ public class ProviderManager implements InitializingBean, AuthenticationManager
AuthenticationProvider attemptToCast = (AuthenticationProvider) currentObject; AuthenticationProvider attemptToCast = (AuthenticationProvider) currentObject;
} catch (ClassCastException cce) { } catch (ClassCastException cce) {
throw new IllegalArgumentException("AuthenticationProvider " throw new IllegalArgumentException("AuthenticationProvider "
+ currentObject.getClass() + currentObject.getClass().getName()
.getName() + " must implement AuthenticationProvider");
+ " must implement AuthenticationProvider");
} }
} }
@ -103,30 +110,31 @@ public class ProviderManager implements InitializingBean, AuthenticationManager
* @throws ProviderNotFoundException DOCUMENT ME! * @throws ProviderNotFoundException DOCUMENT ME!
*/ */
public Authentication authenticate(Authentication authentication) public Authentication authenticate(Authentication authentication)
throws AuthenticationException { throws AuthenticationException {
Iterator iter = providers.iterator(); Iterator iter = providers.iterator();
Class toTest = authentication.getClass(); Class toTest = authentication.getClass();
while (iter.hasNext()) { while (iter.hasNext()) {
AuthenticationProvider provider = (AuthenticationProvider) iter AuthenticationProvider provider = (AuthenticationProvider) iter
.next(); .next();
if (provider.supports(toTest)) { if (provider.supports(toTest)) {
logger.debug("Authentication attempt using " logger.debug("Authentication attempt using "
+ provider.getClass().getName()); + provider.getClass().getName());
return provider.authenticate(authentication); return provider.authenticate(authentication);
} }
} }
throw new ProviderNotFoundException("No authentication provider for " throw new ProviderNotFoundException("No authentication provider for "
+ toTest.getName()); + toTest.getName());
} }
private void checkIfValidList(List listToCheck) { private void checkIfValidList(List listToCheck) {
if ((listToCheck == null) || (listToCheck.size() == 0)) { if ((listToCheck == null) || (listToCheck.size() == 0)) {
throw new IllegalArgumentException("A list of AuthenticationManagers is required"); throw new IllegalArgumentException(
"A list of AuthenticationManagers is required");
} }
} }
} }

16
core/src/main/java/org/acegisecurity/providers/ProviderNotFoundException.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers; package net.sf.acegisecurity.providers;

18
core/src/main/java/org/acegisecurity/providers/TestingAuthenticationProvider.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers; package net.sf.acegisecurity.providers;
@ -32,7 +40,7 @@ public class TestingAuthenticationProvider implements AuthenticationProvider {
//~ Methods ================================================================ //~ Methods ================================================================
public Authentication authenticate(Authentication authentication) public Authentication authenticate(Authentication authentication)
throws AuthenticationException { throws AuthenticationException {
return authentication; return authentication;
} }

18
core/src/main/java/org/acegisecurity/providers/TestingAuthenticationToken.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers; package net.sf.acegisecurity.providers;
@ -33,7 +41,7 @@ public class TestingAuthenticationToken extends AbstractAuthenticationToken {
//~ Constructors =========================================================== //~ Constructors ===========================================================
public TestingAuthenticationToken(Object principal, Object credentials, public TestingAuthenticationToken(Object principal, Object credentials,
GrantedAuthority[] authorities) { GrantedAuthority[] authorities) {
this.principal = principal; this.principal = principal;
this.credentials = credentials; this.credentials = credentials;
this.authorities = authorities; this.authorities = authorities;

21
core/src/main/java/org/acegisecurity/providers/UsernamePasswordAuthenticationToken.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers; package net.sf.acegisecurity.providers;
@ -36,14 +44,13 @@ public class UsernamePasswordAuthenticationToken
//~ Constructors =========================================================== //~ Constructors ===========================================================
public UsernamePasswordAuthenticationToken(Object principal, public UsernamePasswordAuthenticationToken(Object principal,
Object credentials) { Object credentials) {
this.principal = principal; this.principal = principal;
this.credentials = credentials; this.credentials = credentials;
} }
public UsernamePasswordAuthenticationToken(Object principal, public UsernamePasswordAuthenticationToken(Object principal,
Object credentials, Object credentials, GrantedAuthority[] authorities) {
GrantedAuthority[] authorities) {
this.principal = principal; this.principal = principal;
this.credentials = credentials; this.credentials = credentials;
this.authorities = authorities; this.authorities = authorities;

