Refactor strings to static fields. To facilitate unit testing, package
protected visibility was adopted for all element names, attribute names, and attribute default values. A public access modifier was used for all bean IDs assigned to bean definitions created by the BeanDefinitionParsers.
This commit is contained in:
parent
4e55bd0117
commit
d9ec944579
|
@ -16,29 +16,29 @@ import org.w3c.dom.Element;
|
|||
* @version $Id: RememberMeBeanDefinitionParser.java 2231 2007-11-07 13:29:15Z luke_t $
|
||||
*/
|
||||
public class AnonymousBeanDefinitionParser implements BeanDefinitionParser {
|
||||
static final String ATT_KEY = "key";
|
||||
static final String ATT_USERNAME = "username";
|
||||
static final String ATT_GRANTED_AUTHORITY = "grantedAuthority";
|
||||
protected final Log logger = LogFactory.getLog(getClass());
|
||||
|
||||
public static final String DEFAULT_ANONYMOUS_FILTER_ID = "_anonymousProcessingFilter";
|
||||
public static final String DEFAULT_ANONYMOUS_AUTHENTICATION_PROVIDER_ID = "_anonymousAuthenticationProvider";
|
||||
|
||||
public BeanDefinition parse(Element element, ParserContext parserContext) {
|
||||
BeanDefinition filter = new RootBeanDefinition(AnonymousProcessingFilter.class);
|
||||
|
||||
String grantedAuthority = element.getAttribute("grantedAuthority");
|
||||
String username = element.getAttribute("username");
|
||||
String key = element.getAttribute("key");
|
||||
String grantedAuthority = element.getAttribute(ATT_GRANTED_AUTHORITY);
|
||||
String username = element.getAttribute(ATT_USERNAME);
|
||||
String key = element.getAttribute(ATT_KEY);
|
||||
|
||||
filter.getPropertyValues().addPropertyValue("userAttribute", username + "," + grantedAuthority);
|
||||
filter.getPropertyValues().addPropertyValue("key", key);
|
||||
filter.getPropertyValues().addPropertyValue(ATT_KEY, key);
|
||||
|
||||
BeanDefinition authManager = ConfigUtils.registerProviderManagerIfNecessary(parserContext);
|
||||
BeanDefinition provider = new RootBeanDefinition(AnonymousAuthenticationProvider.class);
|
||||
provider.getPropertyValues().addPropertyValue("key", key);
|
||||
provider.getPropertyValues().addPropertyValue(ATT_KEY, key);
|
||||
|
||||
ManagedList authMgrProviderList = (ManagedList) authManager.getPropertyValues().getPropertyValue("providers").getValue();
|
||||
authMgrProviderList.add(provider);
|
||||
|
||||
parserContext.getRegistry().registerBeanDefinition(DEFAULT_ANONYMOUS_FILTER_ID, filter);
|
||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.ANONYMOUS_PROCESSING_FILTER, filter);
|
||||
|
||||
return null;
|
||||
}
|
||||
|
|
|
@ -14,29 +14,30 @@ import org.w3c.dom.Element;
|
|||
* registers them in the application context.
|
||||
*
|
||||
* @author Luke Taylor
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class BasicAuthenticationBeanDefinitionParser implements BeanDefinitionParser {
|
||||
public static final String DEFAULT_BASIC_AUTH_FILTER_ID = "_basicAuthenticationFilter";
|
||||
public static final String DEFAULT_BASIC_AUTH_ENTRY_POINT_ID = "_basicAuthenticationEntryPoint";
|
||||
|
||||
static final String ATT_REALM = "realm";
|
||||
|
||||
public BeanDefinition parse(Element elt, ParserContext parserContext) {
|
||||
BeanDefinitionBuilder filterBuilder =
|
||||
BeanDefinitionBuilder.rootBeanDefinition(BasicProcessingFilter.class);
|
||||
RootBeanDefinition entryPoint = new RootBeanDefinition(BasicProcessingFilterEntryPoint.class);
|
||||
|
||||
String realm = elt.getAttribute("realm");
|
||||
String realm = elt.getAttribute(ATT_REALM);
|
||||
|
||||
entryPoint.getPropertyValues().addPropertyValue("realmName", realm);
|
||||
|
||||
filterBuilder.addPropertyValue("authenticationEntryPoint", entryPoint);
|
||||
|
||||
// TODO: Remove autowiring approach from here.
|
||||
// Detect auth manager
|
||||
filterBuilder.setAutowireMode(RootBeanDefinition.AUTOWIRE_BY_TYPE);
|
||||
|
||||
parserContext.getRegistry().registerBeanDefinition(DEFAULT_BASIC_AUTH_FILTER_ID,
|
||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.BASIC_AUTHENTICATION_FILTER,
|
||||
filterBuilder.getBeanDefinition());
|
||||
parserContext.getRegistry().registerBeanDefinition(DEFAULT_BASIC_AUTH_ENTRY_POINT_ID, entryPoint);
|
||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.BASIC_AUTHENTICATION_ENTRY_POINT, entryPoint);
|
||||
|
||||
return null;
|
||||
}
|
||||
|
|
|
@ -6,8 +6,35 @@ package org.springframework.security.config;
|
|||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
class BeanIds {
|
||||
public class BeanIds {
|
||||
|
||||
/** Package protected as end users shouldn't really be using this BFPP directly */
|
||||
static final String INTERCEPT_METHODS_BEAN_FACTORY_POST_PROCESSOR = "_interceptMethodsBeanfactoryPP";
|
||||
|
||||
public static final String JDBC_USER_DETAILS_MANAGER = "_jdbcUserDetailsManager";
|
||||
public static final String USER_DETAILS_SERVICE = "_userDetailsService";
|
||||
public static final String ANONYMOUS_PROCESSING_FILTER = "_anonymousProcessingFilter";
|
||||
public static final String ANONYMOUS_AUTHENTICATION_PROVIDER = "_anonymousAuthenticationProvider";
|
||||
public static final String BASIC_AUTHENTICATION_FILTER = "_basicAuthenticationFilter";
|
||||
public static final String BASIC_AUTHENTICATION_ENTRY_POINT = "_basicAuthenticationEntryPoint";
|
||||
public static final String SESSION_REGISTRY = "_sessionRegistry";
|
||||
public static final String CONCURRENT_SESSION_FILTER = "_concurrentSessionFilter";
|
||||
public static final String CONCURRENT_SESSION_CONTROLLER = "_concurrentSessionController";
|
||||
public static final String ACCESS_MANAGER = "_accessManager";
|
||||
public static final String AUTHENTICATION_MANAGER = "_authenticationManager";
|
||||
public static final String FORM_LOGIN_FILTER = "_formLoginFilter";
|
||||
public static final String FORM_LOGIN_ENTRY_POINT = "_formLoginEntryPoint";
|
||||
public static final String FILTER_CHAIN_PROXY = "_filterChainProxy";
|
||||
public static final String HTTP_SESSION_CONTEXT_INTEGRATION_FILTER = "_httpSessionContextIntegrationFilter";
|
||||
public static final String LOGOUT_FILTER = "_logoutFilter";
|
||||
public static final String EXCEPTION_TRANSLATION_FILTER = "_exceptionTranslationFilter";
|
||||
public static final String FILTER_SECURITY_INTERCEPTOR = "_filterSecurityInterceptor";
|
||||
public static final String CHANNEL_PROCESSING_FILTER = "_channelProcessingFilter";
|
||||
public static final String CHANNEL_DECISION_MANAGER = "_channelDecisionManager";
|
||||
public static final String REMEMBER_ME_FILTER = "_rememberMeFilter";
|
||||
public static final String REMEMBER_ME_SERVICES = "_rememberMeServices";
|
||||
public static final String DEFAULT_LOGIN_PAGE_GENERATING_FILTER = "_defaultLoginPageFilter";
|
||||
|
||||
|
||||
static final String JDBC_USER_DETAILS_MANAGER = "_jdbcUserDetailsManager";
|
||||
|
||||
}
|
||||
|
|
|
@ -23,10 +23,6 @@ import org.w3c.dom.Element;
|
|||
* @version $Id$
|
||||
*/
|
||||
public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionParser {
|
||||
static final String DEFAULT_SESSION_REGISTRY_ID = "_sessionRegistry";
|
||||
static final String DEFAULT_CONCURRENT_SESSION_FILTER_ID = "_concurrentSessionFilter";
|
||||
static final String DEFAULT_SESSION_CONTROLLER_ID = "_concurrentSessionController";
|
||||
|
||||
public BeanDefinition parse(Element element, ParserContext parserContext) {
|
||||
BeanDefinitionRegistry beanRegistry = parserContext.getRegistry();
|
||||
|
||||
|
@ -35,8 +31,8 @@ public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionPar
|
|||
BeanDefinitionBuilder.rootBeanDefinition(ConcurrentSessionFilter.class);
|
||||
BeanDefinitionBuilder controllerBuilder
|
||||
= BeanDefinitionBuilder.rootBeanDefinition(ConcurrentSessionControllerImpl.class);
|
||||
controllerBuilder.addPropertyValue("sessionRegistry", new RuntimeBeanReference(DEFAULT_SESSION_REGISTRY_ID));
|
||||
filterBuilder.addPropertyValue("sessionRegistry", new RuntimeBeanReference(DEFAULT_SESSION_REGISTRY_ID));
|
||||
controllerBuilder.addPropertyValue("sessionRegistry", new RuntimeBeanReference(BeanIds.SESSION_REGISTRY));
|
||||
filterBuilder.addPropertyValue("sessionRegistry", new RuntimeBeanReference(BeanIds.SESSION_REGISTRY));
|
||||
|
||||
String expiryUrl = element.getAttribute("expiryUrl");
|
||||
|
||||
|
@ -57,9 +53,9 @@ public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionPar
|
|||
}
|
||||
|
||||
BeanDefinition controller = controllerBuilder.getBeanDefinition();
|
||||
beanRegistry.registerBeanDefinition(DEFAULT_SESSION_REGISTRY_ID, sessionRegistry);
|
||||
beanRegistry.registerBeanDefinition(DEFAULT_SESSION_CONTROLLER_ID, controller);
|
||||
beanRegistry.registerBeanDefinition(DEFAULT_CONCURRENT_SESSION_FILTER_ID, filterBuilder.getBeanDefinition());
|
||||
beanRegistry.registerBeanDefinition(BeanIds.SESSION_REGISTRY, sessionRegistry);
|
||||
beanRegistry.registerBeanDefinition(BeanIds.CONCURRENT_SESSION_CONTROLLER, controller);
|
||||
beanRegistry.registerBeanDefinition(BeanIds.CONCURRENT_SESSION_FILTER, filterBuilder.getBeanDefinition());
|
||||
|
||||
BeanDefinition providerManager = ConfigUtils.registerProviderManagerIfNecessary(parserContext);
|
||||
|
||||
|
|
|
@ -23,12 +23,10 @@ import java.util.Map;
|
|||
* Utitily methods used internally by the Spring Security namespace configuration code.
|
||||
*
|
||||
* @author Luke Taylor
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public abstract class ConfigUtils {
|
||||
public static final String DEFAULT_ACCESS_MANAGER_ID = "_accessManager";
|
||||
public static final String DEFAULT_AUTH_MANAGER_ID = "_authenticationManager";
|
||||
|
||||
static void registerAccessManagerIfNecessary(ConfigurableListableBeanFactory bf) {
|
||||
if (bf.getBeanNamesForType(AccessDecisionManager.class).length > 0) {
|
||||
return;
|
||||
|
@ -39,13 +37,13 @@ public abstract class ConfigUtils {
|
|||
|
||||
BeanDefinitionRegistry registry = (BeanDefinitionRegistry)bf;
|
||||
|
||||
if (!registry.containsBeanDefinition(DEFAULT_ACCESS_MANAGER_ID)) {
|
||||
if (!registry.containsBeanDefinition(BeanIds.ACCESS_MANAGER)) {
|
||||
BeanDefinitionBuilder accessMgrBuilder = BeanDefinitionBuilder.rootBeanDefinition(AffirmativeBased.class);
|
||||
accessMgrBuilder.addPropertyValue("decisionVoters",
|
||||
Arrays.asList(new Object[] {new RoleVoter(), new AuthenticatedVoter()}));
|
||||
BeanDefinition accessMgr = accessMgrBuilder.getBeanDefinition();
|
||||
|
||||
registry.registerBeanDefinition(DEFAULT_ACCESS_MANAGER_ID, accessMgr);
|
||||
registry.registerBeanDefinition(BeanIds.ACCESS_MANAGER, accessMgr);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -56,13 +54,13 @@ public abstract class ConfigUtils {
|
|||
* authentication manager.
|
||||
*/
|
||||
static BeanDefinition registerProviderManagerIfNecessary(ParserContext parserContext) {
|
||||
if(parserContext.getRegistry().containsBeanDefinition(DEFAULT_AUTH_MANAGER_ID)) {
|
||||
return parserContext.getRegistry().getBeanDefinition(DEFAULT_AUTH_MANAGER_ID);
|
||||
if(parserContext.getRegistry().containsBeanDefinition(BeanIds.AUTHENTICATION_MANAGER)) {
|
||||
return parserContext.getRegistry().getBeanDefinition(BeanIds.AUTHENTICATION_MANAGER);
|
||||
}
|
||||
|
||||
BeanDefinition authManager = new RootBeanDefinition(ProviderManager.class);
|
||||
authManager.getPropertyValues().addPropertyValue("providers", new ManagedList());
|
||||
parserContext.getRegistry().registerBeanDefinition(DEFAULT_AUTH_MANAGER_ID, authManager);
|
||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.AUTHENTICATION_MANAGER, authManager);
|
||||
|
||||
return authManager;
|
||||
}
|
||||
|
|
|
@ -8,8 +8,22 @@ package org.springframework.security.config;
|
|||
*/
|
||||
class Elements {
|
||||
|
||||
static final String ELT_USER_SERVICE = "user-service";
|
||||
static final String ELT_JDBC_USER_SERVICE = "jdbc-user-service";
|
||||
static final String ELT_CUSTOM_USER_SERVICE = "custom-user-service";
|
||||
public static final String USER_SERVICE = "user-service";
|
||||
public static final String JDBC_USER_SERVICE = "jdbc-user-service";
|
||||
public static final String CUSTOM_USER_SERVICE = "custom-user-service";
|
||||
public static final String FILTER_CHAIN_MAP = "filter-chain-map";
|
||||
public static final String INTERCEPT_METHODS = "intercept-methods";
|
||||
public static final String AUTHENTICATION_PROVIDER = "authentication-provider";
|
||||
public static final String REPOSITORY = "repository";
|
||||
public static final String HTTP = "http";
|
||||
public static final String LDAP = "ldap";
|
||||
public static final String PROTECT = "protect";
|
||||
public static final String CONCURRENT_SESSIONS = "concurrent-session-control";
|
||||
public static final String LOGOUT = "logout";
|
||||
public static final String FORM_LOGIN = "form-login";
|
||||
public static final String BASIC_AUTH = "http-basic";
|
||||
public static final String REMEMBER_ME = "remember-me";
|
||||
public static final String ANONYMOUS = "anonymous";
|
||||
public static final String FILTER_CHAIN = "filter-chain";
|
||||
|
||||
}
|
||||
|
|
|
@ -23,29 +23,27 @@ import java.util.*;
|
|||
* @version $Id$
|
||||
*/
|
||||
class FilterChainMapBeanDefinitionDecorator implements BeanDefinitionDecorator {
|
||||
public static final String FILTER_CHAIN_ELT_NAME = "filter-chain";
|
||||
|
||||
public BeanDefinitionHolder decorate(Node node, BeanDefinitionHolder holder, ParserContext parserContext) {
|
||||
BeanDefinition filterChainProxy = holder.getBeanDefinition();
|
||||
|
||||
Map filterChainMap = new LinkedHashMap();
|
||||
Element elt = (Element)node;
|
||||
|
||||
String pathType = elt.getAttribute(HttpSecurityBeanDefinitionParser.PATTERN_TYPE_ATTRIBUTE);
|
||||
String pathType = elt.getAttribute(HttpSecurityBeanDefinitionParser.ATT_PATTERN_TYPE);
|
||||
|
||||
if (HttpSecurityBeanDefinitionParser.PATTERN_TYPE_REGEX.equals(pathType)) {
|
||||
if (HttpSecurityBeanDefinitionParser.ATT_PATTERN_TYPE_REGEX.equals(pathType)) {
|
||||
filterChainProxy.getPropertyValues().addPropertyValue("matcher", new RegexUrlPathMatcher());
