SEC-1231: Authentication.getAuthorities should be of type Collection<GrantedAuthority> and not List<GrantedAuthority>. Refactored the interface and related classes to match (UserDetails etc).
This commit is contained in:
Luke Taylor
parent
07d7c0ddae
commit
caff3ee9ba
|
|
@ -98,12 +98,8 @@ public class AclAuthorizationStrategyImpl implements AclAuthorizationStrategy {
|
|||
}
|
||||
|
||||
// Iterate this principal's authorities to determine right
|
||||
List<GrantedAuthority> auths = authentication.getAuthorities();
|
||||
|
||||
for (int i = 0; i < auths.size(); i++) {
|
||||
if (requiredAuthority.equals(auths.get(i))) {
|
||||
return;
|
||||
}
|
||||
if (authentication.getAuthorities().contains(requiredAuthority)) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Try to get permission via ACEs within the ACL
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@
|
|||
package org.springframework.security.acls.domain;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
import org.springframework.security.access.hierarchicalroles.NullRoleHierarchy;
|
||||
|
|
@ -51,7 +52,7 @@ public class SidRetrievalStrategyImpl implements SidRetrievalStrategy {
|
|||
//~ Methods ========================================================================================================
|
||||
|
||||
public List<Sid> getSids(Authentication authentication) {
|
||||
List<GrantedAuthority> authorities = roleHierarchy.getReachableGrantedAuthorities(authentication.getAuthorities());
|
||||
Collection<GrantedAuthority> authorities = roleHierarchy.getReachableGrantedAuthorities(authentication.getAuthorities());
|
||||
List<Sid> sids = new ArrayList<Sid>(authorities.size() + 1);
|
||||
|
||||
sids.add(new PrincipalSid(authentication));
|
||||
|
|
|
|||
|
|
@ -15,17 +15,14 @@
|
|||
|
||||
package org.springframework.security.cas.authentication;
|
||||
|
||||
import org.jasig.cas.client.validation.Assertion;
|
||||
import java.io.Serializable;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.jasig.cas.client.validation.Assertion;
|
||||
import org.springframework.security.authentication.AbstractAuthenticationToken;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* Represents a successful CAS <code>Authentication</code>.
|
||||
*
|
||||
|
|
@ -45,14 +42,6 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken implemen
|
|||
|
||||
//~ Constructors ===================================================================================================
|
||||
|
||||
/**
|
||||
* @deprecated
|
||||
*/
|
||||
public CasAuthenticationToken(final String key, final Object principal, final Object credentials,
|
||||
final GrantedAuthority[] authorities, final UserDetails userDetails, final Assertion assertion) {
|
||||
this(key, principal, credentials, Arrays.asList(authorities), userDetails, assertion);
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructor.
|
||||
*
|
||||
|
|
@ -71,7 +60,7 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken implemen
|
|||
* @throws IllegalArgumentException if a <code>null</code> was passed
|
||||
*/
|
||||
public CasAuthenticationToken(final String key, final Object principal, final Object credentials,
|
||||
final List<GrantedAuthority> authorities, final UserDetails userDetails, final Assertion assertion) {
|
||||
final Collection<GrantedAuthority> authorities, final UserDetails userDetails, final Assertion assertion) {
|
||||
super(authorities);
|
||||
|
||||
if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal) || (credentials == null)
|
||||
|
|
|
|||
|
|
@ -98,8 +98,8 @@ public class CasAuthenticationProviderTests {
|
|||
CasAuthenticationToken casResult = (CasAuthenticationToken) result;
|
||||
assertEquals(makeUserDetailsFromAuthoritiesPopulator(), casResult.getPrincipal());
|
||||
assertEquals("ST-123", casResult.getCredentials());
|
||||
assertEquals(new GrantedAuthorityImpl("ROLE_A"), casResult.getAuthorities().get(0));
|
||||
assertEquals(new GrantedAuthorityImpl("ROLE_B"), casResult.getAuthorities().get(1));
|
||||
assertTrue(casResult.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_A")));
|
||||
assertTrue(casResult.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_B")));
|
||||
assertEquals(cap.getKey().hashCode(), casResult.getKeyHash());
|
||||
assertEquals("details", casResult.getDetails());
|
||||
|
||||
|
|
|
|||
|
|
@ -22,9 +22,9 @@ import junit.framework.TestCase;
|
|||
import org.jasig.cas.client.validation.Assertion;
|
||||
import org.jasig.cas.client.validation.AssertionImpl;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.cas.authentication.CasAuthenticationToken;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.authority.GrantedAuthorityImpl;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
|
||||
|
|
@ -109,8 +109,8 @@ public class CasAuthenticationTokenTests extends TestCase {
|
|||
assertEquals("key".hashCode(), token.getKeyHash());
|
||||
assertEquals(makeUserDetails(), token.getPrincipal());
|
||||
assertEquals("Password", token.getCredentials());
|
||||
assertEquals("ROLE_ONE", token.getAuthorities().get(0).getAuthority());
|
||||
assertEquals("ROLE_TWO", token.getAuthorities().get(1).getAuthority());
|
||||
assertTrue(token.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_ONE")));
|
||||
assertTrue(token.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_TWO")));
|
||||
assertEquals(assertion, token.getAssertion());
|
||||
assertEquals(makeUserDetails().getUsername(), token.getUserDetails().getUsername());
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
package org.springframework.security.access.expression;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
|
||||
|
|
@ -96,7 +96,7 @@ public abstract class SecurityExpressionRoot {
|
|||
private Set<String> getAuthoritySet() {
|
||||
if (roles == null) {
|
||||
roles = new HashSet<String>();
|
||||
List<GrantedAuthority> userAuthorities = authentication.getAuthorities();
|
||||
Collection<GrantedAuthority> userAuthorities = authentication.getAuthorities();
|
||||
|
||||
if (roleHierarchy != null) {
|
||||
userAuthorities = roleHierarchy.getReachableGrantedAuthorities(userAuthorities);
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package org.springframework.security.access.hierarchicalroles;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
|
|
@ -12,7 +12,7 @@ import org.springframework.security.core.GrantedAuthority;
|
|||
*/
|
||||
public final class NullRoleHierarchy implements RoleHierarchy {
|
||||
|
||||
public List<GrantedAuthority> getReachableGrantedAuthorities(List<GrantedAuthority> authorities) {
|
||||
public Collection<GrantedAuthority> getReachableGrantedAuthorities(Collection<GrantedAuthority> authorities) {
|
||||
return authorities;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@
|
|||
|
||||
package org.springframework.security.access.hierarchicalroles;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
|
|
@ -40,6 +40,6 @@ public interface RoleHierarchy {
|
|||
* @param authorities - List of the directly assigned authorities.
|
||||
* @return List of all reachable authorities given the assigned authorities.
|
||||
*/
|
||||
public List<GrantedAuthority> getReachableGrantedAuthorities(List<GrantedAuthority> authorities);
|
||||
public Collection<GrantedAuthority> getReachableGrantedAuthorities(Collection<GrantedAuthority> authorities);
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,15 +15,21 @@
|
|||
package org.springframework.security.access.hierarchicalroles;
|
||||
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.GrantedAuthorityImpl;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
import java.util.*;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.GrantedAuthorityImpl;
|
||||
|
||||
/**
|
||||
* <p>
|
||||
|
|
@ -98,7 +104,7 @@ public class RoleHierarchyImpl implements RoleHierarchy {
|
|||
buildRolesReachableInOneOrMoreStepsMap();
|
||||
}
|
||||
|
||||
public List<GrantedAuthority> getReachableGrantedAuthorities(List<GrantedAuthority> authorities) {
|
||||
public Collection<GrantedAuthority> getReachableGrantedAuthorities(Collection<GrantedAuthority> authorities) {
|
||||
if (authorities == null || authorities.isEmpty()) {
|
||||
return null;
|
||||
}
|
||||
|
|
@ -125,40 +131,40 @@ public class RoleHierarchyImpl implements RoleHierarchy {
|
|||
}
|
||||
|
||||
// SEC-863
|
||||
private void addReachableRoles(Set<GrantedAuthority> reachableRoles,
|
||||
GrantedAuthority authority) {
|
||||
|
||||
Iterator<GrantedAuthority> iterator = reachableRoles.iterator();
|
||||
while (iterator.hasNext()) {
|
||||
GrantedAuthority testAuthority = iterator.next();
|
||||
String testKey = testAuthority.getAuthority();
|
||||
if ((testKey != null) && (testKey.equals(authority.getAuthority()))) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
reachableRoles.add(authority);
|
||||
}
|
||||
private void addReachableRoles(Set<GrantedAuthority> reachableRoles,
|
||||
GrantedAuthority authority) {
|
||||
|
||||
Iterator<GrantedAuthority> iterator = reachableRoles.iterator();
|
||||
while (iterator.hasNext()) {
|
||||
GrantedAuthority testAuthority = iterator.next();
|
||||
String testKey = testAuthority.getAuthority();
|
||||
if ((testKey != null) && (testKey.equals(authority.getAuthority()))) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
reachableRoles.add(authority);
|
||||
}
|
||||
|
||||
// SEC-863
|
||||
private Set<GrantedAuthority> getRolesReachableInOneOrMoreSteps(
|
||||
GrantedAuthority authority) {
|
||||
|
||||
if (authority.getAuthority() == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
Iterator<GrantedAuthority> iterator = rolesReachableInOneOrMoreStepsMap.keySet().iterator();
|
||||
while (iterator.hasNext()) {
|
||||
GrantedAuthority testAuthority = iterator.next();
|
||||
String testKey = testAuthority.getAuthority();
|
||||
if ((testKey != null) && (testKey.equals(authority.getAuthority()))) {
|
||||
return rolesReachableInOneOrMoreStepsMap.get(testAuthority);
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
private Set<GrantedAuthority> getRolesReachableInOneOrMoreSteps(
|
||||
GrantedAuthority authority) {
|
||||
|
||||
if (authority.getAuthority() == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
Iterator<GrantedAuthority> iterator = rolesReachableInOneOrMoreStepsMap.keySet().iterator();
|
||||
while (iterator.hasNext()) {
|
||||
GrantedAuthority testAuthority = iterator.next();
|
||||
String testKey = testAuthority.getAuthority();
|
||||
if ((testKey != null) && (testKey.equals(authority.getAuthority()))) {
|
||||
return rolesReachableInOneOrMoreStepsMap.get(testAuthority);
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Parse input and build the map for the roles reachable in one step: the higher role will become a key that
|
||||
* references a set of the reachable lower roles.