31
core/src/main/java/org/acegisecurity/providers/dao/DaoAuthenticationProvider.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers.dao; package net.sf.acegisecurity.providers.dao;
@ -34,7 +42,7 @@ import org.springframework.dao.DataAccessException;
* @version $Id$ * @version $Id$
*/ */
public class DaoAuthenticationProvider implements AuthenticationProvider, public class DaoAuthenticationProvider implements AuthenticationProvider,
InitializingBean { InitializingBean {
//~ Instance fields ======================================================== //~ Instance fields ========================================================
private AuthenticationDao authenticationDao; private AuthenticationDao authenticationDao;
@ -83,12 +91,13 @@ public class DaoAuthenticationProvider implements AuthenticationProvider,
public void afterPropertiesSet() throws Exception { public void afterPropertiesSet() throws Exception {
if (this.authenticationDao == null) { if (this.authenticationDao == null) {
throw new IllegalArgumentException("An Authentication DAO must be set"); throw new IllegalArgumentException(
"An Authentication DAO must be set");
} }
} }
public Authentication authenticate(Authentication authentication) public Authentication authenticate(Authentication authentication)
throws AuthenticationException { throws AuthenticationException {
User user = null; User user = null;
try { try {
@ -98,7 +107,7 @@ public class DaoAuthenticationProvider implements AuthenticationProvider,
throw new BadCredentialsException("Bad credentials presented"); throw new BadCredentialsException("Bad credentials presented");
} catch (DataAccessException repositoryProblem) { } catch (DataAccessException repositoryProblem) {
throw new AuthenticationServiceException(repositoryProblem throw new AuthenticationServiceException(repositoryProblem
.getMessage()); .getMessage());
} }
if (!user.isEnabled()) { if (!user.isEnabled()) {
@ -110,12 +119,12 @@ public class DaoAuthenticationProvider implements AuthenticationProvider,
} }
return new UsernamePasswordAuthenticationToken(user.getUsername(), return new UsernamePasswordAuthenticationToken(user.getUsername(),
user.getPassword(), user.getPassword(), user.getAuthorities());
user.getAuthorities());
} }
public boolean supports(Class authentication) { public boolean supports(Class authentication) {
if (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication)) { if (UsernamePasswordAuthenticationToken.class.isAssignableFrom(
authentication)) {
return true; return true;
} else { } else {
return false; return false;

16
core/src/main/java/org/acegisecurity/providers/dao/UsernameNotFoundException.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers.dao; package net.sf.acegisecurity.providers.dao;

29
core/src/main/java/org/acegisecurity/runas/RunAsImplAuthenticationProvider.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.runas; package net.sf.acegisecurity.runas;
@ -27,15 +35,14 @@ import org.springframework.beans.factory.InitializingBean;
* </p> * </p>
* *
* <P> * <P>
* If the key does not match, a <code>BadCredentialsException</code> is * If the key does not match, a <code>BadCredentialsException</code> is thrown.
* thrown.
* </p> * </p>
* *
* @author Ben Alex * @author Ben Alex
* @version $Id$ * @version $Id$
*/ */
public class RunAsImplAuthenticationProvider implements InitializingBean, public class RunAsImplAuthenticationProvider implements InitializingBean,
AuthenticationProvider { AuthenticationProvider {
//~ Instance fields ======================================================== //~ Instance fields ========================================================
private String key; private String key;
@ -52,18 +59,20 @@ public class RunAsImplAuthenticationProvider implements InitializingBean,
public void afterPropertiesSet() throws Exception { public void afterPropertiesSet() throws Exception {
if (key == null) { if (key == null) {
throw new IllegalArgumentException("A Key is required and should match that configured for the RunAsManagerImpl"); throw new IllegalArgumentException(
"A Key is required and should match that configured for the RunAsManagerImpl");
} }
} }
public Authentication authenticate(Authentication authentication) public Authentication authenticate(Authentication authentication)
throws AuthenticationException { throws AuthenticationException {
RunAsUserToken token = (RunAsUserToken) authentication; RunAsUserToken token = (RunAsUserToken) authentication;
if (token.getKeyHash() == key.hashCode()) { if (token.getKeyHash() == key.hashCode()) {
return authentication; return authentication;
} else { } else {
throw new BadCredentialsException("The presented RunAsUserToken does not contain the expected key"); throw new BadCredentialsException(
"The presented RunAsUserToken does not contain the expected key");
} }
} }