|
||||
}
|
||||
|
||||
Iterator filterChainElts = DomUtils.getChildElementsByTagName(elt, FILTER_CHAIN_ELT_NAME).iterator();
|
||||
Iterator filterChainElts = DomUtils.getChildElementsByTagName(elt, Elements.FILTER_CHAIN).iterator();
|
||||
|
||||
while (filterChainElts.hasNext()) {
|
||||
Element chain = (Element) filterChainElts.next();
|
||||
String path = chain.getAttribute(HttpSecurityBeanDefinitionParser.PATH_PATTERN_ATTRIBUTE);
|
||||
Assert.hasText(path, "The attribute '" + HttpSecurityBeanDefinitionParser.PATH_PATTERN_ATTRIBUTE +
|
||||
String path = chain.getAttribute(HttpSecurityBeanDefinitionParser.ATT_PATH_PATTERN);
|
||||
Assert.hasText(path, "The attribute '" + HttpSecurityBeanDefinitionParser.ATT_PATH_PATTERN +
|
||||
"' must not be empty");
|
||||
String filters = chain.getAttribute(HttpSecurityBeanDefinitionParser.FILTERS_ATTRIBUTE);
|
||||
Assert.hasText(filters, "The attribute '" + HttpSecurityBeanDefinitionParser.FILTERS_ATTRIBUTE +
|
||||
String filters = chain.getAttribute(HttpSecurityBeanDefinitionParser.ATT_FILTERS);
|
||||
Assert.hasText(filters, "The attribute '" + HttpSecurityBeanDefinitionParser.ATT_FILTERS +
|
||||
"'must not be empty");
|
||||
|
||||
if (filters.equals(HttpSecurityBeanDefinitionParser.NO_FILTERS_VALUE)) {
|
||||
|
|
|
@ -17,21 +17,23 @@ import org.apache.commons.logging.LogFactory;
|
|||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class FormLoginBeanDefinitionParser implements BeanDefinitionParser {
|
||||
protected final Log logger = LogFactory.getLog(getClass());
|
||||
|
||||
public static final String DEFAULT_FORM_LOGIN_FILTER_ID = "_formLoginFilter";
|
||||
public static final String DEFAULT_FORM_LOGIN_ENTRY_POINT_ID = "_formLoginEntryPoint";
|
||||
static final String ATT_LOGIN_URL = "loginUrl";
|
||||
static final String DEF_LOGIN_URL = "/j_spring_security_check";
|
||||
|
||||
private static final String LOGIN_URL_ATTRIBUTE = "loginUrl";
|
||||
private static final String LOGIN_PAGE_ATTRIBUTE = "loginPage";
|
||||
static final String ATT_LOGIN_PAGE = "loginPage";
|
||||
static final String DEF_LOGIN_PAGE = DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL;
|
||||
|
||||
private static final String FORM_LOGIN_TARGET_URL_ATTRIBUTE = "defaultTargetUrl";
|
||||
private static final String DEFAULT_FORM_LOGIN_TARGET_URL = "/";
|
||||
static final String ATT_FORM_LOGIN_TARGET_URL = "defaultTargetUrl";
|
||||
static final String DEF_FORM_LOGIN_TARGET_URL = "/";
|
||||
|
||||
private static final String FORM_LOGIN_AUTH_FAILURE_URL_ATTRIBUTE = "defaultTargetUrl";
|
||||
static final String ATT_FORM_LOGIN_AUTHENTICATION_FAILURE_URL = "authenticationFailureUrl";
|
||||
static final String DEF_FORM_LOGIN_AUTHENTICATION_FAILURE_URL = DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL + "?" + DefaultLoginPageGeneratingFilter.ERROR_PARAMETER_NAME;
|
||||
|
||||
public BeanDefinition parse(Element elt, ParserContext parserContext) {
|
||||
ConfigUtils.registerProviderManagerIfNecessary(parserContext);
|
||||
|
@ -39,28 +41,28 @@ public class FormLoginBeanDefinitionParser implements BeanDefinitionParser {
|
|||
BeanDefinition filterBean = createFilterBean(elt);
|
||||
|
||||
filterBean.getPropertyValues().addPropertyValue("authenticationManager",
|
||||
new RuntimeBeanReference(ConfigUtils.DEFAULT_AUTH_MANAGER_ID));
|
||||
new RuntimeBeanReference(BeanIds.AUTHENTICATION_MANAGER));
|
||||
|
||||
BeanDefinitionBuilder entryPointBuilder =
|
||||
BeanDefinitionBuilder.rootBeanDefinition(AuthenticationProcessingFilterEntryPoint.class);
|
||||
|
||||
String loginPage = elt.getAttribute(LOGIN_PAGE_ATTRIBUTE);
|
||||
String loginPage = elt.getAttribute(ATT_LOGIN_PAGE);
|
||||
|
||||
// If no login page has been defined, add in the default page generator.
|
||||
if (!StringUtils.hasText(loginPage)) {
|
||||
logger.info("No login page configured in form-login element. The default internal one will be used. Use" +
|
||||
"the 'loginPage' attribute to specify the URL of the login page.");
|
||||
loginPage = DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL;
|
||||
loginPage = DEF_LOGIN_PAGE;
|
||||
RootBeanDefinition loginPageFilter = new RootBeanDefinition(DefaultLoginPageGeneratingFilter.class);
|
||||
loginPageFilter.getConstructorArgumentValues().addGenericArgumentValue(
|
||||
new RuntimeBeanReference(DEFAULT_FORM_LOGIN_FILTER_ID));
|
||||
parserContext.getRegistry().registerBeanDefinition("_springSecurityLoginPageFilter", loginPageFilter);
|
||||
new RuntimeBeanReference(BeanIds.FORM_LOGIN_FILTER));
|
||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.DEFAULT_LOGIN_PAGE_GENERATING_FILTER, loginPageFilter);
|
||||
}
|
||||
|
||||
entryPointBuilder.addPropertyValue("loginFormUrl", loginPage);
|
||||
|
||||
parserContext.getRegistry().registerBeanDefinition(DEFAULT_FORM_LOGIN_FILTER_ID, filterBean);
|
||||
parserContext.getRegistry().registerBeanDefinition(DEFAULT_FORM_LOGIN_ENTRY_POINT_ID,
|
||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.FORM_LOGIN_FILTER, filterBean);
|
||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.FORM_LOGIN_ENTRY_POINT,
|
||||
entryPointBuilder.getBeanDefinition());
|
||||
|
||||
return null;
|
||||
|
@ -70,24 +72,26 @@ public class FormLoginBeanDefinitionParser implements BeanDefinitionParser {
|
|||
BeanDefinitionBuilder filterBuilder =
|
||||
BeanDefinitionBuilder.rootBeanDefinition(AuthenticationProcessingFilter.class);
|
||||
|
||||
String loginUrl = elt.getAttribute(LOGIN_URL_ATTRIBUTE);
|
||||
String loginUrl = elt.getAttribute(ATT_LOGIN_URL);
|
||||
|
||||
if (StringUtils.hasText(loginUrl)) {
|
||||
filterBuilder.addPropertyValue("filterProcessesUrl", loginUrl);
|
||||
if (!StringUtils.hasText(loginUrl)) {
|
||||
loginUrl = DEF_LOGIN_URL;
|
||||
}
|
||||
|
||||
String defaultTargetUrl = elt.getAttribute(FORM_LOGIN_TARGET_URL_ATTRIBUTE);
|
||||
filterBuilder.addPropertyValue("filterProcessesUrl", loginUrl);
|
||||
|
||||
String defaultTargetUrl = elt.getAttribute(ATT_FORM_LOGIN_TARGET_URL);
|
||||
|
||||
if (!StringUtils.hasText(defaultTargetUrl)) {
|
||||
defaultTargetUrl = DEFAULT_FORM_LOGIN_TARGET_URL;
|
||||
defaultTargetUrl = DEF_FORM_LOGIN_TARGET_URL;
|
||||
}
|
||||
|
||||
filterBuilder.addPropertyValue("defaultTargetUrl", defaultTargetUrl);
|
||||
|
||||
String authenticationFailureUrl = elt.getAttribute(FORM_LOGIN_AUTH_FAILURE_URL_ATTRIBUTE);
|
||||
String authenticationFailureUrl = elt.getAttribute(ATT_FORM_LOGIN_AUTHENTICATION_FAILURE_URL);
|
||||
|
||||
if (!StringUtils.hasText(authenticationFailureUrl)) {
|
||||
authenticationFailureUrl = DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL + "?" + DefaultLoginPageGeneratingFilter.ERROR_PARAMETER_NAME;
|
||||
authenticationFailureUrl = DEF_FORM_LOGIN_AUTHENTICATION_FAILURE_URL;
|
||||
}
|
||||
|
||||
filterBuilder.addPropertyValue("authenticationFailureUrl", authenticationFailureUrl);
|
||||
|
|
|
@ -38,38 +38,21 @@ import java.util.Map;
|
|||
/**
|
||||
* Sets up HTTP security: filter stack and protected URLs.