|
||||
|
|
|
|||
|
|
@ -14,8 +14,9 @@
|
|||
|
||||
package org.springframework.security.access.hierarchicalroles;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.access.vote.RoleHierarchyVoter;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
|
||||
|
|
@ -48,7 +49,7 @@ public class UserDetailsWrapper implements UserDetails {
|
|||
return userDetails.isAccountNonLocked();
|
||||
}
|
||||
|
||||
public List<GrantedAuthority> getAuthorities() {
|
||||
public Collection<GrantedAuthority> getAuthorities() {
|
||||
return roleHierarchy.getReachableGrantedAuthorities(userDetails.getAuthorities());
|
||||
}
|
||||
|
||||
|
|
@ -72,4 +73,4 @@ public class UserDetailsWrapper implements UserDetails {
|
|||
return userDetails;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,8 +16,7 @@
|
|||
package org.springframework.security.access.intercept;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.authentication.AbstractAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
|
|
@ -45,7 +44,7 @@ public class RunAsUserToken extends AbstractAuthenticationToken {
|
|||
this(key, principal, credentials, Arrays.asList(authorities), originalAuthentication);
|
||||
}
|
||||
|
||||
public RunAsUserToken(String key, Object principal, Object credentials, List<GrantedAuthority> authorities,
|
||||
public RunAsUserToken(String key, Object principal, Object credentials, Collection<GrantedAuthority> authorities,
|
||||
Class<? extends Authentication> originalAuthentication) {
|
||||
super(authorities);
|
||||
this.keyHash = key.hashCode();
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
|
||||
|
|
@ -177,8 +178,8 @@ public class LabelBasedAclVoter extends AbstractAclVoter {
|
|||
*/
|
||||
List<String> userLabels = new ArrayList<String>();
|
||||
|
||||
for (int i = 0; i < authentication.getAuthorities().size(); i++) {
|
||||
String userLabel = authentication.getAuthorities().get(i).getAuthority();
|
||||
for (GrantedAuthority authority : authentication.getAuthorities()) {
|
||||
String userLabel = authority.getAuthority();
|
||||
if (labelMap.containsKey(userLabel)) {
|
||||
userLabels.add(userLabel);
|
||||
logger.debug("Adding " + userLabel + " to <<<" + authentication.getName()
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package org.springframework.security.access.vote;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
|
||||
import org.springframework.security.core.Authentication;
|
||||
|
|
@ -26,7 +26,7 @@ public class RoleHierarchyVoter extends RoleVoter {
|
|||
* Calls the <tt>RoleHierarchy</tt> to obtain the complete set of user authorities.
|
||||
*/
|
||||
@Override
|
||||
List<GrantedAuthority> extractAuthorities(Authentication authentication) {
|
||||
Collection<GrantedAuthority> extractAuthorities(Authentication authentication) {
|
||||
return roleHierarchy.getReachableGrantedAuthorities(authentication.getAuthorities());
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,6 +15,7 @@
|
|||
|
||||
package org.springframework.security.access.vote;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
import org.springframework.security.access.AccessDecisionVoter;
|
||||
|
|
@ -94,7 +95,7 @@ public class RoleVoter implements AccessDecisionVoter {
|
|||
|
||||
public int vote(Authentication authentication, Object object, List<ConfigAttribute> attributes) {
|
||||
int result = ACCESS_ABSTAIN;
|
||||
List<GrantedAuthority> authorities = extractAuthorities(authentication);
|
||||
Collection<GrantedAuthority> authorities = extractAuthorities(authentication);
|
||||
|
||||
for (ConfigAttribute attribute : attributes) {
|
||||
if (this.supports(attribute)) {
|
||||
|
|
@ -112,7 +113,7 @@ public class RoleVoter implements AccessDecisionVoter {
|
|||
return result;
|
||||
}
|
||||
|
||||
List<GrantedAuthority> extractAuthorities(Authentication authentication) {
|
||||
Collection<GrantedAuthority> extractAuthorities(Authentication authentication) {
|
||||
return authentication.getAuthorities();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,8 +16,9 @@
|
|||
package org.springframework.security.authentication;
|
||||
|
||||
import java.security.Principal;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
|
@ -37,7 +38,7 @@ public abstract class AbstractAuthenticationToken implements Authentication {
|
|||
//~ Instance fields ================================================================================================
|
||||
|
||||
private Object details;
|
||||
private final List<GrantedAuthority> authorities;
|
||||
private final Collection<GrantedAuthority> authorities;
|
||||
private boolean authenticated = false;
|
||||
|
||||
//~ Constructors ===================================================================================================
|
||||
|
|
@ -52,17 +53,18 @@ public abstract class AbstractAuthenticationToken implements Authentication {
|
|||
* Authentication#getAuthorities()}<code>null</code> should only be
|
||||
* presented if the principal has not been authenticated).
|
||||
*/
|
||||
public AbstractAuthenticationToken(List<GrantedAuthority> authorities) {
|
||||
public AbstractAuthenticationToken(Collection<GrantedAuthority> authorities) {
|
||||
if (authorities == null) {
|
||||
this.authorities = null;
|
||||
} else {
|
||||
for (int i = 0; i < authorities.size(); i++) {
|
||||
if(authorities.get(i) == null) {
|
||||
throw new IllegalArgumentException("Granted authority element " + i
|
||||
+ " is null - GrantedAuthority[] cannot contain any null elements");
|
||||
for (GrantedAuthority a: authorities) {
|
||||
if(a == null) {
|
||||
throw new IllegalArgumentException("Authorities collection cannot contain any null elements");
|
||||
}
|
||||
}
|
||||
this.authorities = Collections.unmodifiableList(authorities);
|
||||
ArrayList<GrantedAuthority> temp = new ArrayList<GrantedAuthority>(authorities.size());
|
||||
temp.addAll(authorities);
|
||||
this.authorities = Collections.unmodifiableList(temp);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -116,7 +118,7 @@ public abstract class AbstractAuthenticationToken implements Authentication {
|
|||
return this.isAuthenticated() == test.isAuthenticated();
|
||||
}
|
||||
|
||||
public List<GrantedAuthority> getAuthorities() {
|
||||
public Collection<GrantedAuthority> getAuthorities() {
|
||||
return authorities;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -16,8 +16,7 @@
|
|||
package org.springframework.security.authentication;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
|
|
@ -39,13 +38,6 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i
|
|||
|
||||
//~ Constructors ===================================================================================================
|
||||
|
||||
/**
|
||||
* @deprecated
|
||||
*/
|
||||
public RememberMeAuthenticationToken(String key, Object principal, GrantedAuthority[] authorities) {
|
||||
this(key, principal, Arrays.asList(authorities));
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructor.
|
||||
*
|
||||
|
|
@ -55,7 +47,7 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i
|
|||
*
|
||||
* @throws IllegalArgumentException if a <code>null</code> was passed
|
||||
*/
|
||||
public RememberMeAuthenticationToken(String key, Object principal, List<GrantedAuthority> authorities) {
|
||||
public RememberMeAuthenticationToken(String key, Object principal, Collection<GrantedAuthority> authorities) {
|
||||
super(authorities);
|
||||
|
||||
if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal)) {
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
package org.springframework.security.authentication;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
|
|
@ -69,7 +69,7 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
|
|||
* @param credentials
|
||||
* @param authorities
|
||||
*/
|
||||
public UsernamePasswordAuthenticationToken(Object principal, Object credentials, List<GrantedAuthority> authorities) {
|
||||
public UsernamePasswordAuthenticationToken(Object principal, Object credentials, Collection<GrantedAuthority> authorities) {
|
||||
super(authorities);
|
||||
this.principal = principal;
|
||||
this.credentials = credentials;
|
||||
|
|
|
|||
|
|
@ -15,6 +15,8 @@
|
|||
|
||||
package org.springframework.security.authentication.rcp;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
|
||||
|
|
@ -43,6 +45,6 @@ public interface RemoteAuthenticationManager {
|
|||
*
|
||||
* @throws RemoteAuthenticationException if the authentication failed.
|
||||
*/
|
||||
GrantedAuthority[] attemptAuthentication(String username, String password)
|
||||
Collection<GrantedAuthority> attemptAuthentication(String username, String password)
|
||||
throws RemoteAuthenticationException;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,16 +15,13 @@
|
|||
|
||||
package org.springframework.security.authentication.rcp;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
|
||||
|
|
@ -48,14 +45,14 @@ public class RemoteAuthenticationManagerImpl implements RemoteAuthenticationMana
|
|||
Assert.notNull(this.authenticationManager, "authenticationManager is required");
|
||||
}
|
||||
|
||||
public GrantedAuthority[] attemptAuthentication(String username, String password)
|
||||
public Collection<GrantedAuthority> attemptAuthentication(String username, String password)
|
||||
throws RemoteAuthenticationException {
|
||||
UsernamePasswordAuthenticationToken request = new UsernamePasswordAuthenticationToken(username, password);
|
||||
|
||||
try {
|
||||
List<GrantedAuthority> authorities = authenticationManager.authenticate(request).getAuthorities();
|
||||
Collection<GrantedAuthority> authorities = authenticationManager.authenticate(request).getAuthorities();
|
||||
|
||||
return authorities == null ? null : authorities.toArray(new GrantedAuthority[authorities.size()]);
|
||||
return authorities;
|
||||
} catch (AuthenticationException authEx) {
|
||||
throw new RemoteAuthenticationException(authEx.getMessage());
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,17 +15,14 @@
|
|||
|
||||
package org.springframework.security.authentication.rcp;
|
||||
|
||||
import java.util.Arrays;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.security.authentication.AuthenticationProvider;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
|
||||
|
|
@ -62,9 +59,9 @@ public class RemoteAuthenticationProvider implements AuthenticationProvider, Ini
|
|||
throws AuthenticationException {
|
||||
String username = authentication.getPrincipal().toString();
|
||||
String password = authentication.getCredentials().toString();
|
||||
GrantedAuthority[] authorities = remoteAuthenticationManager.attemptAuthentication(username, password);
|
||||
Collection<GrantedAuthority> authorities = remoteAuthenticationManager.attemptAuthentication(username, password);
|
||||
|
||||
return new UsernamePasswordAuthenticationToken(username, password, Arrays.asList(authorities));
|
||||
return new UsernamePasswordAuthenticationToken(username, password, authorities);
|
||||
}
|
||||
|
||||
public RemoteAuthenticationManager getRemoteAuthenticationManager() {
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ package org.springframework.security.core;
|
|||
import java.io.Serializable;
|
||||
|
||||
import java.security.Principal;
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
|
|
@ -56,7 +56,7 @@ public interface Authentication extends Principal, Serializable {
|
|||
*
|
||||
* @return the authorities granted to the principal, or <code>null</code> if authentication has not been completed
|
||||
*/
|
||||
List<GrantedAuthority> getAuthorities();
|
||||
Collection<GrantedAuthority> getAuthorities();
|
||||
|
||||
/**
|
||||
* The credentials that prove the principal is correct. This is usually a password, but could be anything
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package org.springframework.security.core.authority;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
|
|
@ -35,10 +36,10 @@ public abstract class AuthorityUtils {
|
|||
* Converts an array of GrantedAuthority objects to a Set.
