diff --git a/sandbox/spring-security-config/.classpath b/sandbox/spring-security-config/.classpath deleted file mode 100644 index 921f13b43f..0000000000 --- a/sandbox/spring-security-config/.classpath +++ /dev/null @@ -1,47 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/.project b/sandbox/spring-security-config/.project deleted file mode 100644 index 929ae1551c..0000000000 --- a/sandbox/spring-security-config/.project +++ /dev/null @@ -1,19 +0,0 @@ - - spring-security-config - Acegi Security System for Spring - - - - org.eclipse.jdt.core.javabuilder - - - org.eclipse.wst.validation.validationbuilder - - - - org.eclipse.wst.common.project.facet.core.nature - org.eclipse.jdt.core.javanature - org.eclipse.wst.common.modulecore.ModuleCoreNature - org.eclipse.jem.workbench.JavaEMFNature - - \ No newline at end of file diff --git a/sandbox/spring-security-config/.settings/.component b/sandbox/spring-security-config/.settings/.component deleted file mode 100644 index ab11e108c0..0000000000 --- a/sandbox/spring-security-config/.settings/.component +++ /dev/null @@ -1,6 +0,0 @@ - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/.settings/org.eclipse.jdt.core.prefs b/sandbox/spring-security-config/.settings/org.eclipse.jdt.core.prefs deleted file mode 100644 index 9af6b3d081..0000000000 --- a/sandbox/spring-security-config/.settings/org.eclipse.jdt.core.prefs +++ /dev/null @@ -1,7 +0,0 @@ -#Sun Jun 17 10:48:58 EST 2007 -eclipse.preferences.version=1 -org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5 -org.eclipse.jdt.core.compiler.compliance=1.5 -org.eclipse.jdt.core.compiler.problem.assertIdentifier=error -org.eclipse.jdt.core.compiler.problem.enumIdentifier=error -org.eclipse.jdt.core.compiler.source=1.5 diff --git a/sandbox/spring-security-config/.settings/org.eclipse.wst.common.project.facet.core.xml b/sandbox/spring-security-config/.settings/org.eclipse.wst.common.project.facet.core.xml deleted file mode 100644 index 9bbcbd78eb..0000000000 --- a/sandbox/spring-security-config/.settings/org.eclipse.wst.common.project.facet.core.xml +++ /dev/null @@ -1,6 +0,0 @@ - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/basicauth/BasicProcessingFilter.java b/sandbox/spring-security-config/basicauth/BasicProcessingFilter.java deleted file mode 100644 index 6a226d53ed..0000000000 --- a/sandbox/spring-security-config/basicauth/BasicProcessingFilter.java +++ /dev/null @@ -1,239 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.acegisecurity.ui.basicauth; - -import java.io.IOException; - -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.acegisecurity.Authentication; -import org.acegisecurity.AuthenticationException; -import org.acegisecurity.AuthenticationManager; -import org.acegisecurity.context.SecurityContextHolder; -import org.acegisecurity.providers.UsernamePasswordAuthenticationToken; -import org.acegisecurity.ui.AuthenticationDetailsSource; -import org.acegisecurity.ui.AuthenticationDetailsSourceImpl; -import org.acegisecurity.ui.AuthenticationEntryPoint; -import org.acegisecurity.ui.rememberme.RememberMeServices; -import org.apache.commons.codec.binary.Base64; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.springframework.beans.factory.InitializingBean; -import org.springframework.core.Ordered; -import org.springframework.util.Assert; - - -/** - * Processes a HTTP request's BASIC authorization headers, putting the result into the - * SecurityContextHolder.

For a detailed background on what this filter is designed to process, - * refer to RFC 1945, Section 11.1. Any realm name presented in - * the HTTP request is ignored.

- *

In summary, this filter is responsible for processing any request that has a HTTP request header of - * Authorization with an authentication scheme of Basic and a Base64-encoded - * username:password token. For example, to authenticate user "Aladdin" with password "open sesame" the - * following header would be presented:

- *

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==.

- *

This filter can be used to provide BASIC authentication services to both remoting protocol clients (such as - * Hessian and SOAP) as well as standard user agents (such as Internet Explorer and Netscape).

- *

If authentication is successful, the resulting {@link Authentication} object will be placed into the - * SecurityContextHolder.

- *

If authentication fails and ignoreFailure is false (the default), an {@link - * AuthenticationEntryPoint} implementation is called. Usually this should be {@link BasicProcessingFilterEntryPoint}, - * which will prompt the user to authenticate again via BASIC authentication.

- *

Basic authentication is an attractive protocol because it is simple and widely deployed. However, it still - * transmits a password in clear text and as such is undesirable in many situations. Digest authentication is also - * provided by Acegi Security and should be used instead of Basic authentication wherever possible. See {@link - * org.acegisecurity.ui.digestauth.DigestProcessingFilter}.

- *

Note that if a {@link #rememberMeServices} is set, this filter will automatically send back remember-me - * details to the client. Therefore, subsequent requests will not need to present a BASIC authentication header as - * they will be authenticated using the remember-me mechanism.

- *

Do not use this class directly. Instead configure web.xml to use the {@link - * org.acegisecurity.util.FilterToBeanProxy}.

- * - * @author Ben Alex - * @version $Id: BasicProcessingFilter.java 1783 2007-02-23 19:21:44Z luke_t $ - */ -public class BasicProcessingFilter implements Filter, InitializingBean, Ordered { - //~ Static fields/initializers ===================================================================================== - - private static final Log logger = LogFactory.getLog(BasicProcessingFilter.class); - - //~ Instance fields ================================================================================================ - - private AuthenticationDetailsSource authenticationDetailsSource = new AuthenticationDetailsSourceImpl(); - private AuthenticationEntryPoint authenticationEntryPoint; - private AuthenticationManager authenticationManager; - private RememberMeServices rememberMeServices; - private boolean ignoreFailure = false; - private int order; - - //~ Methods ======================================================================================================== - - public void afterPropertiesSet() throws Exception { - Assert.notNull(this.authenticationManager, "An AuthenticationManager is required"); - Assert.notNull(this.authenticationEntryPoint, "An AuthenticationEntryPoint is required"); - } - - public void destroy() {} - - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) - throws IOException, ServletException { - - if (!(request instanceof HttpServletRequest)) { - throw new ServletException("Can only process HttpServletRequest"); - } - - if (!(response instanceof HttpServletResponse)) { - throw new ServletException("Can only process HttpServletResponse"); - } - - HttpServletRequest httpRequest = (HttpServletRequest) request; - HttpServletResponse httpResponse = (HttpServletResponse) response; - - String header = httpRequest.getHeader("Authorization"); - - if (logger.isDebugEnabled()) { - logger.debug("Authorization header: " + header); - } - - if ((header != null) && header.startsWith("Basic ")) { - String base64Token = header.substring(6); - String token = new String(Base64.decodeBase64(base64Token.getBytes())); - - String username = ""; - String password = ""; - int delim = token.indexOf(":"); - - if (delim != -1) { - username = token.substring(0, delim); - password = token.substring(delim + 1); - } - - if (authenticationIsRequired(username)) { - UsernamePasswordAuthenticationToken authRequest = - new UsernamePasswordAuthenticationToken(username, password); - authRequest.setDetails(authenticationDetailsSource.buildDetails((HttpServletRequest) request)); - - Authentication authResult; - - try { - authResult = authenticationManager.authenticate(authRequest); - } catch (AuthenticationException failed) { - // Authentication failed - if (logger.isDebugEnabled()) { - logger.debug("Authentication request for user: " + username + " failed: " + failed.toString()); - } - - SecurityContextHolder.getContext().setAuthentication(null); - - if (rememberMeServices != null) { - rememberMeServices.loginFail(httpRequest, httpResponse); - } - - if (ignoreFailure) { - chain.doFilter(request, response); - } else { - authenticationEntryPoint.commence(request, response, failed); - } - - return; - } - - // Authentication success - if (logger.isDebugEnabled()) { - logger.debug("Authentication success: " + authResult.toString()); - } - - SecurityContextHolder.getContext().setAuthentication(authResult); - - if (rememberMeServices != null) { - rememberMeServices.loginSuccess(httpRequest, httpResponse, authResult); - } - } - } - - chain.doFilter(request, response); - } - - private boolean authenticationIsRequired(String username) { - // Only reauthenticate if username doesn't match SecurityContextHolder and user isn't authenticated - // (see SEC-53) - Authentication existingAuth = SecurityContextHolder.getContext().getAuthentication(); - - if(existingAuth == null || !existingAuth.isAuthenticated()) { - return true; - } - - // Limit username comparison to providers which use usernames (ie UsernamePasswordAuthenticationToken) - // (see SEC-348) - - if (existingAuth instanceof UsernamePasswordAuthenticationToken && !existingAuth.getName().equals(username)) { - return true; - } - - return false; - } - - public AuthenticationEntryPoint getAuthenticationEntryPoint() { - return authenticationEntryPoint; - } - - public AuthenticationManager getAuthenticationManager() { - return authenticationManager; - } - - public void init(FilterConfig arg0) throws ServletException {} - - public boolean isIgnoreFailure() { - return ignoreFailure; - } - - public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource) { - Assert.notNull(authenticationDetailsSource, "AuthenticationDetailsSource required"); - this.authenticationDetailsSource = authenticationDetailsSource; - } - - public void setAuthenticationEntryPoint(AuthenticationEntryPoint authenticationEntryPoint) { - this.authenticationEntryPoint = authenticationEntryPoint; - } - - public void setAuthenticationManager(AuthenticationManager authenticationManager) { - this.authenticationManager = authenticationManager; - } - - public void setIgnoreFailure(boolean ignoreFailure) { - this.ignoreFailure = ignoreFailure; - } - - public void setRememberMeServices(RememberMeServices rememberMeServices) { - this.rememberMeServices = rememberMeServices; - } - - public int getOrder() { - return order; - } - - public void setOrder(int order) { - this.order = order; - } -} diff --git a/sandbox/spring-security-config/basicauth/BasicProcessingFilterEntryPoint.java b/sandbox/spring-security-config/basicauth/BasicProcessingFilterEntryPoint.java deleted file mode 100644 index ad02d21362..0000000000 --- a/sandbox/spring-security-config/basicauth/BasicProcessingFilterEntryPoint.java +++ /dev/null @@ -1,102 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.acegisecurity.ui.basicauth; - -import java.io.IOException; -import java.util.Map; - -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletResponse; - -import org.acegisecurity.AuthenticationException; -import org.acegisecurity.ui.AuthenticationEntryPoint; -import org.acegisecurity.util.OrderedUtils; -import org.springframework.beans.factory.InitializingBean; -import org.springframework.context.ApplicationContext; -import org.springframework.context.ApplicationContextAware; -import org.springframework.core.Ordered; -import org.springframework.util.Assert; - -/** - * Used by the SecurityEnforcementFilter to commence - * authentication via the {@link BasicProcessingFilter}. - *

- * Once a user agent is authenticated using BASIC authentication, logout - * requires that the browser be closed or an unauthorized (401) header be sent. - * The simplest way of achieving the latter is to call the - * {@link #commence(ServletRequest, ServletResponse, AuthenticationException)} - * method below. This will indicate to the browser its credentials are no longer - * authorized, causing it to prompt the user to login again. - *