|
||||
*
|
||||
*
|
||||
* @author Luke Taylor
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
||||
|
||||
public static final String DEFAULT_FILTER_CHAIN_PROXY_ID = "_filterChainProxy";
|
||||
static final String ATT_PATH_PATTERN = "pattern";
|
||||
static final String ATT_PATTERN_TYPE = "pathType";
|
||||
static final String ATT_PATTERN_TYPE_REGEX = "regex";
|
||||
|
||||
public static final String DEFAULT_HTTP_SESSION_FILTER_ID = "_httpSessionContextIntegrationFilter";
|
||||
public static final String DEFAULT_LOGOUT_FILTER_ID = "_logoutFilter";
|
||||
public static final String DEFAULT_EXCEPTION_TRANSLATION_FILTER_ID = "_exceptionTranslationFilter";
|
||||
public static final String DEFAULT_FILTER_SECURITY_INTERCEPTOR_ID = "_filterSecurityInterceptor";
|
||||
public static final String DEFAULT_CHANNEL_PROCESSING_FILTER_ID = "_channelProcessingFilter";
|
||||
public static final String DEFAULT_CHANNEL_DECISION_MANAGER_ID = "_channelDecisionManager";
|
||||
|
||||
public static final String CONCURRENT_SESSIONS_ELEMENT = "concurrent-session-control";
|
||||
public static final String LOGOUT_ELEMENT = "logout";
|
||||
public static final String FORM_LOGIN_ELEMENT = "form-login";
|
||||
public static final String BASIC_AUTH_ELEMENT = "http-basic";
|
||||
public static final String REMEMBER_ME_ELEMENT = "remember-me";
|
||||
public static final String ANONYMOUS_ELEMENT = "anonymous";
|
||||
|
||||
static final String PATH_PATTERN_ATTRIBUTE = "pattern";
|
||||
static final String PATTERN_TYPE_ATTRIBUTE = "pathType";
|
||||
static final String PATTERN_TYPE_REGEX = "regex";
|
||||
|
||||
static final String FILTERS_ATTRIBUTE = "filters";
|
||||
static final String ATT_FILTERS = "filters";
|
||||
static final String NO_FILTERS_VALUE = "none";
|
||||
|
||||
private static final String ACCESS_CONFIG_ATTRIBUTE = "access";
|
||||
private static final String REQUIRES_CHANNEL_ATTRIBUTE = "requiresChannel";
|
||||
static final String ATT_ACCESS_CONFIG = "access";
|
||||
static final String ATT_REQUIRES_CHANNEL = "requiresChannel";
|
||||
|
||||
public BeanDefinition parse(Element element, ParserContext parserContext) {
|
||||
RootBeanDefinition filterChainProxy = new RootBeanDefinition(FilterChainProxy.class);
|
||||
|
@ -92,12 +75,12 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||
|
||||
Map filterChainMap = new LinkedHashMap();
|
||||
|
||||
String patternType = element.getAttribute(PATTERN_TYPE_ATTRIBUTE);
|
||||
String patternType = element.getAttribute(ATT_PATTERN_TYPE);
|
||||
|
||||
FilterInvocationDefinitionMap interceptorFilterInvDefSource = new PathBasedFilterInvocationDefinitionMap();
|
||||
FilterInvocationDefinitionMap channelFilterInvDefSource = new PathBasedFilterInvocationDefinitionMap();
|
||||
|
||||
if (patternType.equals(PATTERN_TYPE_REGEX)) {
|
||||
if (patternType.equals(ATT_PATTERN_TYPE_REGEX)) {
|
||||
filterChainProxy.getPropertyValues().addPropertyValue("matcher", new RegexUrlPathMatcher());
|
||||
interceptorFilterInvDefSource = new RegExpBasedFilterInvocationDefinitionMap();
|
||||
channelFilterInvDefSource = new RegExpBasedFilterInvocationDefinitionMap();
|
||||
|
@ -120,7 +103,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||
// At least one channel requirement has been specified
|
||||
RootBeanDefinition channelFilter = new RootBeanDefinition(ChannelProcessingFilter.class);
|
||||
channelFilter.getPropertyValues().addPropertyValue("channelDecisionManager",
|
||||
new RuntimeBeanReference(DEFAULT_CHANNEL_DECISION_MANAGER_ID));
|
||||
new RuntimeBeanReference(BeanIds.CHANNEL_DECISION_MANAGER));
|
||||
|
||||
channelFilter.getPropertyValues().addPropertyValue("filterInvocationDefinitionSource",
|
||||
channelFilterInvDefSource);
|
||||
|
@ -130,17 +113,17 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||
channelProcessors.add(new InsecureChannelProcessor());
|
||||
channelDecisionManager.getPropertyValues().addPropertyValue("channelProcessors", channelProcessors);
|
||||
|
||||
registry.registerBeanDefinition(DEFAULT_CHANNEL_PROCESSING_FILTER_ID, channelFilter);
|
||||
registry.registerBeanDefinition(DEFAULT_CHANNEL_DECISION_MANAGER_ID, channelDecisionManager);
|
||||
registry.registerBeanDefinition(BeanIds.CHANNEL_PROCESSING_FILTER, channelFilter);
|
||||
registry.registerBeanDefinition(BeanIds.CHANNEL_DECISION_MANAGER, channelDecisionManager);
|
||||
}
|
||||
|
||||
Element sessionControlElt = DomUtils.getChildElementByTagName(element, CONCURRENT_SESSIONS_ELEMENT);
|
||||
Element sessionControlElt = DomUtils.getChildElementByTagName(element, Elements.CONCURRENT_SESSIONS);
|
||||
|
||||
if (sessionControlElt != null) {
|
||||
new ConcurrentSessionsBeanDefinitionParser().parse(sessionControlElt, parserContext);
|
||||
}
|
||||
|
||||
Element anonymousElt = DomUtils.getChildElementByTagName(element, ANONYMOUS_ELEMENT);
|
||||
Element anonymousElt = DomUtils.getChildElementByTagName(element, Elements.ANONYMOUS);
|
||||
|
||||
if (anonymousElt != null) {
|
||||
new AnonymousBeanDefinitionParser().parse(anonymousElt, parserContext);
|
||||
|
@ -149,35 +132,35 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||
// Parse remember me before logout as RememberMeServices is also a LogoutHandler implementation.
