mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-02-24 07:37:50 +00:00
SEC-532: Remove FilterInvocationDefinitionSource-related classes which are no longer needed.
This commit is contained in:
Luke Taylor
parent
a0ee7fb6fd
commit
c9de2f6c9f
@ -5,6 +5,7 @@ import org.springframework.util.Assert;
|
||||
import org.springframework.security.ConfigAttribute;
|
||||
import org.springframework.security.ConfigAttributeDefinition;
|
||||
import org.springframework.security.util.FilterChainProxy;
|
||||
import org.springframework.security.util.UrlMatcher;
|
||||
|
||||
import javax.servlet.Filter;
|
||||
import java.util.*;
|
||||
@ -24,16 +25,13 @@ import java.util.regex.Pattern;
|
||||
public class FIDSToFilterChainMapConverter {
|
||||
|
||||
private LinkedHashMap filterChainMap = new LinkedHashMap();
|
||||
private UrlMatcher matcher;
|
||||
|
||||
public FIDSToFilterChainMapConverter(FilterInvocationDefinitionSource source, ApplicationContext appContext) {
|
||||
public FIDSToFilterChainMapConverter(DefaultFilterInvocationDefinitionSource fids, ApplicationContext appContext) {
|
||||
// TODO: Check if this is necessary. Retained from refactoring of FilterChainProxy
|
||||
Assert.notNull(source.getConfigAttributeDefinitions(), "FilterChainProxy requires the " +
|
||||
Assert.notNull(fids.getConfigAttributeDefinitions(), "FilterChainProxy requires the " +
|
||||
"FilterInvocationDefinitionSource to return a non-null response to getConfigAttributeDefinitions()");
|
||||
Assert.isTrue(source instanceof DefaultFilterInvocationDefinitionSource,
|
||||
"Can't handle FilterInvocationDefinitionSource type " + source.getClass());
|
||||
|
||||
|
||||
DefaultFilterInvocationDefinitionSource fids = (DefaultFilterInvocationDefinitionSource)source;
|
||||
matcher = fids.getUrlMatcher();
|
||||
Map requestMap = fids.getRequestMap();
|
||||
Iterator paths = requestMap.keySet().iterator();
|
||||
|
||||
@ -64,4 +62,8 @@ public class FIDSToFilterChainMapConverter {
|
||||
public Map getFilterChainMap() {
|
||||
return filterChainMap;
|
||||
}
|
||||
|
||||
public UrlMatcher getMatcher() {
|
||||
return matcher;
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,27 +0,0 @@
|
||||
/* Copyright 2006 Acegi Technology Pty Limited
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.intercept.web;
|
||||
|
||||
/**
|
||||
* Interface to join {@link FilterInvocationDefinitionMap} and
|
||||
* {@link FilterInvocationDefinitionSource}.
|
||||
*
|
||||
* @author <a href="mailto:carlos@apache.org">Carlos Sanchez</a>
|
||||
* @version $Id$
|
||||
* @since 1.1
|
||||
*/
|
||||
public interface FilterInvocationDefinition extends FilterInvocationDefinitionMap, FilterInvocationDefinitionSource {
|
||||
}
|
||||
@ -1,36 +0,0 @@
|
||||
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.intercept.web;
|
||||
|
||||
import org.springframework.security.ConfigAttributeDefinition;
|
||||
|
||||
|
||||
/**
|
||||
* Exposes methods required so that a property editor can populate the relevant
|
||||
* {@link FilterInvocationDefinitionSource}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public interface FilterInvocationDefinitionMap {
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
void addSecureUrl(String expression, ConfigAttributeDefinition attr);
|
||||
|
||||
boolean isConvertUrlToLowercaseBeforeComparison();
|
||||
|
||||
void setConvertUrlToLowercaseBeforeComparison(boolean convertUrlToLowercaseBeforeComparison);
|
||||
}
|
||||
@ -1,70 +0,0 @@
|
||||
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.intercept.web;
|
||||
|
||||
import org.springframework.security.ConfigAttributeDefinition;
|
||||
import org.springframework.security.util.AntUrlPathMatcher;
|
||||
|
||||
/**
|
||||
* Extends DefaultFilterInvocationDefinitionSource, configuring it with a {@link AntUrlPathMatcher} to match URLs
|
||||
* using Apache Ant path-based patterns.
|
||||
* <p>
|
||||
* Apache Ant path expressions are used to match a HTTP request URL against a <code>ConfigAttributeDefinition</code>.