- * - * @author Ben Alex - * @version $Id: BasicProcessingFilterEntryPoint.java 1822 2007-05-17 12:20:16Z - * vishalpuri $ - */ -public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered, - ApplicationContextAware { - // ~ Static fields/initializers - // ===================================================================================== - private static final int DEFAULT_ORDER = Integer.MAX_VALUE; - - // ~ Instance fields - // ================================================================================================ - - private String realmName; - - private int order = DEFAULT_ORDER; - - private ApplicationContext applicationContext; - - // ~ Methods - // ======================================================================================================== - - public int getOrder() { - return order; - } - - public void setOrder(int order) { - this.order = order; - } - - public void afterPropertiesSet() throws Exception { - Assert.hasText(realmName, "realmName must be specified"); - if (order == DEFAULT_ORDER) { - OrderedUtils.copyOrderFromOtherClass(BasicProcessingFilter.class, applicationContext, this, true); - } - } - - public void commence(ServletRequest request, ServletResponse response, AuthenticationException authException) - throws IOException, ServletException { - HttpServletResponse httpResponse = (HttpServletResponse) response; - httpResponse.addHeader("WWW-Authenticate", "Basic realm=\"" + realmName + "\""); - httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.getMessage()); - } - - public String getRealmName() { - return realmName; - } - - public void setRealmName(String realmName) { - this.realmName = realmName; - } - - public void setApplicationContext(ApplicationContext applicationContext) { - this.applicationContext = applicationContext; - } -} diff --git a/sandbox/spring-security-config/basicauth/package.html b/sandbox/spring-security-config/basicauth/package.html deleted file mode 100644 index dcd7c31c91..0000000000 --- a/sandbox/spring-security-config/basicauth/package.html +++ /dev/null @@ -1,5 +0,0 @@ - - -Authenticates HTTP BASIC authentication requests. - - diff --git a/sandbox/spring-security-config/pom.xml b/sandbox/spring-security-config/pom.xml deleted file mode 100644 index e91ee781f8..0000000000 --- a/sandbox/spring-security-config/pom.xml +++ /dev/null @@ -1,169 +0,0 @@ - - - - acegi-security-sandbox - org.acegisecurity - 1.0.6-SNAPSHOT - - 4.0.0 - org.acegisecurity - spring-security-config - spring-security-config - 2.0.0-SNAPSHOT - http://maven.apache.org - - - org.acegisecurity - acegi-security-tiger - 1.0.6-SNAPSHOT - - - org.springframework - spring-remoting - - - org.springframework - spring-jdbc - - - org.springframework - spring-support - runtime - - - org.springframework - spring-mock - true - - - net.sf.ehcache - ehcache - 1.2.4 - true - - - cas - casclient - 2.0.11 - true - - - commons-lang - commons-lang - 2.1 - - - commons-logging - commons-logging - 1.0.4 - - - commons-codec - commons-codec - 1.3 - - - oro - oro - 2.0.8 - - - commons-collections - commons-collections - 3.1 - - - commons-attributes - commons-attributes-compiler - 2.1 - - - commons-attributes - commons-attributes-api - 2.1 - - - commons-attributes - commons-attributes-plugin - 2.1 - plugin - - - - aspectj - aspectjrt - 1.2 - true - - - javax.servlet - jsp-api - 2.0 - true - - - javax.servlet - servlet-api - 2.4 - true - - - taglibs - standard - 1.0.6 - true - - - hsqldb - hsqldb - 1.8.0.4 - test - - - org.apache.directory.server - apacheds-core - 1.0.0 - test - - - org.slf4j - slf4j-log4j12 - 1.0.1 - test - - - jmock - jmock - 1.0.1 - test - - - log4j - log4j - - - - - - org.apache.maven.plugins - maven-compiler-plugin - - 1.5 - 1.5 - - - - - - - - org.apache.maven.plugins - maven-pmd-plugin - - 1.5 - - - - - - diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/App.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/App.java deleted file mode 100644 index 5feccae6ff..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/App.java +++ /dev/null @@ -1,13 +0,0 @@ -package org.acegisecurity; - -/** - * Hello world! - * - */ -public class App -{ - public static void main( String[] args ) - { - System.out.println( "Hello World!" ); - } -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/BankService.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/BankService.java deleted file mode 100644 index 7ac94560aa..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/BankService.java +++ /dev/null @@ -1,50 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.acegisecurity; - -import org.acegisecurity.annotation.Secured; - - -/** - * BankService sample using Java 5 Annotations. - * - * @author Mark St.Godard - * @version $Id: BankService.java 1496 2006-05-23 13:38:33Z benalex $ - * - * @see org.acegisecurity.annotation.Secured - */ -@Secured({"ROLE_TELLER"}) -public interface BankService { - //~ Methods ======================================================================================================== - - /** - * Get the account balance. - * - * @param accountNumber The account number - * - * @return The balance - */ - @Secured({"ROLE_PERMISSION_BALANCE"}) - public float balance(String accountNumber); - - /** - * List accounts - * - * @return The list of accounts - */ - @Secured({"ROLE_PERMISSION_LIST"}) - public String[] listAccounts(); -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/BankServiceImpl.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/BankServiceImpl.java deleted file mode 100644 index ea6c7bfc5a..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/BankServiceImpl.java +++ /dev/null @@ -1,34 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.acegisecurity; - -/** - * BankService sample implementation. - * - * @author Mark St.Godard - * @version $Id: BankServiceImpl.java 1496 2006-05-23 13:38:33Z benalex $ - */ -public class BankServiceImpl implements BankService { - //~ Methods ======================================================================================================== - - public float balance(String accountNumber) { - return 42000000; - } - - public String[] listAccounts() { - return new String[] {"1", "2", "3"}; - } -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/Main.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/Main.java deleted file mode 100644 index 8b51c9810d..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/Main.java +++ /dev/null @@ -1,77 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.acegisecurity; - -import org.acegisecurity.AccessDeniedException; -import org.acegisecurity.GrantedAuthority; -import org.acegisecurity.GrantedAuthorityImpl; - -import org.acegisecurity.context.SecurityContextHolder; -import org.acegisecurity.context.SecurityContextImpl; - -import org.acegisecurity.providers.TestingAuthenticationToken; - -import org.springframework.context.support.ClassPathXmlApplicationContext; - - -/** - * -DOCUMENT ME! - * - * @author Mark St.Godard - * @version $Id: Main.java 1496 2006-05-23 13:38:33Z benalex $ - */ -public class Main { - //~ Methods ======================================================================================================== - - /** - * This can be done in a web app by using a filter or SpringMvcIntegrationInterceptor. - */ - private static void createSecureContext() { - TestingAuthenticationToken auth = new TestingAuthenticationToken("test", "test", - new GrantedAuthority[] { - new GrantedAuthorityImpl("ROLE_TELLER"), new GrantedAuthorityImpl("ROLE_PERMISSION_LIST") - }); - - SecurityContextHolder.getContext().setAuthentication(auth); - } - - private static void destroySecureContext() { - SecurityContextHolder.setContext(new SecurityContextImpl()); - } - - public static void main(String[] args) throws Exception { - createSecureContext(); - - ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext( - "org/acegisecurity/config/auto-config.xml"); - BankService service = (BankService) context.getBean("bankService"); - - // will succeed - service.listAccounts(); - - // will fail - try { - System.out.println( - "We expect an AccessDeniedException now, as we do not hold the ROLE_PERMISSION_BALANCE granted authority, and we're using a unanimous access decision manager... "); - service.balance("1"); - } catch (AccessDeniedException e) { - e.printStackTrace(); - } - - destroySecureContext(); - } -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationMechanismBeanDefinitionParser.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationMechanismBeanDefinitionParser.java deleted file mode 100644 index 4b5cce4e86..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationMechanismBeanDefinitionParser.java +++ /dev/null @@ -1,145 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.acegisecurity.config; - -import org.acegisecurity.ldap.DefaultInitialDirContextFactory; -import org.acegisecurity.providers.ProviderManager; -import org.acegisecurity.providers.ldap.LdapAuthenticationProvider; -import org.acegisecurity.providers.ldap.authenticator.BindAuthenticator; -import org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator; -import org.acegisecurity.util.BeanDefinitionParserUtils; -import org.springframework.beans.factory.config.RuntimeBeanReference; -import org.springframework.beans.factory.support.AbstractBeanDefinition; -import org.springframework.beans.factory.support.ManagedList; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; -import org.springframework.beans.factory.xml.BeanDefinitionParser; -import org.springframework.beans.factory.xml.ParserContext; -import org.springframework.util.Assert; -import org.springframework.util.StringUtils; -import org.springframework.util.xml.DomUtils; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; - -/** - * * {@link BeanDefinitionParser} for the authentication-mechanism - * tag, resolves to {@link org.acegisecurity.providers.ProviderManager}
- * - * @author vpuri - * @see {@link org.springframework.beans.factory.BeanFactory} - * @see {@link org.acegisecurity.providers.ProviderManager} - * - */ -public class AuthenticationMechanismBeanDefinitionParser extends AbstractBeanDefinitionParser implements - BeanDefinitionParser { - // ~ Instance fields - // ================================================================================================ - - private static final String AUTHENTICATION_JDBC = "authentication-jdbc"; - - private static final String AUTHENTICATION_LDAP = "authentication-ldap"; - - private static final String REF = "ref"; - - // ~ Methods - // ======================================================================================================== - protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { - - ManagedList providers = new ManagedList(); - Assert.notNull(parserContext, "ParserContext must not be null"); - RootBeanDefinition authMechanismBeanDef = new RootBeanDefinition(ProviderManager.class); - NodeList childNodes = element.getChildNodes(); - - for (int i = 0, n = childNodes.getLength(); i < n; i++) { - Node node = childNodes.item(i); - - if (node.getNodeType() == Node.ELEMENT_NODE) { - Element childElement = (Element) node; - // this.providerExists = true; - - if (AUTHENTICATION_JDBC.equals(node.getLocalName())) { - String attribute = childElement.getAttribute(REF); - if (StringUtils.hasLength(attribute)) { - // create a beandefinition - providers.add(new RuntimeBeanReference(attribute)); - } - } - else if (AUTHENTICATION_LDAP.equals(node.getLocalName())) { - providers.add(createLdapAuthencticationProviderBeanDefinition(childElement, parserContext)); - } - } - authMechanismBeanDef.getPropertyValues().addPropertyValue("providers", providers); - - } - return authMechanismBeanDef; - } - - /** - * Creates a default bean definition. - * @return - */ - protected static RootBeanDefinition createAndRegisterBeanDefinitionWithDefaults(ParserContext parserContext) { - RootBeanDefinition beanDefinition = new RootBeanDefinition(ProviderManager.class); - ManagedList providers = new ManagedList(); - // create authentication-repository (DaoAuthenticationProvider) and add - // that to list - RootBeanDefinition authRepo = AuthenticationRepositoryBeanDefinitionParser.createBeanDefinitionWithDefaults(); - providers.add(authRepo); - beanDefinition.getPropertyValues().addPropertyValue("providers", providers); - parserContext.getReaderContext().registerWithGeneratedName(beanDefinition); - return beanDefinition; - } - - protected static RootBeanDefinition createLdapAuthencticationProviderBeanDefinition(Element element, - ParserContext parserContext) { - // element ldap - RootBeanDefinition ldapAuthProvider = new RootBeanDefinition(LdapAuthenticationProvider.class); - RootBeanDefinition initialDirContextFactory = createInitialDirContextFactoryBeanDefinition(element); - RootBeanDefinition ldapAuthoritiesPopulator = new RootBeanDefinition(DefaultLdapAuthoritiesPopulator.class); - - RootBeanDefinition bindAuthenticator = new RootBeanDefinition(BindAuthenticator.class); - Element property = DomUtils.getChildElementByTagName(element, "property"); - Assert.notNull(property); - parserContext.getDelegate().parsePropertyElement(property, bindAuthenticator); - bindAuthenticator.getConstructorArgumentValues().addIndexedArgumentValue(0, initialDirContextFactory); - - // LdapAuthenticator - ldapAuthProvider.getConstructorArgumentValues().addIndexedArgumentValue(0, bindAuthenticator); - - ldapAuthoritiesPopulator.getConstructorArgumentValues().addIndexedArgumentValue(0, initialDirContextFactory); - BeanDefinitionParserUtils.setConstructorArgumentIfAvailable(1, element, "groupSearchBase", false, - ldapAuthoritiesPopulator); - BeanDefinitionParserUtils.setPropertyIfAvailable(element, "groupRoleAttribute", "groupRoleAttribute", false, - ldapAuthoritiesPopulator); - - // LdapAuthoritiesPopulator - ldapAuthProvider.getConstructorArgumentValues().addIndexedArgumentValue(1, ldapAuthoritiesPopulator); - - return ldapAuthProvider; - - } - - private static RootBeanDefinition createInitialDirContextFactoryBeanDefinition(Element element) { - RootBeanDefinition initialDirContextFactory = new RootBeanDefinition(DefaultInitialDirContextFactory.class); - BeanDefinitionParserUtils.setConstructorArgumentIfAvailable(0, element, "ldapUrl", false, - initialDirContextFactory); - BeanDefinitionParserUtils.setPropertyIfAvailable(element, "managerDn", "managerDn", false, - initialDirContextFactory); - BeanDefinitionParserUtils.setPropertyIfAvailable(element, "managerPassword", "managerPassword", false, - initialDirContextFactory); - return initialDirContextFactory; - } -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationProcessingFilterBeanDefinitionParser.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationProcessingFilterBeanDefinitionParser.java deleted file mode 100644 index 7425685ffe..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationProcessingFilterBeanDefinitionParser.java +++ /dev/null @@ -1,71 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices; -import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter; -import org.springframework.beans.factory.config.BeanDefinitionHolder; -import org.springframework.beans.factory.support.AbstractBeanDefinition; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; -import org.springframework.beans.factory.xml.BeanDefinitionParser; -import org.springframework.beans.factory.xml.ParserContext; -import org.springframework.util.StringUtils; -import org.w3c.dom.Element; - -/** - * @author vpuri - * - */ -public class AuthenticationProcessingFilterBeanDefinitionParser extends AbstractBeanDefinitionParser implements - BeanDefinitionParser { - - // ~ Instance fields - // ================================================================================================ - - private static final String AUTHENTICATION_URL = "authenticationUrl"; - - private static final String ERROR_FORM_URL = "errorFormUrl"; - - private static final String DEFAULT_TARGET_URL = "defaultTargetUrl"; - - // ~ Methods - // ================================================================================================ - - protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { - - RootBeanDefinition definition = new RootBeanDefinition(AuthenticationProcessingFilter.class); - - setPropertyIfAvailable(element, AUTHENTICATION_URL, "filterProcessesUrl", definition); - setPropertyIfAvailable(element, ERROR_FORM_URL, "authenticationFailureUrl", definition); - setPropertyIfAvailable(element, DEFAULT_TARGET_URL, "defaultTargetUrl", definition); - - return definition; - } - - private void setPropertyIfAvailable(Element element, String attribute, String property, - RootBeanDefinition definition) { - String propertyValue = element.getAttribute(attribute); - if (StringUtils.hasText(propertyValue)) { - definition.getPropertyValues().addPropertyValue(property, propertyValue); - } - } - - protected static RootBeanDefinition createBeandefinitionWithDefaults(ParserContext parserContext, RootBeanDefinition authenticationManager, RootBeanDefinition rememberMeServices) { - RootBeanDefinition definition = new RootBeanDefinition(AuthenticationProcessingFilter.class); - definition.getPropertyValues().addPropertyValue("authenticationManager",authenticationManager); - definition.getPropertyValues().addPropertyValue("rememberMeServices",rememberMeServices); -// RootBeanDefinition beanDefinition = AuthenticationMechanismBeanDefinitionParser.createAndRegisterBeanDefinitionWithDefaults(parserContext); -// definition.getPropertyValues().addPropertyValue("authenticationManager", -// parserContext.getReaderContext().getRegistry().getBeanDefinition(beanDefinition.getBeanClassName())); -// definition.getPropertyValues().addPropertyValue("rememberMeServices", -// RememberMeServicesBeanDefinitionParser.createAndRegisterBeanDefintionWithDefaults(parserContext)); - /* TODO: There should not be any defaults for these urls ?!?! */ - definition.getPropertyValues().addPropertyValue("authenticationFailureUrl", "/acegilogin.jsp?login_error=1"); - definition.getPropertyValues().addPropertyValue("defaultTargetUrl", "/"); - - return definition; - } - -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationProviderOrderResolver.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationProviderOrderResolver.java deleted file mode 100644 index 635f863a8c..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AuthenticationProviderOrderResolver.java +++ /dev/null @@ -1,43 +0,0 @@ -package org.acegisecurity.config; - -import java.util.Collections; - -import org.acegisecurity.AuthenticationManager; -import org.acegisecurity.providers.AuthenticationProvider; -import org.springframework.beans.BeansException; -import org.springframework.beans.factory.config.BeanFactoryPostProcessor; -import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; -import org.springframework.beans.factory.support.ManagedList; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.core.OrderComparator; - -public class AuthenticationProviderOrderResolver implements BeanFactoryPostProcessor { - - /** - * - */ - public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException { - // retrieve all the AuthenticationProvider instances - ManagedList providers = retrieveAllAuthenticationProviders(beanFactory); - String[] names = beanFactory.getBeanNamesForType(AuthenticationManager.class); - RootBeanDefinition definition = (RootBeanDefinition)beanFactory.getBeanDefinition(names[0]); - definition.getPropertyValues().addPropertyValue("providers",providers); - } - /** - * - * @param beanFactory - * @return - */ - private ManagedList retrieveAllAuthenticationProviders(ConfigurableListableBeanFactory beanFactory) { - String[] m = beanFactory.getBeanNamesForType(AuthenticationProvider.class); - ManagedList l = new ManagedList(); - for(int i=0;i - // one attribute allowed, aspectj or springAop - Assert.isTrue(!(element.hasAttribute(SPRING_AOP_ATTRIBUTE) && element.hasAttribute(ASPECTJ_ATTRIBUTE)), - "only one attribute (springAop or aspectj) is allowed"); - - Element urlMappingEle = DomUtils.getChildElementByTagName(element, "url-mapping"); - - String sourceBeanId = urlMappingEle.getAttribute(SOURCE_BEAN_REF); - boolean isSourceBeanIdDefined = StringUtils.hasLength(sourceBeanId); - - if (!isValidConfiguration(urlMappingEle, isSourceBeanIdDefined)) { - throw new IllegalArgumentException( - " 'custom' value provided by 'source' attribute need to be selected when referring to a bean by 'sourceBeanId' attribute "); - } - - if ((element.hasAttribute(ASPECTJ_ATTRIBUTE)) && element.getAttribute(ASPECTJ_ATTRIBUTE).equals("true")) { - // create AspectJSecurityInterceptor - if (isSourceBeanIdDefined) - return createMethodSecurityInterceptor(AspectJSecurityInterceptor.class, new RuntimeBeanReference( - sourceBeanId)); - - return createMethodSecurityInterceptor(AspectJSecurityInterceptor.class, createObjectDefinitionSource( - parserContext, urlMappingEle)); - } - else if ((element.hasAttribute(SPRING_AOP_ATTRIBUTE)) - && element.getAttribute(SPRING_AOP_ATTRIBUTE).equals("true")) { - // create MethodSecurityInterceptor and - // MethodDefinitionSourceAdvisor - if (isSourceBeanIdDefined) - return createMethodSecurityInterceptor(MethodSecurityInterceptor.class, new RuntimeBeanReference( - sourceBeanId)); - - return createMethodSecurityInterceptor(MethodSecurityInterceptor.class, createObjectDefinitionSource( - parserContext, urlMappingEle)); - } - return null; - } - - /** - * @param parserContext - * @param firstChild - * @param sourceValue - * @throws BeanDefinitionStoreException - */ - private MethodDefinitionSource createObjectDefinitionSource(ParserContext parserContext, Element element) - throws BeanDefinitionStoreException { - String sourceValue = element.getAttribute(SOURCE_ATTRIBUTE); - if (sourceValue.equals("xml")) { - // create MethodDefinitionSourceEditor - Element methodPattern = DomUtils.getChildElementByTagName(element, "method-pattern"); - String methodToProtect = methodPattern.getAttribute(TYPE_ATTRIBUTE); - - MethodDefinitionSourceMapping mapping = new MethodDefinitionSourceMapping(); - MethodDefinitionMap source = new MethodDefinitionMap(); - List mappings = new ArrayList(); - - mapping.setMethodName(methodToProtect); - - List configAttributes = DomUtils.getChildElementsByTagName(methodPattern, CONFIGURATION_ATTRIBUTE); - - for (Iterator iter = configAttributes.iterator(); iter.hasNext();) { - Element configAttribute = (Element) iter.next(); - String configAttributeValue = configAttribute.getAttribute(ATTRIBUTE); - mapping.addConfigAttribute(configAttributeValue); - } - mappings.add(mapping); - source.setMappings(mappings); - return source; - } - else if (sourceValue.equals("annotations")) { - BeanDefinitionParserUtils.registerBeanDefinition(parserContext, new RootBeanDefinition( - DefaultAdvisorAutoProxyCreator.class)); - - MethodDefinitionAttributes source = new MethodDefinitionAttributes(); - SecurityAnnotationAttributes attributes = new SecurityAnnotationAttributes(); - source.setAttributes(attributes); - return source; - } - else if (sourceValue.equals("attributes")) { - // create CommonsAttributes - CommonsAttributes attributes = new CommonsAttributes(); - // objectDefinitionSource and inject attributes - MethodDefinitionAttributes source = new MethodDefinitionAttributes(); - source.setAttributes(attributes); - - // register DefaultAdvisorAutoProxyCreator with parseContext - BeanDefinitionParserUtils.registerBeanDefinition(parserContext, new RootBeanDefinition( - DefaultAdvisorAutoProxyCreator.class)); - - // register MethodDefinitionSourceAdvisor autowire="constructor" - registerMethodDefinitionSourceAdvisor(parserContext); - return source; - } - return null; - } - - /** - * @param parserContext - * @throws BeanDefinitionStoreException - */ - private void registerMethodDefinitionSourceAdvisor(ParserContext parserContext) throws BeanDefinitionStoreException { - RootBeanDefinition methodSecurityAdvisor = new RootBeanDefinition(MethodDefinitionSourceAdvisor.class); - methodSecurityAdvisor.setAutowireMode(AbstractBeanDefinition.AUTOWIRE_CONSTRUCTOR); - BeanDefinitionParserUtils.registerBeanDefinition(parserContext, methodSecurityAdvisor); - } - - /** - * Creates BeanDefinition for MethodSecurityInterceptor - * MethodSecurityInterceptor autodetects 'authenticationManager' and - * 'accessDecisionManager' - * @param name - * - * @return - */ - private RootBeanDefinition createMethodSecurityInterceptor(Class interceptorType, Object object) { - Assert.notNull(object, "objectDefinitionSource required"); - RootBeanDefinition securityInterceptor = new RootBeanDefinition(interceptorType); - if (RuntimeBeanReference.class.isAssignableFrom(object.getClass())) { - RuntimeBeanReference source = (RuntimeBeanReference) object; - securityInterceptor.getPropertyValues().addPropertyValue("objectDefinitionSource", source); - } - else if (MethodDefinitionSource.class.isAssignableFrom(object.getClass())) { - MethodDefinitionSource source = (MethodDefinitionSource) object; - securityInterceptor.getPropertyValues().addPropertyValue("objectDefinitionSource", source); - } - securityInterceptor.getPropertyValues().addPropertyValue("validateConfigAttributes", Boolean.FALSE); - RootBeanDefinition runAsManager = createRunAsManager(); - securityInterceptor.getPropertyValues().addPropertyValue("runAsManager", runAsManager); - return securityInterceptor; - } - - private RootBeanDefinition createRunAsManager() { - RootBeanDefinition runAsManager = new RootBeanDefinition(RunAsManagerImpl.class); - runAsManager.getPropertyValues().addPropertyValue("key", "my_run_as_password"); - return runAsManager; - } - - /** - * Checks if 'custom' option is picked for 'source' attribute when - * 'sourceBeanId' attribute is provided. - *

- * The valid configuration example:
<security:url-mapping - * source="custom" sourceBeanId="referenceToObjectDefinitionSource"/> - *