36
core/src/main/java/org/acegisecurity/runas/RunAsManagerImpl.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.runas; package net.sf.acegisecurity.runas;
@ -58,13 +66,13 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean {
public void afterPropertiesSet() throws Exception { public void afterPropertiesSet() throws Exception {
if (key == null) { if (key == null) {
throw new IllegalArgumentException("A Key is required and should match that configured for the RunAsImplAuthenticationProvider"); throw new IllegalArgumentException(
"A Key is required and should match that configured for the RunAsImplAuthenticationProvider");
} }
} }
public Authentication buildRunAs(Authentication authentication, public Authentication buildRunAs(Authentication authentication,
MethodInvocation invocation, MethodInvocation invocation, ConfigAttributeDefinition config) {
ConfigAttributeDefinition config) {
Set newAuthorities = new HashSet(); Set newAuthorities = new HashSet();
Iterator iter = config.getConfigAttributes(); Iterator iter = config.getConfigAttributes();
@ -72,9 +80,8 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean {
ConfigAttribute attribute = (ConfigAttribute) iter.next(); ConfigAttribute attribute = (ConfigAttribute) iter.next();
if (this.supports(attribute)) { if (this.supports(attribute)) {
GrantedAuthorityImpl extraAuthority = new GrantedAuthorityImpl("ROLE_" GrantedAuthorityImpl extraAuthority = new GrantedAuthorityImpl(
+ attribute "ROLE_" + attribute.getAttribute());
.getAttribute());
newAuthorities.add(extraAuthority); newAuthorities.add(extraAuthority);
} }
} }
@ -88,18 +95,17 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean {
GrantedAuthority[] resultType = {new GrantedAuthorityImpl("holder")}; GrantedAuthority[] resultType = {new GrantedAuthorityImpl("holder")};
GrantedAuthority[] newAuthoritiesAsArray = (GrantedAuthority[]) newAuthorities GrantedAuthority[] newAuthoritiesAsArray = (GrantedAuthority[]) newAuthorities
.toArray(resultType); .toArray(resultType);
return new RunAsUserToken(this.key, authentication.getPrincipal(), return new RunAsUserToken(this.key, authentication.getPrincipal(),
authentication.getCredentials(), authentication.getCredentials(), newAuthoritiesAsArray,
newAuthoritiesAsArray, authentication.getClass());
authentication.getClass());
} }
} }
public boolean supports(ConfigAttribute attribute) { public boolean supports(ConfigAttribute attribute) {
if ((attribute.getAttribute() != null) if ((attribute.getAttribute() != null)
&& attribute.getAttribute().startsWith("RUN_AS_")) { && attribute.getAttribute().startsWith("RUN_AS_")) {
return true; return true;
} else { } else {
return false; return false;

19
core/src/main/java/org/acegisecurity/runas/RunAsUserToken.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.runas; package net.sf.acegisecurity.runas;
@ -30,8 +38,7 @@ public class RunAsUserToken extends AbstractAuthenticationToken {
//~ Constructors =========================================================== //~ Constructors ===========================================================
public RunAsUserToken(String key, Object principal, Object credentials, public RunAsUserToken(String key, Object principal, Object credentials,
GrantedAuthority[] authorities, GrantedAuthority[] authorities, Class originalAuthentication) {
Class originalAuthentication) {
super(); super();
this.keyHash = key.hashCode(); this.keyHash = key.hashCode();
this.authorities = authorities; this.authorities = authorities;

16
core/src/main/java/org/acegisecurity/taglibs/authz/AuthorizeTag.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.taglibs.authz; package net.sf.acegisecurity.taglibs.authz;

18
core/src/main/java/org/acegisecurity/userdetails/User.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers.dao; package net.sf.acegisecurity.providers.dao;
@ -40,7 +48,7 @@ public class User {
* is enabled * is enabled
*/ */
public User(String username, String password, boolean enabled, public User(String username, String password, boolean enabled,
GrantedAuthority[] authorities) { GrantedAuthority[] authorities) {
this.username = username; this.username = username;
this.password = password; this.password = password;
this.enabled = enabled; this.enabled = enabled;

19
core/src/main/java/org/acegisecurity/userdetails/UserDetailsService.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers.dao; package net.sf.acegisecurity.providers.dao;
@ -41,6 +49,5 @@ public interface AuthenticationDao {
* repository-specific reason * repository-specific reason
*/ */
public User loadUserByUsername(String username) public User loadUserByUsername(String username)
throws UsernameNotFoundException, throws UsernameNotFoundException, DataAccessException;
DataAccessException;
} }