|
||||
* <p>
|
||||
* The order of registering the Ant paths using the {@link #addSecureUrl(String,ConfigAttributeDefinition)} is
|
||||
* very important. The system will identify the <b>first</b> matching path for a given HTTP URL. It will not proceed
|
||||
* to evaluate later paths if a match has already been found. Accordingly, the most specific paths should be
|
||||
* registered first, with the most general paths registered last.
|
||||
* <p>
|
||||
* If no registered paths match the HTTP URL, <code>null</code> is returned.
|
||||
* <p>
|
||||
* Note that as of 2.0, lower case URL comparisons are made by default, as this is the default strategy for
|
||||
* <tt>AntUrlPathMatcher</tt>.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @author Luke taylor
|
||||
* @deprecated DefaultFilterInvocationDefinitionSource should now be used with an AntUrlPathMatcher instead.
|
||||
* @version $Id$
|
||||
*/
|
||||
public class PathBasedFilterInvocationDefinitionMap extends DefaultFilterInvocationDefinitionSource
|
||||
implements FilterInvocationDefinition {
|
||||
|
||||
//~ Constructors ===================================================================================================
|
||||
|
||||
public PathBasedFilterInvocationDefinitionMap() {
|
||||
super(new AntUrlPathMatcher());
|
||||
setStripQueryStringFromUrls(true);
|
||||
}
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void addSecureUrl(String antPath, String method, ConfigAttributeDefinition attr) {
|
||||
// SEC-501: If using lower case comparison, we should convert the paths to lower case
|
||||
// as any upper case characters included by mistake will prevent the URL from ever being matched.
|
||||
// This shouldn't be needed anymore. The property editor complains if there is upper case text in the URL
|
||||
// and the namespace implementation does the conversion itself, so it is safe to use the parent class
|
||||
// directly.
|
||||
if (getUrlMatcher().requiresLowerCaseUrl()) {
|
||||
antPath = antPath.toLowerCase();
|
||||
}
|
||||
|
||||
super.addSecureUrl(antPath, method, attr);
|
||||
}
|
||||
|
||||
public void setConvertUrlToLowercaseBeforeComparison(boolean bool) {
|
||||
((AntUrlPathMatcher)getUrlMatcher()).setRequiresLowerCaseUrl(bool);
|
||||
}
|
||||
}
|
||||
@ -1,42 +0,0 @@
|
||||
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.intercept.web;
|
||||
|
||||
import org.springframework.security.util.RegexUrlPathMatcher;
|
||||
|
||||
|
||||
/**
|
||||
* Configures an {@link DefaultFilterInvocationDefinitionSource} with a regular expression URL matching strategy
|
||||
* {@link RegexUrlPathMatcher}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @author Luke Taylor
|
||||
* @deprecated
|
||||
* @version $Id$
|
||||
*/
|
||||
public class RegExpBasedFilterInvocationDefinitionMap extends DefaultFilterInvocationDefinitionSource
|
||||
implements FilterInvocationDefinition {
|
||||
|
||||
//~ Constructors ===================================================================================================
|
||||
|
||||
public RegExpBasedFilterInvocationDefinitionMap() {
|
||||
super(new RegexUrlPathMatcher());
|
||||
}
|
||||
|
||||
public void setConvertUrlToLowercaseBeforeComparison(boolean bool) {
|
||||
((RegexUrlPathMatcher)getUrlMatcher()).setRequiresLowerCaseUrl(bool);
|
||||
}
|
||||
}
|
||||
@ -15,13 +15,12 @@ public interface PreAuthenticatedUserDetailsService {
|
||||
|
||||
/**
|
||||
*
|
||||
* @param aPreAuthenticatedAuthenticationToken
|
||||
* @param token
|
||||
* The pre-authenticated authentication token
|
||||
* @return UserDetails for the given authentication token.
