Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update project workspace settings to Java 1.5. NB: Maven remains at 1.3 compatibility for all subprojects except "domain". It is recommended the Eclipse "Problems" view be customised to not display items containing "Type Safety:" in their description. Developers should NOT introduce 1.5+ dependencies to any projects apart from "domain".

This commit is contained in:
Ben Alex 2005-05-09 01:18:31 +00:00
parent e08e66dec6
commit fa6924a373
12 changed files with 208 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.settings/org.eclipse.jdt.core.prefs Normal file
View File

@ -0,0 +1,12 @@
#Mon May 09 00:49:50 GMT 2005
eclipse.preferences.version=1
org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5
org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
org.eclipse.jdt.core.compiler.compliance=1.5
org.eclipse.jdt.core.compiler.debug.lineNumber=generate
org.eclipse.jdt.core.compiler.debug.localVariable=generate
org.eclipse.jdt.core.compiler.debug.sourceFile=generate
org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
org.eclipse.jdt.core.compiler.source=1.5

8
core/src/main/java/org/acegisecurity/acl/basic/NamedEntityObjectIdentity.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004 Acegi Technology Pty Limited
/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -74,12 +74,12 @@ public class NamedEntityObjectIdentity implements AclObjectIdentity {
Class clazz = object.getClass();
try {
Method method = clazz.getMethod("getId", null);
Object result = method.invoke(object, null);
Method method = clazz.getMethod("getId", new Class[] {});
Object result = method.invoke(object, new Object[] {});
this.id = result.toString();
} catch (NoSuchMethodException nsme) {
throw new IllegalArgumentException("Object of class '" + clazz
+ "' does not provide the required getId() method: " + object);
+ "' does not provide the required getId() method: " + object);
}
}

4
core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionAttributes.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004 Acegi Technology Pty Limited
/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -142,7 +142,7 @@ public class MethodDefinitionAttributes extends AbstractMethodDefinitionSource {
try {
Method m = clazz.getDeclaredMethod(method.getName(),
method.getParameterTypes());
(Class[]) method.getParameterTypes());
addMethodAttributes(definition, m);
} catch (Exception e) {
// this won't happen since we are getting a method from an interface that

4
core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionMap.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004 Acegi Technology Pty Limited
/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -223,7 +223,7 @@ public class MethodDefinitionMap extends AbstractMethodDefinitionSource {
try {
// Look for the method on the current interface
Method interfaceMethod = clazz.getDeclaredMethod(method.getName(),
method.getParameterTypes());
(Class[]) method.getParameterTypes());
ConfigAttributeDefinition interfaceAssigned = (ConfigAttributeDefinition) this.methodMap
.get(interfaceMethod);
merge(definition, interfaceAssigned);

4
core/src/main/java/org/acegisecurity/providers/dao/event/AuthenticationEvent.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004 Acegi Technology Pty Limited
/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -17,9 +17,9 @@ package net.sf.acegisecurity.providers.dao.event;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.providers.dao.User;
import org.springframework.context.ApplicationEvent;
import org.springframework.util.Assert;

7
core/src/main/java/org/acegisecurity/providers/dao/salt/ReflectionSaltSource.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004 Acegi Technology Pty Limited
/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -18,7 +18,6 @@ package net.sf.acegisecurity.providers.dao.salt;
import net.sf.acegisecurity.AuthenticationServiceException;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.providers.dao.SaltSource;
import net.sf.acegisecurity.providers.dao.User;
import org.springframework.beans.factory.InitializingBean;
@ -64,9 +63,9 @@ public class ReflectionSaltSource implements SaltSource, InitializingBean {
public Object getSalt(UserDetails user) {
try {
Method reflectionMethod = user.getClass().getMethod(this.userPropertyToUse,
null);
new Class[] {});
return reflectionMethod.invoke(user, null);
return reflectionMethod.invoke(user, new Object[] {});
} catch (Exception exception) {
throw new AuthenticationServiceException(exception.getMessage());
}