- * @param urlMappingElement - * @return boolean Returns 'true' if configuration is accepted otherwise - * returns 'false' - */ - private boolean isValidConfiguration(Element urlMappingElement, boolean isRefDefined) { - Assert.notNull(urlMappingElement, "invalid tag - expected 'url-mapping' "); - Assert.isTrue(urlMappingElement.getLocalName().equals("url-mapping"), "invalid tag - expected 'url-mapping' "); - if (isRefDefined && (urlMappingElement.getAttribute(SOURCE_ATTRIBUTE).compareTo("custom") != 0)) { - return false; - } - return true; - } -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AutoConfigBeanDefinitionParser.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AutoConfigBeanDefinitionParser.java deleted file mode 100644 index 0b6a21c22a..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/AutoConfigBeanDefinitionParser.java +++ /dev/null @@ -1,243 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import org.acegisecurity.annotation.SecurityAnnotationAttributes; -import org.acegisecurity.intercept.method.MethodDefinitionAttributes; -import org.acegisecurity.intercept.method.aopalliance.MethodDefinitionSourceAdvisor; -import org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor; -import org.acegisecurity.intercept.web.FilterInvocationDefinitionDecorator; -import org.acegisecurity.intercept.web.FilterInvocationDefinitionSourceMapping; -import org.acegisecurity.intercept.web.FilterSecurityInterceptor; -import org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap; -import org.acegisecurity.runas.RunAsManagerImpl; -import org.acegisecurity.userdetails.memory.InMemoryDaoImpl; -import org.acegisecurity.util.BeanDefinitionParserUtils; -import org.acegisecurity.vote.AffirmativeBased; -import org.acegisecurity.vote.AuthenticatedVoter; -import org.acegisecurity.vote.RoleVoter; -import org.acegisecurity.vote.UnanimousBased; -import org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter; -import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator; -import org.springframework.beans.factory.config.BeanDefinition; -import org.springframework.beans.factory.support.ManagedList; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.beans.factory.xml.BeanDefinitionParser; -import org.springframework.beans.factory.xml.ParserContext; -import org.springframework.util.xml.DomUtils; -import org.w3c.dom.Element; - -/** - * Parses 'autoconfig' tag and creates all the required - * BeanDefinitions with their default configurations. It also - * resolves their dependencies and wire them together. - * - * @author Vishal Puri - * - */ -public class AutoConfigBeanDefinitionParser implements BeanDefinitionParser { - - // ~ instance fields - // ================================================================================================ - - private RootBeanDefinition authenticationManager; - - private RootBeanDefinition rememberMeServices; - - private ManagedList decisionVoters = new ManagedList(); - - // ~ Method - // ================================================================================================ - - public BeanDefinition parse(Element element, ParserContext parserContext) { - // authentication manager - this.authenticationManager = AuthenticationMechanismBeanDefinitionParser - .createAndRegisterBeanDefinitionWithDefaults(parserContext); - // remembermeServices - this.rememberMeServices = RememberMeServicesBeanDefinitionParser - .createAndRegisterBeanDefintionWithDefaults(parserContext); - // flters - createAndRegisterBeanDefinitionForHttpSessionContextIntegrationFilter(parserContext); - createAndRegisterBeanDefinitionForLogoutFilter(parserContext, rememberMeServices); - createAndRegisterBeanDefinitionForAuthenticationProcessingFilter(parserContext, authenticationManager, - rememberMeServices); - createAndRegisterBeanDefinitionForRememberMeProcessingFilter(parserContext, authenticationManager); - createAndRegisterBeanDefinitionForExceptionTranslationFilter(parserContext); - createAndRegisterBeanDefintionForSecurityContextHolderAwareRequestFilter(parserContext); - - // method interceptor - createAndRegisterBeanDefinitinoForMethodDefinitionSourceAdvisor(parserContext, authenticationManager); - createAndRegisterDefaultAdvisorAutoProxyCreator(parserContext); - - // filter security interceptor - createAndRegisterBeanDefinitionForFilterSecurityInterceptor(parserContext, authenticationManager); - - // create userDetailsService - return null; - } - - private void createAndRegisterBeanDefintionForSecurityContextHolderAwareRequestFilter(ParserContext parserContext) { - RootBeanDefinition beanDefinition = new RootBeanDefinition(SecurityContextHolderAwareRequestFilter.class); - BeanDefinitionParserUtils.registerBeanDefinition(parserContext, beanDefinition); - } - - /** - * Creates FilterSecurityInterceptor bean definition and - * register it with the ParserContext - * - * @param parserContext To register the bean definition with - * @param authenticationManager The AuthenticationManager to - * set as a property in the bean definition - */ - private void createAndRegisterBeanDefinitionForFilterSecurityInterceptor(ParserContext parserContext, - RootBeanDefinition authenticationManager) { - RootBeanDefinition filterInvocationInterceptor = new RootBeanDefinition(FilterSecurityInterceptor.class); - filterInvocationInterceptor.getPropertyValues() - .addPropertyValue("authenticationManager", authenticationManager); - RootBeanDefinition accessDecisionManager = createAccessDecisionManagerAffirmativeBased(); - filterInvocationInterceptor.getPropertyValues() - .addPropertyValue("accessDecisionManager", accessDecisionManager); - - FilterInvocationDefinitionDecorator source = new FilterInvocationDefinitionDecorator(); - source.setDecorated(new PathBasedFilterInvocationDefinitionMap()); - - FilterInvocationDefinitionSourceMapping mapping = new FilterInvocationDefinitionSourceMapping(); - - String url1 = "/acegilogin.jsp"; - String value1 = "IS_AUTHENTICATED_ANONYMOUSLY"; - - String url2 = "/**"; - String value2 = "IS_AUTHENTICATED_REMEMBERED"; - - mapping.setUrl(url1); - mapping.addConfigAttribute(value1); - - mapping.setUrl(url2); - mapping.addConfigAttribute(value2); - - List mappings = new ArrayList(); - mappings.add(mapping); - source.setMappings(mappings); - filterInvocationInterceptor.getPropertyValues().addPropertyValue("objectDefinitionSource", - source.getDecorated()); - BeanDefinitionParserUtils.registerBeanDefinition(parserContext, filterInvocationInterceptor); - } - - private RootBeanDefinition createAccessDecisionManagerAffirmativeBased() { - RootBeanDefinition accessDecisionManager = new RootBeanDefinition(AffirmativeBased.class); - accessDecisionManager.getPropertyValues().addPropertyValue("allowIfAllAbstainDecisions", Boolean.FALSE); - RootBeanDefinition authenticatedVoter = new RootBeanDefinition(AuthenticatedVoter.class); - this.decisionVoters.add(authenticatedVoter); - accessDecisionManager.getPropertyValues().addPropertyValue("decisionVoters", decisionVoters); - return accessDecisionManager; - } - - private void createAndRegisterDefaultAdvisorAutoProxyCreator(ParserContext parserContext) { - BeanDefinitionParserUtils.registerBeanDefinition(parserContext, new RootBeanDefinition( - DefaultAdvisorAutoProxyCreator.class)); - } - - private void createAndRegisterBeanDefinitinoForMethodDefinitionSourceAdvisor(ParserContext parserContext, - RootBeanDefinition authenticationManager) { - RootBeanDefinition methodSecurityAdvisor = new RootBeanDefinition(MethodDefinitionSourceAdvisor.class); - - RootBeanDefinition securityInterceptor = createMethodSecurityInterceptor(authenticationManager); - methodSecurityAdvisor.getConstructorArgumentValues().addIndexedArgumentValue(0, securityInterceptor); - BeanDefinitionParserUtils.registerBeanDefinition(parserContext, methodSecurityAdvisor); - - } - - private RootBeanDefinition createAccessDecisionManagerUnanimousBased() { - RootBeanDefinition accessDecisionManager = new RootBeanDefinition(UnanimousBased.class); - accessDecisionManager.getPropertyValues().addPropertyValue("allowIfAllAbstainDecisions", Boolean.FALSE); - decisionVoters.add(new RootBeanDefinition(RoleVoter.class)); - accessDecisionManager.getPropertyValues().addPropertyValue("decisionVoters", decisionVoters); - return accessDecisionManager; - } - - private RootBeanDefinition createMethodSecurityInterceptor(RootBeanDefinition authenticationManager) { - RootBeanDefinition securityInterceptor = new RootBeanDefinition(MethodSecurityInterceptor.class); - securityInterceptor.getPropertyValues().addPropertyValue("authenticationManager", authenticationManager); - RootBeanDefinition accessDecisionManager = createAccessDecisionManagerUnanimousBased(); - securityInterceptor.getPropertyValues().addPropertyValue("accessDecisionManager", accessDecisionManager); - securityInterceptor.getPropertyValues().addPropertyValue("validateConfigAttributes", Boolean.FALSE); - RootBeanDefinition runAsManager = createRunAsManager(); - securityInterceptor.getPropertyValues().addPropertyValue("runAsManager", runAsManager); - RootBeanDefinition objectDefinitionSource = createMethodDefinitionAttributes(); - securityInterceptor.getPropertyValues().addPropertyValue("objectDefinitionSource", objectDefinitionSource); - return securityInterceptor; - } - - private RootBeanDefinition createMethodDefinitionAttributes() { - RootBeanDefinition objectDefinitionSource = new RootBeanDefinition(MethodDefinitionAttributes.class); - RootBeanDefinition attributes = createSecurityAnnotationAttributes(); - objectDefinitionSource.getPropertyValues().addPropertyValue("attributes", attributes); - return objectDefinitionSource; - } - - private RootBeanDefinition createSecurityAnnotationAttributes() { - return new RootBeanDefinition(SecurityAnnotationAttributes.class); - } - - private RootBeanDefinition createRunAsManager() { - RootBeanDefinition runAsManager = new RootBeanDefinition(RunAsManagerImpl.class); - runAsManager.getPropertyValues().addPropertyValue("key", "my_run_as_password"); - return runAsManager; - } - - private void createAndRegisterBeanDefinitionForExceptionTranslationFilter(ParserContext parserContext) { - BeanDefinitionParserUtils.registerBeanDefinition(parserContext, ExceptionTranslationFilterBeanDefinitionParser - .createBeanDefinitionWithDefaults()); - } - - private void createAndRegisterBeanDefinitionForRememberMeProcessingFilter(ParserContext parserContext, - RootBeanDefinition authenticationManager) { - BeanDefinitionParserUtils.registerBeanDefinition(parserContext, RememberMeFilterBeanDefinitionParser - .createBeanDefinitionWithDefaults(parserContext, authenticationManager)); - } - - private void createAndRegisterBeanDefinitionForAuthenticationProcessingFilter(ParserContext parserContext, - RootBeanDefinition authenticationManager, RootBeanDefinition rememberMeServices) { - RootBeanDefinition defintion = AuthenticationProcessingFilterBeanDefinitionParser - .createBeandefinitionWithDefaults(parserContext, authenticationManager, rememberMeServices); - BeanDefinitionParserUtils.registerBeanDefinition(parserContext, defintion); - } - - private void createAndRegisterBeanDefinitionForLogoutFilter(ParserContext parserContext, - RootBeanDefinition rememberMeServices) { - RootBeanDefinition defintion = LogoutFilterBeanDefinitionParser - .createBeanDefinitionWithDefaults(rememberMeServices); - BeanDefinitionParserUtils.registerBeanDefinition(parserContext, defintion); - } - - private void createAndRegisterBeanDefinitionForHttpSessionContextIntegrationFilter(ParserContext parserContext) { - RootBeanDefinition defintion = ContextIntegrationBeanDefinitionParser.createBeanDefinitionWithDefaults(); - BeanDefinitionParserUtils.registerBeanDefinition(parserContext, defintion); - // retrieveBeanDefinition(parserContext, o) - } - - /** - * Returns a BeanDefinition of the specified type. - * - * @param parserContext - * @param type - * @return - */ - private RootBeanDefinition retrieveBeanDefinition(ParserContext parserContext, Class type) { - String[] names = parserContext.getRegistry().getBeanDefinitionNames(); - for (String name : names) { - BeanDefinition beanDefinition = parserContext.getRegistry().getBeanDefinition(name); - if (type.isInstance(beanDefinition)) { - return (RootBeanDefinition) beanDefinition; - } - } - return null; - } - -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/ContextIntegrationBeanDefinitionParser.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/ContextIntegrationBeanDefinitionParser.java deleted file mode 100644 index 7b8787a929..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/ContextIntegrationBeanDefinitionParser.java +++ /dev/null @@ -1,91 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import org.acegisecurity.context.HttpSessionContextIntegrationFilter; -import org.springframework.beans.factory.config.BeanDefinition; -import org.springframework.beans.factory.support.BeanDefinitionBuilder; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser; -import org.springframework.beans.factory.xml.ParserContext; -import org.springframework.core.Conventions; -import org.springframework.util.Assert; -import org.springframework.util.StringUtils; -import org.w3c.dom.Attr; -import org.w3c.dom.Element; -import org.w3c.dom.NamedNodeMap; - -/** - * - * @author vpuri - * - */ -public class ContextIntegrationBeanDefinitionParser extends AbstractSingleBeanDefinitionParser { - - // ~ Static fields/initializers - // ===================================================================================== - - private static final String HTTP_SESSION_CONTEXT_INTEGRATION = "session-context-integration"; - - private static final String SESSION_CREATION = "sessionCreation"; - - private static final String IF_REQUIRED = "ifRequired"; - - private static final String ALWAYS = "always"; - - private static final String NEVER = "never"; - - private static final String ALLOW_SESSION_CREATION = "allowSessionCreation"; - - // ~ Methods - // ======================================================================================================== - - protected Class getBeanClass(Element element) { - return HttpSessionContextIntegrationFilter.class; - } - - protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) { - - NamedNodeMap attributes = element.getAttributes(); - - for (int x = 0; x < attributes.getLength(); x++) { - Attr attribute = (Attr) attributes.item(x); - String attributeName = attribute.getLocalName(); - if (!ID_ATTRIBUTE.equals(attributeName)) { - if (attributeName.equals(SESSION_CREATION)) { - String sessionCreation = element.getAttribute(SESSION_CREATION); - createBeanDefinition(builder, sessionCreation); - } - else { - String propertyName = Conventions.attributeNameToPropertyName(attributeName); - Assert - .state(StringUtils.hasText(propertyName), - "Illegal property name returned from 'extractPropertyName(String)': cannot be null or empty."); - builder.addPropertyValue(propertyName, attribute.getValue()); - } - } - } - } - - private void createBeanDefinition(BeanDefinitionBuilder builder, String attribute) { - if (attribute.equals(IF_REQUIRED)) { - builder.addPropertyValue(ALLOW_SESSION_CREATION, Boolean.TRUE); - } - else if (attribute.equals(ALWAYS)) { - builder.addPropertyValue(ALLOW_SESSION_CREATION, Boolean.TRUE); - } - else if (attribute.equals(NEVER)) { - builder.addPropertyValue(ALLOW_SESSION_CREATION, Boolean.FALSE); - } - else { - createBeanDefinitionWithDefaults(); - } - } - - protected static RootBeanDefinition createBeanDefinitionWithDefaults() { - RootBeanDefinition definition = new RootBeanDefinition(HttpSessionContextIntegrationFilter.class); - definition.getPropertyValues().addPropertyValue(ALLOW_SESSION_CREATION, Boolean.TRUE); - return definition; - } -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/ExceptionTranslationFilterBeanDefinitionParser.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/ExceptionTranslationFilterBeanDefinitionParser.java deleted file mode 100644 index b77a8c0a72..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/ExceptionTranslationFilterBeanDefinitionParser.java +++ /dev/null @@ -1,183 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import org.acegisecurity.ui.AccessDeniedHandlerImpl; -import org.acegisecurity.ui.ExceptionTranslationFilter; -import org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint; -import org.springframework.beans.factory.config.RuntimeBeanReference; -import org.springframework.beans.factory.support.AbstractBeanDefinition; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; -import org.springframework.beans.factory.xml.ParserContext; -import org.springframework.util.StringUtils; -import org.springframework.util.xml.DomUtils; -import org.w3c.dom.Element; - -/** - *

- * This class parses the tag and creates the - * bean defintion for ExceptionTranslationFilter.
The - * '<security:access-denied .. />' tag is optional and if not specified - * ExceptionTranslationFilter
will autodetect the instance - * of AccessDeniedHandler; alternately if there are > 1 such - * handlers,
we can nominate the one to use via 'accessDeniedBeanRef'. - *

- * - *

- * The 'entryPointBeanRef' and 'accessDeniedBeanRef' can be specified as - * attributes or inner bean definitions.
See following sample showing both - * ways. - *

- * - *

- * Sample: - *

<security:exception-translation id="exceptionTranslationFilter"> - *
- *
<security:entry-point - * entryPointBeanRef="authenticationProcessingFilterEntryPoint" />
- *
<security:access-denied accessDeniedBeanRef="theBeanToUse" /> - *
- *
</security:exception-translation>
- * or - *
<security:exception-translation id="exceptionTranslationFilter" - * entryPointBeanRef="ref" accessDeniedBeanRef="ref" />
- * - *