|
||||
* @return a Set of the Strings obtained from each call to GrantedAuthority.getAuthority()
|
||||
*/
|
||||
public static Set<String> authorityListToSet(List<GrantedAuthority> authorities) {
|
||||
Set<String> set = new HashSet<String>(authorities.size());
|
||||
public static Set<String> authorityListToSet(Collection<GrantedAuthority> userAuthorities) {
|
||||
Set<String> set = new HashSet<String>(userAuthorities.size());
|
||||
|
||||
for (GrantedAuthority authority: authorities) {
|
||||
for (GrantedAuthority authority: userAuthorities) {
|
||||
set.add(authority.getAuthority());
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@ package org.springframework.security.core.userdetails;
|
|||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.SortedSet;
|
||||
|
|
@ -80,7 +81,7 @@ public class User implements UserDetails {
|
|||
* <code>GrantedAuthority[]</code> array
|
||||
*/
|
||||
public User(String username, String password, boolean enabled, boolean accountNonExpired,
|
||||
boolean credentialsNonExpired, boolean accountNonLocked, List<GrantedAuthority> authorities) {
|
||||
boolean credentialsNonExpired, boolean accountNonLocked, Collection<GrantedAuthority> authorities) {
|
||||
|
||||
if (((username == null) || "".equals(username)) || (password == null)) {
|
||||
throw new IllegalArgumentException("Cannot pass null or empty values to constructor");
|
||||
|
|
@ -118,7 +119,7 @@ public class User implements UserDetails {
|
|||
&& (this.isEnabled() == user.isEnabled()));
|
||||
}
|
||||
|
||||
public List<GrantedAuthority> getAuthorities() {
|
||||
public Collection<GrantedAuthority> getAuthorities() {
|
||||
return authorities;
|
||||
}
|
||||
|
||||
|
|
@ -182,7 +183,7 @@ public class User implements UserDetails {
|
|||
return enabled;
|
||||
}
|
||||
|
||||
private static List<GrantedAuthority> sortAuthorities(List<GrantedAuthority> authorities) {
|
||||
private static List<GrantedAuthority> sortAuthorities(Collection<GrantedAuthority> authorities) {
|
||||
Assert.notNull(authorities, "Cannot pass a null GrantedAuthority array");
|
||||
// Ensure array iteration order is predictable (as per UserDetails.getAuthorities() contract and SEC-xxx)
|
||||
SortedSet<GrantedAuthority> sorter = new TreeSet<GrantedAuthority>();
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ import org.springframework.security.core.Authentication;
|
|||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -60,7 +60,7 @@ public interface UserDetails extends Serializable {
|
|||
*
|
||||
* @return the authorities, sorted by natural key (never <code>null</code>)
|
||||
*/
|
||||
List<GrantedAuthority> getAuthorities();
|
||||
Collection<GrantedAuthority> getAuthorities();
|
||||
|
||||
/**
|
||||
* Returns the password used to authenticate the user. Cannot return <code>null</code>.
|
||||
|
|
|
|||
|
|
@ -25,6 +25,7 @@ import org.apache.commons.logging.LogFactory;
|
|||
import java.sql.PreparedStatement;
|
||||
import java.sql.ResultSet;
|
||||
import java.sql.SQLException;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
|
|
@ -171,9 +172,8 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
|
|||
}
|
||||
|
||||
private void insertUserAuthorities(UserDetails user) {
|
||||
for (int i=0; i < user.getAuthorities().size(); i++) {
|
||||
getJdbcTemplate().update(createAuthoritySql,
|
||||
new Object[] {user.getUsername(), user.getAuthorities().get(i).getAuthority()});
|
||||
for (GrantedAuthority auth : user.getAuthorities()) {
|
||||
getJdbcTemplate().update(createAuthoritySql, user.getUsername(), auth.getAuthority());
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -437,12 +437,12 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
|
|||
validateAuthorities(user.getAuthorities());
|
||||
}
|
||||
|
||||
private void validateAuthorities(List<GrantedAuthority> authorities) {
|
||||
private void validateAuthorities(Collection<GrantedAuthority> authorities) {
|
||||
Assert.notNull(authorities, "Authorities list must not be null");
|
||||
|
||||
for (int i=0; i < authorities.size(); i++) {
|
||||
Assert.notNull(authorities.get(i), "Authorities list contains a null entry");
|
||||
Assert.hasText(authorities.get(i).getAuthority(), "getAuthority() method must return a non-empty string");
|
||||
for (GrantedAuthority authority : authorities) {
|
||||
Assert.notNull(authority, "Authorities list contains a null entry");
|
||||
Assert.hasText(authority.getAuthority(), "getAuthority() method must return a non-empty string");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ package org.springframework.security.access.expression;
|
|||
|
||||
import static org.junit.Assert.*;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
|
||||
|
|
@ -24,7 +24,7 @@ public class SecurityExpressionRootTests {
|
|||
new SecurityExpressionRoot(new TestingAuthenticationToken("joe", "pass", "A", "B")) {};
|
||||
|
||||
root.setRoleHierarchy(new RoleHierarchy() {
|
||||
public List<GrantedAuthority> getReachableGrantedAuthorities(List<GrantedAuthority> authorities) {
|
||||
public Collection<GrantedAuthority> getReachableGrantedAuthorities(Collection<GrantedAuthority> authorities) {
|
||||
return AuthorityUtils.createAuthorityList("C");
|
||||
}
|
||||
});
|
||||
|
|
|
|||
|
|
@ -15,6 +15,7 @@
|
|||
package org.springframework.security.access.hierarchicalroles;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
|
@ -27,7 +28,7 @@ import org.apache.commons.collections.CollectionUtils;
|
|||
*/
|
||||
public abstract class HierarchicalRolesTestHelper {
|
||||
|
||||
public static boolean containTheSameGrantedAuthorities(List<GrantedAuthority> authorities1, List<GrantedAuthority> authorities2) {
|
||||
public static boolean containTheSameGrantedAuthorities(Collection<GrantedAuthority> authorities1, Collection<GrantedAuthority> authorities2) {
|
||||
if (authorities1 == null && authorities2 == null) {
|
||||
return true;
|
||||
}
|
||||
|
|
@ -38,7 +39,7 @@ public abstract class HierarchicalRolesTestHelper {
|
|||
return CollectionUtils.isEqualCollection(authorities1, authorities2);
|
||||
}
|
||||
|
||||
public static boolean containTheSameGrantedAuthoritiesCompareByAuthorityString(List<GrantedAuthority> authorities1, List<GrantedAuthority> authorities2) {
|
||||
public static boolean containTheSameGrantedAuthoritiesCompareByAuthorityString(Collection<GrantedAuthority> authorities1, Collection<GrantedAuthority> authorities2) {
|
||||
if (authorities1 == null && authorities2 == null) {
|
||||
return true;
|
||||
}
|
||||
|
|
@ -46,10 +47,10 @@ public abstract class HierarchicalRolesTestHelper {
|
|||
if (authorities1 == null || authorities2 == null) {
|
||||
return false;
|
||||
}
|
||||
return CollectionUtils.isEqualCollection(toListOfAuthorityStrings(authorities1), toListOfAuthorityStrings(authorities2));
|
||||
return CollectionUtils.isEqualCollection(toCollectionOfAuthorityStrings(authorities1), toCollectionOfAuthorityStrings(authorities2));
|
||||
}
|
||||
|
||||
public static List<String> toListOfAuthorityStrings(List<GrantedAuthority> authorities) {
|
||||
public static List<String> toCollectionOfAuthorityStrings(Collection<GrantedAuthority> authorities) {
|
||||
if (authorities == null) {
|
||||
return null;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@ package org.springframework.security.access.hierarchicalroles;
|
|||
import static org.junit.Assert.*;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
import org.apache.commons.collections.CollectionUtils;
|
||||
|
|
@ -56,11 +57,11 @@ public class TestHelperTests {
|
|||
// SEC-863
|
||||
@Test
|
||||
public void testToListOfAuthorityStrings() {
|
||||
List<GrantedAuthority> authorities1 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B");
|
||||
List<GrantedAuthority> authorities2 = AuthorityUtils.createAuthorityList("ROLE_B", "ROLE_A");
|
||||
List<GrantedAuthority> authorities3 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_C");
|
||||
List<GrantedAuthority> authorities4 = AuthorityUtils.createAuthorityList("ROLE_A");
|
||||
List<GrantedAuthority> authorities5 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_A");
|
||||
Collection<GrantedAuthority> authorities1 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B");
|
||||
Collection<GrantedAuthority> authorities2 = AuthorityUtils.createAuthorityList("ROLE_B", "ROLE_A");
|
||||
Collection<GrantedAuthority> authorities3 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_C");
|
||||
Collection<GrantedAuthority> authorities4 = AuthorityUtils.createAuthorityList("ROLE_A");
|
||||
Collection<GrantedAuthority> authorities5 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_A");
|
||||
|
||||
List<String> authoritiesStrings1 = new ArrayList<String>();
|
||||
authoritiesStrings1.add("ROLE_A");
|
||||
|
|
@ -82,19 +83,19 @@ public class TestHelperTests {
|
|||
authoritiesStrings5.add("ROLE_A");
|
||||
|
||||
assertTrue(CollectionUtils.isEqualCollection(
|
||||
HierarchicalRolesTestHelper.toListOfAuthorityStrings(authorities1), authoritiesStrings1));
|
||||
HierarchicalRolesTestHelper.toCollectionOfAuthorityStrings(authorities1), authoritiesStrings1));
|
||||
|
||||
assertTrue(CollectionUtils.isEqualCollection(
|
||||
HierarchicalRolesTestHelper.toListOfAuthorityStrings(authorities2), authoritiesStrings2));