3
core/src/main/java/org/acegisecurity/providers/dao/salt/SystemWideSaltSource.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004 Acegi Technology Pty Limited
/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -17,7 +17,6 @@ package net.sf.acegisecurity.providers.dao.salt;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.providers.dao.SaltSource;
import net.sf.acegisecurity.providers.dao.User;
import org.springframework.beans.factory.InitializingBean;

2
core/src/main/java/org/acegisecurity/userdetails/UserDetails.java
View File

@ -15,8 +15,6 @@
package net.sf.acegisecurity;
import net.sf.acegisecurity.providers.dao.User;
import java.io.Serializable;

18
core/src/main/java/org/acegisecurity/vote/BasicAclEntryVoter.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004 Acegi Technology Pty Limited
/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -29,6 +29,7 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
import java.lang.reflect.InvocationTargetException;
@ -195,12 +196,15 @@ public class BasicAclEntryVoter implements AccessDecisionVoter,
}
public void afterPropertiesSet() throws Exception {
Assert.notNull(processConfigAttribute, "A processConfigAttribute is mandatory");
Assert.notNull(processConfigAttribute,
"A processConfigAttribute is mandatory");
Assert.notNull(aclManager, "An aclManager is mandatory");
Assert.notNull(processDomainObjectClass, "A processDomainObjectClass is mandatory");
Assert.notNull(processDomainObjectClass,
"A processDomainObjectClass is mandatory");
if ((requirePermission == null) || (requirePermission.length == 0)) {
throw new IllegalArgumentException("One or more requirePermission entries is mandatory");
throw new IllegalArgumentException(
"One or more requirePermission entries is mandatory");
}
}
@ -248,8 +252,10 @@ public class BasicAclEntryVoter implements AccessDecisionVoter,
if ((internalMethod != null) && !"".equals(internalMethod)) {
try {
Class clazz = domainObject.getClass();
Method method = clazz.getMethod(internalMethod, null);
domainObject = method.invoke(domainObject, null);
Method method = clazz.getMethod(internalMethod,
new Class[] {});
domainObject = method.invoke(domainObject,
new Object[] {});
} catch (NoSuchMethodException nsme) {
throw new AuthorizationServiceException(
"Object of class '" + domainObject.getClass()

12
domain/project.properties Normal file
View File

@ -0,0 +1,12 @@
# $Id$
# Values in this file will be overriden by any values with the same name
# in the user-created build.properties file.
# Compile settings
#
# Java 1.5 is required because we use enums extensively in this subproject
# (main Acegi Security project / parent) is Java 1.3 compatible
#
maven.compile.target=1.5
maven.compile.source=1.5

89
sandbox/src/test/java/org/acegisecurity/providers/dao/ldap/BaseLdapTestCase.java
View File

@ -1,49 +1,76 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package net.sf.acegisecurity.providers.dao.ldap;
import java.io.IOException;
import java.io.InputStream;
import junit.framework.TestCase;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import junit.framework.TestCase;
/** Important note: this class merely defines certain
* base properties needed by all LDAP unit tests.
/**
* Important note: this class merely defines certain base properties needed by
* all LDAP unit tests.
*/
public class BaseLdapTestCase extends TestCase {
//~ Static fields/initializers =============================================
// static finalizers, they'd be nice, as LdapTestHelper
// never seems to get the chance to cleanup after itself
protected static LdapTestHelper ldapTestHelper = new LdapTestHelper();
protected static LdapTestHelper ldapTestHelper = new LdapTestHelper();
static {
//InputStream in = BaseLdapTestCase.class.getResourceAsStream("net/sf/acegisecurity/providers/dao/ldap/test-data.ldif");
/* InputStream in = ldapTestHelper.getClass().getResourceAsStream("test-data.ldif");
try {
ldapTestHelper.importLDIF(in);
} catch (Exception x) {
x.printStackTrace();
ldapTestHelper.shutdownServer();
ldapTestHelper = null;
throw new RuntimeException("Server initialization failed.");
} */
DirContentsInitializer.initialize( ldapTestHelper.getServerContext() );
try {
ldapTestHelper.importLDIF(in);
} catch (Exception x) {
x.printStackTrace();
ldapTestHelper.shutdownServer();
ldapTestHelper = null;
throw new RuntimeException("Server initialization failed.");
} */
DirContentsInitializer.initialize(ldapTestHelper.getServerContext());
}
//~ Methods ================================================================
protected DirContext getClientContext() throws NamingException {
Hashtable env = new Hashtable();
env.put(Context.PROVIDER_URL, "ldap://localhost:389/ou=system");
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
env.put(Context.SECURITY_CREDENTIALS, "secret");
return new InitialDirContext(env);
}
/**
* DOCUMENT ME!
*
* @return The server context for LDAP ops. used for things like
* addding/removing users.
*/
protected DirContext getServerContext() {
return ldapTestHelper.getServerContext();
}
protected DirContext getClientContext() throws NamingException {
Hashtable env = new Hashtable();
env.put( Context.PROVIDER_URL, "ldap://localhost:389/ou=system" );
env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
env.put( Context.SECURITY_CREDENTIALS, "secret" );
return new InitialDirContext( env );
}
/** @return The server context for LDAP ops. used for things like addding/removing users. */
protected DirContext getServerContext() {
return ldapTestHelper.getServerContext();
}
}