- * - * @author Vishal Puri - * @version - * @see {@link org.acegisecurity.ui.ExceptionTranslationFilter} - * @see {@link org.acegisecurity.ui.AccessDeniedHandler} - */ -public class ExceptionTranslationFilterBeanDefinitionParser extends AbstractBeanDefinitionParser { - - // ~ Static fields - // ===================================================================================== - - private static final String ACCESS_DENIED = "access-denied"; - - private static final String ACCESS_DENIED_REF = "accessDeniedBeanRef"; - - private static final String ACCESS_DENIED_URL = "accessDeniedUrl"; - - private static final String ENTRY_POINT = "entry-point"; - - private static final String ENTRY_POINT_REF = "entryPointBeanRef"; - - private static final String LOGIN_FORM_URL = "loginFormUrl"; - - private static final String LOGIN_FORM_URL_VALUE = "/acegilogin.jsp"; - - // ~ Method - // ================================================================================================ - - protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { - - RootBeanDefinition exceptionFilterDef = new RootBeanDefinition(ExceptionTranslationFilter.class); - - // add handler - Element accessDeniedElement = DomUtils.getChildElementByTagName(element, ACCESS_DENIED); - setAccessDeniedHandlerProperty(parserContext, exceptionFilterDef, accessDeniedElement); - - Element entryPointElement = DomUtils.getChildElementByTagName(element, ENTRY_POINT); - setEntryPointProperty(exceptionFilterDef, entryPointElement); - - return exceptionFilterDef; - } - - private void setEntryPointProperty(RootBeanDefinition exceptionFilterDef, Element entryPointElement) { - if (entryPointElement != null) { - setBeanReferenceOrInnerBeanDefinitions(exceptionFilterDef, entryPointElement, "authenticationEntryPoint", - entryPointElement.getAttribute(ENTRY_POINT_REF)); - } - } - - /** - * Resolves are reference to 'accessDeniedHandler' property. - * @param parserContext - * @param exceptionFilterDef The ExceptionFilter BeanDefinition - * @param accessDeniedElement The inner tag for accessDeniedHandler - * property. - */ - private void setAccessDeniedHandlerProperty(ParserContext parserContext, RootBeanDefinition exceptionFilterDef, - Element accessDeniedElement) { - if (accessDeniedElement != null) { - setBeanReferenceOrInnerBeanDefinitions(exceptionFilterDef, accessDeniedElement, "accessDeniedHandler", - accessDeniedElement.getAttribute(ACCESS_DENIED_REF)); - } - } - - /** - * Add property if it's specified as an attribute or inner tag. - * - * @param exceptionFilterDef The ExceptionFilter BeanDefinition - * @param element The inner bean element - * @param property The property to add - * @param beanRef The bean reference to resolve. - */ - private void setBeanReferenceOrInnerBeanDefinitions(RootBeanDefinition exceptionFilterDef, Element element, - String property, String beanRef) { - // check for encoderBeanRef attribute - if (StringUtils.hasLength(beanRef)) { - exceptionFilterDef.getPropertyValues().addPropertyValue(property, new RuntimeBeanReference(beanRef)); - } - else { - doSetInnerBeanDefinitions(exceptionFilterDef, element, property); - } - } - - /** - * Add property specified as an inner bean definition. - * @param exceptionFilterDef The ExceptionFilter BeanDefinition - * @param element The inner bean element - * @param property The property to add - */ - private void doSetInnerBeanDefinitions(RootBeanDefinition exceptionFilterDef, Element accessDeniedElement, - String property) { - RootBeanDefinition accessDeniedHandlerBeanDef = new RootBeanDefinition(AccessDeniedHandlerImpl.class); - setPropertyIfAvailable(accessDeniedElement, ACCESS_DENIED_URL, "errorPage", accessDeniedHandlerBeanDef); - exceptionFilterDef.getPropertyValues().addPropertyValue(property, accessDeniedHandlerBeanDef); - - } - - /** - * @param element - * @param attribute - * @param property - * @param definition - */ - private void setPropertyIfAvailable(Element element, String attribute, String property, - RootBeanDefinition definition) { - String propertyValue = element.getAttribute(attribute); - if (StringUtils.hasText(propertyValue)) { - definition.getPropertyValues().addPropertyValue(property, propertyValue); - } - } - - /** - * Creates BeanDefintion for - * ExceptionTranslationFilter with it's default properties. - * @return beanDefinition The bean defintion configured with default - * properties - */ - protected static RootBeanDefinition createBeanDefinitionWithDefaults() { - RootBeanDefinition beanDefinition = new RootBeanDefinition(ExceptionTranslationFilter.class); - beanDefinition.getPropertyValues().addPropertyValue("authenticationEntryPoint", - createBeanDefintionForAuthenticationProcessingFilterEntryPoint()); - return beanDefinition; - } - - /** - * Creates BeanDefintion for - * AuthenticationProcessingFilterEntryPoint with it's default - * properties. - * @return beanDefinition The bean defintion configured with default - */ - protected static RootBeanDefinition createBeanDefintionForAuthenticationProcessingFilterEntryPoint() { - RootBeanDefinition beanDefinition = new RootBeanDefinition(AuthenticationProcessingFilterEntryPoint.class); - beanDefinition.getPropertyValues().addPropertyValue(LOGIN_FORM_URL, LOGIN_FORM_URL_VALUE); - return beanDefinition; - } -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/FilterSecurityInterceptorBeanDefinitionParser.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/FilterSecurityInterceptorBeanDefinitionParser.java deleted file mode 100644 index 9f7ba89279..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/FilterSecurityInterceptorBeanDefinitionParser.java +++ /dev/null @@ -1,163 +0,0 @@ -package org.acegisecurity.config; - -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; - -import org.acegisecurity.AccessDecisionManager; -import org.acegisecurity.intercept.web.FilterInvocationDefinitionDecorator; -import org.acegisecurity.intercept.web.FilterInvocationDefinitionSourceMapping; -import org.acegisecurity.intercept.web.FilterSecurityInterceptor; -import org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap; -import org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap; -import org.acegisecurity.util.BeanDefinitionParserUtils; -import org.springframework.beans.factory.support.AbstractBeanDefinition; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; -import org.springframework.beans.factory.xml.ParserContext; -import org.springframework.util.Assert; -import org.springframework.util.xml.DomUtils; -import org.w3c.dom.Element; -import org.w3c.dom.NamedNodeMap; -import org.w3c.dom.Node; - -/** - * @author Vishal Puri - * - */ -public class FilterSecurityInterceptorBeanDefinitionParser extends AbstractBeanDefinitionParser { - // ~ static initializers - // ================================================================================================ - - private static final String OBJECT_DEFINITION_SOURCE_PROPERTY = "objectDefinitionSource"; - - private static final String OBJECT_DEFINITION_SOURCE_REF_ATTRIBUTE = "sourceBeanId"; - - private static final String PATH_ATTRIBUTE = "path"; - - private static final String REG_EX_ATTRIBUTE = "regularExpression"; - - private static final String CONFIGURATION_ATTRIB_ATTRIBUTE = "attribute"; - - // ~ Methods - // ================================================================================================ - - protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { - return createBeanDefinitionForFilterSecurityInterceptor(element, parserContext); - } - - protected static RootBeanDefinition createBeanDefinitionForFilterSecurityInterceptor(Element element, - ParserContext parserContext) { - RootBeanDefinition filterInvocationInterceptor = new RootBeanDefinition(FilterSecurityInterceptor.class); - - RootBeanDefinition accessDecisionManager = AuthorizationManagerBeanDefinitionParser - .createAccessDecisionManagerAffirmativeBased(); - filterInvocationInterceptor.getPropertyValues() - .addPropertyValue("accessDecisionManager", accessDecisionManager); - - FilterInvocationDefinitionDecorator source = new FilterInvocationDefinitionDecorator(); - FilterInvocationDefinitionSourceMapping mapping = new FilterInvocationDefinitionSourceMapping(); - List mappings = new ArrayList(); - - Element firstChild = DomUtils.getChildElementByTagName(element, "url-mapping"); - // if 'url-mapping' element is defined - if (firstChild != null) { - - if (BeanDefinitionParserUtils.setPropertyIfAvailable(firstChild, OBJECT_DEFINITION_SOURCE_REF_ATTRIBUTE, - OBJECT_DEFINITION_SOURCE_PROPERTY, true/* RuntimeBeanReference */, filterInvocationInterceptor)) { - return filterInvocationInterceptor; - } - - // get 'uri-pattern' or 'path' attribute. not both can be specified - // together - List uriPatternElements = DomUtils.getChildElementsByTagName(firstChild, "uri-pattern"); - boolean patternToMatchCreated = false; - - Node patternAttribute = null; - - String url = ""; - - boolean isPathFound = false; - for (Iterator it = uriPatternElements.iterator(); it.hasNext();) { - Element uriPattern = (Element) it.next(); - - /* path or pattern - only one attribute is allowed */ - NamedNodeMap map = uriPattern.getAttributes(); - - Assert.isTrue(map.getLength() == 1, - "only 'path' or 'regularExperssion' attribute allowed with 'uri-pattern' tag"); - - // check if typecreated variable is false then create a type and - // store it somewhere and set typecreated variable to true - if (!patternToMatchCreated) { - // should only be one attribute "path" or - // "regularExpression" - patternAttribute = map.item(0); - // set this variable to true - patternToMatchCreated = true; - // get the attributes and set the decoratd type - // appropriately - if (uriPattern.hasAttribute(PATH_ATTRIBUTE)) { - isPathFound = true; - url = uriPattern.getAttribute(PATH_ATTRIBUTE); - source.setDecorated(new PathBasedFilterInvocationDefinitionMap()); - } - else if (uriPattern.hasAttribute(REG_EX_ATTRIBUTE)) { - url = uriPattern.getAttribute(REG_EX_ATTRIBUTE); - source.setDecorated(new RegExpBasedFilterInvocationDefinitionMap()); - } - } - else { - // type created already so check if it matches with the - // current element - // if it matches get the one attribute "path" or - // "regularExpression" and apply as property - uriPattern.getAttribute(patternAttribute.getLocalName()); - Assert - .hasLength(uriPattern.getAttribute(patternAttribute.getLocalName()), - " ALL uri-pattern tags in the url-mapping must be of the same type (ie cannot mix a regular expression and Ant Path)"); - - if (isPathFound) { - url = uriPattern.getAttribute(PATH_ATTRIBUTE); - } - else { - url = uriPattern.getAttribute(REG_EX_ATTRIBUTE); - } - - } - mapping.setUrl(url); - // get child elements 'configuration-attribute' - List configAttributes = DomUtils.getChildElementsByTagName(uriPattern, "configuration-attribute"); - - for (Iterator iter = configAttributes.iterator(); iter.hasNext();) { - Element configAttribute = (Element) iter.next(); - String configAttributeValue = configAttribute.getAttribute(CONFIGURATION_ATTRIB_ATTRIBUTE); - mapping.addConfigAttribute(configAttributeValue); - } - - } - - } - // default properties - else { - String url1 = "/acegilogin.jsp"; - String value1 = "IS_AUTHENTICATED_ANONYMOUSLY"; - - String url2 = "/**"; - String value2 = "IS_AUTHENTICATED_REMEMBERED"; - - mapping.setUrl(url1); - mapping.addConfigAttribute(value1); - - mapping.setUrl(url2); - mapping.addConfigAttribute(value2); - } - - mappings.add(mapping); - source.setMappings(mappings); - filterInvocationInterceptor.getPropertyValues().addPropertyValue(OBJECT_DEFINITION_SOURCE_PROPERTY, - source.getDecorated()); - return filterInvocationInterceptor; - } - -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/LogoutFilterBeanDefinitionParser.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/LogoutFilterBeanDefinitionParser.java deleted file mode 100644 index f8f709529d..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/LogoutFilterBeanDefinitionParser.java +++ /dev/null @@ -1,108 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import org.acegisecurity.ui.logout.LogoutFilter; -import org.acegisecurity.ui.logout.SecurityContextLogoutHandler; -import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices; -import org.springframework.beans.factory.config.BeanDefinition; -import org.springframework.beans.factory.support.AbstractBeanDefinition; -import org.springframework.beans.factory.support.ManagedList; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; -import org.springframework.beans.factory.xml.ParserContext; -import org.springframework.util.StringUtils; -import org.w3c.dom.Element; - -/** - * @author vpuri - * @since - */ -public class LogoutFilterBeanDefinitionParser extends AbstractBeanDefinitionParser { - - // ~ Instance fields - // ================================================================================================ - private static final String REDIRECT_AFTER_LOGOUT_URL = "redirectAfterLogoutUrl"; - - private static final String LOGOUT_URL = "logoutUrl"; - - private static final String REDIRECT_AFTER_LOGOUT_URL_VALUE = "/"; - - // ~ Methods - // ================================================================================================ - - protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { - - // add the properties - RootBeanDefinition definition = new RootBeanDefinition(LogoutFilter.class); - doCreateBeanDefinition(definition, element, parserContext, false); - return definition; - } - - /** - * - * @param definition - * @param element - * @param parserContext - * @param isAutoconfig - * @see {@link AutoConfigBeanDefinitionParser} - */ - private void doCreateBeanDefinition(RootBeanDefinition definition, Element element, ParserContext parserContext, - boolean isAutoconfig) { - - setConstructorArgumentIfAvailable(0, element, REDIRECT_AFTER_LOGOUT_URL, "logoutSuccessUrl", definition); - setPropertyIfAvailable(element, LOGOUT_URL, "filterProcessesUrl", definition); - /* TODO: Move this logic to LogoutFilter itlself */ - // register BFPP to check if LogoutFilter does not have setHandlers - // populated, introspect app ctx for LogoutHandlers, using Ordered - // (if - // present, otherwise assume Integer.MAX_VALUE) - RootBeanDefinition bfpp = new RootBeanDefinition(LogoutHandlerOrderResolver.class); - parserContext.getReaderContext().registerWithGeneratedName(bfpp); - - } - - private void setConstructorArgumentIfAvailable(int index, Element element, String attribute, String property, - RootBeanDefinition definition) { - String propertyValue = element.getAttribute(attribute); - if (StringUtils.hasText(propertyValue)) { - addConstructorArgument(index, definition, propertyValue); - } - } - - private void addConstructorArgument(int index, RootBeanDefinition definition, String propertyValue) { - definition.getConstructorArgumentValues().addIndexedArgumentValue(index, propertyValue); - } - - private void setPropertyIfAvailable(Element element, String attribute, String property, - RootBeanDefinition definition) { - String propertyValue = element.getAttribute(attribute); - if (StringUtils.hasText(propertyValue)) { - definition.getPropertyValues().addPropertyValue(property, propertyValue); - } - } - - /** - * Creates BeanDefintion as required by 'autoconfig' tag - * - * @param definition The BeanDefinition for Logoutfilter - * @param element - * @param parserContext - * @param isAutoconfig - * @return definition - */ - protected static RootBeanDefinition createBeanDefinitionWithDefaults(RootBeanDefinition rememberMeServices) { - RootBeanDefinition definition = new RootBeanDefinition(LogoutFilter.class); - definition.getConstructorArgumentValues().addIndexedArgumentValue(0, REDIRECT_AFTER_LOGOUT_URL_VALUE); - // create BeanDefinitions for LogoutHandlers - // (TokenBasedRememberMeServices) and (SecuritycontextLogoutHandler) - ManagedList handlers = new ManagedList(); - //RootBeanDefinition rememberMeServices = RememberMeServicesBeanDefinitionParser.doCreateBeanDefintionWithDefaults(); - handlers.add(rememberMeServices); - handlers.add(new RootBeanDefinition(SecurityContextLogoutHandler.class)); - definition.getConstructorArgumentValues().addIndexedArgumentValue(1, handlers); - return definition; - } - -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/LogoutHandlerOrderResolver.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/LogoutHandlerOrderResolver.java deleted file mode 100644 index 2fd55b5b05..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/LogoutHandlerOrderResolver.java +++ /dev/null @@ -1,95 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import java.util.Collections; -import java.util.List; - -import org.acegisecurity.ui.logout.LogoutFilter; -import org.acegisecurity.ui.logout.LogoutHandler; -import org.acegisecurity.ui.logout.SecurityContextLogoutHandler; -import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices; -import org.springframework.beans.BeansException; -import org.springframework.beans.factory.config.BeanFactoryPostProcessor; -import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; -import org.springframework.beans.factory.config.ConstructorArgumentValues.ValueHolder; -import org.springframework.beans.factory.support.ManagedList; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.core.OrderComparator; -import org.springframework.core.Ordered; - -/** - * @author vpuri - * @since - */ -public class LogoutHandlerOrderResolver implements BeanFactoryPostProcessor { - - // ~ Methods - // ================================================================================================ - - public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException { - // If LogoutFilter does not have setHandlers populated, introspect app - // ctx for LogoutHandlers, using Ordered (if present, otherwise assume - // Integer.MAX_VALUE) - String[] names = beanFactory.getBeanNamesForType(LogoutFilter.class); - RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(names[0]); - ValueHolder holder = getHandlersIfConfigured(beanFactory, definition); - if (holder == null) { - // intropect the appcontext for registerd LogoutHandler - List logoutHandlers = retrieveAllLogoutHandlers(beanFactory); - definition.getConstructorArgumentValues().addIndexedArgumentValue(1, logoutHandlers); - } - } - - /** - * - * @param beanFactory - * @param definition - * @return - */ - private ValueHolder getHandlersIfConfigured(ConfigurableListableBeanFactory beanFactory, - RootBeanDefinition definition) { - // there should be only one LogoutFilter - return definition.getConstructorArgumentValues().getArgumentValue(1, null); - - } - - /** - * - * @param beanFactory - * @return - */ - private List retrieveAllLogoutHandlers(ConfigurableListableBeanFactory beanFactory) { - String[] names = beanFactory.getBeanNamesForType(LogoutHandler.class); - ManagedList list = new ManagedList(); - - for (int i = 0, n = names.length; i < n; i++) { - RootBeanDefinition definition = (RootBeanDefinition) beanFactory.getBeanDefinition(names[i]); - - if (definition.hasBeanClass()) { - if (Ordered.class.isAssignableFrom(definition.getBeanClass())) { - definition.getPropertyValues().addPropertyValue("order", - Integer.valueOf(getOrder(definition.getBeanClass()))); - } - else { - definition.getPropertyValues().addPropertyValue("order", Integer.valueOf(Integer.MAX_VALUE)); - } - } - list.add(definition); - } - Collections.sort(list, new OrderComparator()); - return list; - } - - private int getOrder(Class clazz) { - if (clazz.getName().equals(TokenBasedRememberMeServices.class.getName())) { - return 100; - } - if (clazz.getName().equals(SecurityContextLogoutHandler.class.getName())) { - return 200; - } - return Integer.MAX_VALUE; - } - -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/PrincipalRepositoryBeanDefinitionParser.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/PrincipalRepositoryBeanDefinitionParser.java deleted file mode 100644 index 1796f3ba07..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/PrincipalRepositoryBeanDefinitionParser.java +++ /dev/null @@ -1,247 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Properties; - -import org.acegisecurity.GrantedAuthority; -import org.acegisecurity.GrantedAuthorityImpl; -import org.acegisecurity.userdetails.User; -import org.acegisecurity.userdetails.UserDetails; -import org.acegisecurity.userdetails.jdbc.JdbcDaoImpl; -import org.acegisecurity.userdetails.memory.InMemoryDaoImpl; -import org.acegisecurity.userdetails.memory.UserAttribute; -import org.acegisecurity.userdetails.memory.UserMap; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.springframework.beans.factory.config.PropertiesFactoryBean; -import org.springframework.beans.factory.config.RuntimeBeanReference; -import org.springframework.beans.factory.support.AbstractBeanDefinition; -import org.springframework.beans.factory.support.BeanDefinitionBuilder; -import org.springframework.beans.factory.support.ManagedList; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; -import org.springframework.beans.factory.xml.BeanDefinitionParser; -import org.springframework.beans.factory.xml.ParserContext; -import org.springframework.util.StringUtils; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; - -/** - * @author vpuri - * - */ -public class PrincipalRepositoryBeanDefinitionParser extends AbstractBeanDefinitionParser implements - BeanDefinitionParser { - - // ~ Static fields/initializers - // ===================================================================================== - - private static final Log logger = LogFactory.getLog(PrincipalRepositoryBeanDefinitionParser.class); - - // ~ Instance fields - // ================================================================================================ - private static final String JDBC = "jdbc"; - - private static final String DATASOURCE_REF = "dataSourceBeanRef"; - - private static final String DATASOURCE = "dataSource"; - - private static final String JDBCTEMPLATE_REF = "jdbcTemplateBeanRef"; - - private static final String JDBCTEMPLATE = "jdbcTemplate"; - - private static final String AUTHORITIES_BY_USERNAME_QUERY = "authoritiesByUsernameQuery"; - - private static final String ROLE_PREFIX = "rolePrefix"; - - private static final String USERNAME_BASED_PRIMARY_KEY = "usernameBasedPrimaryKey"; - - private static final String PROPERTIES = "properties"; - - private static final String RESOURCE = "resource"; - - private static final String USER_PROPERTIES = "userProperties"; - - private static final String USER_DEFINITION = "user-definition"; - - private static final Object GRANTED_AUTHORITY = "granted-authority"; - - private static final String USERNAME = "username"; - - private static final String PASSWORD = "password"; - - private static final String ENABLED = "enabled"; - - private static final String GRANTED_AUTHORITY_REF = "granted-authority-ref"; - - private static final String AUTHORITY = "authority"; - - private static final String AUTHORITY_BEAN_REF = "authorityBeanRef"; - - // ~ Method - // ================================================================================================ - /** - * - */ - - protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { - NodeList userDetailsServiceChildren = element.getChildNodes(); - RootBeanDefinition userDetailsServiceDefinition = null; - for (int i = 0, n = userDetailsServiceChildren.getLength(); i < n; i++) { - Node userDetailsService = userDetailsServiceChildren.item(i); - - if (JDBC.equals(userDetailsService.getLocalName()) && userDetailsService.getNodeType() == Node.ELEMENT_NODE) { - Element ele = (Element) userDetailsService; - userDetailsServiceDefinition = parseUserDetailsServiceJdbcDefinition(ele); - userDetailsServiceDefinition.setSource(parserContext.extractSource(element)); - } - if (PROPERTIES.equals(userDetailsService.getLocalName()) - && userDetailsService.getNodeType() == Node.ELEMENT_NODE) { - Element ele = (Element) userDetailsService; - - userDetailsServiceDefinition = new RootBeanDefinition(InMemoryDaoImpl.class); - userDetailsServiceDefinition.getPropertyValues().addPropertyValue(USER_PROPERTIES, - new RuntimeBeanReference(createPropertiesBeanDefinition(ele, parserContext))); - userDetailsServiceDefinition.setSource(parserContext.extractSource(element)); - } - if (USER_DEFINITION.equals(userDetailsService.getLocalName()) - && userDetailsService.getNodeType() == Node.ELEMENT_NODE) { - Element ele = (Element) userDetailsService; - - // create a UserMap which interns uses UserMapEditor - userDetailsServiceDefinition = createUserDefinition(ele, parserContext); - } - } - return userDetailsServiceDefinition; - } - - private RootBeanDefinition createUserDefinition(Element ele, ParserContext parserContext) { - RootBeanDefinition definition = new RootBeanDefinition(InMemoryDaoImpl.class); - - UserAttribute userAttribute = new UserAttribute(); - UserMap userMap = new UserMap(); - - setPassword(ele, userAttribute); - setEnabled(ele, userAttribute); - setAuthorities(ele, userAttribute); - - UserDetails user = new User(ele.getAttribute(USERNAME), userAttribute.getPassword(), userAttribute.isEnabled(), - true, true, true, userAttribute.getAuthorities()); - userMap.addUser(user); - definition.getPropertyValues().addPropertyValue("userMap", userMap); - return definition; - } - - private String createPropertiesBeanDefinition(Element ele, ParserContext parserContext) { - // properties element - RootBeanDefinition defintion = new RootBeanDefinition(PropertiesFactoryBean.class); - String propertyValue = ele.getAttribute(RESOURCE); - defintion.getPropertyValues().addPropertyValue("location", propertyValue); - defintion.setSource(parserContext.extractSource(ele)); - return parserContext.getReaderContext().registerWithGeneratedName(defintion); - } - - protected static RootBeanDefinition createSampleUsersUsingProperties() { - // properties element - RootBeanDefinition defintion = new RootBeanDefinition(PropertiesFactoryBean.class); - String location = "classpath:org/acegisecurity/config/user.properties"; - defintion.getPropertyValues().addPropertyValue("location", location); - return defintion; - } - - - /** - * - * @param elementToParse - * @return - */ - private RootBeanDefinition parseUserDetailsServiceJdbcDefinition(Element elementToParse) { - // parse attributes - RootBeanDefinition definition = new RootBeanDefinition(JdbcDaoImpl.class); - setPropertyIfAvailable(elementToParse, DATASOURCE_REF, DATASOURCE, definition); - setPropertyIfAvailable(elementToParse, JDBCTEMPLATE_REF, JDBCTEMPLATE, definition); - setPropertyIfAvailable(elementToParse, AUTHORITIES_BY_USERNAME_QUERY, AUTHORITIES_BY_USERNAME_QUERY, definition); - setPropertyIfAvailable(elementToParse, ROLE_PREFIX, ROLE_PREFIX, definition); - setPropertyIfAvailable(elementToParse, USERNAME_BASED_PRIMARY_KEY, USERNAME_BASED_PRIMARY_KEY, definition); - return definition; - } - - protected void doParseProperties(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) { - Properties parsedProps = parserContext.getDelegate().parsePropsElement(element); - builder.addPropertyValue(PROPERTIES, parsedProps); - } - - /** - * - * @param element - * @param attribute - * @param property - * @param definition - */ - private void setPropertyIfAvailable(Element element, String attribute, String property, - RootBeanDefinition definition) { - String propertyValue = element.getAttribute(attribute); - if (StringUtils.hasText(propertyValue)) { - if (propertyValue.equals(DATASOURCE_REF) || propertyValue.equals(JDBCTEMPLATE_REF)) { - definition.getPropertyValues().addPropertyValue(property, new RuntimeBeanReference(propertyValue)); - } - else { - definition.getPropertyValues().addPropertyValue(property, propertyValue); - } - } - } - - private void setPassword(Element element, UserAttribute userAttribute) { - String propertyValue = element.getAttribute(PASSWORD); - if (StringUtils.hasText(propertyValue)) { - userAttribute.setPassword(propertyValue); - } - } - - private void setEnabled(Element element, UserAttribute userAttribute) { - String propertyValue = element.getAttribute(ENABLED); - if (StringUtils.hasText(propertyValue)) { - if (propertyValue.equals("true")) { - userAttribute.setEnabled(true); - } - else { - userAttribute.setEnabled(false); - } - } - } - - private void setAuthorities(Element ele, UserAttribute userAttribute) { - // get authorities - NodeList childNodes = ele.getChildNodes(); - - ManagedList authorities = new ManagedList(); - - for (int i = 0, n = childNodes.getLength(); i < n; i++) { - Node authorityNode = childNodes.item(i); - - if (GRANTED_AUTHORITY.equals(authorityNode.getLocalName()) - && authorityNode.getNodeType() == Element.ELEMENT_NODE) { - Element propertyValue = (Element) authorityNode; - authorities.add(new GrantedAuthorityImpl(propertyValue.getAttribute(AUTHORITY))); - } - - if (GRANTED_AUTHORITY_REF.equals(authorityNode.getLocalName()) - && authorityNode.getNodeType() == Element.ELEMENT_NODE) { - Element propertyValue = (Element) authorityNode; - String attribute = propertyValue.getAttribute(AUTHORITY_BEAN_REF); - if (StringUtils.hasLength(attribute)) { - authorities.add(new RuntimeBeanReference(attribute)); - } - } - } - userAttribute.setAuthorities(authorities); - } - -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/RememberMeFilterBeanDefinitionParser.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/RememberMeFilterBeanDefinitionParser.java deleted file mode 100644 index 68027a0a1f..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/RememberMeFilterBeanDefinitionParser.java +++ /dev/null @@ -1,46 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import org.acegisecurity.ui.rememberme.RememberMeProcessingFilter; -import org.springframework.beans.factory.config.RuntimeBeanReference; -import org.springframework.beans.factory.support.AbstractBeanDefinition; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; -import org.springframework.beans.factory.xml.ParserContext; -import org.springframework.util.Assert; -import org.springframework.util.StringUtils; -import org.w3c.dom.Element; - -/** - * @author vpuri - * - *@since - */ -public class RememberMeFilterBeanDefinitionParser extends AbstractBeanDefinitionParser { - - private static final String REMEMBER_ME_SERVICES_REF = "rememberMeServicesBeanRef"; - - private static final String REMEMBER_ME_SERVICES = "rememberMeServices"; - - - protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { - Assert.notNull(parserContext, "ParserContext must not be null"); - - RootBeanDefinition rememberMeFilterBeanDef = new RootBeanDefinition(RememberMeProcessingFilter.class); - // check if rememberMeServicesBeanRef is defined and if it's specified use its referred bean - String rememberMeServicesRef = element.getAttribute(REMEMBER_ME_SERVICES_REF); - if (StringUtils.hasLength(rememberMeServicesRef)) { - rememberMeFilterBeanDef.getPropertyValues().addPropertyValue(REMEMBER_ME_SERVICES, - new RuntimeBeanReference(rememberMeServicesRef)); - } - return rememberMeFilterBeanDef; - } - - protected static RootBeanDefinition createBeanDefinitionWithDefaults(ParserContext parserContext, RootBeanDefinition authenticationManager) { - RootBeanDefinition definition= new RootBeanDefinition(RememberMeProcessingFilter.class); - definition.getPropertyValues().addPropertyValue("authenticationManager",authenticationManager); - return definition; - } -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/RememberMeServicesBeanDefinitionParser.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/RememberMeServicesBeanDefinitionParser.java deleted file mode 100644 index 879a5f0b90..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/RememberMeServicesBeanDefinitionParser.java +++ /dev/null @@ -1,82 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices; -import org.springframework.beans.factory.config.RuntimeBeanReference; -import org.springframework.beans.factory.support.AbstractBeanDefinition; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.beans.factory.xml.AbstractBeanDefinitionParser; -import org.springframework.beans.factory.xml.BeanDefinitionParser; -import org.springframework.beans.factory.xml.ParserContext; -import org.springframework.util.Assert; -import org.springframework.util.StringUtils; -import org.w3c.dom.Element; - -/** - * Parses - * @author vpuri - * - */ -public class RememberMeServicesBeanDefinitionParser extends AbstractBeanDefinitionParser implements - BeanDefinitionParser { - - private static final String PRINCIPAL_REPOSITORY_BEAN_REF = "principalRepositoryBeanRef"; - - private static final String USER_DETAILS_SERVICE_PROPERTY = "userDetailsService"; - - /* - * key is optional; if unspecified, pick a rnd int and use for all - * unspecified key properties for acegi beans - */ - private static final String KEY = "key"; - - protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { - RootBeanDefinition rememberMeServicesBeanDef = createBeanDefinition(element, parserContext); - return rememberMeServicesBeanDef; - } - - private RootBeanDefinition createBeanDefinition(Element element, ParserContext parserContext) { - Assert.notNull(parserContext, "ParserContext must not be null"); - - RootBeanDefinition rememberMeServicesBeanDef = new RootBeanDefinition(TokenBasedRememberMeServices.class); - - String keyValue = ""; - String rememberMeServicesRef = ""; - - if (element != null) { - keyValue = element.getAttribute(KEY); - - if (StringUtils.hasLength(keyValue)) { - rememberMeServicesBeanDef.getPropertyValues().addPropertyValue(KEY, keyValue); - } - else { - /* - * TODO: pick a rnd int and apply it whenver required in - * applicationcontext - */ - - } - - // check if rememberMeServicesBeanRef is defined and if it's - // specified - // use its referred bean - rememberMeServicesRef = element.getAttribute(PRINCIPAL_REPOSITORY_BEAN_REF); - if (StringUtils.hasLength(rememberMeServicesRef)) { - rememberMeServicesBeanDef.getPropertyValues().addPropertyValue(USER_DETAILS_SERVICE_PROPERTY, - new RuntimeBeanReference(rememberMeServicesRef)); - } - } - - return rememberMeServicesBeanDef; - } - - protected static RootBeanDefinition createAndRegisterBeanDefintionWithDefaults(ParserContext parserContext){ - RootBeanDefinition beanDefinition = new RootBeanDefinition(TokenBasedRememberMeServices.class); - beanDefinition.getPropertyValues().addPropertyValue(KEY, "key"); - parserContext.getReaderContext().registerWithGeneratedName(beanDefinition); - return beanDefinition; - } - -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/SecurityAutoDetectNamepsaceHandler.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/SecurityAutoDetectNamepsaceHandler.java deleted file mode 100644 index 98d3bf7271..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/SecurityAutoDetectNamepsaceHandler.java +++ /dev/null @@ -1,21 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import org.springframework.beans.factory.xml.NamespaceHandlerSupport; - -/** - * @author Vishal Puri - * - */ -public class SecurityAutoDetectNamepsaceHandler extends NamespaceHandlerSupport { - - /* (non-Javadoc) - * @see org.springframework.beans.factory.xml.NamespaceHandler#init() - */ - public void init() { - registerBeanDefinitionParser("autoconfig", new AutoConfigBeanDefinitionParser()); - } - -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/SecurityNamespaceHandler.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/SecurityNamespaceHandler.java deleted file mode 100644 index c694e59f4f..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/config/SecurityNamespaceHandler.java +++ /dev/null @@ -1,37 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import org.springframework.beans.factory.xml.BeanDefinitionParser; -import org.springframework.beans.factory.xml.NamespaceHandlerSupport; - -/** - * {@link org.springframework.beans.factory.xml.NamespaceHandler} for the 'security' namespace. - * @author vpuri - * - * @since - */ -public class SecurityNamespaceHandler extends NamespaceHandlerSupport { - - /** - * Register the {@link BeanDefinitionParser BeanDefinitionParsers} for the - * 'context-integration', ' and '' elements. - */ - public void init() { - registerBeanDefinitionParser("principal-repository", new PrincipalRepositoryBeanDefinitionParser()); - registerBeanDefinitionParser("session-context-integration", new ContextIntegrationBeanDefinitionParser()); - registerBeanDefinitionParser("authentication-repository", new AuthenticationRepositoryBeanDefinitionParser()); - registerBeanDefinitionParser("authentication-mechanism", new AuthenticationMechanismBeanDefinitionParser()); - registerBeanDefinitionParser("authentication-remember-me-services", new RememberMeServicesBeanDefinitionParser()); - registerBeanDefinitionParser("authentication-remember-me-filter", new RememberMeFilterBeanDefinitionParser()); - registerBeanDefinitionParser("logout-support", new LogoutFilterBeanDefinitionParser()); - registerBeanDefinitionParser("exception-translation", new ExceptionTranslationFilterBeanDefinitionParser()); - registerBeanDefinitionParser("authentication-form", new AuthenticationProcessingFilterBeanDefinitionParser()); - registerBeanDefinitionParser("authorization-manager", new AuthorizationManagerBeanDefinitionParser()); - registerBeanDefinitionParser("authorization-http-url", new FilterSecurityInterceptorBeanDefinitionParser()); - registerBeanDefinitionParser("authorization-joinpoint", new AuthorizationMethodBeanDefinitionParser()); - registerBeanDefinitionParser("autoconfig", new AutoConfigBeanDefinitionParser()); - } - -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilter.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilter.java deleted file mode 100644 index 6a226d53ed..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilter.java +++ /dev/null @@ -1,239 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.acegisecurity.ui.basicauth; - -import java.io.IOException; - -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.acegisecurity.Authentication; -import org.acegisecurity.AuthenticationException; -import org.acegisecurity.AuthenticationManager; -import org.acegisecurity.context.SecurityContextHolder; -import org.acegisecurity.providers.UsernamePasswordAuthenticationToken; -import org.acegisecurity.ui.AuthenticationDetailsSource; -import org.acegisecurity.ui.AuthenticationDetailsSourceImpl; -import org.acegisecurity.ui.AuthenticationEntryPoint; -import org.acegisecurity.ui.rememberme.RememberMeServices; -import org.apache.commons.codec.binary.Base64; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.springframework.beans.factory.InitializingBean; -import org.springframework.core.Ordered; -import org.springframework.util.Assert; - - -/** - * Processes a HTTP request's BASIC authorization headers, putting the result into the - * SecurityContextHolder.