|
||||
|
||||
|
||||
Element rememberMeElt = DomUtils.getChildElementByTagName(element, REMEMBER_ME_ELEMENT);
|
||||
Element rememberMeElt = DomUtils.getChildElementByTagName(element, Elements.REMEMBER_ME);
|
||||
|
||||
if (rememberMeElt != null) {
|
||||
new RememberMeBeanDefinitionParser().parse(rememberMeElt, parserContext);
|
||||
}
|
||||
|
||||
Element logoutElt = DomUtils.getChildElementByTagName(element, LOGOUT_ELEMENT);
|
||||
Element logoutElt = DomUtils.getChildElementByTagName(element, Elements.LOGOUT);
|
||||
|
||||
if (logoutElt != null) {
|
||||
new LogoutBeanDefinitionParser().parse(logoutElt, parserContext);
|
||||
}
|
||||
|
||||
Element formLoginElt = DomUtils.getChildElementByTagName(element, FORM_LOGIN_ELEMENT);
|
||||
Element formLoginElt = DomUtils.getChildElementByTagName(element, Elements.FORM_LOGIN);
|
||||
|
||||
if (formLoginElt != null) {
|
||||
new FormLoginBeanDefinitionParser().parse(formLoginElt, parserContext);
|
||||
}
|
||||
|
||||
Element basicAuthElt = DomUtils.getChildElementByTagName(element, BASIC_AUTH_ELEMENT);
|
||||
Element basicAuthElt = DomUtils.getChildElementByTagName(element, Elements.BASIC_AUTH);
|
||||
|
||||
if (basicAuthElt != null) {
|
||||
new BasicAuthenticationBeanDefinitionParser().parse(basicAuthElt, parserContext);
|
||||
}
|
||||
|
||||
registry.registerBeanDefinition(DEFAULT_FILTER_CHAIN_PROXY_ID, filterChainProxy);
|
||||
registry.registerBeanDefinition(DEFAULT_HTTP_SESSION_FILTER_ID, httpSCIF);
|
||||
registry.registerBeanDefinition(DEFAULT_EXCEPTION_TRANSLATION_FILTER_ID,
|
||||
registry.registerBeanDefinition(BeanIds.FILTER_CHAIN_PROXY, filterChainProxy);
|
||||
registry.registerBeanDefinition(BeanIds.HTTP_SESSION_CONTEXT_INTEGRATION_FILTER, httpSCIF);
|
||||
registry.registerBeanDefinition(BeanIds.EXCEPTION_TRANSLATION_FILTER,
|
||||
exceptionTranslationFilterBuilder.getBeanDefinition());
|
||||
registry.registerBeanDefinition(DEFAULT_FILTER_SECURITY_INTERCEPTOR_ID,
|
||||
registry.registerBeanDefinition(BeanIds.FILTER_SECURITY_INTERCEPTOR,
|
||||
filterSecurityInterceptorBuilder.getBeanDefinition());
|
||||
|
||||
|
||||
|
@ -205,11 +188,11 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||
while (urlEltsIterator.hasNext()) {
|
||||
Element urlElt = (Element) urlEltsIterator.next();
|
||||
|
||||
String path = urlElt.getAttribute(PATH_PATTERN_ATTRIBUTE);
|
||||
String path = urlElt.getAttribute(ATT_PATH_PATTERN);
|
||||
|
||||
Assert.hasText(path, "path attribute cannot be empty or null");
|
||||
|
||||
String access = urlElt.getAttribute(ACCESS_CONFIG_ATTRIBUTE);
|
||||
String access = urlElt.getAttribute(ATT_ACCESS_CONFIG);
|
||||
|
||||
// Convert the comma-separated list of access attributes to a ConfigAttributeDefinition
|
||||
if (StringUtils.hasText(access)) {
|
||||
|
@ -217,7 +200,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||
interceptorFilterInvDefSource.addSecureUrl(path, (ConfigAttributeDefinition) editor.getValue());
|
||||
}
|
||||
|
||||
String requiredChannel = urlElt.getAttribute(REQUIRES_CHANNEL_ATTRIBUTE);
|
||||
String requiredChannel = urlElt.getAttribute(ATT_REQUIRES_CHANNEL);
|
||||
|
||||
if (StringUtils.hasText(requiredChannel)) {
|
||||
String channelConfigAttribute = null;
|
||||
|
@ -234,7 +217,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
|
|||
channelFilterInvDefSource.addSecureUrl(path, (ConfigAttributeDefinition) editor.getValue());
|
||||
}
|
||||
|
||||
String filters = urlElt.getAttribute(FILTERS_ATTRIBUTE);
|
||||
String filters = urlElt.getAttribute(ATT_FILTERS);
|
||||
|
||||
if (StringUtils.hasText(filters)) {
|
||||
if (!filters.equals(NO_FILTERS_VALUE)) {
|
||||
|
|
|
@ -38,7 +38,7 @@ public class HttpSecurityConfigPostProcessor implements BeanFactoryPostProcessor
|
|||
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
|
||||
ConfigUtils.registerAccessManagerIfNecessary(beanFactory);
|
||||
BeanDefinition securityInterceptor =
|
||||
beanFactory.getBeanDefinition(HttpSecurityBeanDefinitionParser.DEFAULT_FILTER_SECURITY_INTERCEPTOR_ID);
|
||||
beanFactory.getBeanDefinition(BeanIds.FILTER_SECURITY_INTERCEPTOR);
|
||||
|
||||
ConfigUtils.configureSecurityInterceptor(beanFactory, securityInterceptor);
|
||||
|
||||
|
@ -54,7 +54,7 @@ public class HttpSecurityConfigPostProcessor implements BeanFactoryPostProcessor
|
|||
private void configureRememberMeSerices(ConfigurableListableBeanFactory beanFactory) {
|
||||
try {
|
||||
BeanDefinition rememberMeServices =
|
||||
beanFactory.getBeanDefinition(RememberMeBeanDefinitionParser.DEFAULT_REMEMBER_ME_SERVICES_ID);
|
||||
beanFactory.getBeanDefinition(BeanIds.REMEMBER_ME_SERVICES);
|
||||
rememberMeServices.getPropertyValues().addPropertyValue("userDetailsService",
|
||||
ConfigUtils.getUserDetailsService(beanFactory));
|
||||
} catch (NoSuchBeanDefinitionException e) {
|
||||
|
@ -101,14 +101,14 @@ public class HttpSecurityConfigPostProcessor implements BeanFactoryPostProcessor
|
|||
logger.info("Selecting AuthenticationEntryPoint for use in ExceptionTranslationFilter");
|
||||
|
||||
BeanDefinition etf =
|
||||
beanFactory.getBeanDefinition(HttpSecurityBeanDefinitionParser.DEFAULT_EXCEPTION_TRANSLATION_FILTER_ID);
|
||||
beanFactory.getBeanDefinition(BeanIds.EXCEPTION_TRANSLATION_FILTER);
|
||||
Map entryPointMap = beanFactory.getBeansOfType(AuthenticationEntryPoint.class);
|
||||
List entryPoints = new ArrayList(entryPointMap.values());
|
||||
|
||||
Assert.isTrue(entryPoints.size() > 0, "No AuthenticationEntryPoint instances defined");
|
||||
|
||||
AuthenticationEntryPoint mainEntryPoint = (AuthenticationEntryPoint)
|
||||
entryPointMap.get(FormLoginBeanDefinitionParser.DEFAULT_FORM_LOGIN_ENTRY_POINT_ID);
|
||||
entryPointMap.get(BeanIds.FORM_LOGIN_ENTRY_POINT);
|
||||
|
||||
if (mainEntryPoint == null) {
|
||||
throw new SecurityConfigurationException("Failed to resolve authentication entry point");
|
||||
|
@ -121,7 +121,7 @@ public class HttpSecurityConfigPostProcessor implements BeanFactoryPostProcessor
|
|||
|
||||
private void configureFilterChain(ConfigurableListableBeanFactory beanFactory) {
|
||||
FilterChainProxy filterChainProxy =
|
||||