161
sandbox/src/test/java/org/acegisecurity/providers/dao/ldap/LdapPasswordAuthenticationTest.java
View File

@ -1,41 +1,112 @@
package net.sf.acegisecurity.providers.dao.ldap;
/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import javax.naming.NamingException;
package net.sf.acegisecurity.providers.dao.ldap;
import net.sf.acegisecurity.BadCredentialsException;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.GrantedAuthority;
import javax.naming.NamingException;
/**
* DOCUMENT ME!
*
* @author $author$
* @version $Revision$
*/
public class LdapPasswordAuthenticationTest extends BaseLdapTestCase {
private LdapPasswordAuthenticationDao dao;
private String DEFAULT_ROLE = "DEFAULT_ROLE";
/** Setup the basic properties of our LdapPasswordAuthenticationDao */
protected void setUp() {
dao = new LdapPasswordAuthenticationDao();
dao.setURL("ldap://localhost:389/ou=system");
}
//~ Instance fields ========================================================
public void testSimpleUidUser() throws NamingException {
private LdapPasswordAuthenticationDao dao;
private String DEFAULT_ROLE = "DEFAULT_ROLE";
//~ Methods ================================================================
public void testEmptyRoles() {
dao.setUserContext("uid={0},ou=users,ou=system");
dao.setDefaultRole(DEFAULT_ROLE);
try {
UserDetails userDetails = dao.loadUserByUsernameAndPassword("one.user", "plaintext");
assertEquals(1, userDetails.getAuthorities().length );
assertEquals(DEFAULT_ROLE, userDetails.getAuthorities()[0].getAuthority() );
UserDetails userDetails = dao.loadUserByUsernameAndPassword("user.two",
"plaintext2");
fail("No roles are accessible for user; this test _should_ fail.");
} catch (BadCredentialsException ex) {
assertTrue("No roles are accessible for user; this test _should_ fail.",
ex.getMessage().startsWith(LdapPasswordAuthenticationDao.BAD_CREDENTIALS_EXCEPTION_MESSAGE));
}
}
public void testSimpleCnUser() throws NamingException {
dao.setUserContext("cn={0},ou=users,ou=system");
dao.setDefaultRole(DEFAULT_ROLE);
try {
UserDetails userDetails = dao.loadUserByUsernameAndPassword("user.two",
"plaintext2");
assertEquals(1, userDetails.getAuthorities().length);
assertEquals(DEFAULT_ROLE,
userDetails.getAuthorities()[0].getAuthority());
} catch (BadCredentialsException ex) {
fail();
}
}
public void testSimpleMultiUserContext() throws NamingException {
dao.setUserContexts(new String[] {"uid={0},ou=users,ou=system", "cn={0},ou=users,ou=system"});
dao.setDefaultRole(DEFAULT_ROLE);
try {
UserDetails userDetails = dao.loadUserByUsernameAndPassword("one.user",
"plaintext");
assertEquals(1, userDetails.getAuthorities().length);
assertEquals(DEFAULT_ROLE,
userDetails.getAuthorities()[0].getAuthority());
UserDetails userDetails2 = dao.loadUserByUsernameAndPassword("user.two",
"plaintext2");
assertEquals(1, userDetails2.getAuthorities().length);
assertEquals(DEFAULT_ROLE,
userDetails2.getAuthorities()[0].getAuthority());