37
core/src/main/java/org/acegisecurity/userdetails/jdbc/JdbcDaoImpl.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers.dao.jdbc; package net.sf.acegisecurity.providers.dao.jdbc;
@ -52,8 +60,7 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements AuthenticationDao {
//~ Methods ================================================================ //~ Methods ================================================================
public User loadUserByUsername(String username) public User loadUserByUsername(String username)
throws UsernameNotFoundException, throws UsernameNotFoundException, DataAccessException {
DataAccessException {
List users = usersByUsernameQuery.execute(username); List users = usersByUsernameQuery.execute(username);
if (users.size() == 0) { if (users.size() == 0) {
@ -72,14 +79,16 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements AuthenticationDao {
arrayAuths = (GrantedAuthority[]) dbAuths.toArray(arrayAuths); arrayAuths = (GrantedAuthority[]) dbAuths.toArray(arrayAuths);
return new User(user.getUsername(), user.getPassword(), return new User(user.getUsername(), user.getPassword(),
user.isEnabled(), arrayAuths); user.isEnabled(), arrayAuths);
} }
protected void setAuthoritiesByUsernameQuery(AuthoritiesByUsernameQuery authoritiesByUsernameQuery) { protected void setAuthoritiesByUsernameQuery(
AuthoritiesByUsernameQuery authoritiesByUsernameQuery) {
this.authoritiesByUsernameQuery = authoritiesByUsernameQuery; this.authoritiesByUsernameQuery = authoritiesByUsernameQuery;
} }
protected void setUsersByUsernameQuery(UsersByUsernameQuery usersByUsernameQuery) { protected void setUsersByUsernameQuery(
UsersByUsernameQuery usersByUsernameQuery) {
this.usersByUsernameQuery = usersByUsernameQuery; this.usersByUsernameQuery = usersByUsernameQuery;
} }
@ -101,15 +110,15 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements AuthenticationDao {
protected static class AuthoritiesByUsernameQuery extends MappingSqlQuery { protected static class AuthoritiesByUsernameQuery extends MappingSqlQuery {
protected AuthoritiesByUsernameQuery(DataSource ds) { protected AuthoritiesByUsernameQuery(DataSource ds) {
super(ds, super(ds,
"SELECT username,authority FROM authorities WHERE username = ?"); "SELECT username,authority FROM authorities WHERE username = ?");
declareParameter(new SqlParameter(Types.VARCHAR)); declareParameter(new SqlParameter(Types.VARCHAR));
compile(); compile();
} }
protected Object mapRow(ResultSet rs, int rownum) protected Object mapRow(ResultSet rs, int rownum)
throws SQLException { throws SQLException {
GrantedAuthorityImpl authority = new GrantedAuthorityImpl(rs GrantedAuthorityImpl authority = new GrantedAuthorityImpl(rs
.getString("authority")); .getString("authority"));
return authority; return authority;
} }
@ -121,13 +130,13 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements AuthenticationDao {
protected static class UsersByUsernameQuery extends MappingSqlQuery { protected static class UsersByUsernameQuery extends MappingSqlQuery {
protected UsersByUsernameQuery(DataSource ds) { protected UsersByUsernameQuery(DataSource ds) {
super(ds, super(ds,
"SELECT username,password,enabled FROM users WHERE username = ?"); "SELECT username,password,enabled FROM users WHERE username = ?");
declareParameter(new SqlParameter(Types.VARCHAR)); declareParameter(new SqlParameter(Types.VARCHAR));
compile(); compile();
} }
protected Object mapRow(ResultSet rs, int rownum) protected Object mapRow(ResultSet rs, int rownum)
throws SQLException { throws SQLException {
String username = rs.getString("username"); String username = rs.getString("username");
String password = rs.getString("password"); String password = rs.getString("password");
boolean enabled = rs.getBoolean("enabled"); boolean enabled = rs.getBoolean("enabled");

22
core/src/main/java/org/acegisecurity/userdetails/memory/InMemoryDaoImpl.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers.dao.memory; package net.sf.acegisecurity.providers.dao.memory;
@ -39,13 +47,13 @@ public class InMemoryDaoImpl implements AuthenticationDao, InitializingBean {
public void afterPropertiesSet() throws Exception { public void afterPropertiesSet() throws Exception {
if (this.userMap == null) { if (this.userMap == null) {
throw new IllegalArgumentException("A list of users, passwords, enabled/disabled status and their granted authorities must be set"); throw new IllegalArgumentException(
"A list of users, passwords, enabled/disabled status and their granted authorities must be set");
} }
} }
public User loadUserByUsername(String username) public User loadUserByUsername(String username)
throws UsernameNotFoundException, throws UsernameNotFoundException, DataAccessException {
DataAccessException {
User result = userMap.getUser(username); User result = userMap.getUser(username);
if (result == null) { if (result == null) {

16
core/src/main/java/org/acegisecurity/userdetails/memory/UserAttributeDefinition.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers.dao.memory; package net.sf.acegisecurity.providers.dao.memory;

19
core/src/main/java/org/acegisecurity/userdetails/memory/UserAttributeEditor.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers.dao.memory; package net.sf.acegisecurity.providers.dao.memory;
@ -42,7 +50,8 @@ public class UserAttributeEditor extends PropertyEditorSupport {
} else if (currentToken.toLowerCase().equals("disabled")) { } else if (currentToken.toLowerCase().equals("disabled")) {
userAttrib.setEnabled(false); userAttrib.setEnabled(false);
} else { } else {
userAttrib.addAuthority(new GrantedAuthorityImpl(currentToken)); userAttrib.addAuthority(new GrantedAuthorityImpl(
currentToken));
} }
} }
} }