For a detailed background on what this filter is designed to process, - * refer to RFC 1945, Section 11.1. Any realm name presented in - * the HTTP request is ignored.

- *

In summary, this filter is responsible for processing any request that has a HTTP request header of - * Authorization with an authentication scheme of Basic and a Base64-encoded - * username:password token. For example, to authenticate user "Aladdin" with password "open sesame" the - * following header would be presented:

- *

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==.

- *

This filter can be used to provide BASIC authentication services to both remoting protocol clients (such as - * Hessian and SOAP) as well as standard user agents (such as Internet Explorer and Netscape).

- *

If authentication is successful, the resulting {@link Authentication} object will be placed into the - * SecurityContextHolder.

- *

If authentication fails and ignoreFailure is false (the default), an {@link - * AuthenticationEntryPoint} implementation is called. Usually this should be {@link BasicProcessingFilterEntryPoint}, - * which will prompt the user to authenticate again via BASIC authentication.

- *

Basic authentication is an attractive protocol because it is simple and widely deployed. However, it still - * transmits a password in clear text and as such is undesirable in many situations. Digest authentication is also - * provided by Acegi Security and should be used instead of Basic authentication wherever possible. See {@link - * org.acegisecurity.ui.digestauth.DigestProcessingFilter}.

- *

Note that if a {@link #rememberMeServices} is set, this filter will automatically send back remember-me - * details to the client. Therefore, subsequent requests will not need to present a BASIC authentication header as - * they will be authenticated using the remember-me mechanism.

- *

Do not use this class directly. Instead configure web.xml to use the {@link - * org.acegisecurity.util.FilterToBeanProxy}.