(FilterChainProxy) beanFactory.getBean(HttpSecurityBeanDefinitionParser.DEFAULT_FILTER_CHAIN_PROXY_ID);
|
||||
(FilterChainProxy) beanFactory.getBean(BeanIds.FILTER_CHAIN_PROXY);
|
||||
// Set the default match
|
||||
List defaultFilterChain = orderFilters(beanFactory);
|
||||
|
||||
|
@ -139,7 +139,7 @@ public class HttpSecurityConfigPostProcessor implements BeanFactoryPostProcessor
|
|||
if (!sessionFilters.isEmpty()) {
|
||||
logger.info("Concurrent session filter in use, setting 'forceEagerSessionCreation' to true");
|
||||
HttpSessionContextIntegrationFilter scif = (HttpSessionContextIntegrationFilter)
|
||||
beanFactory.getBean(HttpSecurityBeanDefinitionParser.DEFAULT_HTTP_SESSION_FILTER_ID);
|
||||
beanFactory.getBean(BeanIds.HTTP_SESSION_CONTEXT_INTEGRATION_FILTER);
|
||||
scif.setForceEagerSessionCreation(true);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -26,11 +26,11 @@ import java.util.List;
|
|||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
* @author Ben Alex
|
||||
*
|
||||
* @version $Id$
|
||||
*/
|
||||
public class InterceptMethodsBeanDefinitionDecorator implements BeanDefinitionDecorator {
|
||||
private static final String POST_PROCESSOR_ID = "_interceptMethodsBeanfactoryPP";
|
||||
|
||||
private BeanDefinitionDecorator delegate = new InternalInterceptMethodsBeanDefinitionDecorator();
|
||||
|
||||
public BeanDefinitionHolder decorate(Node node, BeanDefinitionHolder definition, ParserContext parserContext) {
|
||||
|
@ -40,11 +40,11 @@ public class InterceptMethodsBeanDefinitionDecorator implements BeanDefinitionDe
|
|||
}
|
||||
|
||||
private void registerPostProcessorIfNecessary(BeanDefinitionRegistry registry) {
|
||||
if (registry.containsBeanDefinition(POST_PROCESSOR_ID)) {
|
||||
if (registry.containsBeanDefinition(BeanIds.INTERCEPT_METHODS_BEAN_FACTORY_POST_PROCESSOR)) {
|
||||
return;
|
||||
}
|
||||
|
||||
registry.registerBeanDefinition(POST_PROCESSOR_ID,
|
||||
registry.registerBeanDefinition(BeanIds.INTERCEPT_METHODS_BEAN_FACTORY_POST_PROCESSOR,
|
||||
new RootBeanDefinition(MethodSecurityConfigPostProcessor.class));
|
||||
}
|
||||
|
||||
|
@ -71,6 +71,9 @@ public class InterceptMethodsBeanDefinitionDecorator implements BeanDefinitionDe
|
|||
* post processor,
|
||||
*/
|
||||
class InternalInterceptMethodsBeanDefinitionDecorator extends AbstractInterceptorDrivenBeanDefinitionDecorator {
|
||||
static final String ATT_CLASS = "class";
|
||||
static final String ATT_METHOD = "method";
|
||||
static final String ATT_ACCESS = "access";
|
||||
private Log logger = LogFactory.getLog(getClass());
|
||||
|
||||
protected BeanDefinition createInterceptorDefinition(Node node) {
|
||||
|
@ -79,7 +82,7 @@ class InternalInterceptMethodsBeanDefinitionDecorator extends AbstractIntercepto
|
|||
|
||||
Element beanNode = (Element)interceptMethodsElt.getParentNode();
|
||||
// Get the class from the parent bean...
|
||||
String targetClassName = beanNode.getAttribute("class");
|
||||
String targetClassName = beanNode.getAttribute(ATT_CLASS);
|
||||
Class targetClass;
|
||||
|
||||
try {
|
||||
|
@ -89,19 +92,19 @@ class InternalInterceptMethodsBeanDefinitionDecorator extends AbstractIntercepto
|
|||
}
|
||||
|
||||
// Parse the included methods
|
||||
List methods = DomUtils.getChildElementsByTagName(interceptMethodsElt, "protect");
|
||||
List methods = DomUtils.getChildElementsByTagName(interceptMethodsElt, Elements.PROTECT);
|
||||
MethodDefinitionMap methodMap = new MethodDefinitionMap();
|
||||
ConfigAttributeEditor attributeEditor = new ConfigAttributeEditor();
|
||||
|
||||
for (Iterator i = methods.iterator(); i.hasNext();) {
|
||||
Element protectmethodElt = (Element) i.next();
|
||||
String accessConfig = protectmethodElt.getAttribute("access");
|
||||
String accessConfig = protectmethodElt.getAttribute(ATT_ACCESS);
|
||||
attributeEditor.setAsText(accessConfig);
|
||||
|
||||
// TODO: We want to use just the method names, but MethodDefinitionMap won't work that way.
|
||||
// methodMap.addSecureMethod(targetClass, protectmethodElt.getAttribute("method"),
|
||||
// (ConfigAttributeDefinition) attributeEditor.getValue());
|
||||
methodMap.addSecureMethod(protectmethodElt.getAttribute("method"),
|
||||
methodMap.addSecureMethod(protectmethodElt.getAttribute(ATT_METHOD),
|
||||
(ConfigAttributeDefinition) attributeEditor.getValue());
|
||||
}
|
||||
|
||||
|
|
|
@ -15,34 +15,37 @@ import org.w3c.dom.Element;
|
|||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class LogoutBeanDefinitionParser extends AbstractSingleBeanDefinitionParser {
|
||||
public static final String DEFAULT_LOGOUT_SUCCESS_URL = "/";
|
||||
static final String ATT_LOGOUT_SUCCESS_URL = "logoutSuccessUrl";
|
||||
static final String ATT_LOGOUT_URL = "logoutUrl";
|
||||
public static final String DEF_LOGOUT_SUCCESS_URL = "/";
|
||||
|
||||
protected Class getBeanClass(Element element) {
|
||||
return LogoutFilter.class;
|
||||
}
|
||||
|
||||
protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
|
||||
String logoutUrl = element.getAttribute("logoutUrl");
|
||||
String logoutUrl = element.getAttribute(ATT_LOGOUT_URL);
|
||||
|
||||
if (StringUtils.hasText(logoutUrl)) {
|
||||
builder.addPropertyValue("filterProcessesUrl", logoutUrl);
|
||||
}
|
||||
|
||||
String logoutSuccessUrl = element.getAttribute("logoutSuccessUrl");
|
||||
String logoutSuccessUrl = element.getAttribute(ATT_LOGOUT_SUCCESS_URL);
|
||||
|
||||
if (!StringUtils.hasText(logoutSuccessUrl)) {
|
||||
logoutSuccessUrl = DEFAULT_LOGOUT_SUCCESS_URL;
|
||||
logoutSuccessUrl = DEF_LOGOUT_SUCCESS_URL;
|
||||
}
|
||||
|
||||
builder.addConstructorArg(logoutSuccessUrl);
|
||||
ManagedList handlers = new ManagedList();
|
||||
handlers.add(new SecurityContextLogoutHandler());
|
||||
|
||||
if (parserContext.getRegistry().containsBeanDefinition(RememberMeBeanDefinitionParser.DEFAULT_REMEMBER_ME_SERVICES_ID)) {
|
||||
handlers.add(new RuntimeBeanReference(RememberMeBeanDefinitionParser.DEFAULT_REMEMBER_ME_SERVICES_ID));
|
||||
if (parserContext.getRegistry().containsBeanDefinition(BeanIds.REMEMBER_ME_SERVICES)) {
|
||||
handlers.add(new RuntimeBeanReference(BeanIds.REMEMBER_ME_SERVICES));
|
||||