|
||||
HierarchicalRolesTestHelper.toCollectionOfAuthorityStrings(authorities2), authoritiesStrings2));
|
||||
|
||||
assertTrue(CollectionUtils.isEqualCollection(
|
||||
HierarchicalRolesTestHelper.toListOfAuthorityStrings(authorities3), authoritiesStrings3));
|
||||
HierarchicalRolesTestHelper.toCollectionOfAuthorityStrings(authorities3), authoritiesStrings3));
|
||||
|
||||
assertTrue(CollectionUtils.isEqualCollection(
|
||||
HierarchicalRolesTestHelper.toListOfAuthorityStrings(authorities4), authoritiesStrings4));
|
||||
HierarchicalRolesTestHelper.toCollectionOfAuthorityStrings(authorities4), authoritiesStrings4));
|
||||
|
||||
assertTrue(CollectionUtils.isEqualCollection(
|
||||
HierarchicalRolesTestHelper.toListOfAuthorityStrings(authorities5), authoritiesStrings5));
|
||||
HierarchicalRolesTestHelper.toCollectionOfAuthorityStrings(authorities5), authoritiesStrings5));
|
||||
}
|
||||
|
||||
// SEC-863
|
||||
|
|
|
|||
|
|
@ -15,12 +15,11 @@
|
|||
|
||||
package org.springframework.security.access.intercept;
|
||||
|
||||
import java.util.Set;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
import org.springframework.security.access.SecurityConfig;
|
||||
import org.springframework.security.access.intercept.RunAsManager;
|
||||
import org.springframework.security.access.intercept.RunAsManagerImpl;
|
||||
import org.springframework.security.access.intercept.RunAsUserToken;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
|
|
@ -57,16 +56,18 @@ public class RunAsManagerImplTests extends TestCase {
|
|||
runAs.setKey("my_password");
|
||||
runAs.setRolePrefix("FOOBAR_");
|
||||
|
||||
Authentication resultingToken = runAs.buildRunAs(inputToken, new Object(), SecurityConfig.createList("RUN_AS_SOMETHING"));
|
||||
Authentication result = runAs.buildRunAs(inputToken, new Object(), SecurityConfig.createList("RUN_AS_SOMETHING"));
|
||||
|
||||
assertTrue("Should have returned a RunAsUserToken", resultingToken instanceof RunAsUserToken);
|
||||
assertEquals(inputToken.getPrincipal(), resultingToken.getPrincipal());
|
||||
assertEquals(inputToken.getCredentials(), resultingToken.getCredentials());
|
||||
assertEquals("FOOBAR_RUN_AS_SOMETHING", resultingToken.getAuthorities().get(0).getAuthority());
|
||||
assertEquals("ONE", resultingToken.getAuthorities().get(1).getAuthority());
|
||||
assertEquals("TWO", resultingToken.getAuthorities().get(2).getAuthority());
|
||||
assertTrue("Should have returned a RunAsUserToken", result instanceof RunAsUserToken);
|
||||
assertEquals(inputToken.getPrincipal(), result.getPrincipal());
|
||||
assertEquals(inputToken.getCredentials(), result.getCredentials());
|
||||
Set<String> authorities = AuthorityUtils.authorityListToSet(result.getAuthorities());
|
||||
|
||||
RunAsUserToken resultCast = (RunAsUserToken) resultingToken;
|
||||
assertTrue(authorities.contains("FOOBAR_RUN_AS_SOMETHING"));
|
||||
assertTrue(authorities.contains("ONE"));
|
||||
assertTrue(authorities.contains("TWO"));
|
||||
|
||||
RunAsUserToken resultCast = (RunAsUserToken) result;
|
||||
assertEquals("my_password".hashCode(), resultCast.getKeyHash());
|
||||
}
|
||||
|
||||
|
|
@ -77,19 +78,21 @@ public class RunAsManagerImplTests extends TestCase {
|
|||
RunAsManagerImpl runAs = new RunAsManagerImpl();
|
||||
runAs.setKey("my_password");
|
||||
|
||||
Authentication resultingToken = runAs.buildRunAs(inputToken, new Object(), SecurityConfig.createList("RUN_AS_SOMETHING"));
|
||||
Authentication result = runAs.buildRunAs(inputToken, new Object(), SecurityConfig.createList("RUN_AS_SOMETHING"));
|
||||
|
||||
if (!(resultingToken instanceof RunAsUserToken)) {
|
||||
if (!(result instanceof RunAsUserToken)) {
|
||||
fail("Should have returned a RunAsUserToken");
|
||||
}
|
||||
|
||||
assertEquals(inputToken.getPrincipal(), resultingToken.getPrincipal());
|
||||
assertEquals(inputToken.getCredentials(), resultingToken.getCredentials());
|
||||
assertEquals("ROLE_RUN_AS_SOMETHING", resultingToken.getAuthorities().get(0).getAuthority());
|
||||
assertEquals("ROLE_ONE", resultingToken.getAuthorities().get(1).getAuthority());
|
||||
assertEquals("ROLE_TWO", resultingToken.getAuthorities().get(2).getAuthority());
|
||||
assertEquals(inputToken.getPrincipal(), result.getPrincipal());
|
||||
assertEquals(inputToken.getCredentials(), result.getCredentials());
|
||||
|
||||
RunAsUserToken resultCast = (RunAsUserToken) resultingToken;
|
||||
Set<String> authorities = AuthorityUtils.authorityListToSet(result.getAuthorities());
|
||||
assertTrue(authorities.contains("ROLE_RUN_AS_SOMETHING"));
|
||||
assertTrue(authorities.contains("ROLE_ONE"));
|
||||
assertTrue(authorities.contains("ROLE_TWO"));
|
||||
|
||||
RunAsUserToken resultCast = (RunAsUserToken) result;
|
||||
assertEquals("my_password".hashCode(), resultCast.getKeyHash());
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -21,7 +21,6 @@ import java.util.List;
|
|||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.springframework.security.authentication.AbstractAuthenticationToken;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.authority.GrantedAuthorityImpl;
|
||||
|
|
@ -48,7 +47,7 @@ public class AbstractAuthenticationTokenTests {
|
|||
@Test(expected=UnsupportedOperationException.class)
|
||||
public void testAuthoritiesAreImmutable() {
|
||||
MockAuthenticationImpl token = new MockAuthenticationImpl("Test", "Password", authorities);
|
||||
List<GrantedAuthority> gotAuthorities = token.getAuthorities();
|
||||
List<GrantedAuthority> gotAuthorities = (List<GrantedAuthority>) token.getAuthorities();
|
||||
assertNotSame(authorities, gotAuthorities);
|
||||
|
||||
gotAuthorities.set(0, new GrantedAuthorityImpl("ROLE_SUPER_USER"));
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@ import junit.framework.TestCase;
|
|||
import org.springframework.security.authentication.TestingAuthenticationProvider;
|
||||
import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
|
||||
/**
|
||||
* Tests {@link TestingAuthenticationProvider}.
|
||||
|
|
@ -39,8 +40,8 @@ public class TestingAuthenticationProviderTests extends TestCase {
|
|||
TestingAuthenticationToken castResult = (TestingAuthenticationToken) result;
|
||||
assertEquals("Test", castResult.getPrincipal());
|
||||
assertEquals("Password", castResult.getCredentials());
|
||||
assertEquals("ROLE_ONE", castResult.getAuthorities().get(0).getAuthority());
|
||||
assertEquals("ROLE_TWO", castResult.getAuthorities().get(1).getAuthority());
|
||||
assertTrue(AuthorityUtils.authorityListToSet(castResult.getAuthorities()).contains("ROLE_ONE"));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(castResult.getAuthorities()).contains("ROLE_TWO"));
|
||||
}
|
||||
|
||||
public void testSupports() {
|
||||
|
|
|
|||
|
|
@ -68,8 +68,8 @@ public class UsernamePasswordAuthenticationTokenTests {
|
|||
AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
|
||||
assertEquals("Test", token.getPrincipal());
|
||||
assertEquals("Password", token.getCredentials());
|
||||
assertEquals("ROLE_ONE", token.getAuthorities().get(0).getAuthority());
|
||||
assertEquals("ROLE_TWO", token.getAuthorities().get(1).getAuthority());
|
||||
assertTrue(AuthorityUtils.authorityListToSet(token.getAuthorities()).contains("ROLE_ONE"));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(token.getAuthorities()).contains("ROLE_TWO"));
|
||||
}
|
||||
|
||||
@Test(expected=NoSuchMethodException.class)
|
||||
|
|
|
|||
|
|
@ -76,8 +76,8 @@ public class AnonymousAuthenticationTokenTests extends TestCase {
|
|||
assertEquals("key".hashCode(), token.getKeyHash());
|
||||
assertEquals("Test", token.getPrincipal());
|
||||
assertEquals("", token.getCredentials());
|
||||
assertEquals("ROLE_ONE", token.getAuthorities().get(0).getAuthority());
|
||||
assertEquals("ROLE_TWO", token.getAuthorities().get(1).getAuthority());
|
||||
assertTrue(AuthorityUtils.authorityListToSet(token.getAuthorities()).contains("ROLE_ONE"));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(token.getAuthorities()).contains("ROLE_TWO"));
|
||||
assertTrue(token.isAuthenticated());
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -19,7 +19,8 @@ import java.util.List;
|
|||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
|
||||
import org.springframework.dao.DataAccessException;
|
||||
import org.springframework.dao.DataRetrievalFailureException;
|
||||
import org.springframework.security.authentication.AccountExpiredException;
|
||||
import org.springframework.security.authentication.AuthenticationServiceException;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
|
|
@ -28,7 +29,6 @@ import org.springframework.security.authentication.DisabledException;
|
|||
import org.springframework.security.authentication.LockedException;
|
||||
import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
||||
import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
|
@ -41,10 +41,6 @@ import org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache
|
|||
import org.springframework.security.core.userdetails.cache.NullUserCache;
|
||||
|
||||
|
||||
import org.springframework.dao.DataAccessException;
|
||||
import org.springframework.dao.DataRetrievalFailureException;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link DaoAuthenticationProvider}.