16
core/src/main/java/org/acegisecurity/userdetails/memory/UserMap.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers.dao.memory; package net.sf.acegisecurity.providers.dao.memory;

20
core/src/main/java/org/acegisecurity/userdetails/memory/UserMapEditor.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers.dao.memory; package net.sf.acegisecurity.providers.dao.memory;
@ -77,12 +85,12 @@ public class UserMapEditor extends PropertyEditorSupport {
configAttribEd.setAsText(value); configAttribEd.setAsText(value);
UserAttributeDefinition attr = (UserAttributeDefinition) configAttribEd UserAttributeDefinition attr = (UserAttributeDefinition) configAttribEd
.getValue(); .getValue();
// Make a user object, assuming the properties were properly provided // Make a user object, assuming the properties were properly provided
if (attr != null) { if (attr != null) {
User user = new User(username, attr.getPassword(), User user = new User(username, attr.getPassword(),
attr.isEnabled(), attr.getAuthorities()); attr.isEnabled(), attr.getAuthorities());
userMap.addUser(user); userMap.addUser(user);
} }
} }

27
core/src/main/java/org/acegisecurity/vote/AbstractAccessDecisionManager.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.vote; package net.sf.acegisecurity.vote;
@ -37,7 +45,8 @@ public abstract class AbstractAccessDecisionManager
//~ Methods ================================================================ //~ Methods ================================================================
public void setAllowIfAllAbstainDecisions(boolean allowIfAllAbstainDecisions) { public void setAllowIfAllAbstainDecisions(
boolean allowIfAllAbstainDecisions) {
this.allowIfAllAbstainDecisions = allowIfAllAbstainDecisions; this.allowIfAllAbstainDecisions = allowIfAllAbstainDecisions;
} }
@ -59,9 +68,8 @@ public abstract class AbstractAccessDecisionManager
AccessDecisionVoter attemptToCast = (AccessDecisionVoter) currentObject; AccessDecisionVoter attemptToCast = (AccessDecisionVoter) currentObject;
} catch (ClassCastException cce) { } catch (ClassCastException cce) {
throw new IllegalArgumentException("AccessDecisionVoter " throw new IllegalArgumentException("AccessDecisionVoter "
+ currentObject.getClass() + currentObject.getClass().getName()
.getName() + " must implement AccessDecisionVoter");
+ " must implement AccessDecisionVoter");
} }
} }
@ -92,7 +100,8 @@ public abstract class AbstractAccessDecisionManager
private void checkIfValidList(List listToCheck) { private void checkIfValidList(List listToCheck) {
if ((listToCheck == null) || (listToCheck.size() == 0)) { if ((listToCheck == null) || (listToCheck.size() == 0)) {
throw new IllegalArgumentException("A list of AccessDecisionVoters is required"); throw new IllegalArgumentException(
"A list of AccessDecisionVoters is required");
} }
} }
} }

31
core/src/main/java/org/acegisecurity/vote/AccessDecisionVoter.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.vote; package net.sf.acegisecurity.vote;
@ -57,13 +65,12 @@ public interface AccessDecisionVoter {
* Indicates whether or not access is granted. * Indicates whether or not access is granted.
* *
* <p> * <p>
* The decision must be affirmative (<code>ACCESS_GRANTED</code>), * The decision must be affirmative (<code>ACCESS_GRANTED</code>), negative
* negative (<code>ACCESS_DENIED</code>) or the * (<code>ACCESS_DENIED</code>) or the <code>AccessDecisionVoter</code>
* <code>AccessDecisionVoter</code> can abstain * can abstain (<code>ACCESS_ABSTAIN</code>) from voting. Under no
* (<code>ACCESS_ABSTAIN</code>) from voting. Under no circumstances * circumstances should implementing classes return any other value. If a
* should implementing classes return any other value. If a weighting of * weighting of results is desired, this should be handled in a custom
* results is desired, this should be handled in a custom {@link * {@link net.sf.acegisecurity.AccessDecisionManager} instead.
* net.sf.acegisecurity.AccessDecisionManager} instead.
* </p> * </p>
* *
* <P> * <P>
@ -92,5 +99,5 @@ public interface AccessDecisionVoter {
* {@link #ACCESS_DENIED} * {@link #ACCESS_DENIED}
*/ */
public int vote(Authentication authentication, MethodInvocation invocation, public int vote(Authentication authentication, MethodInvocation invocation,
ConfigAttributeDefinition config); ConfigAttributeDefinition config);
} }

21
core/src/main/java/org/acegisecurity/vote/AffirmativeBased.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.vote; package net.sf.acegisecurity.vote;
@ -54,9 +62,8 @@ public class AffirmativeBased extends AbstractAccessDecisionManager {
* @throws AccessDeniedException if access is denied * @throws AccessDeniedException if access is denied
*/ */
public void decide(Authentication authentication, public void decide(Authentication authentication,
MethodInvocation invocation, MethodInvocation invocation, ConfigAttributeDefinition config)
ConfigAttributeDefinition config) throws AccessDeniedException {
throws AccessDeniedException {
Iterator iter = this.getDecisionVoters().iterator(); Iterator iter = this.getDecisionVoters().iterator();
int deny = 0; int deny = 0;

