Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-29 15:22:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-271: removed autowiring by type and explicity introspected the applicationContext to detect the required dependencies of userDetailsService

Browse Source
This commit is contained in:
Vishal Puri 2007-05-18 03:20:28 +00:00
parent 803c687b5d
commit e3435da9ae
8 changed files with 203 additions and 178 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
core/src/main/java/org/acegisecurity/config/AuthenticationProviderOrderResolver.java
View File

@ -1,15 +1,16 @@
package org.acegisecurity.config; package org.acegisecurity.config;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections; import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.Map;
import org.acegisecurity.AuthenticationManager; import org.acegisecurity.AuthenticationManager;
import org.acegisecurity.providers.AuthenticationProvider; import org.acegisecurity.providers.AuthenticationProvider;
import org.springframework.beans.BeansException; import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.BeanFactoryPostProcessor; import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.support.ManagedList;
import org.springframework.beans.factory.support.RootBeanDefinition; import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.core.OrderComparator; import org.springframework.core.OrderComparator;
@ -20,7 +21,7 @@ public class AuthenticationProviderOrderResolver implements BeanFactoryPostProce
*/ */
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException { public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
// retrieve all the AuthenticationProvider instances // retrieve all the AuthenticationProvider instances
List providers = retrieveAllAuthenticationProviders(beanFactory); ManagedList providers = retrieveAllAuthenticationProviders(beanFactory);
String[] names = beanFactory.getBeanNamesForType(AuthenticationManager.class); String[] names = beanFactory.getBeanNamesForType(AuthenticationManager.class);
RootBeanDefinition definition = (RootBeanDefinition)beanFactory.getBeanDefinition(names[0]); RootBeanDefinition definition = (RootBeanDefinition)beanFactory.getBeanDefinition(names[0]);
definition.getPropertyValues().addPropertyValue("providers",providers); definition.getPropertyValues().addPropertyValue("providers",providers);
@ -30,9 +31,13 @@ public class AuthenticationProviderOrderResolver implements BeanFactoryPostProce
* @param beanFactory * @param beanFactory
* @return * @return
*/ */
private List retrieveAllAuthenticationProviders(ConfigurableListableBeanFactory beanFactory) { private ManagedList retrieveAllAuthenticationProviders(ConfigurableListableBeanFactory beanFactory) {
Map m = beanFactory.getBeansOfType(AuthenticationProvider.class); String[] m = beanFactory.getBeanNamesForType(AuthenticationProvider.class);
List l = new ArrayList(m.values()); ManagedList l = new ManagedList();
for(int i=0;i<m.length;i++){
RootBeanDefinition def = (RootBeanDefinition)beanFactory.getBeanDefinition(m[i]);
l.add(def);
}
Collections.sort(l, new OrderComparator()); Collections.sort(l, new OrderComparator());
return l; return l;
} }

107
core/src/main/java/org/acegisecurity/config/AuthenticationRepositoryBeanDefinitionParser.java
View File

@ -7,6 +7,7 @@ import org.acegisecurity.providers.dao.DaoAuthenticationProvider;
import org.acegisecurity.providers.dao.salt.ReflectionSaltSource; import org.acegisecurity.providers.dao.salt.ReflectionSaltSource;
import org.acegisecurity.providers.dao.salt.SystemWideSaltSource; import org.acegisecurity.providers.dao.salt.SystemWideSaltSource;
import org.acegisecurity.providers.encoding.Md5PasswordEncoder; import org.acegisecurity.providers.encoding.Md5PasswordEncoder;
import org.springframework.beans.factory.config.BeanDefinitionHolder;
import org.springframework.beans.factory.config.RuntimeBeanReference; import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.support.AbstractBeanDefinition; import org.springframework.beans.factory.support.AbstractBeanDefinition;
import org.springframework.beans.factory.support.RootBeanDefinition; import org.springframework.beans.factory.support.RootBeanDefinition;
@ -23,9 +24,10 @@ import org.w3c.dom.NodeList;
* @author vpuri * @author vpuri
* *
*/ */
public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDefinitionParser { public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDefinitionParser {
// ~ Instance fields ================================================================================================ // ~ Instance fields
// ================================================================================================
private static final String REPOSITORY_BEAN_REF = "repositoryBeanRef"; private static final String REPOSITORY_BEAN_REF = "repositoryBeanRef";
@ -38,26 +40,30 @@ public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDe
private static final String SYSTEM_WIDE_SALT_SOURCE = "system-wide"; private static final String SYSTEM_WIDE_SALT_SOURCE = "system-wide";
private static final String REFLECTION_SALT_SOURCE = "reflection"; private static final String REFLECTION_SALT_SOURCE = "reflection";
private static final String PASSWORD_ENCODER_ELEMENT = "password-encoder"; private static final String PASSWORD_ENCODER_ELEMENT = "password-encoder";
private static final String PASSWORD_ENCODER_REF = "encoderBeanRef"; private static final String PASSWORD_ENCODER_REF = "encoderBeanRef";
private static final String PASSWORD_ENCODER = "encoder"; private static final String PASSWORD_ENCODER = "encoder";
public static final String AUTOWIRE_AUTODETECT_VALUE = "autodetect"; // ~ Method
// ================================================================================================
// ~ Method ================================================================================================
/** /**
* TODO: Document Me !!! * TODO: Document Me !!!
*/ */
public AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { public AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
Assert.notNull(parserContext, "ParserContext must not be null"); Assert.notNull(parserContext, "ParserContext must not be null");
RootBeanDefinition repositoryBeanDef = new RootBeanDefinition(DaoAuthenticationProvider.class); RootBeanDefinition repositoryBeanDef = new RootBeanDefinition(DaoAuthenticationProvider.class);
// check if saltSource is defined
Element saltSourceEle = DomUtils.getChildElementByTagName(element, SALT_SOURCE_ELEMENT);
setSaltSourceProperty(repositoryBeanDef, saltSourceEle);
Element passwordEncoderEle = DomUtils.getChildElementByTagName(element, PASSWORD_ENCODER_ELEMENT);
setPasswordEncoderProperty(repositoryBeanDef, passwordEncoderEle);
// if repositoryBeanRef is specified use its referred bean // if repositoryBeanRef is specified use its referred bean
String userDetailsRef = element.getAttribute(REPOSITORY_BEAN_REF); String userDetailsRef = element.getAttribute(REPOSITORY_BEAN_REF);
if (StringUtils.hasLength(userDetailsRef)) { if (StringUtils.hasLength(userDetailsRef)) {
@ -65,41 +71,39 @@ public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDe
new RuntimeBeanReference(userDetailsRef)); new RuntimeBeanReference(userDetailsRef));
} }
else { else {
// autodetect userDetailsService from App Context ? or we could even create this UserDetailsService BD with autodetection of dataSource hahaha Magic !!! // autodetect userDetailsService from App Context
//repositoryBeanDef.getPropertyValues().addPropertyValue(USER_DETAILS_SERVICE, new RuntimeBeanReference(USER_DETAILS_SERVICE)); RootBeanDefinition depConfigurer = new RootBeanDefinition(
repositoryBeanDef.setAutowireMode(AbstractBeanDefinition.AUTOWIRE_AUTODETECT); AuthenticationRepositoryDependenciesConfigurer.class);
BeanDefinitionHolder holder = new BeanDefinitionHolder(depConfigurer, parserContext.getReaderContext().generateBeanName(depConfigurer));
registerBeanDefinition(holder, parserContext.getRegistry());
} }
// check if saltSource is defined
Element saltSourceEle = DomUtils.getChildElementByTagName(element, SALT_SOURCE_ELEMENT);
setSaltSourceProperty(repositoryBeanDef, saltSourceEle);
Element passwordEncoderEle = DomUtils.getChildElementByTagName(element, PASSWORD_ENCODER_ELEMENT);
setPasswordEncoderProperty(repositoryBeanDef, passwordEncoderEle);
return repositoryBeanDef; return repositoryBeanDef;
} }
/** /**
* *
* @param repositoryBeanDef * @param repositoryBeanDef
* @param element * @param element
*/ */
private void setSaltSourceProperty(RootBeanDefinition repositoryBeanDef, Element element) { private void setSaltSourceProperty(RootBeanDefinition repositoryBeanDef, Element element) {
if(element != null) { if (element != null) {
setBeanReferenceOrInnerBeanDefinitions(repositoryBeanDef, element, "saltSource",element.getAttribute(SALT_SOURCE_REF) ); setBeanReferenceOrInnerBeanDefinitions(repositoryBeanDef, element, "saltSource", element
} .getAttribute(SALT_SOURCE_REF));
}
} }
/** /**
* *
* @param repositoryBeanDef * @param repositoryBeanDef
* @param element * @param element
*/ */
private void setPasswordEncoderProperty(RootBeanDefinition repositoryBeanDef, Element element) { private void setPasswordEncoderProperty(RootBeanDefinition repositoryBeanDef, Element element) {
if(element != null) { if (element != null) {
setBeanReferenceOrInnerBeanDefinitions(repositoryBeanDef, element, "passwordEncoder",element.getAttribute(PASSWORD_ENCODER_REF) ); setBeanReferenceOrInnerBeanDefinitions(repositoryBeanDef, element, "passwordEncoder", element
} .getAttribute(PASSWORD_ENCODER_REF));
}
} }
/** /**
* *
* @param repositoryBeanDef * @param repositoryBeanDef
@ -107,21 +111,22 @@ public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDe
* @param property * @param property
* @param reference * @param reference
*/ */
private void setBeanReferenceOrInnerBeanDefinitions(RootBeanDefinition repositoryBeanDef, Element element ,String property, String reference) { private void setBeanReferenceOrInnerBeanDefinitions(RootBeanDefinition repositoryBeanDef, Element element,
// check for encoderBeanRef attribute String property, String reference) {
if (StringUtils.hasLength(reference)) { // check for encoderBeanRef attribute
repositoryBeanDef.getPropertyValues().addPropertyValue(property, new RuntimeBeanReference(reference)); if (StringUtils.hasLength(reference)) {
} repositoryBeanDef.getPropertyValues().addPropertyValue(property, new RuntimeBeanReference(reference));
else { }
doSetInnerBeanDefinitions(repositoryBeanDef, element,property); else {
} doSetInnerBeanDefinitions(repositoryBeanDef, element, property);
}
} }
/** /**
* *
* @param repositoryBeanDef * @param repositoryBeanDef
* @param element * @param element
* @param property * @param property
*/ */
private void doSetInnerBeanDefinitions(RootBeanDefinition repositoryBeanDef, Element element, String property) { private void doSetInnerBeanDefinitions(RootBeanDefinition repositoryBeanDef, Element element, String property) {
NodeList children = element.getChildNodes(); NodeList children = element.getChildNodes();
@ -142,12 +147,13 @@ public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDe
} }
if (PASSWORD_ENCODER.equals(node.getLocalName())) { if (PASSWORD_ENCODER.equals(node.getLocalName())) {
RootBeanDefinition passwordEncoderInnerBeanDefinition = createPasswordEncoder(childElement); RootBeanDefinition passwordEncoderInnerBeanDefinition = createPasswordEncoder(childElement);
repositoryBeanDef.getPropertyValues().addPropertyValue(property, passwordEncoderInnerBeanDefinition); repositoryBeanDef.getPropertyValues()
.addPropertyValue(property, passwordEncoderInnerBeanDefinition);
} }
} }
} }
} }
/** /**
* *
* @param childElement * @param childElement
@ -157,12 +163,12 @@ public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDe
String attributeValue = childElement.getAttribute("method"); String attributeValue = childElement.getAttribute("method");
RootBeanDefinition definition = null; RootBeanDefinition definition = null;
// TODO: add other encoders support // TODO: add other encoders support
if(attributeValue.equals("md5")){ if (attributeValue.equals("md5")) {
definition = new RootBeanDefinition(Md5PasswordEncoder.class); definition = new RootBeanDefinition(Md5PasswordEncoder.class);
} }
return definition; return definition;
} }
/** /**
* *
* @param saltSourceTypeElement * @param saltSourceTypeElement
@ -170,22 +176,21 @@ public class AuthenticationRepositoryBeanDefinitionParser extends AbstractBeanDe
*/ */
private RootBeanDefinition createReflectionSaltSource(Element saltSourceTypeElement) { private RootBeanDefinition createReflectionSaltSource(Element saltSourceTypeElement) {
RootBeanDefinition definition = new RootBeanDefinition(ReflectionSaltSource.class); RootBeanDefinition definition = new RootBeanDefinition(ReflectionSaltSource.class);
definition.getPropertyValues().addPropertyValue("userPropertyToUse", saltSourceTypeElement.getAttribute("userPropertyToUse")); definition.getPropertyValues().addPropertyValue("userPropertyToUse",
saltSourceTypeElement.getAttribute("userPropertyToUse"));
return definition; return definition;
} }
/** /**
* *
* @param saltSourceTypeElement * @param saltSourceTypeElement
* @return * @return
*/ */
private RootBeanDefinition createSystemWideSaltSource( Element saltSourceTypeElement) { private RootBeanDefinition createSystemWideSaltSource(Element saltSourceTypeElement) {
RootBeanDefinition definition = new RootBeanDefinition(SystemWideSaltSource.class); RootBeanDefinition definition = new RootBeanDefinition(SystemWideSaltSource.class);
definition.getPropertyValues().addPropertyValue("systemWideSalt", saltSourceTypeElement.getAttribute("systemWideSalt")); definition.getPropertyValues().addPropertyValue("systemWideSalt",
saltSourceTypeElement.getAttribute("systemWideSalt"));
return definition; return definition;
} }
} }

9
core/src/main/java/org/acegisecurity/config/RememberMeServicesBeanDefinitionParser.java
View File

@ -23,7 +23,7 @@ public class RememberMeServicesBeanDefinitionParser extends AbstractBeanDefiniti
private static final String PRINCIPAL_REPOSITORY_BEAN_REF = "principalRepositoryBeanRef"; private static final String PRINCIPAL_REPOSITORY_BEAN_REF = "principalRepositoryBeanRef";
private static final String USER_DETAILS_SERVICE = "userDetailsService"; private static final String USER_DETAILS_SERVICE_PROPERTY = "userDetailsService";
/* /*
* key is optional; if unspecified, pick a rnd int and use for all unspecified key properties for acegi beans * key is optional; if unspecified, pick a rnd int and use for all unspecified key properties for acegi beans
@ -48,12 +48,13 @@ public class RememberMeServicesBeanDefinitionParser extends AbstractBeanDefiniti
// check if rememberMeServicesBeanRef is defined and if it's specified use its referred bean // check if rememberMeServicesBeanRef is defined and if it's specified use its referred bean
String rememberMeServicesRef = element.getAttribute(PRINCIPAL_REPOSITORY_BEAN_REF); String rememberMeServicesRef = element.getAttribute(PRINCIPAL_REPOSITORY_BEAN_REF);
if (StringUtils.hasLength(rememberMeServicesRef)) { if (StringUtils.hasLength(rememberMeServicesRef)) {
rememberMeServicesBeanDef.getPropertyValues().addPropertyValue(USER_DETAILS_SERVICE, rememberMeServicesBeanDef.getPropertyValues().addPropertyValue(USER_DETAILS_SERVICE_PROPERTY,
new RuntimeBeanReference(rememberMeServicesRef)); new RuntimeBeanReference(rememberMeServicesRef));
} }
else { else {
// auto-detects everything // register a bean definition parse
rememberMeServicesBeanDef.setAutowireMode(AbstractBeanDefinition.AUTOWIRE_AUTODETECT); RootBeanDefinition configurer = new RootBeanDefinition(RemeberMeServicesDependenciesConfigurer.class);
parserContext.getReaderContext().registerWithGeneratedName(configurer);
} }
return rememberMeServicesBeanDef; return rememberMeServicesBeanDef;
} }

28
core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd
View File

@ -125,16 +125,26 @@
</xsd:complexType> </xsd:complexType>
<!-- Logout Filter --> <!-- Logout Filter -->
<xsd:element name="logout-support" type="LogoutFilter" /> <xsd:element name="logout-support">
<xsd:complexType>
<!-- Write other attributes -->
<xsd:attribute name="id" type="xsd:ID">
<xsd:annotation>
<xsd:documentation>
<![CDATA[
The unique identifier for a bean.
]]>
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attribute name="redirectAfterLogoutUrl"
type="xsd:string" default="/" />
<xsd:attribute name="logoutUrl" type="xsd:string"
default="/logout" />
<xsd:anyAttribute namespace="##other" processContents="lax"/>
</xsd:complexType>
</xsd:element>
<xsd:complexType name="LogoutFilter">
<!-- Write other attributes -->
<xsd:attribute name="id" type="xsd:ID" />
<xsd:attribute name="redirectAfterLogoutUrl" type="xsd:string"
default="/" />
<xsd:attribute name="logoutUrl" type="xsd:string"
default="/logout" />
</xsd:complexType>
<!-- Exception Translation Filter --> <!-- Exception Translation Filter -->
<xsd:element name="exception-translation" <xsd:element name="exception-translation"

151
core/src/test/java/org/acegisecurity/config/AuthenticationRepositoryParserTest.java
View File

@ -22,94 +22,99 @@ import org.springframework.util.Assert;
/** /**
* @author vpuri * @author vpuri
* *
*/ */
public class AuthenticationRepositoryParserTest extends TestCase { public class AuthenticationRepositoryParserTest extends TestCase {
public void testAuthenticationRepositoryDefaultWithAutoUserdetails() { public void testAuthenticationRepositoryDefaultWithAutoUserdetails() {
ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/authentication-dao-defaults.xml"); ApplicationContext context = new ClassPathXmlApplicationContext(
ConfigurableListableBeanFactory clbf = "org/acegisecurity/config/authentication-dao-defaults.xml");
(ConfigurableListableBeanFactory)context.getAutowireCapableBeanFactory(); ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context
.getAutowireCapableBeanFactory();
String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class); String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class);
assertEquals(1, names.length); assertEquals(1, names.length);
// check bean class // check bean class
RootBeanDefinition definition = (RootBeanDefinition)clbf.getBeanDefinition(names[0]); RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]);
assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass()); assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass());
DaoAuthenticationProvider provider = (DaoAuthenticationProvider)context.getBean("authenticationRepository"); DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository");
Assert.isAssignable(JdbcDaoImpl.class, provider.getUserDetailsService().getClass()); Assert.isAssignable(JdbcDaoImpl.class, provider.getUserDetailsService().getClass());
} }
public void testCollaboratorsAsInnerBeans(){ public void testCollaboratorsAsInnerBeans() {
ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/authentication-innerbeans.xml"); ApplicationContext context = new ClassPathXmlApplicationContext(
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory)context.getAutowireCapableBeanFactory(); "org/acegisecurity/config/authentication-innerbeans.xml");
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context
.getAutowireCapableBeanFactory();
// get the main bean definition, there should be only one // get the main bean definition, there should be only one
String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class); String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class);
assertEquals(1, names.length); assertEquals(1, names.length);
RootBeanDefinition definition = (RootBeanDefinition)clbf.getBeanDefinition(names[0]); RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]);
assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass()); assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass());
// get the 2 inner beans
// get the 2 inner beans PropertyValue saltSourceBean = definition.getPropertyValues().getPropertyValue("saltSource");
PropertyValue saltSourceBean = definition.getPropertyValues().getPropertyValue("saltSource"); assertEquals("saltSource", saltSourceBean.getName());
assertEquals("saltSource", saltSourceBean.getName());
// get the BeanDefinition
//get the BeanDefinition RootBeanDefinition saltsourceDef = (RootBeanDefinition) saltSourceBean.getValue();
RootBeanDefinition saltsourceDef = (RootBeanDefinition) saltSourceBean.getValue(); Assert.isAssignable(SaltSource.class, saltsourceDef.getBeanClass());
Assert.isAssignable(SaltSource.class,saltsourceDef.getBeanClass());
PropertyValue encoder = definition.getPropertyValues().getPropertyValue("passwordEncoder");
PropertyValue encoder = definition.getPropertyValues().getPropertyValue("passwordEncoder"); assertEquals("passwordEncoder", encoder.getName());
assertEquals("passwordEncoder", encoder.getName());
// get the BeanDefinition
//get the BeanDefinition RootBeanDefinition encoderDef = (RootBeanDefinition) encoder.getValue();
RootBeanDefinition encoderDef = (RootBeanDefinition) encoder.getValue(); Assert.isAssignable(PasswordEncoder.class, encoderDef.getBeanClass());
Assert.isAssignable(PasswordEncoder.class,encoderDef.getBeanClass());
assertEquals("incorrect bean class name", encoderDef.getBeanClassName(), Md5PasswordEncoder.class.getName());
assertEquals("incorrect bean class name", encoderDef.getBeanClassName(),Md5PasswordEncoder.class.getName());
} }
public void testCollaboratorsAsBeanRef() { public void testCollaboratorsAsBeanRef() {
ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/authentication-beanRef-attributes.xml"); ApplicationContext context = new ClassPathXmlApplicationContext(
ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory)context.getAutowireCapableBeanFactory(); "org/acegisecurity/config/authentication-beanRef-attributes.xml");
// get the main bean definition, there should be only one ConfigurableListableBeanFactory clbf = (ConfigurableListableBeanFactory) context
.getAutowireCapableBeanFactory();
// get the main bean definition, there should be only one
String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class); String[] names = clbf.getBeanNamesForType(AuthenticationProvider.class);
assertEquals(1, names.length); assertEquals(1, names.length);
RootBeanDefinition definition = (RootBeanDefinition)clbf.getBeanDefinition(names[0]); RootBeanDefinition definition = (RootBeanDefinition) clbf.getBeanDefinition(names[0]);
assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass()); assertEquals(DaoAuthenticationProvider.class, definition.getBeanClass());
// get the referred collaborators // get the referred collaborators
PropertyValue userDetailsBean = definition.getPropertyValues().getPropertyValue("userDetailsService"); PropertyValue userDetailsBean = definition.getPropertyValues().getPropertyValue("userDetailsService");
assertEquals("userDetailsService", userDetailsBean.getName()); assertEquals("userDetailsService", userDetailsBean.getName());
PropertyValue saltSourceBean = definition.getPropertyValues().getPropertyValue("saltSource"); PropertyValue saltSourceBean = definition.getPropertyValues().getPropertyValue("saltSource");
assertEquals("saltSource", saltSourceBean.getName()); assertEquals("saltSource", saltSourceBean.getName());
//get the BeanDefinition // get the BeanDefinition
RuntimeBeanReference saltsourceDef = (RuntimeBeanReference) saltSourceBean.getValue(); RuntimeBeanReference saltsourceDef = (RuntimeBeanReference) saltSourceBean.getValue();
assertEquals("refToSaltSource",saltsourceDef.getBeanName()); assertEquals("refToSaltSource", saltsourceDef.getBeanName());
PropertyValue encoder = definition.getPropertyValues().getPropertyValue("passwordEncoder"); PropertyValue encoder = definition.getPropertyValues().getPropertyValue("passwordEncoder");
assertEquals("passwordEncoder", encoder.getName()); assertEquals("passwordEncoder", encoder.getName());
//get the BeanDefinition // get the BeanDefinition
RuntimeBeanReference encoderDef = (RuntimeBeanReference) encoder.getValue(); RuntimeBeanReference encoderDef = (RuntimeBeanReference) encoder.getValue();
assertEquals("refToPasswordEncoder",encoderDef.getBeanName()); assertEquals("refToPasswordEncoder", encoderDef.getBeanName());
DaoAuthenticationProvider provider = (DaoAuthenticationProvider)context.getBean("authenticationRepository"); DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository");
assertTrue(provider.getPasswordEncoder() instanceof PasswordEncoder); assertTrue(provider.getPasswordEncoder() instanceof PasswordEncoder);
assertEquals(Md5PasswordEncoder.class, provider.getPasswordEncoder().getClass() ); assertEquals(Md5PasswordEncoder.class, provider.getPasswordEncoder().getClass());
} }
public void testAutodetectionOfUserDetailsService(){ public void testAutodetectionOfUserDetailsService() {
ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/authentication-defaults.xml"); ApplicationContext context = new ClassPathXmlApplicationContext(
DaoAuthenticationProvider provider = (DaoAuthenticationProvider)context.getBean("authenticationRepository"); "org/acegisecurity/config/authentication-defaults.xml");
assertNotNull(provider.getUserDetailsService()); DaoAuthenticationProvider provider = (DaoAuthenticationProvider) context.getBean("authenticationRepository");
assertNull(provider.getSaltSource()); assertNotNull(provider.getUserDetailsService());
assertEquals(PlaintextPasswordEncoder.class, provider.getPasswordEncoder().getClass()); assertNull(provider.getSaltSource());
assertEquals(PlaintextPasswordEncoder.class, provider.getPasswordEncoder().getClass());
} }
} }

7
core/src/test/resources/org/acegisecurity/config/logout-filter-with-handlers.xml
View File

@ -13,9 +13,10 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
<!-- If LogoutFilter does not have setHandlers populated, introspect app ctx for LogoutHandlers, using Ordered (if present, otherwise assume Integer.MAX_VALUE) --> <!-- If LogoutFilter does not have setHandlers populated, introspect app ctx for LogoutHandlers, using Ordered (if present, otherwise assume Integer.MAX_VALUE) -->
<!-- The logoutUrl and redirectAfterLogout are both optional and default to that shown --> <!-- The logoutUrl and redirectAfterLogout are both optional and default to that shown -->
<security:logout-support id="logoutFilter" <security:logout-support id="logoutFilter" logoutUrl="/logout" redirectAfterLogoutUrl="/"/>
redirectAfterLogoutUrl="/" logoutUrl="/logout" />
<security:authentication-remember-me-services <security:authentication-remember-me-services
id="rememberMeServices" key="someValue" /> id="rememberMeServices" key="someValue" />

52
samples/pom.xml
View File

@ -1,29 +1,25 @@
<?xml version="1.0" encoding="ISO-8859-1"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
<project xmlns="http://maven.apache.org/POM/4.0.0" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" <modelVersion>4.0.0</modelVersion>
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <groupId>org.acegisecurity</groupId>
<modelVersion>4.0.0</modelVersion> <artifactId>acegi-security-samples</artifactId>
<parent> <packaging>pom</packaging>
<groupId>org.acegisecurity</groupId> <version>1.1-SNAPSHOT</version>
<artifactId>acegi-security-parent</artifactId> <name>acegi-security-samples</name>
<version>1.1-SNAPSHOT</version> <parent>
</parent> <groupId>org.acegisecurity</groupId>
<artifactId>acegi-security-samples</artifactId> <artifactId>acegi-security-parent</artifactId>
<name>Acegi Security System for Spring - Samples</name> <version>1.1-SNAPSHOT</version>
<packaging>pom</packaging> </parent>
<dependencies> <modules>
<dependency> <!--
<groupId>org.acegisecurity</groupId> <module>acegifier</module>
<artifactId>acegi-security-tiger</artifactId> <module>annotations</module>
<version>${project.version}</version> <module>attributes</module>
</dependency> <module>contacts</module>
</dependencies> <module>contacts-tiger</module>
<module>dms</module>
<modules> -->
<module>annotations</module> <module>tutorial</module>
<module>attributes</module> </modules>
<module>contacts</module>
<module>contacts-tiger</module>
</modules>
</project> </project>

12
samples/tutorial/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
View File

@ -42,10 +42,11 @@
<!-- If LogoutFilter does not have setHandlers populated, introspect app ctx for LogoutHandlers, using Ordered (if present, otherwise assume Integer.MAX_VALUE) --> <!-- If LogoutFilter does not have setHandlers populated, introspect app ctx for LogoutHandlers, using Ordered (if present, otherwise assume Integer.MAX_VALUE) -->
<!-- The logoutUrl and redirectAfterLogout are both optional and default to that shown --> <!-- The logoutUrl and redirectAfterLogout are both optional and default to that shown -->
<security:logout-support id="logoutFilter" redirectAfterLogoutUrl="/index.jsp" logoutUrl="/j_acegi_logout"/> <security:logout-support id="logoutFilter"
redirectAfterLogoutUrl="/index.jsp" logoutUrl="/j_acegi_logout" />
<security:authentication-remember-me-services <security:authentication-remember-me-services
id="rememberMeServices" key="someValue" principalRepositoryBeanRef="userDetailsService"/> id="rememberMeServices" key="someValue" />
<bean id="securityContextLogoutHandler" <bean id="securityContextLogoutHandler"
@ -60,8 +61,8 @@
<security:authentication-mechanism id="authenticationManager" /> <security:authentication-mechanism id="authenticationManager" />
<!-- dao authentication provider "authenticationRepository" --> <!-- dao authentication provider "authenticationRepository" -->
<security:authentication-repository id="daoAuthenticationProvider" repositoryBeanRef="userDetailsService"/> <security:authentication-repository id="daoAuthenticationProvider" />
<!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users --> <!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users -->
<security:principal-repository id="userDetailsService"> <security:principal-repository id="userDetailsService">
@ -72,7 +73,8 @@
class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter" /> class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter" />
<!-- makes the filter, but does little else, as it auto-detects everything --> <!-- makes the filter, but does little else, as it auto-detects everything -->
<security:authentication-remember-me-filter id="rememberMeProcessingFilter" /> <security:authentication-remember-me-filter
id="rememberMeProcessingFilter" />
<bean id="anonymousProcessingFilter" <bean id="anonymousProcessingFilter"
class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter"> class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">