|
||||
*
|
||||
|
|
@ -267,8 +263,8 @@ public class DaoAuthenticationProviderTests extends TestCase {
|
|||
UsernamePasswordAuthenticationToken castResult = (UsernamePasswordAuthenticationToken) result;
|
||||
assertEquals(User.class, castResult.getPrincipal().getClass());
|
||||
assertEquals("koala", castResult.getCredentials());
|
||||
assertEquals("ROLE_ONE", castResult.getAuthorities().get(0).getAuthority());
|
||||
assertEquals("ROLE_TWO", castResult.getAuthorities().get(1).getAuthority());
|
||||
assertTrue(AuthorityUtils.authorityListToSet(castResult.getAuthorities()).contains("ROLE_ONE"));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(castResult.getAuthorities()).contains("ROLE_TWO"));
|
||||
assertEquals("192.168.0.1", castResult.getDetails());
|
||||
}
|
||||
|
||||
|
|
@ -312,13 +308,12 @@ public class DaoAuthenticationProviderTests extends TestCase {
|
|||
fail("Should have returned instance of UsernamePasswordAuthenticationToken");
|
||||
}
|
||||
|
||||
UsernamePasswordAuthenticationToken castResult = (UsernamePasswordAuthenticationToken) result;
|
||||
assertEquals(User.class, castResult.getPrincipal().getClass());
|
||||
assertEquals(User.class, result.getPrincipal().getClass());
|
||||
|
||||
// We expect original credentials user submitted to be returned
|
||||
assertEquals("koala", castResult.getCredentials());
|
||||
assertEquals("ROLE_ONE", castResult.getAuthorities().get(0).getAuthority());
|
||||
assertEquals("ROLE_TWO", castResult.getAuthorities().get(1).getAuthority());
|
||||
assertEquals("koala", result.getCredentials());
|
||||
assertTrue(AuthorityUtils.authorityListToSet(result.getAuthorities()).contains("ROLE_ONE"));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(result.getAuthorities()).contains("ROLE_TWO"));
|
||||
}
|
||||
|
||||
public void testAuthenticatesWithForcePrincipalAsString() {
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@ import java.io.FileOutputStream;
|
|||
import java.io.PrintWriter;
|
||||
import java.net.URL;
|
||||
import java.security.Security;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
import javax.security.auth.login.LoginContext;
|
||||
|
|
@ -192,7 +193,7 @@ public class JaasAuthenticationProviderTests {
|
|||
assertNotNull(jaasProvider.getLoginConfig());
|
||||
assertNotNull(jaasProvider.getLoginContextName());
|
||||
|
||||
List<GrantedAuthority> list = auth.getAuthorities();
|
||||
Collection<GrantedAuthority> list = auth.getAuthorities();
|
||||
|
||||
assertTrue("GrantedAuthorities should contain ROLE_TEST1", list.contains(new GrantedAuthorityImpl("ROLE_TEST1")));
|
||||
assertTrue("GrantedAuthorities should contain ROLE_TEST2", list.contains(new GrantedAuthorityImpl("ROLE_TEST2")));
|
||||
|
|
@ -201,11 +202,9 @@ public class JaasAuthenticationProviderTests {
|
|||
|
||||
boolean foundit = false;
|
||||
|
||||
for (int i = 0; i < list.size(); i++) {
|
||||
Object obj = list.get(i);
|
||||
|
||||
if (obj instanceof JaasGrantedAuthority) {
|
||||
JaasGrantedAuthority grant = (JaasGrantedAuthority) obj;
|
||||
for (GrantedAuthority a : list) {
|
||||
if (a instanceof JaasGrantedAuthority) {
|
||||
JaasGrantedAuthority grant = (JaasGrantedAuthority) a;
|
||||
assertNotNull("Principal was null on JaasGrantedAuthority", grant.getPrincipal());
|
||||
foundit = true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,16 +15,14 @@
|
|||
|
||||
package org.springframework.security.authentication.rcp;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.authentication.rcp.RemoteAuthenticationException;
|
||||
import org.springframework.security.authentication.rcp.RemoteAuthenticationManager;
|
||||
import org.springframework.security.authentication.rcp.RemoteAuthenticationProvider;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.GrantedAuthorityImpl;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -36,14 +34,6 @@ import org.springframework.security.core.authority.GrantedAuthorityImpl;
|
|||
public class RemoteAuthenticationProviderTests extends TestCase {
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public static void main(String[] args) {
|
||||
junit.textui.TestRunner.run(RemoteAuthenticationProviderTests.class);
|
||||
}
|
||||
|
||||
public final void setUp() throws Exception {
|
||||
super.setUp();
|
||||
}
|
||||
|
||||
public void testExceptionsGetPassedBackToCaller() {
|
||||
RemoteAuthenticationProvider provider = new RemoteAuthenticationProvider();
|
||||
provider.setRemoteAuthenticationManager(new MockRemoteAuthenticationManager(false));
|
||||
|
|
@ -85,7 +75,7 @@ public class RemoteAuthenticationProviderTests extends TestCase {
|
|||
Authentication result = provider.authenticate(new UsernamePasswordAuthenticationToken("rod", "password"));
|
||||
assertEquals("rod", result.getPrincipal());
|
||||
assertEquals("password", result.getCredentials());
|
||||
assertEquals("foo", result.getAuthorities().get(0).getAuthority());
|
||||
assertTrue(AuthorityUtils.authorityListToSet(result.getAuthorities()).contains("foo"));
|
||||
}
|
||||
|
||||
public void testSupports() {
|
||||
|
|
@ -102,10 +92,10 @@ public class RemoteAuthenticationProviderTests extends TestCase {
|
|||
this.grantAccess = grantAccess;
|
||||
}
|
||||
|
||||
public GrantedAuthority[] attemptAuthentication(String username, String password)
|
||||
public Collection<GrantedAuthority> attemptAuthentication(String username, String password)
|
||||
throws RemoteAuthenticationException {
|
||||
if (grantAccess) {
|
||||
return new GrantedAuthority[] {new GrantedAuthorityImpl("foo")};
|
||||
return AuthorityUtils.createAuthorityList("foo");
|
||||
} else {
|
||||
throw new RemoteAuthenticationException("as requested");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -75,8 +75,8 @@ public class RememberMeAuthenticationTokenTests extends TestCase {
|
|||
assertEquals("key".hashCode(), token.getKeyHash());
|
||||
assertEquals("Test", token.getPrincipal());
|
||||
assertEquals("", token.getCredentials());
|
||||
assertEquals("ROLE_ONE", token.getAuthorities().get(0).getAuthority());
|
||||
assertEquals("ROLE_TWO", token.getAuthorities().get(1).getAuthority());
|
||||
assertTrue(AuthorityUtils.authorityListToSet(token.getAuthorities()).contains("ROLE_ONE"));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(token.getAuthorities()).contains("ROLE_TWO"));
|
||||
assertTrue(token.isAuthenticated());
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -106,8 +106,8 @@ public class UserTests extends TestCase {
|
|||
assertEquals("rod", user.getUsername());
|
||||
assertEquals("koala", user.getPassword());
|
||||
assertTrue(user.isEnabled());
|
||||
assertEquals(new GrantedAuthorityImpl("ROLE_ONE"), user.getAuthorities().get(0));
|
||||
assertEquals(new GrantedAuthorityImpl("ROLE_TWO"), user.getAuthorities().get(1));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_ONE"));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_TWO"));
|
||||
assertTrue(user.toString().indexOf("rod") != -1);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -15,14 +15,12 @@
|
|||
|
||||
package org.springframework.security.core.userdetails.jdbc;
|
||||
|
||||
import java.util.HashSet;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
import org.springframework.security.PopulatedDatabase;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl;
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -59,18 +57,15 @@ public class JdbcDaoImplTests extends TestCase {
|
|||
assertEquals("koala", user.getPassword());
|
||||
assertTrue(user.isEnabled());
|
||||
|
||||
HashSet<String> authorities = new HashSet<String>(2);
|
||||
authorities.add(user.getAuthorities().get(0).getAuthority());
|
||||
authorities.add(user.getAuthorities().get(1).getAuthority());
|
||||
assertTrue(authorities.contains("ROLE_TELLER"));
|
||||
assertTrue(authorities.contains("ROLE_SUPERVISOR"));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_TELLER"));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_SUPERVISOR"));
|
||||
}
|
||||
|
||||
public void testCheckDaoOnlyReturnsGrantedAuthoritiesGrantedToUser() throws Exception {
|
||||
JdbcDaoImpl dao = makePopulatedJdbcDao();
|
||||
UserDetails user = dao.loadUserByUsername("scott");
|
||||
assertEquals("ROLE_TELLER", user.getAuthorities().get(0).getAuthority());
|
||||
assertEquals(1, user.getAuthorities().size());
|
||||
assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_TELLER"));
|
||||
}
|
||||
|
||||
public void testCheckDaoReturnsCorrectDisabledProperty() throws Exception {
|
||||
|
|
@ -124,11 +119,8 @@ public class JdbcDaoImplTests extends TestCase {
|
|||
assertEquals("rod", user.getUsername());
|
||||
assertEquals(2, user.getAuthorities().size());
|
||||
|
||||
HashSet<String> authorities = new HashSet<String>(2);
|
||||
authorities.add(user.getAuthorities().get(0).getAuthority());
|
||||
authorities.add(user.getAuthorities().get(1).getAuthority());
|
||||
assertTrue(authorities.contains("ARBITRARY_PREFIX_ROLE_TELLER"));
|
||||
assertTrue(authorities.contains("ARBITRARY_PREFIX_ROLE_SUPERVISOR"));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ARBITRARY_PREFIX_ROLE_TELLER"));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ARBITRARY_PREFIX_ROLE_SUPERVISOR"));
|
||||
}
|
||||
|
||||
public void testGroupAuthoritiesAreLoadedCorrectly() throws Exception {
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@ package org.springframework.security.core.userdetails.memory;
|
|||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.userdetails.memory.UserMap;
|
||||
import org.springframework.security.core.userdetails.memory.UserMapEditor;
|
||||
|
||||
|
|
@ -63,8 +64,8 @@ public class UserMapEditorTests extends TestCase {
|
|||
UserMap map = (UserMap) editor.getValue();
|
||||
assertEquals("rod", map.getUser("rod").getUsername());
|
||||
assertEquals("koala", map.getUser("rod").getPassword());
|
||||
assertEquals("ROLE_ONE", map.getUser("rod").getAuthorities().get(0).getAuthority());
|
||||
assertEquals("ROLE_TWO", map.getUser("rod").getAuthorities().get(1).getAuthority());
|
||||
assertTrue(AuthorityUtils.authorityListToSet(map.getUser("rod").getAuthorities()).contains("ROLE_ONE"));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(map.getUser("rod").getAuthorities()).contains("ROLE_TWO"));
|
||||
assertTrue(map.getUser("rod").isEnabled());
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
|
||||
package org.springframework.security.ldap.authentication;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
|
@ -252,7 +252,7 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa
|
|||
try {
|
||||
DirContextOperations userData = getAuthenticator().authenticate(authentication);