|
||||
* @throws UsernameNotFoundException
|
||||
* if no user details can be found for the given authentication
|
||||
* token
|
||||
*/
|
||||
UserDetails getUserDetails(PreAuthenticatedAuthenticationToken aPreAuthenticatedAuthenticationToken)
|
||||
throws UsernameNotFoundException;
|
||||
UserDetails getUserDetails(PreAuthenticatedAuthenticationToken token) throws UsernameNotFoundException;
|
||||
}
|
||||
|
||||
@ -17,6 +17,14 @@ public class AntUrlPathMatcher implements UrlMatcher {
|
||||
private boolean requiresLowerCaseUrl = true;
|
||||
private PathMatcher pathMatcher = new AntPathMatcher();
|
||||
|
||||
public AntUrlPathMatcher() {
|
||||
this(true);
|
||||
}
|
||||
|
||||
public AntUrlPathMatcher(boolean requiresLowerCaseUrl) {
|
||||
this.requiresLowerCaseUrl = requiresLowerCaseUrl;
|
||||
}
|
||||
|
||||
public Object compile(String path) {
|
||||
if (requiresLowerCaseUrl) {
|
||||
return path.toLowerCase();
|
||||
|
||||
@ -106,7 +106,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
|
||||
/** Compiled pattern version of the filter chain map */
|
||||
private Map filterChainMap;
|
||||
private UrlMatcher matcher = new AntUrlPathMatcher();
|
||||
private FilterInvocationDefinitionSource fids;
|
||||
private DefaultFilterInvocationDefinitionSource fids;
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
@ -114,7 +114,9 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
|
||||
// Convert the FilterDefinitionSource to a filterChainMap if set
|
||||
if (fids != null) {
|
||||
Assert.isNull(uncompiledFilterChainMap, "Set the filterChainMap or FilterInvocationDefinitionSource but not both");
|
||||
setFilterChainMap(new FIDSToFilterChainMapConverter(fids, applicationContext).getFilterChainMap());
|
||||
FIDSToFilterChainMapConverter converter = new FIDSToFilterChainMapConverter(fids, applicationContext);
|
||||
setFilterChainMap(converter.getFilterChainMap());
|
||||
setMatcher(converter.getMatcher());
|
||||
fids = null;
|
||||
}
|
||||
|
||||
@ -238,10 +240,9 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
|
||||
* @deprecated Use namespace configuration or call setFilterChainMap instead.
|
||||
*/
|
||||
public void setFilterInvocationDefinitionSource(FilterInvocationDefinitionSource fids) {
|
||||
if( fids instanceof RegExpBasedFilterInvocationDefinitionMap) {
|
||||
matcher = new RegexUrlPathMatcher();
|
||||
}
|
||||
this.fids = fids;
|
||||
Assert.isInstanceOf(DefaultFilterInvocationDefinitionSource.class, fids,
|
||||
"Must be a DefaultFilterInvocationDefinitionSource");
|
||||
this.fids = (DefaultFilterInvocationDefinitionSource) fids;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -18,43 +18,40 @@ package org.springframework.security.intercept.web;
|
||||
import org.springframework.security.ConfigAttributeDefinition;
|
||||
import org.springframework.security.MockFilterChain;
|
||||
import org.springframework.security.SecurityConfig;
|
||||
import org.springframework.security.util.AntUrlPathMatcher;
|
||||
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.junit.Before;
|
||||
import static org.junit.Assert.*;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
/**
|
||||
* Tests parts of {@link PathBasedFilterInvocationDefinitionMap} not tested by {@link
|
||||
* FilterInvocationDefinitionSourceEditorWithPathsTests}.
|
||||
* Tests parts of {@link DefaultFilterInvocationDefinitionSource} not tested by {@link
|
||||
* FilterInvocationDefinitionSourceEditorTests}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class PathBasedFilterInvocationDefinitionMapTests {
|
||||
public class DefaultFilterInvocationDefinitionSourceTests {
|
||||
DefaultFilterInvocationDefinitionSource map;
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
@Before
|
||||
public void createMap() {
|
||||
map = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher());
|
||||
map.setStripQueryStringFromUrls(true);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void convertUrlToLowercaseIsTrueByDefault() {
|
||||
PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
|
||||
assertTrue(map.isConvertUrlToLowercaseBeforeComparison());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void convertUrlToLowercaseSetterRespected() {
|
||||
PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
|
||||
map.setConvertUrlToLowercaseBeforeComparison(false);
|
||||
assertFalse(map.isConvertUrlToLowercaseBeforeComparison());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void lookupNotRequiringExactMatchSuccessIfNotMatching() {
|
||||
PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
|
||||
map.setConvertUrlToLowercaseBeforeComparison(true);
|
||||
|
||||
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
|
||||
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
