Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-349: GrantedAuthority constructor argument can be null.

This commit is contained in:
Ben Alex 2006-09-15 03:42:11 +00:00
parent 58d3f0c56f
commit f0b259a32e
2 changed files with 5 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
core/src/main/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationToken.java
View File

@ -15,14 +15,11 @@
package org.acegisecurity.providers.rememberme; package org.acegisecurity.providers.rememberme;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.providers.AbstractAuthenticationToken;
import org.springframework.util.Assert;
import java.io.Serializable; import java.io.Serializable;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.providers.AbstractAuthenticationToken;
/** /**
* Represents a remembered <code>Authentication</code>.<p>A remembered <code>Authentication</code> must provide a * Represents a remembered <code>Authentication</code>.<p>A remembered <code>Authentication</code> must provide a
@ -39,7 +36,7 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i
//~ Constructors =================================================================================================== //~ Constructors ===================================================================================================
/** /**
* Constructor. * Constructor.
* *
* @param key to identify if this object made by an authorised client * @param key to identify if this object made by an authorised client
@ -51,16 +48,10 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i
public RememberMeAuthenticationToken(String key, Object principal, GrantedAuthority[] authorities) { public RememberMeAuthenticationToken(String key, Object principal, GrantedAuthority[] authorities) {
super(authorities); super(authorities);
if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal) || (authorities == null) if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal)) {
|| (authorities.length == 0)) {
throw new IllegalArgumentException("Cannot pass null or empty values to constructor"); throw new IllegalArgumentException("Cannot pass null or empty values to constructor");
} }
for (int i = 0; i < authorities.length; i++) {
Assert.notNull(authorities[i],
"Granted authority element " + i + " is null - GrantedAuthority[] cannot contain any null elements");
}
this.keyHash = key.hashCode(); this.keyHash = key.hashCode();
this.principal = principal; this.principal = principal;
setAuthenticated(true); setAuthenticated(true);

14
core/src/test/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationTokenTests.java
View File

@ -70,26 +70,12 @@ public class RememberMeAuthenticationTokenTests extends TestCase {
assertTrue(true); assertTrue(true);
} }
try {
new RememberMeAuthenticationToken("key", "Test", null);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertTrue(true);
}
try { try {
new RememberMeAuthenticationToken("key", "Test", new GrantedAuthority[] {null}); new RememberMeAuthenticationToken("key", "Test", new GrantedAuthority[] {null});
fail("Should have thrown IllegalArgumentException"); fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) { } catch (IllegalArgumentException expected) {
assertTrue(true); assertTrue(true);
} }
try {
new RememberMeAuthenticationToken("key", "Test", new GrantedAuthority[] {});
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertTrue(true);
}
} }
public void testEqualsWhenEqual() { public void testEqualsWhenEqual() {