} catch (BadCredentialsException ex) {
fail();
}
}
public void testSimpleUidUser() throws NamingException {
dao.setUserContext("uid={0},ou=users,ou=system");
dao.setDefaultRole(DEFAULT_ROLE);
try {
UserDetails userDetails = dao.loadUserByUsernameAndPassword("one.user",
"plaintext");
assertEquals(1, userDetails.getAuthorities().length);
assertEquals(DEFAULT_ROLE,
userDetails.getAuthorities()[0].getAuthority());
} catch (BadCredentialsException ex) {
fail();
}
}
public void testSimpleUidUserBadPassword() throws NamingException {
dao.setUserContext("uid={0},ou=users,ou=system");
dao.setDefaultRole(DEFAULT_ROLE);
try {
UserDetails userDetails = dao.loadUserByUsernameAndPassword("one.user", "plainlywrong");
UserDetails userDetails = dao.loadUserByUsernameAndPassword("one.user",
"plainlywrong");
//assertEquals(1, userDetails.getAuthorities().length );
//assertEquals(DEFAULT_ROLE, userDetails.getAuthorities()[0].getAuthority() );
fail();
@ -43,51 +114,19 @@ public class LdapPasswordAuthenticationTest extends BaseLdapTestCase {
assertTrue(true);
}
}
public void testSimpleCnUser() throws NamingException {
dao.setUserContext("cn={0},ou=users,ou=system");
dao.setDefaultRole(DEFAULT_ROLE);
try {
UserDetails userDetails = dao.loadUserByUsernameAndPassword("user.two", "plaintext2");
assertEquals(1, userDetails.getAuthorities().length );
assertEquals(DEFAULT_ROLE, userDetails.getAuthorities()[0].getAuthority() );
} catch (BadCredentialsException ex) {
fail();
}
/**
* Setup the basic properties of our LdapPasswordAuthenticationDao
*/
protected void setUp() {
dao = new LdapPasswordAuthenticationDao();
dao.setURL("ldap://localhost:389/ou=system");
}
public void testSimpleMultiUserContext() throws NamingException {
dao.setUserContexts(new String[]{"uid={0},ou=users,ou=system", "cn={0},ou=users,ou=system"});
dao.setDefaultRole(DEFAULT_ROLE);
try {
UserDetails userDetails = dao.loadUserByUsernameAndPassword("one.user", "plaintext");
assertEquals(1, userDetails.getAuthorities().length );
assertEquals(DEFAULT_ROLE, userDetails.getAuthorities()[0].getAuthority() );
UserDetails userDetails2 = dao.loadUserByUsernameAndPassword("user.two", "plaintext2");
assertEquals(1, userDetails2.getAuthorities().length );
assertEquals(DEFAULT_ROLE, userDetails2.getAuthorities()[0].getAuthority() );
} catch (BadCredentialsException ex) {
fail();
}
}
public void testEmptyRoles() {
dao.setUserContext("uid={0},ou=users,ou=system");
try {
UserDetails userDetails = dao.loadUserByUsernameAndPassword("user.two", "plaintext2");
fail("No roles are accessible for user; this test _should_ fail.");
} catch (BadCredentialsException ex) {
assertTrue("No roles are accessible for user; this test _should_ fail.",
ex.getMessage().startsWith(LdapPasswordAuthenticationDao.BAD_CREDENTIALS_EXCEPTION_MESSAGE) );
}
}
/*
* @todo:
* 1. two different groups...
* 2. two groups, limit 'roles'
* 3. other stuff...
*/
}