- * - * @author Ben Alex - * @version $Id: BasicProcessingFilter.java 1783 2007-02-23 19:21:44Z luke_t $ - */ -public class BasicProcessingFilter implements Filter, InitializingBean, Ordered { - //~ Static fields/initializers ===================================================================================== - - private static final Log logger = LogFactory.getLog(BasicProcessingFilter.class); - - //~ Instance fields ================================================================================================ - - private AuthenticationDetailsSource authenticationDetailsSource = new AuthenticationDetailsSourceImpl(); - private AuthenticationEntryPoint authenticationEntryPoint; - private AuthenticationManager authenticationManager; - private RememberMeServices rememberMeServices; - private boolean ignoreFailure = false; - private int order; - - //~ Methods ======================================================================================================== - - public void afterPropertiesSet() throws Exception { - Assert.notNull(this.authenticationManager, "An AuthenticationManager is required"); - Assert.notNull(this.authenticationEntryPoint, "An AuthenticationEntryPoint is required"); - } - - public void destroy() {} - - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) - throws IOException, ServletException { - - if (!(request instanceof HttpServletRequest)) { - throw new ServletException("Can only process HttpServletRequest"); - } - - if (!(response instanceof HttpServletResponse)) { - throw new ServletException("Can only process HttpServletResponse"); - } - - HttpServletRequest httpRequest = (HttpServletRequest) request; - HttpServletResponse httpResponse = (HttpServletResponse) response; - - String header = httpRequest.getHeader("Authorization"); - - if (logger.isDebugEnabled()) { - logger.debug("Authorization header: " + header); - } - - if ((header != null) && header.startsWith("Basic ")) { - String base64Token = header.substring(6); - String token = new String(Base64.decodeBase64(base64Token.getBytes())); - - String username = ""; - String password = ""; - int delim = token.indexOf(":"); - - if (delim != -1) { - username = token.substring(0, delim); - password = token.substring(delim + 1); - } - - if (authenticationIsRequired(username)) { - UsernamePasswordAuthenticationToken authRequest = - new UsernamePasswordAuthenticationToken(username, password); - authRequest.setDetails(authenticationDetailsSource.buildDetails((HttpServletRequest) request)); - - Authentication authResult; - - try { - authResult = authenticationManager.authenticate(authRequest); - } catch (AuthenticationException failed) { - // Authentication failed - if (logger.isDebugEnabled()) { - logger.debug("Authentication request for user: " + username + " failed: " + failed.toString()); - } - - SecurityContextHolder.getContext().setAuthentication(null); - - if (rememberMeServices != null) { - rememberMeServices.loginFail(httpRequest, httpResponse); - } - - if (ignoreFailure) { - chain.doFilter(request, response); - } else { - authenticationEntryPoint.commence(request, response, failed); - } - - return; - } - - // Authentication success - if (logger.isDebugEnabled()) { - logger.debug("Authentication success: " + authResult.toString()); - } - - SecurityContextHolder.getContext().setAuthentication(authResult); - - if (rememberMeServices != null) { - rememberMeServices.loginSuccess(httpRequest, httpResponse, authResult); - } - } - } - - chain.doFilter(request, response); - } - - private boolean authenticationIsRequired(String username) { - // Only reauthenticate if username doesn't match SecurityContextHolder and user isn't authenticated - // (see SEC-53) - Authentication existingAuth = SecurityContextHolder.getContext().getAuthentication(); - - if(existingAuth == null || !existingAuth.isAuthenticated()) { - return true; - } - - // Limit username comparison to providers which use usernames (ie UsernamePasswordAuthenticationToken) - // (see SEC-348) - - if (existingAuth instanceof UsernamePasswordAuthenticationToken && !existingAuth.getName().equals(username)) { - return true; - } - - return false; - } - - public AuthenticationEntryPoint getAuthenticationEntryPoint() { - return authenticationEntryPoint; - } - - public AuthenticationManager getAuthenticationManager() { - return authenticationManager; - } - - public void init(FilterConfig arg0) throws ServletException {} - - public boolean isIgnoreFailure() { - return ignoreFailure; - } - - public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource) { - Assert.notNull(authenticationDetailsSource, "AuthenticationDetailsSource required"); - this.authenticationDetailsSource = authenticationDetailsSource; - } - - public void setAuthenticationEntryPoint(AuthenticationEntryPoint authenticationEntryPoint) { - this.authenticationEntryPoint = authenticationEntryPoint; - } - - public void setAuthenticationManager(AuthenticationManager authenticationManager) { - this.authenticationManager = authenticationManager; - } - - public void setIgnoreFailure(boolean ignoreFailure) { - this.ignoreFailure = ignoreFailure; - } - - public void setRememberMeServices(RememberMeServices rememberMeServices) { - this.rememberMeServices = rememberMeServices; - } - - public int getOrder() { - return order; - } - - public void setOrder(int order) { - this.order = order; - } -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilterEntryPoint.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilterEntryPoint.java deleted file mode 100644 index 83f14c5fb3..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilterEntryPoint.java +++ /dev/null @@ -1,89 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.acegisecurity.ui.basicauth; - -import java.io.IOException; -import java.util.Map; - -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletResponse; - -import org.acegisecurity.AuthenticationException; -import org.acegisecurity.ui.AuthenticationEntryPoint; -import org.acegisecurity.util.OrderedUtils; -import org.springframework.beans.factory.InitializingBean; -import org.springframework.context.ApplicationContext; -import org.springframework.context.ApplicationContextAware; -import org.springframework.core.Ordered; -import org.springframework.util.Assert; - - -/** - * Used by the SecurityEnforcementFilter to commence authentication via the {@link - * BasicProcessingFilter}.

Once a user agent is authenticated using BASIC authentication, logout requires that - * the browser be closed or an unauthorized (401) header be sent. The simplest way of achieving the latter is to call - * the {@link #commence(ServletRequest, ServletResponse, AuthenticationException)} method below. This will indicate to - * the browser its credentials are no longer authorized, causing it to prompt the user to login again.

- * - * @author Ben Alex - * @version $Id: BasicProcessingFilterEntryPoint.java 1822 2007-05-17 12:20:16Z vishalpuri $ - */ -public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered, ApplicationContextAware { - //~ Instance fields ================================================================================================ - - private static final int DEFAULT_ORDER = Integer.MAX_VALUE; - private String realmName; - private int order = DEFAULT_ORDER; - private ApplicationContext applicationContext; - - //~ Methods ======================================================================================================== - - public int getOrder() { - return order; - } - - public void setOrder(int order) { - this.order = order; - } - - public void afterPropertiesSet() throws Exception { - Assert.hasText(realmName, "realmName must be specified"); - if (order == DEFAULT_ORDER) { - OrderedUtils.copyOrderFromOtherClass(BasicProcessingFilter.class, applicationContext, this, true); - } - } - - public void commence(ServletRequest request, ServletResponse response, AuthenticationException authException) - throws IOException, ServletException { - HttpServletResponse httpResponse = (HttpServletResponse) response; - httpResponse.addHeader("WWW-Authenticate", "Basic realm=\"" + realmName + "\""); - httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.getMessage()); - } - - public String getRealmName() { - return realmName; - } - - public void setRealmName(String realmName) { - this.realmName = realmName; - } - - public void setApplicationContext(ApplicationContext applicationContext) { - this.applicationContext = applicationContext; - } -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/ui/basicauth/package.html b/sandbox/spring-security-config/src/main/java/org/acegisecurity/ui/basicauth/package.html deleted file mode 100644 index dcd7c31c91..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/ui/basicauth/package.html +++ /dev/null @@ -1,5 +0,0 @@ - - -Authenticates HTTP BASIC authentication requests. - - diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/util/BeanDefinitionParserUtils.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/util/BeanDefinitionParserUtils.java deleted file mode 100644 index cf3141a3d6..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/util/BeanDefinitionParserUtils.java +++ /dev/null @@ -1,88 +0,0 @@ -/** - * - */ -package org.acegisecurity.util; - -import org.springframework.beans.factory.config.RuntimeBeanNameReference; -import org.springframework.beans.factory.config.RuntimeBeanReference; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.beans.factory.xml.ParserContext; -import org.springframework.util.StringUtils; -import org.w3c.dom.Element; - -/** - * The convenience methods for the parsing of bean definition xml file. - * - * @author Vishal Puri - * - */ -public class BeanDefinitionParserUtils { - // ~ Constructor - // ================================================================================================ - - /** - * Prevents instantiation - */ - private BeanDefinitionParserUtils() { - } - - // ~ Method - // ================================================================================================ - - public static void setConstructorArgumentIfAvailable(int index, Element element, String attribute, - boolean isRunTimeBeanReference, RootBeanDefinition definition) { - String propertyValue = element.getAttribute(attribute); - if (StringUtils.hasText(propertyValue)) { - if (!isRunTimeBeanReference) { - definition.getConstructorArgumentValues().addIndexedArgumentValue(index, propertyValue); - } - else { - definition.getConstructorArgumentValues().addIndexedArgumentValue(index, - new RuntimeBeanNameReference(propertyValue)); - } - } - } - - /** - *

- * Configure a BeanDefinitionwith the property value - * retrieved from xml attribute. If the attribute is like a standard spring - * 'ref' attribute as indicated by 'isRunTimeBeanReference', the property - * will be resolved as a reference to the spring bean. - *

- * - * @param element The parent element. - * @param attribute The child attribute. - * @param property The configuration property for the BeanDefinition - * @param isRunTimeBeanReference Indicates if the property is like a - * standard spring 'ref' attribute. - * @param definition The BeanDefinition to configure with the property - * provided. - * @return boolean To indicate if BeanDefinition was configured with a - * property. - */ - public static boolean setPropertyIfAvailable(Element element, String attribute, String property, - boolean isRunTimeBeanReference, RootBeanDefinition definition) { - String propertyValue = element.getAttribute(attribute); - if (StringUtils.hasText(propertyValue)) { - if (!isRunTimeBeanReference) { - definition.getPropertyValues().addPropertyValue(property, propertyValue); - return true; - } - else { - definition.getPropertyValues().addPropertyValue(property, new RuntimeBeanReference(propertyValue)); - return true; - } - } - return false; - } - - /** - * @param parserContext - * @param defintion - */ - public static void registerBeanDefinition(ParserContext parserContext, RootBeanDefinition defintion) { - parserContext.getRegistry().registerBeanDefinition( - parserContext.getReaderContext().generateBeanName(defintion), defintion); - } -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/util/OrderedUtils.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/util/OrderedUtils.java deleted file mode 100644 index 4f2ef350c6..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/util/OrderedUtils.java +++ /dev/null @@ -1,66 +0,0 @@ -package org.acegisecurity.util; - -import java.lang.reflect.Method; -import java.util.Map; - -import org.springframework.context.ApplicationContext; -import org.springframework.core.Ordered; -import org.springframework.util.Assert; -import org.springframework.util.ReflectionUtils; - -/** - * Proivdes common logic for manipulating classes implementing the Spring - * {@link Ordered} interface. - * - * @author Ben Alex - * @author Vishal Puri - */ -public abstract class OrderedUtils { - /** - * Introspects the application context for a single instance of sourceClass. If found, the order from the source - * class instance is copied into the destinationObject. If more than one instance of sourceClass - * is found, the method throws IllegalStateException. - * - *

The destinationObject is required to provide a public setOrder(int) method to permit - * mutation of the order property. - * - * @param sourceClass to locate in the application context (must be assignable to Ordered) - * @param applicationContext to locate the class - * @param destinationObject to copy the order into (must provide public setOrder(int) method) - * @param skipIfMoreThanOneCandidateSourceClassInstance if the application context provides more than one potential source, skip modifications (if false, the first located matching source will be used) - * @return whether or not the destination class was updated - */ - public static boolean copyOrderFromOtherClass(Class sourceClass, ApplicationContext applicationContext, Object destinationObject, boolean skipIfMoreThanOneCandidateSourceClassInstance) { - Assert.notNull(sourceClass, "Source class required"); - Assert.notNull(applicationContext, "ApplicationContext required"); - Assert.notNull(destinationObject, "Destination object required"); - Assert.isAssignable(Ordered.class, sourceClass, "Source class " + sourceClass + " must be assignable to Ordered"); - Map map = applicationContext.getBeansOfType(sourceClass); - if (map.size() == 0) { - return false; - } else if (map.size() > 1 && skipIfMoreThanOneCandidateSourceClassInstance) { - return false; - } else { - copyOrderFromOtherObject((Ordered)map.values().iterator().next(), destinationObject); - return true; - } - } - - /** - * Copies the order property from the sourceObject into the destinationObject. - * - *