24
core/src/main/java/org/acegisecurity/vote/ConsensusBased.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.vote; package net.sf.acegisecurity.vote;
@ -38,7 +46,8 @@ public class ConsensusBased extends AbstractAccessDecisionManager {
//~ Methods ================================================================ //~ Methods ================================================================
public void setAllowIfEqualGrantedDeniedDecisions(boolean allowIfEqualGrantedDeniedDecisions) { public void setAllowIfEqualGrantedDeniedDecisions(
boolean allowIfEqualGrantedDeniedDecisions) {
this.allowIfEqualGrantedDeniedDecisions = allowIfEqualGrantedDeniedDecisions; this.allowIfEqualGrantedDeniedDecisions = allowIfEqualGrantedDeniedDecisions;
} }
@ -71,9 +80,8 @@ public class ConsensusBased extends AbstractAccessDecisionManager {
* @throws AccessDeniedException if access is denied * @throws AccessDeniedException if access is denied
*/ */
public void decide(Authentication authentication, public void decide(Authentication authentication,
MethodInvocation invocation, MethodInvocation invocation, ConfigAttributeDefinition config)
ConfigAttributeDefinition config) throws AccessDeniedException {
throws AccessDeniedException {
Iterator iter = this.getDecisionVoters().iterator(); Iterator iter = this.getDecisionVoters().iterator();
int grant = 0; int grant = 0;
int deny = 0; int deny = 0;

25
core/src/main/java/org/acegisecurity/vote/RoleVoter.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.vote; package net.sf.acegisecurity.vote;
@ -41,7 +49,7 @@ public class RoleVoter implements AccessDecisionVoter {
public boolean supports(ConfigAttribute attribute) { public boolean supports(ConfigAttribute attribute) {
if ((attribute.getAttribute() != null) if ((attribute.getAttribute() != null)
&& attribute.getAttribute().startsWith("ROLE_")) { && attribute.getAttribute().startsWith("ROLE_")) {
return true; return true;
} else { } else {
return false; return false;
@ -49,7 +57,7 @@ public class RoleVoter implements AccessDecisionVoter {
} }
public int vote(Authentication authentication, MethodInvocation invocation, public int vote(Authentication authentication, MethodInvocation invocation,
ConfigAttributeDefinition config) { ConfigAttributeDefinition config) {
int result = ACCESS_ABSTAIN; int result = ACCESS_ABSTAIN;
Iterator iter = config.getConfigAttributes(); Iterator iter = config.getConfigAttributes();
@ -61,10 +69,9 @@ public class RoleVoter implements AccessDecisionVoter {
// Attempt to find a matching granted authority // Attempt to find a matching granted authority
for (int i = 0; i < authentication.getAuthorities().length; for (int i = 0; i < authentication.getAuthorities().length;
i++) { i++) {
if (attribute.getAttribute().equals(authentication if (attribute.getAttribute().equals(authentication
.getAuthorities()[i] .getAuthorities()[i].getAuthority())) {
.getAuthority())) {
return ACCESS_GRANTED; return ACCESS_GRANTED;
} }
} }

21
core/src/main/java/org/acegisecurity/vote/UnanimousBased.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.vote; package net.sf.acegisecurity.vote;
@ -62,9 +70,8 @@ public class UnanimousBased extends AbstractAccessDecisionManager {
* @throws AccessDeniedException if access is denied * @throws AccessDeniedException if access is denied
*/ */
public void decide(Authentication authentication, public void decide(Authentication authentication,
MethodInvocation invocation, MethodInvocation invocation, ConfigAttributeDefinition config)
ConfigAttributeDefinition config) throws AccessDeniedException {
throws AccessDeniedException {
int grant = 0; int grant = 0;
int deny = 0; int deny = 0;
int abstain = 0; int abstain = 0;

16
core/src/test/java/org/acegisecurity/BankSecurityVoter.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

16
core/src/test/java/org/acegisecurity/ExoticSecureContext.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

16
core/src/test/java/org/acegisecurity/SecurityTests.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity; package net.sf.acegisecurity;

16
core/src/test/java/org/acegisecurity/adapters/AuthByAdapterTests.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.adapters; package net.sf.acegisecurity.adapters;

16
core/src/test/java/org/acegisecurity/attribute/AttributesTests.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.attribute; package net.sf.acegisecurity.attribute;

16
core/src/test/java/org/acegisecurity/attribute/MockAttributes.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.attribute; package net.sf.acegisecurity.attribute;