|
||||
map.addSecureUrl("/secure/super/**", def);
|
||||
@ -70,8 +67,6 @@ public class PathBasedFilterInvocationDefinitionMapTests {
|
||||
*/
|
||||
@Test
|
||||
public void lookupNotRequiringExactMatchSucceedsIfSecureUrlPathContainsUpperCase() {
|
||||
PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
|
||||
|
||||
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
|
||||
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
|
||||
map.addSecureUrl("/SeCuRE/super/**", def);
|
||||
@ -85,8 +80,7 @@ public class PathBasedFilterInvocationDefinitionMapTests {
|
||||
|
||||
@Test
|
||||
public void lookupRequiringExactMatchFailsIfNotMatching() {
|
||||
PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
|
||||
map.setConvertUrlToLowercaseBeforeComparison(false);
|
||||
map = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(false));
|
||||
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
|
||||
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
|
||||
map.addSecureUrl("/secure/super/**", def);
|
||||
@ -99,8 +93,7 @@ public class PathBasedFilterInvocationDefinitionMapTests {
|
||||
|
||||
@Test
|
||||
public void lookupRequiringExactMatchIsSuccessful() {
|
||||
PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
|
||||
map.setConvertUrlToLowercaseBeforeComparison(false);
|
||||
map = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(false));
|
||||
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
|
||||
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
|
||||
map.addSecureUrl("/SeCurE/super/**", def);
|
||||
@ -113,7 +106,6 @@ public class PathBasedFilterInvocationDefinitionMapTests {
|
||||
|
||||
@Test
|
||||
public void lookupRequiringExactMatchWithAdditionalSlashesIsSuccessful() {
|
||||
PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
|
||||
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
|
||||
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
|
||||
map.addSecureUrl("/someAdminPage.html**", def);
|
||||
@ -126,7 +118,6 @@ public class PathBasedFilterInvocationDefinitionMapTests {
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
public void unknownHttpMethodIsRejected() {
|
||||
PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
|
||||
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
|
||||
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
|
||||
map.addSecureUrl("/someAdminPage.html**", "UNKNOWN", def);
|
||||
@ -134,7 +125,6 @@ public class PathBasedFilterInvocationDefinitionMapTests {
|
||||
|
||||
@Test
|
||||
public void httpMethodLookupSucceeds() {
|
||||
PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
|
||||
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
|
||||
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
|
||||
map.addSecureUrl("/somepage**", "GET", def);
|
||||
@ -146,7 +136,6 @@ public class PathBasedFilterInvocationDefinitionMapTests {
|
||||
|
||||
@Test
|
||||
public void requestWithDifferentHttpMethodDoesntMatch() {
|
||||
PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
|
||||
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
|
||||
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
|
||||
map.addSecureUrl("/somepage**", "GET", def);
|
||||
@ -158,7 +147,7 @@ public class PathBasedFilterInvocationDefinitionMapTests {
|
||||
|
||||
@Test
|
||||
public void httpMethodSpecificUrlTakesPrecedence() {
|
||||
PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
|
||||
|
||||
|
||||
// Even though this is added before the method-specific def, the latter should match
|
||||
ConfigAttributeDefinition allMethodDef = new ConfigAttributeDefinition();
|
||||
@ -178,8 +167,7 @@ public class PathBasedFilterInvocationDefinitionMapTests {
|
||||
* Check fixes for SEC-321
|
||||
*/
|
||||
@Test
|
||||
public void extraQuestionMarkStillMatches() {
|
||||
PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap();
|
||||
public void extraQuestionMarkStillMatches() {
|
||||
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
|
||||
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
|
||||
map.addSecureUrl("/someAdminPage.html*", def);
|
||||
@ -21,6 +21,7 @@ import org.springframework.security.ConfigAttributeDefinition;
|
||||
import org.springframework.security.MockFilterChain;
|
||||
import org.springframework.security.SecurityConfig;
|
||||
import org.springframework.security.util.RegexUrlPathMatcher;
|
||||
import org.springframework.security.util.AntUrlPathMatcher;
|
||||
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
@ -30,8 +31,8 @@ import java.util.regex.PatternSyntaxException;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link FilterInvocationDefinitionSourceEditor} and its associated default {@link
|
||||
* RegExpBasedFilterInvocationDefinitionMap}.