|
||||
|
||||
List<GrantedAuthority> extraAuthorities = loadUserAuthorities(userData, username, password);
|
||||
Collection<GrantedAuthority> extraAuthorities = loadUserAuthorities(userData, username, password);
|
||||
|
||||
UserDetails user = userDetailsContextMapper.mapUserFromContext(userData, username, extraAuthorities);
|
||||
|
||||
|
|
@ -273,7 +273,7 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa
|
|||
}
|
||||
}
|
||||
|
||||
protected List<GrantedAuthority> loadUserAuthorities(DirContextOperations userData, String username, String password) {
|
||||
protected Collection<GrantedAuthority> loadUserAuthorities(DirContextOperations userData, String username, String password) {
|
||||
return getAuthoritiesPopulator().getGrantedAuthorities(userData, username);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package org.springframework.security.ldap.authentication;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.ldap.core.DirContextOperations;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
|
@ -14,7 +14,7 @@ import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;
|
|||
* @since 3.0
|
||||
*/
|
||||
public final class NullLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator {
|
||||
public List<GrantedAuthority> getGrantedAuthorities(DirContextOperations userDetails, String username) {
|
||||
public Collection<GrantedAuthority> getGrantedAuthorities(DirContextOperations userDetails, String username) {
|
||||
return AuthorityUtils.NO_AUTHORITIES;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package org.springframework.security.ldap.authentication;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
|
|
@ -25,7 +25,7 @@ public class UserDetailsServiceLdapAuthoritiesPopulator implements LdapAuthoriti
|
|||
this.userDetailsService = userService;
|
||||
}
|
||||
|
||||
public List<GrantedAuthority> getGrantedAuthorities(DirContextOperations userData, String username) {
|
||||
public Collection<GrantedAuthority> getGrantedAuthorities(DirContextOperations userData, String username) {
|
||||
return userDetailsService.loadUserByUsername(username).getAuthorities();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,6 +29,7 @@ import org.apache.commons.logging.LogFactory;
|
|||
import javax.naming.directory.SearchControls;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
|
|
@ -172,7 +173,7 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
|
|||
* @param user the user who's authorities are required
|
||||
* @return the set of roles granted to the user.
|
||||
*/
|
||||
public final List<GrantedAuthority> getGrantedAuthorities(DirContextOperations user, String username) {
|
||||
public final Collection<GrantedAuthority> getGrantedAuthorities(DirContextOperations user, String username) {
|
||||
String userDn = user.getNameInNamespace();
|
||||
|
||||
if (logger.isDebugEnabled()) {
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@
|
|||
*/
|
||||
package org.springframework.security.ldap.userdetails;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
|
|
@ -29,7 +29,7 @@ import org.springframework.util.Assert;
|
|||
*/
|
||||
public class InetOrgPersonContextMapper implements UserDetailsContextMapper {
|
||||
|
||||
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, List<GrantedAuthority> authorities) {
|
||||
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<GrantedAuthority> authorities) {
|
||||
InetOrgPerson.Essence p = new InetOrgPerson.Essence(ctx);
|
||||
|
||||
p.setUsername(username);
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
|
||||
package org.springframework.security.ldap.userdetails;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
|
|
@ -43,5 +43,5 @@ public interface LdapAuthoritiesPopulator {
|
|||
* @return the granted authorities for the given user.
|
||||
*
|
||||
*/
|
||||
List<GrantedAuthority> getGrantedAuthorities(DirContextOperations userData, String username);
|
||||
Collection<GrantedAuthority> getGrantedAuthorities(DirContextOperations userData, String username);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
package org.springframework.security.ldap.userdetails;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import javax.naming.Name;
|
||||
|
||||
|
|
@ -48,7 +48,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData
|
|||
private String dn;
|
||||
private String password;
|
||||
private String username;
|
||||
private List<GrantedAuthority> authorities = AuthorityUtils.NO_AUTHORITIES;
|
||||
private Collection<GrantedAuthority> authorities = AuthorityUtils.NO_AUTHORITIES;
|
||||
private boolean accountNonExpired = true;
|
||||
private boolean accountNonLocked = true;
|
||||
private boolean credentialsNonExpired = true;
|
||||
|
|
@ -63,7 +63,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public List<GrantedAuthority> getAuthorities() {
|
||||
public Collection<GrantedAuthority> getAuthorities() {
|
||||
return authorities;
|
||||
}
|
||||
|
||||
|
|
@ -104,7 +104,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData
|
|||
}
|
||||
|
||||
public String toString() {
|
||||
StringBuffer sb = new StringBuffer();
|
||||
StringBuilder sb = new StringBuilder();
|
||||
sb.append(super.toString()).append(": ");
|
||||
sb.append("Username: ").append(this.username).append("; ");
|
||||
sb.append("Password: [PROTECTED]; ");
|
||||
|
|
@ -115,13 +115,16 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData
|
|||
|
||||
if (this.getAuthorities() != null) {
|
||||
sb.append("Granted Authorities: ");
|
||||
boolean first = true;
|
||||
|
||||
for (int i = 0; i < this.getAuthorities().size(); i++) {
|
||||
if (i > 0) {
|
||||
for (Object authority : this.getAuthorities()) {
|
||||
if (first) {
|
||||
first = false;
|
||||
} else {
|
||||
sb.append(", ");
|
||||
}
|
||||
|
||||
sb.append(this.getAuthorities().get(i).toString());
|
||||
sb.append(authority.toString());
|
||||
}
|
||||
} else {
|
||||
sb.append("Not granted any authorities");
|
||||
|
|
@ -137,7 +140,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData
|
|||
*/
|
||||
public static class Essence {
|
||||
protected LdapUserDetailsImpl instance = createTarget();
|
||||
private List<GrantedAuthority> mutableAuthorities = new ArrayList<GrantedAuthority>();
|
||||
private Collection<GrantedAuthority> mutableAuthorities = new ArrayList<GrantedAuthority>();
|
||||
|
||||
public Essence() { }
|
||||
|
||||
|
|
@ -190,7 +193,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData
|
|||
return newInstance;
|
||||
}
|
||||
|
||||
public List<GrantedAuthority> getGrantedAuthorities() {
|
||||
public Collection<GrantedAuthority> getGrantedAuthorities() {
|
||||
return mutableAuthorities;
|
||||
}
|
||||
|
||||
|
|
@ -202,7 +205,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData
|
|||
instance.accountNonLocked = accountNonLocked;
|
||||
}
|
||||
|
||||
public void setAuthorities(List<GrantedAuthority> authorities) {
|
||||
public void setAuthorities(Collection<GrantedAuthority> authorities) {
|
||||
mutableAuthorities = authorities;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -52,6 +52,7 @@ import javax.naming.directory.SearchControls;
|
|||
import javax.naming.directory.SearchResult;
|
||||
import javax.naming.ldap.LdapContext;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.ListIterator;
|
||||
|
|
@ -315,7 +316,7 @@ public class LdapUserDetailsManager implements UserDetailsManager {
|
|||
userDetailsMapper.mapUserToContext(user, ctx);
|
||||
}
|
||||
|
||||
protected void addAuthorities(DistinguishedName userDn, List<GrantedAuthority> authorities) {
|
||||
protected void addAuthorities(DistinguishedName userDn, Collection<GrantedAuthority> authorities) {
|
||||
modifyAuthorities(userDn, authorities, DirContext.ADD_ATTRIBUTE);
|
||||
}
|
||||
|
||||
|
|
@ -323,11 +324,10 @@ public class LdapUserDetailsManager implements UserDetailsManager {
|
|||
modifyAuthorities(userDn, authorities, DirContext.REMOVE_ATTRIBUTE);
|
||||
}
|
||||
|
||||
private void modifyAuthorities(final DistinguishedName userDn, final List<GrantedAuthority> authorities, final int modType) {
|
||||
private void modifyAuthorities(final DistinguishedName userDn, final Collection<GrantedAuthority> authorities, final int modType) {
|
||||
template.executeReadWrite(new ContextExecutor() {
|
||||
public Object executeWithContext(DirContext ctx) throws NamingException {
|
||||
for(int i=0; i < authorities.size(); i++) {
|
||||
GrantedAuthority authority = authorities.get(i);
|
||||
for(GrantedAuthority authority : authorities) {
|
||||
String group = convertAuthorityToGroup(authority);
|
||||
DistinguishedName fullDn = LdapUtils.getFullDn(userDn, ctx);
|
||||
ModificationItem addGroup = new ModificationItem(modType,
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
|
||||
package org.springframework.security.ldap.userdetails;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
|
@ -46,7 +46,7 @@ public class LdapUserDetailsMapper implements UserDetailsContextMapper {
|
|||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, List<GrantedAuthority> authorities) {
|
||||
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<GrantedAuthority> authorities) {
|
||||
String dn = ctx.getNameInNamespace();
|
||||
|
||||
logger.debug("Mapping user details from context with DN: " + dn);
|
||||
|
|
@ -82,8 +82,8 @@ public class LdapUserDetailsMapper implements UserDetailsContextMapper {
|
|||
|
||||
// Add the supplied authorities
|
||||
|
||||
for (int i=0; i < authorities.size(); i++) {
|
||||
essence.addAuthority(authorities.get(i));
|
||||
for (GrantedAuthority authority : authorities) {
|
||||
essence.addAuthority(authority);
|
||||
}
|
||||
|
||||
// Check for PPolicy data
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package org.springframework.security.ldap.userdetails;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
|
|
@ -14,7 +14,7 @@ import org.springframework.util.Assert;
|
|||
*/
|
||||
public class PersonContextMapper implements UserDetailsContextMapper {
|
||||
|
||||
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, List<GrantedAuthority> authorities) {
|
||||
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<GrantedAuthority> authorities) {
|
||||
Person.Essence p = new Person.Essence(ctx);
|
||||
|
||||
p.setUsername(username);
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@
|
|||
*/
|
||||
package org.springframework.security.ldap.userdetails;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
|
|
@ -39,7 +39,7 @@ public interface UserDetailsContextMapper {
|
|||
* @param authority the list of authorities which the user should be given.