The destinationObject is required to provide a public setOrder(int) method to permit - * mutation of the order property. - * - * @param sourceObject to copy the order from - * @param destinationObject to copy the order into (must provide public setOrder(int) method) - */ - public static void copyOrderFromOtherObject(Ordered sourceObject, Object destinationObject) { - Assert.notNull(sourceObject, "Source object required"); - Assert.notNull(destinationObject, "Destination object required"); - Method m = ReflectionUtils.findMethod(destinationObject.getClass(), "setOrder", new Class[] {int.class}); - Assert.notNull(m, "Method setOrder(int) not found on " + destinationObject.getClass()); - ReflectionUtils.invokeMethod(m, destinationObject, new Object[] { Integer.valueOf((sourceObject.getOrder()))}); - } - -} diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/util/package.html b/sandbox/spring-security-config/src/main/java/org/acegisecurity/util/package.html deleted file mode 100644 index d845e7485f..0000000000 --- a/sandbox/spring-security-config/src/main/java/org/acegisecurity/util/package.html +++ /dev/null @@ -1,5 +0,0 @@ - - -General utility classes used throughout the Acegi Security System. - - diff --git a/sandbox/spring-security-config/src/main/resources/org/acegisecurity/config/inmemory-users.properties b/sandbox/spring-security-config/src/main/resources/org/acegisecurity/config/inmemory-users.properties deleted file mode 100644 index 66b97be29f..0000000000 --- a/sandbox/spring-security-config/src/main/resources/org/acegisecurity/config/inmemory-users.properties +++ /dev/null @@ -1,4 +0,0 @@ -angelina=black,ROLE_ADMIN -brad=grey,ROLE_TELLER,ROLE_PERMISSION_LIST -paris=pink,ROLE_TELLER -bono=sunny,ROLE_PERMISSION_LIST diff --git a/sandbox/spring-security-config/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd b/sandbox/spring-security-config/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd deleted file mode 100644 index 76b8eb45cd..0000000000 --- a/sandbox/spring-security-config/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd +++ /dev/null @@ -1,686 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - SecurityContext will be cloned from - the HttpSession. The default is to simply reference (ie - the default is 'false'. The default may cause issues if - concurrent threads need to have a different security identity from other - threads being concurrently processed that share the same - HttpSession. In most normal environments this does not - represent an issue, as changes to the security identity in one thread is - allowed to affect the security identitiy in other threads associated with - the same 'HttpSession'. - ]]> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/AppTest.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/AppTest.java deleted file mode 100644 index 5ea0c789c6..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/AppTest.java +++ /dev/null @@ -1,38 +0,0 @@ -package org.acegisecurity; - -import junit.framework.Test; -import junit.framework.TestCase; -import junit.framework.TestSuite; - -/** - * Unit test for simple App. - */ -public class AppTest - extends TestCase -{ - /** - * Create the test case - * - * @param testName name of the test case - */ - public AppTest( String testName ) - { - super( testName ); - } - - /** - * @return the suite of tests being tested - */ - public static Test suite() - { - return new TestSuite( AppTest.class ); - } - - /** - * Rigourous Test :-) - */ - public void testApp() - { - assertTrue( true ); - } -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/BankTests.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/BankTests.java deleted file mode 100644 index 89a5dc63d4..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/BankTests.java +++ /dev/null @@ -1,99 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.acegisecurity; - -import junit.framework.TestCase; - -import org.acegisecurity.AccessDeniedException; -import org.acegisecurity.GrantedAuthority; -import org.acegisecurity.GrantedAuthorityImpl; - -import org.acegisecurity.context.SecurityContextHolder; -import org.acegisecurity.context.SecurityContextImpl; - -import org.acegisecurity.providers.TestingAuthenticationToken; -import org.acegisecurity.providers.UsernamePasswordAuthenticationToken; - -import org.springframework.context.support.ClassPathXmlApplicationContext; - - - - -/** - * Tests security objects. - * - * @author Ben Alex - * @version $Id: BankTests.java 1496 2006-05-23 13:38:33Z benalex $ - */ -public class BankTests extends TestCase { - //~ Instance fields ================================================================================================ - - private BankService service; - private ClassPathXmlApplicationContext ctx; - - //~ Constructors =================================================================================================== - - public BankTests() { - super(); - } - - public BankTests(String arg0) { - super(arg0); - } - - //~ Methods ======================================================================================================== - - private static void createSecureContext() { - UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("test", "test", - new GrantedAuthority[] { - new GrantedAuthorityImpl("ROLE_TELLER"), new GrantedAuthorityImpl("ROLE_PERMISSION_LIST") - }); - - SecurityContextHolder.getContext().setAuthentication(auth); - } - - private static void destroySecureContext() { - SecurityContextHolder.setContext(new SecurityContextImpl()); - } - - public static void main(String[] args) { - junit.textui.TestRunner.run(BankTests.class); - } - - public final void setUp() throws Exception { - super.setUp(); - ctx = new ClassPathXmlApplicationContext("org/acegisecurity/config/auto-config.xml"); - service = (BankService) ctx.getBean("bankService"); - } - - public void testDeniedAccess() throws Exception { - createSecureContext(); - - try { - service.balance("1"); - fail("Should have thrown AccessDeniedException"); - } catch (AccessDeniedException expected) { - assertTrue(true); - } - destroySecureContext(); - } - - public void testListAccounts() throws Exception { - createSecureContext(); - service.listAccounts(); - destroySecureContext(); - } -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AuthenticationMechanismNamespaceTests.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AuthenticationMechanismNamespaceTests.java deleted file mode 100644 index dcdd97b79c..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AuthenticationMechanismNamespaceTests.java +++ /dev/null @@ -1,25 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import org.acegisecurity.providers.ProviderManager; -import org.acegisecurity.providers.dao.DaoAuthenticationProvider; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; - -import junit.framework.TestCase; - -/** - * @author vpuri - * - */ -public class AuthenticationMechanismNamespaceTests extends TestCase { - public void testParserDefaults() { - ApplicationContext context = new ClassPathXmlApplicationContext( - "org/acegisecurity/config/remember-me-defaults.xml"); - ProviderManager mgr = (ProviderManager) context.getBean("authenticationManager"); - assertEquals(1, mgr.getProviders().size()); - assertTrue(mgr.getProviders().get(0) instanceof DaoAuthenticationProvider); - } -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AuthenticationProcessingFilterNamespaceTests.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AuthenticationProcessingFilterNamespaceTests.java deleted file mode 100644 index 7a849525b6..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AuthenticationProcessingFilterNamespaceTests.java +++ /dev/null @@ -1,25 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; - -import junit.framework.TestCase; - -/** - * @author vpuri - * - */ -public class AuthenticationProcessingFilterNamespaceTests extends TestCase { - - public void testAuthenticationFilterBeanDefinition() { - ApplicationContext context = new ClassPathXmlApplicationContext( - "org/acegisecurity/config/authentication-form-filter.xml"); -ConfigurableListableBeanFactory factory = (ConfigurableListableBeanFactory) context - .getAutowireCapableBeanFactory(); - } - -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AuthenticationRepositoryParserTest.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AuthenticationRepositoryParserTest.java deleted file mode 100644 index f91bc67d40..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AuthenticationRepositoryParserTest.java +++ /dev/null @@ -1,120 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import junit.framework.TestCase; - -import org.acegisecurity.providers.AuthenticationProvider; -import org.acegisecurity.providers.dao.DaoAuthenticationProvider; -import org.acegisecurity.providers.dao.SaltSource; -import org.acegisecurity.providers.encoding.Md5PasswordEncoder; -import org.acegisecurity.providers.encoding.PasswordEncoder; -import org.acegisecurity.providers.encoding.PlaintextPasswordEncoder; -import org.acegisecurity.userdetails.jdbc.JdbcDaoImpl; -import org.springframework.beans.PropertyValue; -import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; -import org.springframework.beans.factory.config.RuntimeBeanReference; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; -import org.springframework.util.Assert; - -/** - * @author vpuri - * - */ -public class AuthenticationRepositoryParserTest extends TestCase { - - public void testAuthenticationRepositoryDefaultWithAutoUserdetails() { - ApplicationContext context = new ClassPathXmlApplicationContext( - "org/acegisecurity/config/authentication-dao-defaults.xml"); - ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context - .getAutowireCapableBeanFactory(); - - String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class); - assertEquals(1, names.length); - - // check bean class - RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]); - assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass()); - - DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository"); - Assert.isAssignable(JdbcDaoImpl.class, provider.getUserDetailsService().getClass()); - - } - - public void testCollaboratorsAsInnerBeans() { - ApplicationContext context = new ClassPathXmlApplicationContext( - "org/acegisecurity/config/authentication-innerbeans.xml"); - ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context - .getAutowireCapableBeanFactory(); - // get the main bean definition, there should be only one - String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class); - assertEquals(1, names.length); - RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]); - assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass()); - - // get the 2 inner beans - PropertyValue saltSourceBean = definition.getPropertyValues().getPropertyValue("saltSource"); - assertEquals("saltSource", saltSourceBean.getName()); - - // get the BeanDefinition - RootBeanDefinition saltsourceDef = (RootBeanDefinition) saltSourceBean.getValue(); - Assert.isAssignable(SaltSource.class, saltsourceDef.getBeanClass()); - - PropertyValue encoder = definition.getPropertyValues().getPropertyValue("passwordEncoder"); - assertEquals("passwordEncoder", encoder.getName()); - - // get the BeanDefinition - RootBeanDefinition encoderDef = (RootBeanDefinition) encoder.getValue(); - Assert.isAssignable(PasswordEncoder.class, encoderDef.getBeanClass()); - - assertEquals("incorrect bean class name", encoderDef.getBeanClassName(), Md5PasswordEncoder.class.getName()); - } - - public void testCollaboratorsAsBeanRef() { - ApplicationContext context = new ClassPathXmlApplicationContext( - "org/acegisecurity/config/authentication-beanRef-attributes.xml"); - ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context - .getAutowireCapableBeanFactory(); - // get the main bean definition, there should be only one - String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class); - assertEquals(1, names.length); - RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]); - assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass()); - - // get the referred collaborators - - PropertyValue userDetailsBean = definition.getPropertyValues().getPropertyValue("userDetailsService"); - assertEquals("userDetailsService", userDetailsBean.getName()); - - PropertyValue saltSourceBean = definition.getPropertyValues().getPropertyValue("saltSource"); - assertEquals("saltSource", saltSourceBean.getName()); - - // get the BeanDefinition - RuntimeBeanReference saltsourceDef = (RuntimeBeanReference) saltSourceBean.getValue(); - assertEquals("refToSaltSource", saltsourceDef.getBeanName()); - - PropertyValue encoder = definition.getPropertyValues().getPropertyValue("passwordEncoder"); - assertEquals("passwordEncoder", encoder.getName()); - - // get the BeanDefinition - RuntimeBeanReference encoderDef = (RuntimeBeanReference) encoder.getValue(); - assertEquals("refToPasswordEncoder", encoderDef.getBeanName()); - - DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository"); - assertTrue(provider.getPasswordEncoder() instanceof PasswordEncoder); - assertEquals(Md5PasswordEncoder.class, provider.getPasswordEncoder().getClass()); - } - - public void testAutodetectionOfUserDetailsService() { - ApplicationContext context = new ClassPathXmlApplicationContext( - "org/acegisecurity/config/authentication-defaults.xml"); - DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository"); - assertNotNull(provider.getUserDetailsService()); - assertNull(provider.getSaltSource()); - assertEquals(PlaintextPasswordEncoder.class, provider.getPasswordEncoder().getClass()); - - } -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AuthorizationManagerBeanDefinitionParserTests.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AuthorizationManagerBeanDefinitionParserTests.java deleted file mode 100644 index 97a1f7cb47..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AuthorizationManagerBeanDefinitionParserTests.java +++ /dev/null @@ -1,31 +0,0 @@ -package org.acegisecurity.config; - -import java.util.List; - -import junit.framework.TestCase; - -import org.acegisecurity.AccessDecisionManager; -import org.acegisecurity.vote.AuthenticatedVoter; -import org.springframework.beans.factory.config.BeanDefinition; -import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; -import org.springframework.beans.factory.support.ManagedList; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; - -public class AuthorizationManagerBeanDefinitionParserTests extends TestCase { - - public void testParsingBeanDefinition() { - ApplicationContext context = new ClassPathXmlApplicationContext( - "org/acegisecurity/config/authorization-manager.xml"); - ConfigurableListableBeanFactory bf = (ConfigurableListableBeanFactory) context.getAutowireCapableBeanFactory(); - String[] beanNames = bf.getBeanNamesForType(AccessDecisionManager.class); - assertEquals(1, beanNames.length); - BeanDefinition def = (RootBeanDefinition) bf.getBeanDefinition(beanNames[0]); - assertNotNull(def); - List decisionVoters = (ManagedList) def.getPropertyValues().getPropertyValue("decisionVoters").getValue(); - assertEquals(2, decisionVoters.size()); - assertEquals("org.acegisecurity.vote.RoleVoter", ((BeanDefinition) decisionVoters.get(0)).getBeanClassName()); - assertEquals("org.acegisecurity.vote.AuthenticatedVoter", ((BeanDefinition) decisionVoters.get(1)).getBeanClassName()); - } -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AutoConfigBeanDefinitionParserTests.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AutoConfigBeanDefinitionParserTests.java deleted file mode 100644 index 5a22526491..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/AutoConfigBeanDefinitionParserTests.java +++ /dev/null @@ -1,105 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import java.lang.reflect.Field; -import java.util.Map; - -import junit.framework.TestCase; - -import org.acegisecurity.AuthenticationManager; -import org.acegisecurity.context.HttpSessionContextIntegrationFilter; -import org.acegisecurity.intercept.method.MethodDefinitionSource; -import org.acegisecurity.intercept.method.aopalliance.MethodDefinitionSourceAdvisor; -import org.acegisecurity.ui.logout.LogoutFilter; -import org.acegisecurity.ui.logout.LogoutHandler; -import org.acegisecurity.ui.rememberme.RememberMeProcessingFilter; -import org.acegisecurity.ui.rememberme.RememberMeServices; -import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter; -import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; -import org.springframework.util.ReflectionUtils; - -/** - * @author Vishal Puri - * - */ -public class AutoConfigBeanDefinitionParserTests extends TestCase { - - private ApplicationContext context; - - private ConfigurableListableBeanFactory bf; - - // ~ Methods - // ======================================================================================================== - - public void setUp() { - this.context = new ClassPathXmlApplicationContext("org/acegisecurity/config/auto-config.xml"); - this.bf = (ConfigurableListableBeanFactory) context.getAutowireCapableBeanFactory(); - } - - public void testContextBeanDefinitionCreated() { - String[] names = bf.getBeanNamesForType(HttpSessionContextIntegrationFilter.class); - assertEquals(1, names.length); - HttpSessionContextIntegrationFilter filter = (HttpSessionContextIntegrationFilter) bf.getBean(names[0]); - // check properties - // get the bean - assertTrue(filter.isAllowSessionCreation()); - assertFalse(filter.isForceEagerSessionCreation()); - assertFalse(filter.isCloneFromHttpSession()); - } - - public void testLogoutFilterDefinitionCreatedWithDefaults() throws Exception { - String[] names = bf.getBeanNamesForType(LogoutFilter.class); - assertEquals(1, names.length); - LogoutFilter filter = (LogoutFilter) context.getBean(names[0]); - assertNotNull(filter); - Field logoutSuccessUrl = makeAccessibleAndGetFieldByName(filter.getClass().getDeclaredFields(), - "logoutSuccessUrl"); - String value = (String) logoutSuccessUrl.get(filter); - assertEquals("/", value); - Field handlers = makeAccessibleAndGetFieldByName(filter.getClass().getDeclaredFields(), "handlers"); - assertNotNull(handlers); - LogoutHandler[] handlersArray = (LogoutHandler[]) handlers.get(filter); - assertEquals(2, handlersArray.length); - } - - public void testExceptionTranslationFilterCreatedwithDefaults() throws Exception { - Map map = bf.getBeansOfType(AuthenticationProcessingFilter.class); - AuthenticationProcessingFilter filter = (AuthenticationProcessingFilter) map.values().iterator().next(); - AuthenticationManager authMgr = filter.getAuthenticationManager(); - assertNotNull(authMgr); - RememberMeServices remMeServices = filter.getRememberMeServices(); - assertNotNull(remMeServices); - assertEquals("/acegilogin.jsp?login_error=1", filter.getAuthenticationFailureUrl()); - assertEquals("/", filter.getDefaultTargetUrl()); - } - - public void testRememberMePRocessingFilterCreatedWithDefaults() { - Map map = bf.getBeansOfType(RememberMeProcessingFilter.class); - RememberMeProcessingFilter filter = (RememberMeProcessingFilter) map.values().iterator().next(); - } - - public void testMethodDefinitionSourceAdvisorCreatedWithDefaults() throws Exception { - Map map = bf.getBeansOfType(MethodDefinitionSourceAdvisor.class); - assertEquals(1, map.size()); - MethodDefinitionSourceAdvisor advisor = (MethodDefinitionSourceAdvisor) map.values().iterator().next(); - Field transactionAttributeSource = makeAccessibleAndGetFieldByName(advisor.getClass().getDeclaredFields(), "transactionAttributeSource"); - assertNotNull(transactionAttributeSource); - assertTrue(transactionAttributeSource.get(advisor) instanceof MethodDefinitionSource); - } - - private Field makeAccessibleAndGetFieldByName(Field[] declaredFields, String name) { - Field field = null; - for (int i = 0, n = declaredFields.length; i < n; i++) { - ReflectionUtils.makeAccessible(declaredFields[i]); - if (declaredFields[i].getName().equals(name)) { - return declaredFields[i]; - } - } - return field; - } - -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/ExceptionTranslationParserTests.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/ExceptionTranslationParserTests.java deleted file mode 100644 index 513a579689..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/ExceptionTranslationParserTests.java +++ /dev/null @@ -1,79 +0,0 @@ -package org.acegisecurity.config; - -import java.beans.FeatureDescriptor; -import java.lang.reflect.Field; -import java.util.Arrays; - -import javax.servlet.Filter; - -import junit.framework.TestCase; - -import org.acegisecurity.ui.AccessDeniedHandler; -import org.acegisecurity.ui.AccessDeniedHandlerImpl; -import org.acegisecurity.ui.ExceptionTranslationFilter; -import org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint; -import org.springframework.beans.PropertyValue; -import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; -import org.springframework.beans.factory.config.RuntimeBeanReference; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; -import org.springframework.util.ReflectionUtils; - -public class ExceptionTranslationParserTests extends TestCase { - - public void testParsingBeanReferences() { - ApplicationContext context = new ClassPathXmlApplicationContext( - "org/acegisecurity/config/exception-translation-beanref.xml"); - ConfigurableListableBeanFactory factory = (ConfigurableListableBeanFactory) context - .getAutowireCapableBeanFactory(); - String[] beanNames = factory.getBeanNamesForType(ExceptionTranslationFilter.class); - assertEquals(1, beanNames.length); - RootBeanDefinition def = (RootBeanDefinition) factory.getBeanDefinition(beanNames[0]); - assertEquals(ExceptionTranslationFilter.class.getName(), def.getBeanClassName()); - // check collaborators - PropertyValue accessDeniedHandler = def.getPropertyValues().getPropertyValue("accessDeniedHandler"); - assertNotNull(accessDeniedHandler); - assertEquals(accessDeniedHandler.getValue(), new RuntimeBeanReference("theBeanToUse")); - PropertyValue entryPoint = def.getPropertyValues().getPropertyValue("authenticationEntryPoint"); - assertNotNull(entryPoint); - assertEquals(entryPoint.getValue(), new RuntimeBeanReference("authenticationProcessingFilterEntryPoint")); - } - - public void testRuntimeBeanDependencies() { - ApplicationContext context = new ClassPathXmlApplicationContext( - "org/acegisecurity/config/exception-translation-beanref.xml"); - ExceptionTranslationFilter filter = (ExceptionTranslationFilter) context.getBean("exceptionTranslationFilter"); - AuthenticationProcessingFilterEntryPoint entryPoint = (AuthenticationProcessingFilterEntryPoint) filter - .getAuthenticationEntryPoint(); - assertEquals("/acegilogin.jsp", entryPoint.getLoginFormUrl()); - assertFalse(entryPoint.getForceHttps()); - - } - - public void testAutoDetectionOfDefaultDependencies() throws Exception { - ApplicationContext context = new ClassPathXmlApplicationContext( - "org/acegisecurity/config/exception-translation-autodetect-handler.xml"); - ExceptionTranslationFilter filter = (ExceptionTranslationFilter) context.getBean("exceptionTranslationFilter"); - Field field = makeAccessibleAndGetFieldByName(filter.getClass().getDeclaredFields(), "accessDeniedHandler"); - assertTrue(field.get(filter) instanceof AccessDeniedHandler); - AccessDeniedHandlerImpl accessDeniedHandler = (AccessDeniedHandlerImpl) field - .get(filter); - Field f = makeAccessibleAndGetFieldByName(accessDeniedHandler.getClass().getDeclaredFields(), "errorPage"); - assertEquals("errorPage",f.getName()); - String value = (String) f.get(accessDeniedHandler); - assertEquals("/accessDenied.jsp", value); - } - - private Field makeAccessibleAndGetFieldByName(Field[] fields, String name) { - Field field = null; - for (int i = 0, n = fields.length; i < n; i++) { - ReflectionUtils.makeAccessible(fields[i]); - if (fields[i].getName().equals(name)) { - return fields[i]; - } - } - return field; - } - -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/FilterSecurityInterceptorBeanDefinitionParserTests.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/FilterSecurityInterceptorBeanDefinitionParserTests.java deleted file mode 100644 index a9a0febeff..