|
||||
* Tests {@link FilterInvocationDefinitionSourceEditor} and its associated default
|
||||
* {@link DefaultFilterInvocationDefinitionSource}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
@ -273,4 +274,42 @@ public class FilterInvocationDefinitionSourceEditorTests extends TestCase {
|
||||
DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
|
||||
assertEquals(2, map.getMapSize());
|
||||
}
|
||||
|
||||
public void testAntPathDirectiveIsDetected() {
|
||||
FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
|
||||
editor.setAsText(
|
||||
"PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER");
|
||||
|
||||
DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
|
||||
assertTrue(map.getUrlMatcher() instanceof AntUrlPathMatcher);
|
||||
}
|
||||
|
||||
public void testInvalidNameValueFailsToParse() {
|
||||
FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
|
||||
|
||||
try {
|
||||
// Use a "==" instead of an "="
|
||||
editor.setAsText(" PATTERN_TYPE_APACHE_ANT\r\n /secure/*==ROLE_SUPERVISOR,ROLE_TELLER \r\n");
|
||||
fail("Shouldn't be able to use '==' for config attribute.");
|
||||
} catch (IllegalArgumentException expected) {}
|
||||
}
|
||||
|
||||
public void testSingleUrlParsing() throws Exception {
|
||||
FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
|
||||
editor.setAsText("PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE,ANOTHER_ROLE");
|
||||
|
||||
DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
|
||||
|
||||
MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null);
|
||||
httpRequest.setServletPath("/secure/super/very_secret.html");
|
||||
|
||||
ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
|
||||
new MockHttpServletResponse(), new MockFilterChain()));
|
||||
|
||||
ConfigAttributeDefinition expected = new ConfigAttributeDefinition();
|
||||
expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE"));
|
||||
expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE"));
|
||||
|
||||
assertEquals(expected, returned);
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,197 +0,0 @@
|
||||
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.intercept.web;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
import org.springframework.security.ConfigAttributeDefinition;
|
||||
import org.springframework.security.MockFilterChain;
|
||||
import org.springframework.security.SecurityConfig;
|
||||
import org.springframework.security.util.AntUrlPathMatcher;
|
||||
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
import java.util.Iterator;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link FilterInvocationDefinitionSourceEditor} and its associated {@link
|
||||
* PathBasedFilterInvocationDefinitionMap}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class FilterInvocationDefinitionSourceEditorWithPathsTests extends TestCase {
|
||||
//~ Constructors ===================================================================================================
|
||||
|
||||
public FilterInvocationDefinitionSourceEditorWithPathsTests() {
|
||||
super();
|
||||
}
|
||||
|
||||
public FilterInvocationDefinitionSourceEditorWithPathsTests(String arg0) {
|
||||
super(arg0);
|
||||
}
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void testAntPathDirectiveIsDetected() {
|
||||
FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
|
||||
editor.setAsText(
|
||||
"PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER");
|
||||
|
||||
DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
|
||||
assertTrue(map.getUrlMatcher() instanceof AntUrlPathMatcher);
|
||||
}
|
||||
|
||||
public void testConvertUrlToLowercaseDefaultSettingUnchangedByEditor() {
|
||||
FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
|
||||
editor.setAsText(
|
||||
"PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER");
|
||||
|
||||
DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
|
||||
assertFalse(map.getUrlMatcher().requiresLowerCaseUrl());
|
||||
}
|
||||
|
||||
public void testConvertUrlToLowercaseSettingApplied() {
|
||||
FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
|
||||
editor.setAsText(
|
||||
"CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON\r\nPATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER");
|
||||
|
||||
DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
|
||||
assertTrue(map.getUrlMatcher().requiresLowerCaseUrl());
|
||||
}
|
||||
|
||||
public void testInvalidNameValueFailsToParse() {
|
||||
FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
|
||||
|
||||
try {
|
||||
// Use a "==" instead of an "="
|
||||
editor.setAsText(" PATTERN_TYPE_APACHE_ANT\r\n /secure/*==ROLE_SUPERVISOR,ROLE_TELLER \r\n");
|
||||
fail("Shouldn't be able to use '==' for config attribute.");
|
||||
} catch (IllegalArgumentException expected) {}
|
||||
}
|
||||
|
||||
public void testIterator() {
|
||||
FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
|
||||
editor.setAsText(
|
||||
"PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER");
|
||||
|
||||
DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
|
||||
Iterator iter = map.getConfigAttributeDefinitions();
|
||||
int counter = 0;
|
||||
|
||||
while (iter.hasNext()) {
|
||||
iter.next();
|
||||
counter++;
|
||||
}
|
||||
|
||||
assertEquals(2, counter);
|
||||
}
|
||||
|
||||
public void testMapReturnsNullWhenNoMatchFound() throws Exception {
|
||||
FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
|
||||
editor.setAsText("PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE");
|
||||
|
||||
DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
|
||||
|
||||
MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null);
|
||||
httpRequest.setServletPath("/totally/different/path/index.html");
|
||||
|
||||
ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
|
||||
new MockHttpServletResponse(), new MockFilterChain()));
|
||||
|
||||
assertEquals(null, returned);
|
||||
}
|
||||
|
||||
public void testMultiUrlParsing() {
|
||||
FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
|
||||
editor.setAsText(
|
||||
"PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER");
|
||||
|
||||
DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
|
||||
assertEquals(2, map.getMapSize());
|
||||
}
|
||||
|
||||
public void testOrderOfEntriesIsPreservedOrderA() {
|
||||
FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
|
||||
editor.setAsText(
|
||||
"PATTERN_TYPE_APACHE_ANT\r\n/secure/super/**=ROLE_WE_DONT_HAVE,ANOTHER_ROLE\r\n/secure/**=ROLE_SUPERVISOR,ROLE_TELLER");
|
||||
|
||||
DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
|
||||
|
||||
// Test ensures we match the first entry, not the second
|
||||
MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null);
|
||||
httpRequest.setServletPath("/secure/super/very_secret.html");
|
||||
|
||||
ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
|
||||
new MockHttpServletResponse(), new MockFilterChain()));
|
||||
|
||||
ConfigAttributeDefinition expected = new ConfigAttributeDefinition();
|
||||
expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE"));
|
||||
expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE"));
|
||||
|
||||
assertEquals(expected, returned);
|
||||
}
|
||||
|
||||
public void testOrderOfEntriesIsPreservedOrderB() {
|
||||
FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
|
||||
editor.setAsText(
|
||||
"PATTERN_TYPE_APACHE_ANT\r\n/secure/**=ROLE_SUPERVISOR,ROLE_TELLER\r\n/secure/super/**=ROLE_WE_DONT_HAVE");
|
||||
|
||||
DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
|
||||
|
||||
MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null);
|
||||
httpRequest.setServletPath("/secure/super/very_secret.html");
|
||||
|
||||
ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
|
||||
new MockHttpServletResponse(), new MockFilterChain()));
|
||||
|
||||
ConfigAttributeDefinition expected = new ConfigAttributeDefinition();
|
||||
expected.addConfigAttribute(new SecurityConfig("ROLE_SUPERVISOR"));
|
||||
expected.addConfigAttribute(new SecurityConfig("ROLE_TELLER"));
|
||||
|
||||
assertEquals(expected, returned);
|
||||
}
|
||||
|
||||
public void testSingleUrlParsing() throws Exception {
|
||||
FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
|
||||
editor.setAsText("PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE,ANOTHER_ROLE");
|
||||
|
||||
DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
|
||||
|
||||
MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null);
|
||||
httpRequest.setServletPath("/secure/super/very_secret.html");
|
||||
|
||||
ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
|
||||
new MockHttpServletResponse(), new MockFilterChain()));
|
||||
|
||||
ConfigAttributeDefinition expected = new ConfigAttributeDefinition();
|
||||
expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE"));
|
||||
expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE"));
|
||||
|
||||
assertEquals(expected, returned);
|
||||
}
|
||||
|
||||
public void testWhitespaceAndCommentsAndLinesWithoutEqualsSignsAreIgnored() {
|
||||
FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor();
|
||||
editor.setAsText(
|
||||
" PATTERN_TYPE_APACHE_ANT\r\n /secure/super/*=ROLE_WE_DONT_HAVE\r\n /secure/*=ROLE_SUPERVISOR,ROLE_TELLER \r\n \r\n \r\n // comment line \r\n \r\n");
|
||||
|
||||
DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue();
|
||||
assertEquals(2, map.getMapSize());
|
||||
}
|
||||
}
|
||||
@ -30,6 +30,8 @@ import org.springframework.security.MockAuthenticationManager;
|
||||
import org.springframework.security.MockRunAsManager;
|
||||
import org.springframework.security.RunAsManager;
|
||||
import org.springframework.security.SecurityConfig;
|
||||
import org.springframework.security.util.AntUrlPathMatcher;
|
||||
import org.springframework.security.util.RegexUrlPathMatcher;
|
||||
import org.springframework.security.context.SecurityContextHolder;
|
||||