|
||||
* @return the user object.
|
||||
*/
|
||||
UserDetails mapUserFromContext(DirContextOperations ctx, String username, List<GrantedAuthority> authority);
|
||||
UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<GrantedAuthority> authority);
|
||||
|
||||
/**
|
||||
* Reverse of the above operation. Populates a context object from the supplied user object.
|
||||
|
|
|
|||
|
|
@ -17,8 +17,7 @@ package org.springframework.security.ldap.authentication;
|
|||
|
||||
import static org.junit.Assert.*;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.jmock.Expectations;
|
||||
import org.jmock.Mockery;
|
||||
|
|
@ -128,12 +127,8 @@ public class LdapAuthenticationProviderTests {
|
|||
assertEquals("ben", user.getUsername());
|
||||
assertEquals("ben", populator.getRequestedUsername());
|
||||
|
||||
ArrayList<String> authorities = new ArrayList<String>();
|
||||
authorities.add(user.getAuthorities().get(0).getAuthority());
|
||||
authorities.add(user.getAuthorities().get(1).getAuthority());
|
||||
|
||||
assertTrue(authorities.contains("ROLE_FROM_ENTRY"));
|
||||
assertTrue(authorities.contains("ROLE_FROM_POPULATOR"));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_FROM_ENTRY"));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_FROM_POPULATOR"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -157,7 +152,7 @@ public class LdapAuthenticationProviderTests {
|
|||
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken("ben", "benspassword");
|
||||
UserDetails user = (UserDetails) ldapProvider.authenticate(authRequest).getPrincipal();
|
||||
assertEquals(1, user.getAuthorities().size());
|
||||
assertEquals("ROLE_FROM_ENTRY", user.getAuthorities().get(0).getAuthority());
|
||||
assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_FROM_ENTRY"));
|
||||
}
|
||||
|
||||
//~ Inner Classes ==================================================================================================
|
||||
|
|
@ -189,7 +184,7 @@ public class LdapAuthenticationProviderTests {
|
|||
class MockAuthoritiesPopulator implements LdapAuthoritiesPopulator {
|
||||
String username;
|
||||
|
||||
public List<GrantedAuthority> getGrantedAuthorities(DirContextOperations userCtx, String username) {
|
||||
public Collection<GrantedAuthority> getGrantedAuthorities(DirContextOperations userCtx, String username) {
|
||||
this.username = username;
|
||||
return AuthorityUtils.createAuthorityList("ROLE_FROM_POPULATOR");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,19 +16,18 @@
|
|||
package org.springframework.security.ldap.populator;
|
||||
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.ldap.AbstractLdapIntegrationTests;
|
||||
import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator;
|
||||
import static org.junit.Assert.*;
|
||||
|
||||
import org.springframework.ldap.core.DirContextAdapter;
|
||||
import org.springframework.ldap.core.DistinguishedName;
|
||||
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
import java.util.Set;
|
||||
|
||||
import static org.junit.Assert.*;
|
||||
import org.junit.Test;
|
||||
import org.springframework.ldap.core.DirContextAdapter;
|
||||
import org.springframework.ldap.core.DistinguishedName;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.ldap.AbstractLdapIntegrationTests;
|
||||
import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator;
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -53,9 +52,9 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio
|
|||
|
||||
DirContextAdapter ctx = new DirContextAdapter(new DistinguishedName("cn=notfound"));
|
||||
|
||||
List<GrantedAuthority> authorities = populator.getGrantedAuthorities(ctx, "notfound");
|
||||
Collection<GrantedAuthority> authorities = populator.getGrantedAuthorities(ctx, "notfound");
|
||||
assertEquals(1, authorities.size());
|
||||
assertEquals("ROLE_USER", authorities.get(0).getAuthority());
|
||||
assertTrue(AuthorityUtils.authorityListToSet(authorities).contains("ROLE_USER"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -69,15 +68,12 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio
|
|||
|
||||
DirContextAdapter ctx = new DirContextAdapter(new DistinguishedName("uid=ben,ou=people,dc=springframework,dc=org"));
|
||||
|
||||
List<GrantedAuthority> authorities = populator.getGrantedAuthorities(ctx, "ben");
|
||||
Set<String> authorities = AuthorityUtils.authorityListToSet(populator.getGrantedAuthorities(ctx, "ben"));
|
||||
|
||||
assertEquals("Should have 2 roles", 2, authorities.size());
|
||||
|
||||
Set<String> roles = new HashSet<String>();
|
||||
roles.add(authorities.get(0).toString());
|
||||
roles.add(authorities.get(1).toString());
|
||||
assertTrue(roles.contains("ROLE_DEVELOPER"));
|
||||
assertTrue(roles.contains("ROLE_MANAGER"));
|
||||
assertTrue(authorities.contains("ROLE_DEVELOPER"));
|
||||
assertTrue(authorities.contains("ROLE_MANAGER"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -88,10 +84,10 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio
|
|||
|
||||
DirContextAdapter ctx = new DirContextAdapter(new DistinguishedName("uid=ben,ou=people,dc=springframework,dc=org"));
|
||||
|
||||
List<GrantedAuthority> authorities = populator.getGrantedAuthorities(ctx, "manager");
|
||||
Set<String> authorities = AuthorityUtils.authorityListToSet(populator.getGrantedAuthorities(ctx, "manager"));
|
||||
|
||||
assertEquals("Should have 1 role", 1, authorities.size());
|
||||
assertEquals("ROLE_MANAGER", authorities.get(0).getAuthority());
|
||||
assertTrue(authorities.contains("ROLE_MANAGER"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -101,14 +97,11 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio
|
|||
|
||||
DirContextAdapter ctx = new DirContextAdapter(new DistinguishedName("uid=ben,ou=people,dc=springframework,dc=org"));
|
||||
|
||||
List<GrantedAuthority> authorities = populator.getGrantedAuthorities(ctx, "manager");
|
||||
Set<String> authorities = AuthorityUtils.authorityListToSet(populator.getGrantedAuthorities(ctx, "manager"));
|
||||
|
||||
assertEquals("Should have 2 roles", 2, authorities.size());
|
||||
Set<String> roles = new HashSet<String>(2);
|
||||
roles.add(authorities.get(0).getAuthority());
|
||||
roles.add(authorities.get(1).getAuthority());
|
||||
assertTrue(roles.contains("ROLE_MANAGER"));
|
||||
assertTrue(roles.contains("ROLE_DEVELOPER"));
|
||||
assertTrue(authorities.contains("ROLE_MANAGER"));
|
||||
assertTrue(authorities.contains("ROLE_DEVELOPER"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -119,16 +112,12 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio
|
|||
|
||||
DirContextAdapter ctx = new DirContextAdapter(new DistinguishedName("uid=ben,ou=people,dc=springframework,dc=org"));
|
||||
|
||||
List<GrantedAuthority> authorities = populator.getGrantedAuthorities(ctx, "manager");
|
||||
Set<String> authorities = AuthorityUtils.authorityListToSet(populator.getGrantedAuthorities(ctx, "manager"));
|
||||
|
||||
assertEquals("Should have 3 roles", 3, authorities.size());
|
||||
Set<String> roles = new HashSet<String>(3);
|
||||
roles.add(authorities.get(0).getAuthority());
|
||||
roles.add(authorities.get(1).getAuthority());
|
||||
roles.add(authorities.get(2).getAuthority());
|
||||
assertTrue(roles.contains("ROLE_MANAGER"));
|
||||
assertTrue(roles.contains("ROLE_DEVELOPER"));
|
||||
assertTrue(roles.contains("ROLE_SUBMANAGER"));
|
||||
assertTrue(authorities.contains("ROLE_MANAGER"));
|
||||
assertTrue(authorities.contains("ROLE_SUBMANAGER"));
|
||||
assertTrue(authorities.contains("ROLE_DEVELOPER"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -139,9 +128,9 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio
|
|||
|
||||
DirContextAdapter ctx = new DirContextAdapter(new DistinguishedName("cn=mouse\\, jerry,ou=people,dc=springframework,dc=org"));
|
||||
|
||||
List<GrantedAuthority> authorities = populator.getGrantedAuthorities(ctx, "notused");
|
||||
Set<String> authorities = AuthorityUtils.authorityListToSet(populator.getGrantedAuthorities(ctx, "notused"));
|
||||
|
||||
assertEquals("Should have 1 role", 1, authorities.size());
|
||||
assertEquals("ROLE_MANAGER", authorities.get(0).getAuthority());
|
||||
assertTrue(authorities.contains("ROLE_MANAGER"));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
package org.springframework.security.ldap.populator;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.*;
|
||||
import static org.mockito.Mockito.*;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.springframework.ldap.core.DirContextAdapter;
|
||||
|
|
@ -27,9 +27,9 @@ public class UserDetailsServiceLdapAuthoritiesPopulatorTests {
|
|||
when(user.getAuthorities()).thenReturn(AuthorityUtils.createAuthorityList("ROLE_USER"));
|
||||
|
||||
UserDetailsServiceLdapAuthoritiesPopulator populator = new UserDetailsServiceLdapAuthoritiesPopulator(uds);
|
||||
List<GrantedAuthority> auths = populator.getGrantedAuthorities(new DirContextAdapter(), "joe");
|
||||
Collection<GrantedAuthority> auths = populator.getGrantedAuthorities(new DirContextAdapter(), "joe");
|
||||
|
||||
assertEquals(1, auths.size());
|
||||
assertEquals("ROLE_USER", auths.get(0).getAuthority());
|
||||
assertTrue(AuthorityUtils.authorityListToSet(auths).contains("ROLE_USER"));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,9 +23,6 @@ import junit.framework.TestCase;
|
|||
import org.springframework.ldap.core.DirContextAdapter;
|
||||
import org.springframework.ldap.core.DistinguishedName;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.ldap.userdetails.LdapUserDetails;
|
||||
import org.springframework.security.ldap.userdetails.LdapUserDetailsImpl;
|
||||
import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper;
|
||||
|
||||
/**
|
||||
* Tests {@link LdapUserDetailsMapper}.