}
|
||||
|
||||
builder.addConstructorArg(handlers);
|
||||
|
@ -56,6 +59,6 @@ public class LogoutBeanDefinitionParser extends AbstractSingleBeanDefinitionPars
|
|||
return id;
|
||||
}
|
||||
|
||||
return HttpSecurityBeanDefinitionParser.DEFAULT_LOGOUT_FILTER_ID;
|
||||
return BeanIds.LOGOUT_FILTER;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -18,24 +18,25 @@ import org.w3c.dom.Element;
|
|||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class RememberMeBeanDefinitionParser implements BeanDefinitionParser {
|
||||
static final String ATT_KEY = "key";
|
||||
static final String ATT_DATA_SOURCE = "dataSource";
|
||||
static final String ATT_TOKEN_REPOSITORY = "tokenRepository";
|
||||
protected final Log logger = LogFactory.getLog(getClass());
|
||||
|
||||
public static final String DEFAULT_REMEMBER_ME_FILTER_ID = "_rememberMeFilter";
|
||||
public static final String DEFAULT_REMEMBER_ME_SERVICES_ID = "_rememberMeServices";
|
||||
|
||||
public BeanDefinition parse(Element element, ParserContext parserContext) {
|
||||
BeanDefinition filter = new RootBeanDefinition(RememberMeProcessingFilter.class);
|
||||
BeanDefinition services = new RootBeanDefinition(PersistentTokenBasedRememberMeServices.class);
|
||||
|
||||
filter.getPropertyValues().addPropertyValue("authenticationManager",
|
||||
new RuntimeBeanReference(ConfigUtils.DEFAULT_AUTH_MANAGER_ID));
|
||||
new RuntimeBeanReference(BeanIds.AUTHENTICATION_MANAGER));
|
||||
|
||||
String tokenRepository = element.getAttribute("tokenRepository");
|
||||
String dataSource = element.getAttribute("dataSource");
|
||||
String key = element.getAttribute("key");
|
||||
String tokenRepository = element.getAttribute(ATT_TOKEN_REPOSITORY);
|
||||
String dataSource = element.getAttribute(ATT_DATA_SOURCE);
|
||||
String key = element.getAttribute(ATT_KEY);
|
||||
|
||||
boolean dataSourceSet = StringUtils.hasText(dataSource);
|
||||
boolean tokenRepoSet = StringUtils.hasText(tokenRepository);
|
||||
|
@ -53,10 +54,10 @@ public class RememberMeBeanDefinitionParser implements BeanDefinitionParser {
|
|||
tokenRepo = new RuntimeBeanReference(tokenRepository);
|
||||
} else {
|
||||
tokenRepo = new RootBeanDefinition(JdbcTokenRepositoryImpl.class);
|
||||
((BeanDefinition)tokenRepo).getPropertyValues().addPropertyValue("dataSource",
|
||||
((BeanDefinition)tokenRepo).getPropertyValues().addPropertyValue(ATT_DATA_SOURCE,
|
||||
new RuntimeBeanReference(dataSource));
|
||||
}
|
||||
services.getPropertyValues().addPropertyValue("tokenRepository", tokenRepo);
|
||||
services.getPropertyValues().addPropertyValue(ATT_TOKEN_REPOSITORY, tokenRepo);
|
||||
} else {
|
||||
isPersistent = false;
|
||||
services = new RootBeanDefinition(TokenBasedRememberMeServices.class);
|
||||
|
@ -67,20 +68,20 @@ public class RememberMeBeanDefinitionParser implements BeanDefinitionParser {
|
|||
"will be ignored.");
|
||||
}
|
||||
|
||||
services.getPropertyValues().addPropertyValue("key", key);
|
||||
services.getPropertyValues().addPropertyValue(ATT_KEY, key);
|
||||
|
||||
BeanDefinition authManager = ConfigUtils.registerProviderManagerIfNecessary(parserContext);
|
||||
BeanDefinition provider = new RootBeanDefinition(RememberMeAuthenticationProvider.class);
|
||||
provider.getPropertyValues().addPropertyValue("key", key);
|
||||
provider.getPropertyValues().addPropertyValue(ATT_KEY, key);
|
||||
|
||||
ManagedList providers = (ManagedList) authManager.getPropertyValues().getPropertyValue("providers").getValue();
|
||||
providers.add(provider);
|
||||
|
||||
filter.getPropertyValues().addPropertyValue("rememberMeServices",
|
||||
new RuntimeBeanReference(DEFAULT_REMEMBER_ME_SERVICES_ID));
|
||||
new RuntimeBeanReference(BeanIds.REMEMBER_ME_SERVICES));
|
||||
|
||||
parserContext.getRegistry().registerBeanDefinition(DEFAULT_REMEMBER_ME_SERVICES_ID, services);
|
||||
parserContext.getRegistry().registerBeanDefinition(DEFAULT_REMEMBER_ME_FILTER_ID, filter);
|
||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.REMEMBER_ME_SERVICES, services);
|
||||
parserContext.getRegistry().registerBeanDefinition(BeanIds.REMEMBER_ME_FILTER, filter);
|
||||
|
||||
return null;
|
||||
}
|
||||
|
|
|
@ -21,10 +21,10 @@ import org.w3c.dom.Element;
|
|||
*/
|
||||
class RepositoryBeanDefinitionParser implements BeanDefinitionParser {
|
||||
|
||||
private static final String ATT_CREATE_PROVIDER = "createProvider";
|
||||
private static final String DEF_CREATE_PROVIDER = "true";
|
||||
private static final String ATT_DATA_SOURCE = "dataSource";
|
||||
private static final String ATT_ID = "id";
|
||||
static final String ATT_CREATE_PROVIDER = "createProvider";
|
||||
static final String ATT_DATA_SOURCE = "dataSource";
|
||||
static final String ATT_ID = "id";
|
||||
static final String DEF_CREATE_PROVIDER = "true";
|
||||
|
||||
public BeanDefinition parse(Element element, ParserContext parserContext) {
|
||||
boolean createProvider = true;
|
||||
|
@ -37,9 +37,9 @@ class RepositoryBeanDefinitionParser implements BeanDefinitionParser {
|
|||
ConfigUtils.registerProviderManagerIfNecessary(parserContext);
|
||||
}
|
||||
|
||||
Element userServiceElt = DomUtils.getChildElementByTagName(element, Elements.ELT_USER_SERVICE);
|
||||
Element jdbcUserServiceElt = DomUtils.getChildElementByTagName(element, Elements.ELT_JDBC_USER_SERVICE);
|
||||
Element customUserServiceElt = DomUtils.getChildElementByTagName(element, Elements.ELT_CUSTOM_USER_SERVICE);
|
||||
Element userServiceElt = DomUtils.getChildElementByTagName(element, Elements.USER_SERVICE);
|
||||
Element jdbcUserServiceElt = DomUtils.getChildElementByTagName(element, Elements.JDBC_USER_SERVICE);
|
||||
Element customUserServiceElt = DomUtils.getChildElementByTagName(element, Elements.CUSTOM_USER_SERVICE);
|
||||
|
||||
if (userServiceElt != null) {
|
||||
BeanDefinition userDetailsService = new UserServiceBeanDefinitionParser().parse(userServiceElt, parserContext);
|
||||
|
|
|
@ -6,17 +6,18 @@ import org.springframework.beans.factory.xml.NamespaceHandlerSupport;
|
|||
* Registers the bean definition parsers for the "security" namespace (http://www.springframework.org/schema/security).