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
@ -75,11 +77,10 @@ public class FilterSecurityInterceptorTests extends TestCase {
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
|
||||
public void testEnsuresAccessDecisionManagerSupportsFilterInvocationClass()
|
||||
throws Exception {
|
||||
public void testEnsuresAccessDecisionManagerSupportsFilterInvocationClass() throws Exception {
|
||||
FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
|
||||
interceptor.setAuthenticationManager(new MockAuthenticationManager());
|
||||
interceptor.setObjectDefinitionSource(new RegExpBasedFilterInvocationDefinitionMap());
|
||||
interceptor.setObjectDefinitionSource(new DefaultFilterInvocationDefinitionSource(new RegexUrlPathMatcher()));
|
||||
interceptor.setRunAsManager(new MockRunAsManager());
|
||||
|
||||
interceptor.setAccessDecisionManager(new AccessDecisionManager() {
|
||||
@ -111,7 +112,7 @@ public class FilterSecurityInterceptorTests extends TestCase {
|
||||
FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
|
||||
interceptor.setAccessDecisionManager(new MockAccessDecisionManager());
|
||||
interceptor.setAuthenticationManager(new MockAuthenticationManager());
|
||||
interceptor.setObjectDefinitionSource(new RegExpBasedFilterInvocationDefinitionMap());
|
||||
interceptor.setObjectDefinitionSource(new DefaultFilterInvocationDefinitionSource(new RegexUrlPathMatcher()));
|
||||
|
||||
interceptor.setRunAsManager(new RunAsManager() {
|
||||
public boolean supports(Class clazz) {
|
||||
@ -177,7 +178,8 @@ public class FilterSecurityInterceptorTests extends TestCase {
|
||||
interceptor.setAccessDecisionManager(new MockAccessDecisionManager());
|
||||
interceptor.setAuthenticationManager(new MockAuthenticationManager());
|
||||
|
||||
RegExpBasedFilterInvocationDefinitionMap fidp = new RegExpBasedFilterInvocationDefinitionMap();
|
||||
DefaultFilterInvocationDefinitionSource fidp =
|
||||
new DefaultFilterInvocationDefinitionSource(new RegexUrlPathMatcher());
|
||||
interceptor.setObjectDefinitionSource(fidp);
|
||||
interceptor.setRunAsManager(new MockRunAsManager());
|
||||
interceptor.afterPropertiesSet();
|
||||
@ -232,7 +234,8 @@ public class FilterSecurityInterceptorTests extends TestCase {
|
||||
List mappings = new ArrayList(1);
|
||||
mappings.add(mapping);
|
||||
|
||||
PathBasedFilterInvocationDefinitionMap filterInvocationDefinitionSource = new PathBasedFilterInvocationDefinitionMap();
|
||||
DefaultFilterInvocationDefinitionSource filterInvocationDefinitionSource
|
||||
= new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher());
|
||||
filterInvocationDefinitionSource.setMappings(mappings);
|
||||
|
||||
FilterSecurityInterceptor filter = new FilterSecurityInterceptor();
|
||||
|
||||
@ -1,64 +0,0 @@
|
||||
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.intercept.web;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Iterator;
|
||||
import java.util.Map;
|
||||
|
||||
import org.springframework.security.ConfigAttributeDefinition;
|
||||
|
||||
/**
|
||||
* Mock for {@link FilterInvocationDefinitionMap}
|
||||
*
|
||||
* @author <a href="mailto:carlos@apache.org">Carlos Sanchez</a>
|
||||
* @version $Id: MockFilterInvocationDefinitionSource.java 1496 2006-05-23
|
||||
* 13:38:33Z benalex $
|
||||
*/
|
||||
public class MockFilterInvocationDefinition implements FilterInvocationDefinition {
|
||||
|
||||
private Map secureUrls = new HashMap();
|
||||
|
||||
private boolean convertUrlToLowercaseBeforeComparison = false;
|
||||
|
||||
public void addSecureUrl(String expression, ConfigAttributeDefinition attr) {
|
||||
secureUrls.put(expression, attr);
|
||||
}
|
||||
|
||||
public boolean isConvertUrlToLowercaseBeforeComparison() {
|
||||
return convertUrlToLowercaseBeforeComparison;
|
||||
}
|
||||
|
||||
public void setConvertUrlToLowercaseBeforeComparison(boolean convertUrlToLowercaseBeforeComparison) {
|
||||
this.convertUrlToLowercaseBeforeComparison = convertUrlToLowercaseBeforeComparison;
|
||||
}
|
||||
|
||||
public ConfigAttributeDefinition getSecureUrl(String expression) {
|
||||
return (ConfigAttributeDefinition) secureUrls.get(expression);
|
||||
}
|
||||
|
||||
public ConfigAttributeDefinition getAttributes(Object object) throws IllegalArgumentException {
|
||||
return (ConfigAttributeDefinition) secureUrls.get(object);
|
||||
}
|
||||
|
||||
public Iterator getConfigAttributeDefinitions() {
|
||||
return secureUrls.values().iterator();
|
||||
}
|
||||
|
||||
public boolean supports(Class clazz) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@ -1,121 +0,0 @@
|
||||
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.intercept.web;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
import org.springframework.security.ConfigAttributeDefinition;
|
||||
import org.springframework.security.MockFilterChain;
|
||||
import org.springframework.security.SecurityConfig;
|
||||
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