|
||||
|
|
@ -69,7 +66,7 @@ public class LdapUserDetailsMapperTests extends TestCase {
|
|||
LdapUserDetailsImpl user = (LdapUserDetailsImpl) mapper.mapUserFromContext(ctx, "ani", AuthorityUtils.NO_AUTHORITIES);
|
||||
|
||||
assertEquals(1, user.getAuthorities().size());
|
||||
assertEquals("ROLE_X", user.getAuthorities().get(0).getAuthority());
|
||||
assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_X"));
|
||||
}
|
||||
|
||||
public void testPasswordAttributeIsMappedCorrectly() throws Exception {
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ package org.springframework.security.ldap.userdetails;
|
|||
|
||||
import static org.junit.Assert.*;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
import java.util.Set;
|
||||
|
||||
import org.junit.Test;
|
||||
|
|
@ -58,7 +58,7 @@ public class LdapUserDetailsServiceTests {
|
|||
}
|
||||
|
||||
class MockAuthoritiesPopulator implements LdapAuthoritiesPopulator {
|
||||
public List<GrantedAuthority> getGrantedAuthorities(DirContextOperations userCtx, String username) {
|
||||
public Collection<GrantedAuthority> getGrantedAuthorities(DirContextOperations userCtx, String username) {
|
||||
return AuthorityUtils.createAuthorityList("ROLE_FROM_POPULATOR");
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,6 +15,7 @@
|
|||
package org.springframework.security.openid;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
import org.springframework.security.authentication.AbstractAuthenticationToken;
|
||||
|
|
@ -55,7 +56,7 @@ public class OpenIDAuthenticationToken extends AbstractAuthenticationToken {
|
|||
* used by the <tt>OpenIDAuthenticationProvider</tt>.
|
||||
*
|
||||
*/
|
||||
public OpenIDAuthenticationToken(Object principal, List<GrantedAuthority> authorities,
|
||||
public OpenIDAuthenticationToken(Object principal, Collection<GrantedAuthority> authorities,
|
||||
String identityUrl, List<OpenIDAttribute> attributes) {
|
||||
super(authorities);
|
||||
this.principal = principal;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
package org.springframework.security.web.authentication.preauth;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.authentication.AbstractAuthenticationToken;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
|
@ -39,13 +38,6 @@ public class PreAuthenticatedAuthenticationToken extends AbstractAuthenticationT
|
|||
this.credentials = aCredentials;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @deprecated
|
||||
*/
|
||||
public PreAuthenticatedAuthenticationToken(Object aPrincipal, Object aCredentials, GrantedAuthority[] anAuthorities) {
|
||||
this(aPrincipal, aCredentials, Arrays.asList(anAuthorities));
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructor used for an authentication response. The {@link
|
||||
|
|
@ -57,7 +49,7 @@ public class PreAuthenticatedAuthenticationToken extends AbstractAuthenticationT
|
|||
* @param anAuthorities
|
||||
* The granted authorities
|
||||
*/
|
||||
public PreAuthenticatedAuthenticationToken(Object aPrincipal, Object aCredentials, List<GrantedAuthority> anAuthorities) {
|
||||
public PreAuthenticatedAuthenticationToken(Object aPrincipal, Object aCredentials, Collection<GrantedAuthority> anAuthorities) {
|
||||
super(anAuthorities);
|
||||
this.principal = aPrincipal;
|
||||
this.credentials = aCredentials;
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package org.springframework.security.web.authentication.switchuser;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
|
@ -28,5 +28,5 @@ public interface SwitchUserAuthorityChanger {
|
|||
*
|
||||
* @return the modified list of granted authorities.
|
||||
*/
|
||||
List<GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, List<GrantedAuthority> authoritiesToBeGranted);
|
||||
Collection<GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, Collection<GrantedAuthority> authoritiesToBeGranted);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@ package org.springframework.security.web.authentication.switchuser;
|
|||
|
||||
import java.io.IOException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
import javax.servlet.FilterChain;
|
||||
|
|
@ -290,7 +291,7 @@ public class SwitchUserProcessingFilter extends GenericFilterBean implements App
|
|||
GrantedAuthority switchAuthority = new SwitchUserGrantedAuthority(ROLE_PREVIOUS_ADMINISTRATOR, currentAuth);
|
||||
|
||||
// get the original authorities
|
||||
List<GrantedAuthority> orig = targetUser.getAuthorities();
|
||||
Collection<GrantedAuthority> orig = targetUser.getAuthorities();
|
||||
|
||||
// Allow subclasses to change the authorities to be granted
|
||||
if (switchUserAuthorityChanger != null) {
|
||||
|
|
@ -323,7 +324,7 @@ public class SwitchUserProcessingFilter extends GenericFilterBean implements App
|
|||
Authentication original = null;
|
||||
|
||||
// iterate over granted authorities and find the 'switch user' authority
|
||||
List<GrantedAuthority> authorities = current.getAuthorities();
|
||||
Collection<GrantedAuthority> authorities = current.getAuthorities();
|
||||
|
||||
for (GrantedAuthority auth : authorities) {
|
||||
// check for switch user type of authority
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ package org.springframework.security.web.servletapi;
|
|||
|
||||
|
||||
import java.security.Principal;
|
||||
import java.util.List;
|
||||
import java.util.Collection;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletRequestWrapper;
|
||||
|
|
@ -128,7 +128,7 @@ public class SecurityContextHolderAwareRequestWrapper extends HttpServletRequest
|
|||
return false;
|
||||
}
|
||||
|
||||
List<GrantedAuthority> authorities = auth.getAuthorities();
|
||||
Collection<GrantedAuthority> authorities = auth.getAuthorities();
|
||||
|
||||
if (authorities == null) {
|
||||
return false;
|
||||
|
|
|
|||
|
|
@ -33,6 +33,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
|||
import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.authority.GrantedAuthorityImpl;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.core.userdetails.memory.UserAttribute;
|
||||
|
|
@ -45,15 +46,6 @@ import org.springframework.security.core.userdetails.memory.UserAttribute;
|
|||
* @version $Id$
|
||||
*/
|
||||
public class AnonymousProcessingFilterTests extends TestCase {
|
||||
//~ Constructors ===================================================================================================
|
||||
|
||||
public AnonymousProcessingFilterTests() {
|
||||
super();
|
||||
}
|
||||
|
||||
public AnonymousProcessingFilterTests(String arg0) {
|
||||
super(arg0);
|
||||
}
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
|
|
@ -164,7 +156,7 @@ public class AnonymousProcessingFilterTests extends TestCase {
|
|||
|
||||
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
|
||||
assertEquals("anonymousUsername", auth.getPrincipal());
|
||||
assertEquals(new GrantedAuthorityImpl("ROLE_ANONYMOUS"), auth.getAuthorities().get(0));
|
||||
assertTrue(AuthorityUtils.authorityListToSet(auth.getAuthorities()).contains("ROLE_ANONYMOUS"));
|
||||
SecurityContextHolder.getContext().setAuthentication(null); // so anonymous fires again
|
||||
|
||||
// Now test operation if we have removeAfterRequest = true
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
package org.springframework.security.web.authentication.preauth;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
|
|
@ -47,7 +48,7 @@ public class PreAuthenticatedAuthenticationTokenTests extends TestCase {
|
|||
assertEquals(credentials, token.getCredentials());
|
||||
assertNull(token.getDetails());
|
||||
assertNotNull(token.getAuthorities());
|
||||
List<GrantedAuthority> resultColl = token.getAuthorities();
|
||||
Collection<GrantedAuthority> resultColl = token.getAuthorities();
|
||||
assertTrue("GrantedAuthority collections do not match; result: " + resultColl + ", expected: " + gas,
|
||||
gas.containsAll(resultColl) && resultColl.containsAll(gas));
|
||||
|
||||
|
|
|
|||
|
|
@ -19,6 +19,7 @@ import static org.junit.Assert.*;
|
|||
import static org.mockito.Mockito.*;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
import javax.servlet.FilterChain;
|
||||
|
|
@ -368,7 +369,7 @@ public class SwitchUserProcessingFilterTests {
|
|||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
filter.setUserDetailsService(new MockUserDetailsService());
|
||||
filter.setSwitchUserAuthorityChanger(new SwitchUserAuthorityChanger() {
|
||||
public List<GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, List<GrantedAuthority> authoritiesToBeGranted) {
|
||||
public Collection<GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, Collection<GrantedAuthority> authoritiesToBeGranted) {
|
||||
List <GrantedAuthority>auths = new ArrayList<GrantedAuthority>();
|
||||
auths.add(new GrantedAuthorityImpl("ROLE_NEW"));
|
||||
return auths;
|
||||
|
|
@ -378,7 +379,7 @@ public class SwitchUserProcessingFilterTests {
|
|||
Authentication result = filter.attemptSwitchUser(request);
|
||||
assertTrue(result != null);
|
||||
assertEquals(2, result.getAuthorities().size());
|
||||
assertEquals("ROLE_NEW", result.getAuthorities().get(0).getAuthority());
|
||||
assertTrue(AuthorityUtils.authorityListToSet(result.getAuthorities()).contains("ROLE_NEW"));
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue