SEC-349: GrantedAuthority constructor argument can be null.

2006-09-15 03:42:11 +00:00 · 2006-09-15 03:42:11 +00:00 · f0b259a32e
parent 58d3f0c56f
commit f0b259a32e
2 changed files with 5 additions and 28 deletions
--- a/core/src/main/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationToken.java
+++ b/core/src/main/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationToken.java
@ -15,14 +15,11 @@

 package org.acegisecurity.providers.rememberme;

-import org.acegisecurity.GrantedAuthority;
-
-import org.acegisecurity.providers.AbstractAuthenticationToken;
-
-import org.springframework.util.Assert;
-
 import java.io.Serializable;

+import org.acegisecurity.GrantedAuthority;
+import org.acegisecurity.providers.AbstractAuthenticationToken;
+

 /**
 * Represents a remembered <code>Authentication</code>.<p>A remembered <code>Authentication</code> must provide a
@ -39,7 +36,7 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i

    //~ Constructors ===================================================================================================

-/**
+    /**
     * Constructor.
     *
     * @param key to identify if this object made by an authorised client
@ -51,16 +48,10 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i
    public RememberMeAuthenticationToken(String key, Object principal, GrantedAuthority[] authorities) {
        super(authorities);

-        if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal) || (authorities == null)
-            || (authorities.length == 0)) {
+        if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal)) {
            throw new IllegalArgumentException("Cannot pass null or empty values to constructor");
        }

-        for (int i = 0; i < authorities.length; i++) {
-            Assert.notNull(authorities[i],
-                "Granted authority element " + i + " is null - GrantedAuthority[] cannot contain any null elements");
-        }
-
        this.keyHash = key.hashCode();
        this.principal = principal;
        setAuthenticated(true);
--- a/core/src/test/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationTokenTests.java
+++ b/core/src/test/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationTokenTests.java
@ -70,26 +70,12 @@ public class RememberMeAuthenticationTokenTests extends TestCase {
            assertTrue(true);
        }

-        try {
-            new RememberMeAuthenticationToken("key", "Test", null);
-            fail("Should have thrown IllegalArgumentException");
-        } catch (IllegalArgumentException expected) {
-            assertTrue(true);
-        }
-
        try {
            new RememberMeAuthenticationToken("key", "Test", new GrantedAuthority[] {null});
            fail("Should have thrown IllegalArgumentException");
        } catch (IllegalArgumentException expected) {
            assertTrue(true);
        }
-
-        try {
-            new RememberMeAuthenticationToken("key", "Test", new GrantedAuthority[] {});
-            fail("Should have thrown IllegalArgumentException");
-        } catch (IllegalArgumentException expected) {
-            assertTrue(true);
-        }
    }

    public void testEqualsWhenEqual() {