|
||||
*
|
||||
* @author Luke Taylor
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class SecurityNamespaceHandler extends NamespaceHandlerSupport {
|
||||
|
||||
public void init() {
|
||||
registerBeanDefinitionParser("ldap", new LdapBeanDefinitionParser());
|
||||
registerBeanDefinitionParser("http", new HttpSecurityBeanDefinitionParser());
|
||||
registerBeanDefinitionParser("user-service", new UserServiceBeanDefinitionParser());
|
||||
registerBeanDefinitionParser("repository", new RepositoryBeanDefinitionParser());
|
||||
//registerBeanDefinitionParser("authentication-provider", new AuthenticationProviderBeanDefinitionParser());
|
||||
registerBeanDefinitionDecorator("intercept-methods", new InterceptMethodsBeanDefinitionDecorator());
|
||||
registerBeanDefinitionDecorator("filter-chain-map", new FilterChainMapBeanDefinitionDecorator());
|
||||
registerBeanDefinitionParser(Elements.LDAP, new LdapBeanDefinitionParser());
|
||||
registerBeanDefinitionParser(Elements.HTTP, new HttpSecurityBeanDefinitionParser());
|
||||
registerBeanDefinitionParser(Elements.USER_SERVICE, new UserServiceBeanDefinitionParser());
|
||||
registerBeanDefinitionParser(Elements.REPOSITORY, new RepositoryBeanDefinitionParser());
|
||||
registerBeanDefinitionParser(Elements.AUTHENTICATION_PROVIDER, new AuthenticationProviderBeanDefinitionParser());
|
||||
registerBeanDefinitionDecorator(Elements.INTERCEPT_METHODS, new InterceptMethodsBeanDefinitionDecorator());
|
||||
registerBeanDefinitionDecorator(Elements.FILTER_CHAIN_MAP, new FilterChainMapBeanDefinitionDecorator());
|
||||
}
|
||||
}
|
||||
|
|
|
@ -18,28 +18,31 @@ import java.util.Iterator;
|
|||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class UserServiceBeanDefinitionParser extends AbstractSingleBeanDefinitionParser {
|
||||
|
||||
public static final String DEFAULT_ID = "_userDetailsService";
|
||||
static final String ATT_PASSWORD = "password";
|
||||
static final String ATT_NAME = "name";
|
||||
static final String ELT_USER = "user";
|
||||
static final String ATT_AUTHORITIES = "authorities";
|
||||
|
||||
protected Class getBeanClass(Element element) {
|
||||
return InMemoryDaoImpl.class;
|
||||
}
|
||||
|
||||
|
||||
protected void doParse(Element element, BeanDefinitionBuilder builder) {
|
||||
List userElts = DomUtils.getChildElementsByTagName(element, "user");
|
||||
List userElts = DomUtils.getChildElementsByTagName(element, ELT_USER);
|
||||
UserMap users = new UserMap();
|
||||
|
||||
for (Iterator i = userElts.iterator(); i.hasNext();) {
|
||||
Element userElt = (Element) i.next();
|
||||
String userName = userElt.getAttribute("name");
|
||||
String password = userElt.getAttribute("password");
|
||||
String userName = userElt.getAttribute(ATT_NAME);
|
||||
String password = userElt.getAttribute(ATT_PASSWORD);
|
||||
|
||||
users.addUser(new User(userName, password, true, true, true, true,
|
||||
AuthorityUtils.commaSeparatedStringToAuthorityArray(userElt.getAttribute("authorities"))));
|
||||
AuthorityUtils.commaSeparatedStringToAuthorityArray(userElt.getAttribute(ATT_AUTHORITIES))));
|
||||
}
|
||||
|
||||
builder.addPropertyValue("userMap", users);
|
||||
|
@ -54,6 +57,6 @@ public class UserServiceBeanDefinitionParser extends AbstractSingleBeanDefinitio
|
|||
|
||||
// TODO: Check for duplicate using default id here.
|
||||
|
||||
return DEFAULT_ID;
|
||||
return BeanIds.USER_DETAILS_SERVICE;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -102,11 +102,17 @@ form-login =
|
|||
## Sets up a form login configuration
|
||||
element form-login {form-login.attlist, empty}
|
||||
form-login.attlist &=
|
||||
## The URL that the form is submitted to
|
||||
[ a:defaultValue = "/j_spring_security_check" ] attribute loginUrl {xsd:string}?
|
||||
## The URL that the login form is posted to. If unspecified, it defaults to /j_spring_security_check.
|
||||
attribute loginUrl {xsd:string}?
|
||||
form-login.attlist &=
|
||||
## The URL that will be redirected to after successful authentication, if the user's previous action could not be resumed. This generally happens if the user visits a login page without having first requested a secured operation that triggers authentication. If unspecified, defaults to the root of the application.
|
||||
attribute defaultTargetUrl {xsd:string}?
|
||||
form-login.attlist &=
|
||||
## The URL for the login page. If no login URL is specified, Spring Security will automatically create a login URL at /spring_security_login and a corresponding filter to render that login URL when requested.
|
||||
attribute loginPage {xsd:string}?
|
||||
form-login.attlist &=
|
||||
## The URL for the login failure page. If no login failure URL is specified, Spring Security will automatically create a failure login URL at /spring_security_login?login_error and a corresponding filter to render that login failure URL when requested.
|
||||
attribute authenticationFailureUrl {xsd:string}?
|
||||
|
||||
filter-chain-map =
|
||||
## Used to explicitly configure a FilterChainProxy instance with a FilterChainMap
|
||||
|
|
|
@ -214,9 +214,14 @@
|
|||
</xs:complexType>
|
||||
</xs:element>
|
||||
<xs:attributeGroup name="form-login.attlist">
|
||||
<xs:attribute name="loginUrl" default="/j_spring_security_check" type="xs:string">
|
||||
<xs:attribute name="loginUrl" type="xs:string">
|
||||
<xs:annotation>
|
||||
<xs:documentation>The URL that the form is submitted to</xs:documentation>
|
||||
<xs:documentation>The URL that the login form is posted to. If unspecified, it defaults to /j_spring_security_check.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="defaultTargetUrl" type="xs:string">
|
||||
<xs:annotation>
|
||||
<xs:documentation>The URL that will be redirected to after successful authentication, if the user's previous action could not be resumed. This generally happens if the user visits a login page without having first requested a secured operation that triggers authentication. If unspecified, defaults to the root of the application.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="loginPage" type="xs:string">
|
||||
|
@ -224,6 +229,11 @@
|
|||
<xs:documentation>The URL for the login page. If no login URL is specified, Spring Security will automatically create a login URL at /spring_security_login and a corresponding filter to render that login URL when requested.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
<xs:attribute name="authenticationFailureUrl" type="xs:string">
|
||||
<xs:annotation>
|
||||
<xs:documentation>The URL for the login failure page. If no login failure URL is specified, Spring Security will automatically create a failure login URL at /spring_security_login?login_error and a corresponding filter to render that login failure URL when requested.</xs:documentation>
|
||||
</xs:annotation>
|
||||
</xs:attribute>
|
||||
</xs:attributeGroup>
|
||||
<xs:element name="filter-chain-map">
|
||||
<xs:annotation>
|
||||
|
|
|
@ -38,7 +38,7 @@ public class CustomUserDetailsTests {
|
|||
|
||||
@Test
|
||||
public void testProviderManagerSetup() {
|
||||
ProviderManager manager = (ProviderManager) appContext.getBean(ConfigUtils.DEFAULT_AUTH_MANAGER_ID);
|
||||
ProviderManager manager = (ProviderManager) appContext.getBean(BeanIds.AUTHENTICATION_MANAGER);
|
||||
List providers = manager.getProviders();
|
||||
assertTrue(providers.size() == 1);
|
||||
assertTrue(providers.iterator().next() instanceof DaoAuthenticationProvider);
|
||||
|
|
|
@ -44,7 +44,7 @@ public class HttpSecurityBeanDefinitionParserTests {
|
|||
@Test
|
||||
public void filterChainProxyShouldReturnEmptyFilterListForUnprotectedUrl() {
|
||||
FilterChainProxy filterChainProxy =
|
||||
(FilterChainProxy) appContext.getBean(HttpSecurityBeanDefinitionParser.DEFAULT_FILTER_CHAIN_PROXY_ID);
|
||||
(FilterChainProxy) appContext.getBean(BeanIds.FILTER_CHAIN_PROXY);
|
||||
|
||||
List filters = filterChainProxy.getFilters("/unprotected");
|
||||
|
||||
|
@ -54,7 +54,7 @@ public class HttpSecurityBeanDefinitionParserTests {
|
|||
@Test
|
||||
public void filterChainProxyShouldReturnCorrectFilterListForProtectedUrl() {
|
||||
FilterChainProxy filterChainProxy =
|
||||
(FilterChainProxy) appContext.getBean(HttpSecurityBeanDefinitionParser.DEFAULT_FILTER_CHAIN_PROXY_ID);
|
||||
(FilterChainProxy) appContext.getBean(BeanIds.FILTER_CHAIN_PROXY);
|
||||
|
||||
List filterList = filterChainProxy.getFilters("/someurl");
|
||||
|
||||
|
|
|
@ -39,7 +39,7 @@ public class JdbcUserDetailsTests {
|
|||
|
||||
@Test
|
||||
public void testProviderManagerSetup() {
|
||||
ProviderManager manager = (ProviderManager) appContext.getBean(ConfigUtils.DEFAULT_AUTH_MANAGER_ID);
|
||||
ProviderManager manager = (ProviderManager) appContext.getBean(BeanIds.AUTHENTICATION_MANAGER);
|
||||
List providers = manager.getProviders();
|
||||
assertTrue(providers.size() == 1);
|
||||
assertTrue(providers.iterator().next() instanceof DaoAuthenticationProvider);
|
||||
|
|
Loading…
Reference in New Issue