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/FilterSecurityInterceptorBeanDefinitionParserTests.java +++ /dev/null @@ -1,35 +0,0 @@ -package org.acegisecurity.config; - -import junit.framework.TestCase; - -import org.acegisecurity.AccessDecisionManager; -import org.acegisecurity.intercept.web.FilterSecurityInterceptor; -import org.acegisecurity.intercept.web.RegExpBasedFilterInvocationDefinitionMap; -import org.acegisecurity.vote.AffirmativeBased; -import org.springframework.beans.PropertyValue; -import org.springframework.beans.factory.config.BeanDefinition; -import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; - -/** - * @author Vishal Puri - */ -public class FilterSecurityInterceptorBeanDefinitionParserTests extends TestCase { - - public void testParsingBeanDefinition() { - ApplicationContext context = new ClassPathXmlApplicationContext( - "org/acegisecurity/config/authorization-http-config.xml"); - ConfigurableListableBeanFactory bf = (ConfigurableListableBeanFactory) context.getAutowireCapableBeanFactory(); - String[] beanNames = bf.getBeanNamesForType(FilterSecurityInterceptor.class); - assertEquals(1, beanNames.length); - BeanDefinition def = bf.getBeanDefinition(beanNames[0]); - assertEquals(2, def.getPropertyValues().size()); - PropertyValue objectDefinitionSource = def.getPropertyValues().getPropertyValue("objectDefinitionSource"); - assertTrue(objectDefinitionSource.getValue() instanceof RegExpBasedFilterInvocationDefinitionMap); - PropertyValue accessDecisionManager = def.getPropertyValues().getPropertyValue("accessDecisionManager"); - BeanDefinition definition = (RootBeanDefinition) accessDecisionManager.getValue() ; - assertEquals("org.acegisecurity.vote.AffirmativeBased" , definition.getBeanClassName()); - } -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/HttpSessionContextIntegrationParserTest.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/HttpSessionContextIntegrationParserTest.java deleted file mode 100644 index 09f05815a6..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/HttpSessionContextIntegrationParserTest.java +++ /dev/null @@ -1,44 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import javax.servlet.Filter; - -import org.acegisecurity.context.HttpSessionContextIntegrationFilter; -import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; - - -import junit.framework.TestCase; - -/** - * @author vpuri - * - */ -public class HttpSessionContextIntegrationParserTest extends TestCase { - - public void testApplicationContext() { - ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/session-context-integration-defaults.xml"); - ConfigurableListableBeanFactory clbf = - (ConfigurableListableBeanFactory)context.getAutowireCapableBeanFactory(); - - String[] names = clbf.getBeanNamesForType(Filter.class); - assertEquals(1, names.length); - - // check bean name - RootBeanDefinition definition = (RootBeanDefinition)clbf.getBeanDefinition(names[0]); - assertEquals(HttpSessionContextIntegrationFilter.class, definition.getBeanClass()); - - // check properties - //get the bean - HttpSessionContextIntegrationFilter filter = (HttpSessionContextIntegrationFilter)context.getBean("httpSessionContextIntegrationFilter"); - assertFalse(filter.isAllowSessionCreation()); - assertNotNull(definition.getPropertyValues().getPropertyValue("allowSessionCreation")); - assertFalse(filter.isForceEagerSessionCreation()); - assertFalse(filter.isCloneFromHttpSession()); - } - -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/LdapAuthenticationProviderBeanDefinitionParserTests.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/LdapAuthenticationProviderBeanDefinitionParserTests.java deleted file mode 100644 index 3e3c267f4f..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/LdapAuthenticationProviderBeanDefinitionParserTests.java +++ /dev/null @@ -1,52 +0,0 @@ -package org.acegisecurity.config; - -import junit.framework.TestCase; - -import org.acegisecurity.ldap.InitialDirContextFactory; -import org.acegisecurity.providers.ldap.LdapAuthenticationProvider; -import org.acegisecurity.providers.ldap.authenticator.BindAuthenticator; -import org.springframework.beans.PropertyValue; -import org.springframework.beans.PropertyValues; -import org.springframework.beans.factory.config.BeanDefinition; -import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; -import org.springframework.beans.factory.config.ConstructorArgumentValues.ValueHolder; -import org.springframework.beans.factory.support.ManagedList; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; - -/** - * @author Vishal Puri - * - */ -public class LdapAuthenticationProviderBeanDefinitionParserTests extends TestCase { - - public void testBeanDefinitionCreation() { - ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/ldap-config.xml"); - ConfigurableListableBeanFactory bf = (ConfigurableListableBeanFactory) context.getAutowireCapableBeanFactory(); - BeanDefinition def = (RootBeanDefinition) bf.getBeanDefinition("authenticationManager"); - assertNotNull(def); - PropertyValues values = def.getPropertyValues(); - PropertyValue value = values.getPropertyValue("providers"); - assertNotNull(value); - ManagedList list = (ManagedList) value.getValue(); - assertEquals(1, list.size()); - - RootBeanDefinition definition = (RootBeanDefinition) list.get(0); - assertEquals(LdapAuthenticationProvider.class, definition.getBeanClass()); - - assertEquals(2, definition.getConstructorArgumentValues().getArgumentCount()); - - ValueHolder holder = definition.getConstructorArgumentValues().getArgumentValue(0, BindAuthenticator.class); - assertNotNull(holder.getConvertedValue() instanceof BindAuthenticator); - RootBeanDefinition authenticatorDefinition = (RootBeanDefinition) holder.getValue(); - assertEquals(1, authenticatorDefinition.getConstructorArgumentValues().getArgumentCount()); - - RootBeanDefinition initialContextDir = (RootBeanDefinition) authenticatorDefinition - .getConstructorArgumentValues().getArgumentValue(0, InitialDirContextFactory.class).getValue(); - assertEquals("cn=manager,dc=acegisecurity,dc=org", initialContextDir.getPropertyValues().getPropertyValue( - "managerDn").getValue()); - assertEquals("ldap://monkeymachine:389/dc=acegisecurity,dc=org", initialContextDir.getConstructorArgumentValues() - .getArgumentValue(0, String.class).getValue()); - } -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/LogoutFilterBeanDefinitionParserTests.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/LogoutFilterBeanDefinitionParserTests.java deleted file mode 100644 index 68a1b7b8ef..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/LogoutFilterBeanDefinitionParserTests.java +++ /dev/null @@ -1,29 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import java.util.Map; - -import junit.framework.TestCase; - -import org.acegisecurity.ui.logout.LogoutHandler; -import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; - -/** - * @author vpuri - * - */ -public class LogoutFilterBeanDefinitionParserTests extends TestCase { - - public void testLogoutFilter() { - ApplicationContext context = new ClassPathXmlApplicationContext( - "org/acegisecurity/config/logout-filter-with-handlers.xml"); - ConfigurableListableBeanFactory bf = (ConfigurableListableBeanFactory) context.getAutowireCapableBeanFactory(); - Map m = bf.getBeansOfType(LogoutHandler.class); - assertEquals(2, m.size()); - } - -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/NamespaceTests.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/NamespaceTests.java deleted file mode 100644 index 235cba6871..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/NamespaceTests.java +++ /dev/null @@ -1,22 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import junit.framework.TestCase; - -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; - -/** - * @author vpuri - * - */ -public class NamespaceTests extends TestCase { - - - public void testPass() { - ApplicationContext c = new ClassPathXmlApplicationContext("org/acegisecurity/config/applicationContext-acegi-security.xml"); - } - -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/PrincipalRepositoryNamespaceTests.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/PrincipalRepositoryNamespaceTests.java deleted file mode 100644 index 0716479ca6..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/PrincipalRepositoryNamespaceTests.java +++ /dev/null @@ -1,65 +0,0 @@ -package org.acegisecurity.config; - -import junit.framework.TestCase; - -import org.acegisecurity.GrantedAuthority; -import org.acegisecurity.GrantedAuthorityImpl; -import org.acegisecurity.userdetails.User; -import org.acegisecurity.userdetails.UserDetailsService; -import org.acegisecurity.userdetails.memory.InMemoryDaoImpl; -import org.acegisecurity.userdetails.memory.UserMap; -import org.springframework.beans.PropertyValue; -import org.springframework.beans.factory.config.BeanDefinition; -import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; - -/** - * @author Vishal Puri - * - */ -public class PrincipalRepositoryNamespaceTests extends TestCase { - - public void testParserWithUserDefinition() { - ApplicationContext context = new ClassPathXmlApplicationContext( - "org/acegisecurity/config/principal-repository-user-map.xml"); - - ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context - .getAutowireCapableBeanFactory(); - - String[] names = clbf.getBeanNamesForType(UserDetailsService.class); - assertEquals(1, names.length); - - RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]); - assertEquals(InMemoryDaoImpl.class, definition.getBeanClass()); - - UserMap map = new UserMap(); - - GrantedAuthority[] authotities = { new GrantedAuthorityImpl("ROLE_YO"), new GrantedAuthorityImpl("ROLE_YOYO") }; - - User user = new User("vishal", "nottellingya", true, true, true, true, authotities); - - map.addUser(user); - - assertPropertyValues(map, definition, "userMap"); - - } - - private void assertPropertyValues(UserMap assertionValue, RootBeanDefinition definition, String property) { - PropertyValue propertyValue = definition.getPropertyValues().getPropertyValue(property); - assertNotNull(propertyValue); - assertTrue(propertyValue.getValue() instanceof UserMap); - UserMap users = (UserMap) propertyValue.getValue(); - assertTrue(assertionValue.getUserCount() == users.getUserCount()); - assertEquals(assertionValue.getUser("vishal"), users.getUser("vishal")); - assertTrue(users.getUser("vishal").isEnabled()); - assertTrue(users.getUser("vishal").isAccountNonExpired()); - assertTrue(users.getUser("vishal").isAccountNonLocked()); - assertTrue(users.getUser("vishal").isCredentialsNonExpired()); - assertEquals(2, users.getUser("vishal").getAuthorities().length); - assertEquals(new GrantedAuthorityImpl("ROLE_YO"), users.getUser("vishal").getAuthorities()[0]); - assertEquals(new GrantedAuthorityImpl("ROLE_YOYO"), users.getUser("vishal").getAuthorities()[1]); - } - -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/RememberMeBeanDefinitionParserTest.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/RememberMeBeanDefinitionParserTest.java deleted file mode 100644 index e33168a202..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/RememberMeBeanDefinitionParserTest.java +++ /dev/null @@ -1,19 +0,0 @@ -package org.acegisecurity.config; - -import junit.framework.TestCase; - -import org.acegisecurity.providers.ProviderManager; -import org.acegisecurity.providers.dao.DaoAuthenticationProvider; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; - -//TODO: fix test name -public class RememberMeBeanDefinitionParserTest extends TestCase { - - public void testParserDefaults() { - ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/remember-me-defaults.xml"); - ProviderManager mgr = (ProviderManager)context.getBean("authenticationManager"); - assertEquals(1, mgr.getProviders().size()); - assertTrue(mgr.getProviders().get(0) instanceof DaoAuthenticationProvider); - } -} diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/RememberMeServicesBeanDefinitionParserTests.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/RememberMeServicesBeanDefinitionParserTests.java deleted file mode 100644 index 2fe2ae7790..0000000000 --- a/sandbox/spring-security-config/src/test/java/org/acegisecurity/config/RememberMeServicesBeanDefinitionParserTests.java +++ /dev/null @@ -1,56 +0,0 @@ -/** - * - */ -package org.acegisecurity.config; - -import java.lang.reflect.Field; -import java.util.Map; - -import junit.framework.TestCase; - -import org.acegisecurity.AuthenticationManager; -import org.acegisecurity.ui.rememberme.RememberMeProcessingFilter; -import org.acegisecurity.ui.rememberme.RememberMeServices; -import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices; -import org.acegisecurity.userdetails.UserDetailsService; -import org.springframework.beans.PropertyValue; -import org.springframework.beans.factory.config.BeanDefinition; -import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; -import org.springframework.beans.factory.support.RootBeanDefinition; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; -import org.springframework.util.ReflectionUtils; - -/** - * @author Vishal Puri - * - */ -public class RememberMeServicesBeanDefinitionParserTests extends TestCase { - - public void testFilterConfiguration() { - ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/remember-me-defaults.xml"); - ConfigurableListableBeanFactory bf = (ConfigurableListableBeanFactory)context.getAutowireCapableBeanFactory(); - String[] names = bf.getBeanNamesForType(RememberMeProcessingFilter.class); - assertEquals(1, names.length); - RootBeanDefinition definition = (RootBeanDefinition)bf.getBeanDefinition(names[0]); - assertEquals(definition.getBeanClass(), RememberMeProcessingFilter.class); - } - - public void testRuntimeAutoDetectionOfDependencies() throws Exception { - ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/remember-me-autodetect.xml"); - ConfigurableListableBeanFactory factory = (ConfigurableListableBeanFactory) context.getAutowireCapableBeanFactory(); - Map map = factory.getBeansOfType(RememberMeProcessingFilter.class); - RememberMeProcessingFilter filter = (RememberMeProcessingFilter)map.values().iterator().next(); - RememberMeServices services = filter.getRememberMeServices(); - assertNotNull(services); - TokenBasedRememberMeServices rememberMeServices = (TokenBasedRememberMeServices)services; - UserDetailsService ud = rememberMeServices.getUserDetailsService(); - assertNotNull(ud); - Field field = filter.getClass().getDeclaredField("authenticationManager"); - ReflectionUtils.makeAccessible(field); - Object obj = field.get(filter); - assertNotNull("authentication manager should not have been null", obj); - assertTrue(obj instanceof AuthenticationManager); - } - -} diff --git a/sandbox/spring-security-config/src/test/resources/log4j.properties b/sandbox/spring-security-config/src/test/resources/log4j.properties deleted file mode 100644 index 682b56dad8..0000000000 --- a/sandbox/spring-security-config/src/test/resources/log4j.properties +++ /dev/null @@ -1,12 +0,0 @@ -# Logging -# - - -log4j.rootCategory=WARN, stdout - -log4j.appender.stdout=org.apache.log4j.ConsoleAppender -log4j.appender.stdout.layout=org.apache.log4j.PatternLayout -log4j.appender.stdout.layout.ConversionPattern=%d %p %c - %m%n - -log4j.category.org.acegisecurity=DEBUG -log4j.category.org.springframework=INFO \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/applicationContext-acegi-security.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/applicationContext-acegi-security.xml deleted file mode 100644 index 1853072345..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/applicationContext-acegi-security.xml +++ /dev/null @@ -1,174 +0,0 @@ - - - - - - - - - - - CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON - PATTERN_TYPE_APACHE_ANT - /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON - PATTERN_TYPE_APACHE_ANT - /acegilogin.jsp=IS_AUTHENTICATED_ANONYMOUSLY - /**=IS_AUTHENTICATED_REMEMBERED - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-basic-filter.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-basic-filter.xml deleted file mode 100644 index dfdd340f0f..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-basic-filter.xml +++ /dev/null @@ -1,19 +0,0 @@ - - - - - - - - - - - diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-beanRef-attributes.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-beanRef-attributes.xml deleted file mode 100644 index 9885cdf1dc..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-beanRef-attributes.xml +++ /dev/null @@ -1,51 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - org.hsqldb.jdbcDriver - - - jdbc:hsqldb:mem:test - - - - sa - - - - - - - - - 12345 - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-dao-defaults.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-dao-defaults.xml deleted file mode 100644 index 6de9406972..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-dao-defaults.xml +++ /dev/null @@ -1,54 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - org.hsqldb.jdbcDriver - - - jdbc:hsqldb:mem:test - - - - sa - - - - - - - - - 12345 - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-defaults.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-defaults.xml deleted file mode 100644 index d4a24931d9..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-defaults.xml +++ /dev/null @@ -1,40 +0,0 @@ - - - - - - - - - - - - - - - - - - org.hsqldb.jdbcDriver - - - jdbc:hsqldb:mem:test - - - - sa - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-form-filter.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-form-filter.xml deleted file mode 100644 index 3187c14593..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-form-filter.xml +++ /dev/null @@ -1,57 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - org.hsqldb.jdbcDriver - - - jdbc:hsqldb:mem:test - - - - sa - - - - - - - - - diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-innerbeans.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-innerbeans.xml deleted file mode 100644 index f096d01e78..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authentication-innerbeans.xml +++ /dev/null @@ -1,50 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - org.hsqldb.jdbcDriver - - - jdbc:hsqldb:mem:test - - - - sa - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-http-config.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-http-config.xml deleted file mode 100644 index 38efe1b606..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-http-config.xml +++ /dev/null @@ -1,59 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-manager.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-manager.xml deleted file mode 100644 index 0baf2cfee1..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-manager.xml +++ /dev/null @@ -1,21 +0,0 @@ - - - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-method-annotations.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-method-annotations.xml deleted file mode 100644 index deeef05543..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-method-annotations.xml +++ /dev/null @@ -1,42 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-method-aspectj.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-method-aspectj.xml deleted file mode 100644 index 0f1233dd78..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-method-aspectj.xml +++ /dev/null @@ -1,42 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-method-attributes.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-method-attributes.xml deleted file mode 100644 index ff13e48ec8..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-method-attributes.xml +++ /dev/null @@ -1,42 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-method.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-method.xml deleted file mode 100644 index 88d418e26f..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/authorization-method.xml +++ /dev/null @@ -1,56 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/auto-config.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/auto-config.xml deleted file mode 100644 index cd932b60b4..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/auto-config.xml +++ /dev/null @@ -1,32 +0,0 @@ - - - - - - - - - - - - - - - - - - diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/exception-translation-autodetect-handler.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/exception-translation-autodetect-handler.xml deleted file mode 100644 index 9c927be891..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/exception-translation-autodetect-handler.xml +++ /dev/null @@ -1,41 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - /acegilogin.jsp - - - false - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/exception-translation-beanref.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/exception-translation-beanref.xml deleted file mode 100644 index e2427d987b..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/exception-translation-beanref.xml +++ /dev/null @@ -1,38 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - /acegilogin.jsp - - - false - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/ldap-config.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/ldap-config.xml deleted file mode 100644 index c73468314d..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/ldap-config.xml +++ /dev/null @@ -1,73 +0,0 @@ - - - - - - - - - - - - - uid={0},ou=people - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/logout-filter-with-handlers.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/logout-filter-with-handlers.xml deleted file mode 100644 index cf1168fbb1..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/logout-filter-with-handlers.xml +++ /dev/null @@ -1,34 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/principal-repository-jdbc.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/principal-repository-jdbc.xml deleted file mode 100644 index 7172f5f919..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/principal-repository-jdbc.xml +++ /dev/null @@ -1,42 +0,0 @@ - - - - - - - - - - - - - - - - - - org.hsqldb.jdbcDriver - - - jdbc:hsqldb:mem:test - - - - sa - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/principal-repository-properties.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/principal-repository-properties.xml deleted file mode 100644 index dfe21d29e4..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/principal-repository-properties.xml +++ /dev/null @@ -1,22 +0,0 @@ - - - - - - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/principal-repository-user-map.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/principal-repository-user-map.xml deleted file mode 100644 index 4e035ff1d6..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/principal-repository-user-map.xml +++ /dev/null @@ -1,28 +0,0 @@ - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/remember-me-autodetect.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/remember-me-autodetect.xml deleted file mode 100644 index 5cba7707ef..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/remember-me-autodetect.xml +++ /dev/null @@ -1,62 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - org.hsqldb.jdbcDriver - - - jdbc:hsqldb:mem:test - - - - sa - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/remember-me-defaults.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/remember-me-defaults.xml deleted file mode 100644 index 077caf79d6..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/remember-me-defaults.xml +++ /dev/null @@ -1,63 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - org.hsqldb.jdbcDriver - - - jdbc:hsqldb:mem:test - - - - sa - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/security-autoconfig-autodetect.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/security-autoconfig-autodetect.xml deleted file mode 100644 index 2a9ea4358e..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/security-autoconfig-autodetect.xml +++ /dev/null @@ -1,21 +0,0 @@ - - - - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/security-namespaces.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/security-namespaces.xml deleted file mode 100644 index 29bae5ab6f..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/security-namespaces.xml +++ /dev/null @@ -1,186 +0,0 @@ - - - - - - - - - - - - - - - - **/*=AUTODETECT_ALL_ORDERED_FILTERS - **/*=filter1,filter2,filter3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/session-context-integration-defaults.xml b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/session-context-integration-defaults.xml deleted file mode 100644 index 1ba0d6483e..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/session-context-integration-defaults.xml +++ /dev/null @@ -1,63 +0,0 @@ - - - - - - - - - - - - - - - - - diff --git a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/user.properties b/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/user.properties deleted file mode 100644 index 41be7a5728..0000000000 --- a/sandbox/spring-security-config/src/test/resources/org/acegisecurity/config/user.properties +++ /dev/null @@ -1,2 +0,0 @@ -vishal=ity,ROLE_ADMIN -ity=vishal,ROLE_TELLER,ROLE_PERMISSION_LIST