From f9fd448d88fc40cf82ebf02c7b550b8703797a13 Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Fri, 23 Aug 2013 14:55:50 -0500 Subject: [PATCH] SEC-2139: named-security-filter are all defined and ordered correctly --- .../security/config/spring-security-3.1.rnc | 2 +- .../security/config/spring-security-3.1.xsd | 8 +++++-- .../config/doc/XsdDocumentedTests.groovy | 22 ++++++++++++++++--- 3 files changed, 26 insertions(+), 6 deletions(-) diff --git a/config/src/main/resources/org/springframework/security/config/spring-security-3.1.rnc b/config/src/main/resources/org/springframework/security/config/spring-security-3.1.rnc index a5266bcbd0..545d9e66f6 100644 --- a/config/src/main/resources/org/springframework/security/config/spring-security-3.1.rnc +++ b/config/src/main/resources/org/springframework/security/config/spring-security-3.1.rnc @@ -739,4 +739,4 @@ position = ## The explicit position at which the custom-filter should be placed in the chain. Use if you are replacing a standard filter. attribute position {named-security-filter} -named-security-filter = "FIRST" | "CHANNEL_FILTER" | "CONCURRENT_SESSION_FILTER" | "SECURITY_CONTEXT_FILTER" | "LOGOUT_FILTER" | "X509_FILTER" | "PRE_AUTH_FILTER" | "CAS_FILTER" | "FORM_LOGIN_FILTER" | "OPENID_FILTER" |"BASIC_AUTH_FILTER" | "SERVLET_API_SUPPORT_FILTER" | "REMEMBER_ME_FILTER" | "ANONYMOUS_FILTER" | "EXCEPTION_TRANSLATION_FILTER" | "SESSION_MANAGEMENT_FILTER" | "FILTER_SECURITY_INTERCEPTOR" | "SWITCH_USER_FILTER" | "LAST" +named-security-filter = "FIRST" | "CHANNEL_FILTER" | "SECURITY_CONTEXT_FILTER" | "CONCURRENT_SESSION_FILTER" | "LOGOUT_FILTER" | "X509_FILTER" | "PRE_AUTH_FILTER" | "CAS_FILTER" | "FORM_LOGIN_FILTER" | "OPENID_FILTER" | "LOGIN_PAGE_FILTER" | "DIGEST_AUTH_FILTER" |"BASIC_AUTH_FILTER" | "REQUEST_CACHE_FILTER" | "SERVLET_API_SUPPORT_FILTER" | "JAAS_API_SUPPORT_FILTER" | "REMEMBER_ME_FILTER" | "ANONYMOUS_FILTER" | "SESSION_MANAGEMENT_FILTER" | "EXCEPTION_TRANSLATION_FILTER" | "FILTER_SECURITY_INTERCEPTOR" | "SWITCH_USER_FILTER" | "LAST" \ No newline at end of file diff --git a/config/src/main/resources/org/springframework/security/config/spring-security-3.1.xsd b/config/src/main/resources/org/springframework/security/config/spring-security-3.1.xsd index fb2458c92e..e3b7c0153c 100644 --- a/config/src/main/resources/org/springframework/security/config/spring-security-3.1.xsd +++ b/config/src/main/resources/org/springframework/security/config/spring-security-3.1.xsd @@ -1632,20 +1632,24 @@ - + + + + + - + diff --git a/config/src/test/groovy/org/springframework/security/config/doc/XsdDocumentedTests.groovy b/config/src/test/groovy/org/springframework/security/config/doc/XsdDocumentedTests.groovy index 4ad24b87fe..c5be4c623e 100644 --- a/config/src/test/groovy/org/springframework/security/config/doc/XsdDocumentedTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/doc/XsdDocumentedTests.groovy @@ -15,7 +15,10 @@ */ package org.springframework.security.config.doc -import groovy.util.slurpersupport.NodeChild; +import groovy.util.slurpersupport.NodeChild + +import org.springframework.security.config.http.SecurityFilters + import spock.lang.* /** @@ -31,10 +34,11 @@ class XsdDocumentedTests extends Specification { @Shared File schemaDocument = new File('src/main/resources/org/springframework/security/config/spring-security-3.1.xsd') @Shared Map elementNameToElement + @Shared schemaRootElement def setupSpec() { - def rootElement = new XmlSlurper().parse(schemaDocument) - elementNameToElement = new SpringSecurityXsdParser(rootElement: rootElement).parse() + schemaRootElement = new XmlSlurper().parse(schemaDocument) + elementNameToElement = new SpringSecurityXsdParser(rootElement: schemaRootElement).parse() appendixRoot.getMetaClass().sections = { delegate.breadthFirst().inject([]) {result, c-> if(c.name() == 'section' && c.@id) { @@ -55,6 +59,18 @@ class XsdDocumentedTests extends Specification { } } + def 'SEC-2139: named-security-filter are all defined and ordered properly'() { + setup: + def expectedFilters = (EnumSet.allOf(SecurityFilters) as List).sort { it.order } + when: + def nsf = schemaRootElement.simpleType.find { it.@name == 'named-security-filter' } + def nsfValues = nsf.children().children().collect { c -> + Enum.valueOf(SecurityFilters, c.@value.toString()) + } + then: + expectedFilters == nsfValues + } + /** * This will check to ensure that the expected number of xsd documents are found to ensure that we are validating * against the current xsd document. If this test fails, all that is needed is to update the schemaDocument