16
core/src/test/java/org/acegisecurity/attribute/MockMethodInvocation.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.attribute; package net.sf.acegisecurity.attribute;

16
core/src/test/java/org/acegisecurity/attribute/TestAttributes.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.attribute; package net.sf.acegisecurity.attribute;

16
core/src/test/java/org/acegisecurity/attribute/TestService.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.attribute; package net.sf.acegisecurity.attribute;

16
core/src/test/java/org/acegisecurity/attribute/TestServiceImpl.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.attribute; package net.sf.acegisecurity.attribute;

16
core/src/test/java/org/acegisecurity/context/Account.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.context; package net.sf.acegisecurity.context;

16
core/src/test/java/org/acegisecurity/context/BankManager.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.context; package net.sf.acegisecurity.context;

16
core/src/test/java/org/acegisecurity/context/BankManagerImpl.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.context; package net.sf.acegisecurity.context;

16
core/src/test/java/org/acegisecurity/context/ContextTests.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.context; package net.sf.acegisecurity.context;

16
core/src/test/java/org/acegisecurity/context/ExoticContext.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.context; package net.sf.acegisecurity.context;

16
core/src/test/java/org/acegisecurity/providers/dao/memory/InMemoryDaoTests.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.providers.dao.memory; package net.sf.acegisecurity.providers.dao.memory;

16
core/src/test/java/org/acegisecurity/runas/BankManagerPublicFacade.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.runas; package net.sf.acegisecurity.runas;

16
core/src/test/java/org/acegisecurity/runas/RunAsTests.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.runas; package net.sf.acegisecurity.runas;

22
core/src/test/java/org/acegisecurity/taglibs/authz/AuthorizeTagAttributeTests.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.taglibs.authz; package net.sf.acegisecurity.taglibs.authz;
@ -68,8 +76,8 @@ public class AuthorizeTagAttributeTests extends TestCase {
ContextHolder.setContext(context); ContextHolder.setContext(context);
} }
protected void tearDown() throws Exception { protected void tearDown() throws Exception {
ContextHolder.setContext(null); ContextHolder.setContext(null);
} }
} }

20
core/src/test/java/org/acegisecurity/taglibs/authz/AuthorizeTagTests.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.taglibs.authz; package net.sf.acegisecurity.taglibs.authz;
@ -111,6 +119,6 @@ public class AuthorizeTagTests extends TestCase {
} }
protected void tearDown() throws Exception { protected void tearDown() throws Exception {
ContextHolder.setContext(null); ContextHolder.setContext(null);
} }
} }

16
core/src/test/java/org/acegisecurity/vote/VoterManagerTests.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.vote; package net.sf.acegisecurity.vote;

16
core/src/test/java/org/acegisecurity/vote/XVoter.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.vote; package net.sf.acegisecurity.vote;

16
core/src/test/java/org/acegisecurity/vote/YVoter.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.vote; package net.sf.acegisecurity.vote;

16
integration-test/src/net/sf/acegisecurity/integrationtests/web/ContactsWarTests.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package net.sf.acegisecurity.integrationtests.web; package net.sf.acegisecurity.integrationtests.web;

4
jalopy.xml
View File

@ -219,9 +219,9 @@
<use>false</use> <use>false</use>
</footer> </footer>
<header> <header>
<keys>Created on|To change the template for this generated|Apache Software License</keys> <keys>Acegi Technology Pty Limited|Created on|To change the template for this generated|Apache Software License</keys>
<smartMode>0</smartMode> <smartMode>0</smartMode>
<text>/*| * The Acegi Security System for Spring is published under the terms| * of the Apache Software License.| *| * Visit http://acegisecurity.sourceforge.net for further details.| */</text> <text>/* Copyright 2004 Acegi Technology Pty Limited| *| * Licensed under the Apache License, Version 2.0 (the "License");| * you may not use this file except in compliance with the License.| * You may obtain a copy of the License at| *| * http://www.apache.org/licenses/LICENSE-2.0| *| * Unless required by applicable law or agreed to in writing, software| * distributed under the License is distributed on an "AS IS" BASIS,| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.| * See the License for the specific language governing permissions and| * limitations under the License.| */</text>
<use>true</use> <use>true</use>
</header> </header>
<history> <history>