|
||||
/**
|
||||
* Tests parts of {@link RegExpBasedFilterInvocationDefinitionMap} not tested by {@link
|
||||
* FilterInvocationDefinitionSourceEditorTests}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class RegExpBasedFilterDefinitionMapTests extends TestCase {
|
||||
//~ Constructors ===================================================================================================
|
||||
|
||||
public RegExpBasedFilterDefinitionMapTests() {
|
||||
}
|
||||
|
||||
public RegExpBasedFilterDefinitionMapTests(String arg0) {
|
||||
super(arg0);
|
||||
}
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void testConvertUrlToLowercaseIsFalseByDefault() {
|
||||
RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap();
|
||||
assertFalse(map.isConvertUrlToLowercaseBeforeComparison());
|
||||
}
|
||||
|
||||
public void testConvertUrlToLowercaseSetterRespected() {
|
||||
RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap();
|
||||
map.setConvertUrlToLowercaseBeforeComparison(true);
|
||||
assertTrue(map.isConvertUrlToLowercaseBeforeComparison());
|
||||
}
|
||||
|
||||
public void testLookupNotRequiringExactMatchSuccessIfNotMatching() {
|
||||
RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap();
|
||||
map.setConvertUrlToLowercaseBeforeComparison(true);
|
||||
assertTrue(map.isConvertUrlToLowercaseBeforeComparison());
|
||||
|
||||
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
|
||||
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
|
||||
map.addSecureUrl("\\A/secure/super.*\\Z", def);
|
||||
|
||||
// Build a HTTP request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setRequestURI(null);
|
||||
|
||||
MockHttpServletRequest req = request;
|
||||
req.setServletPath("/SeCuRE/super/somefile.html");
|
||||
|
||||
FilterInvocation fi = new FilterInvocation(req, new MockHttpServletResponse(), new MockFilterChain());
|
||||
|
||||
ConfigAttributeDefinition response = map.lookupAttributes(fi.getRequestUrl());
|
||||
assertEquals(def, response);
|
||||
}
|
||||
|
||||
public void testLookupRequiringExactMatchFailsIfNotMatching() {
|
||||
RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap();
|
||||
assertFalse(map.isConvertUrlToLowercaseBeforeComparison());
|
||||
|
||||
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
|
||||
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
|
||||
map.addSecureUrl("\\A/secure/super.*\\Z", def);
|
||||
|
||||
// Build a HTTP request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setRequestURI(null);
|
||||
|
||||
MockHttpServletRequest req = request;
|
||||
req.setServletPath("/SeCuRE/super/somefile.html");
|
||||
|
||||
FilterInvocation fi = new FilterInvocation(req, new MockHttpServletResponse(), new MockFilterChain());
|
||||
|
||||
ConfigAttributeDefinition response = map.lookupAttributes(fi.getRequestUrl());
|
||||
assertEquals(null, response);
|
||||
}
|
||||
|
||||
public void testLookupRequiringExactMatchIsSuccessful() {
|
||||
RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap();
|
||||
assertFalse(map.isConvertUrlToLowercaseBeforeComparison());
|
||||
|
||||
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
|
||||
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
|
||||
map.addSecureUrl("\\A/secure/super.*\\Z", def);
|
||||
|
||||
// Build a HTTP request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setRequestURI(null);
|
||||
|
||||
MockHttpServletRequest req = request;
|
||||
req.setServletPath("/secure/super/somefile.html");
|
||||
|
||||
FilterInvocation fi = new FilterInvocation(req, new MockHttpServletResponse(), new MockFilterChain());
|
||||
|
||||
ConfigAttributeDefinition response = map.lookupAttributes(fi.getRequestUrl());
|
||||
assertEquals(def, response);
|
||||
}
|
||||
}
|
||||
@ -30,7 +30,7 @@ import org.springframework.security.MockApplicationContext;
|
||||
import org.springframework.security.MockFilterConfig;
|
||||
import org.springframework.security.context.HttpSessionContextIntegrationFilter;
|
||||
import org.springframework.security.intercept.web.MockFilterInvocationDefinitionSource;
|
||||
import org.springframework.security.intercept.web.PathBasedFilterInvocationDefinitionMap;
|
||||
import org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource;
|
||||
import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
|
||||
|
||||
import java.util.List;
|
||||
@ -82,7 +82,8 @@ public class FilterChainProxyTests {
|
||||
ConfigAttributeDefinition cad = new ConfigAttributeDefinition();
|
||||
cad.addConfigAttribute(new MockConfigAttribute());
|
||||
|
||||
PathBasedFilterInvocationDefinitionMap fids = new PathBasedFilterInvocationDefinitionMap();
|
||||
DefaultFilterInvocationDefinitionSource fids =
|
||||
new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher());
|
||||
fids.addSecureUrl("/**", cad);
|
||||
|
||||
filterChainProxy.setFilterInvocationDefinitionSource(fids);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user