259
license.txt
View File

@ -1,58 +1,201 @@
/* Apache License
* All source code, binaries, documentation and other files distributed Version 2.0, January 2004
* with the Acegi Security System for Spring (except the third-party libraries http://www.apache.org/licenses/
* in the "lib" directories, included in the "-with-dependencies" download)
* are subject to the following license terms, and are held under the TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
* following copyright notice.
* 1. Definitions.
* ============================================================================
* The Apache Software License, Version 1.1 "License" shall mean the terms and conditions for use, reproduction,
* ============================================================================ and distribution as defined by Sections 1 through 9 of this document.
*
* Copyright (C) 2004 The Acegi Security System for Spring Project. "Licensor" shall mean the copyright owner or entity authorized by
* All rights reserved. The Acegi Security System for Spring Project is the copyright owner that is granting the License.
* represented by Ben Alex <ben.alex@acegi.com.au>.
* "Legal Entity" shall mean the union of the acting entity and all
* Redistribution and use in source and binary forms, with or without modifica- other entities that control, are controlled by, or are under common
* tion, are permitted provided that the following conditions are met: control with that entity. For the purposes of this definition,
* "control" means (i) the power, direct or indirect, to cause the
* 1. Redistributions of source code must retain the above copyright notice, direction or management of such entity, whether by contract or
* this list of conditions and the following disclaimer. otherwise, or (ii) ownership of fifty percent (50%) or more of the
* outstanding shares, or (iii) beneficial ownership of such entity.
* 2. Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation "You" (or "Your") shall mean an individual or Legal Entity
* and/or other materials provided with the distribution. exercising permissions granted by this License.
*
* 3. The end-user documentation included with the redistribution, if any, must "Source" form shall mean the preferred form for making modifications,
* include the following acknowledgment: "This product includes software including but not limited to software source code, documentation
* developed by the Acegi Security System for Spring Project source, and configuration files.
* (http://acegisecurity.sourceforge.net)." Alternately, this acknowledgment
* may appear in the software itself, if and wherever such third-party "Object" form shall mean any form resulting from mechanical
* acknowledgments normally appear. transformation or translation of a Source form, including but
* not limited to compiled object code, generated documentation,
* 4. The names "Acegi" and "Acegi Security System for Spring" must not be used and conversions to other media types.
* to endorse or promote products derived from this software without prior
* written permission. For written permission, please contact "Work" shall mean the work of authorship, whether in Source or
* <ben.alex@acegi.com.au>. Object form, made available under the License, as indicated by a
* copyright notice that is included in or attached to the work
* 5. Products derived from this software may not be called "Acegi", nor may (an example is provided in the Appendix below).
* "Acegi" appear in their name, without prior written permission of
* Acegi Technology Pty Limited (www.acegi.com.au). "Derivative Works" shall mean any work, whether in Source or Object
* form, that is based on (or derived from) the Work and for which the
* THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED WARRANTIES, editorial revisions, annotations, elaborations, or other modifications
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND represent, as a whole, an original work of authorship. For the purposes
* FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE of this License, Derivative Works shall not include works that remain
* ACEGI SECURITY SYSTEM FOR SPRING PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR separable from, or merely link (or bind by name) to the interfaces of,
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL the Work and Derivative Works thereof.
* DAMAGES (INCLUDING BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER "Contribution" shall mean any work of authorship, including
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT the original version of the Work and any modifications or additions
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY to that Work or Derivative Works thereof, that is intentionally
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH submitted to Licensor for inclusion in the Work by the copyright owner
* DAMAGE. or by an individual or Legal Entity authorized to submit on behalf of
* the copyright owner. For the purposes of this definition, "submitted"
* This software consists of voluntary contributions made by many individuals means any form of electronic, verbal, or written communication sent
* on behalf of the Acegi Security System for Spring Project. For more to the Licensor or its representatives, including but not limited to
* information on the Acegi Security System for Spring Project, please see communication on electronic mailing lists, source code control systems,
* <http://acegisecurity.sourceforge.net>. and issue tracking systems that are managed by, or on behalf of, the
*/ Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

26
notice.txt Normal file
View File

@ -0,0 +1,26 @@
======================================================================
== NOTICE file corresponding to section 4(d) of the Apache License, ==
== Version 2.0, in this case for the Acegi Security System for ==
== Spring distribution. ==
======================================================================
This product includes software developed by the Spring Framework
Project (http://www.springframework.org).
This product includes software developed by
the Apache Software Foundation (http://www.apache.org).
The end-user documentation included with a redistribution, if any,
must include the following acknowledgement:
"This product includes software developed by the Acegi Security
System for Spring Project (http://acegisecurity.sourceforge.net)."
Alternately, this acknowledgement may appear in the software itself,
if and wherever such third-party acknowledgements normally appear.
The names "Acegi", "Acegi Security System" and "Acegi Security System
for Spring" must not be used to endorse or promote products derived
from this software without prior written permission. For written
permission, please contact ben.alex@acegi.com.au.

16
samples/attributes/src/main/java/sample/attributes/BankService.java
View File

@ -1,8 +1,16 @@
/* /* Copyright 2004 Acegi Technology Pty Limited
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
* *
* Visit http://acegisecurity.sourceforge.net for further details. * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/ */
package sample.attributes; package sample.attributes;

Some files were not shown because too many files have changed in this diff Show More