diff --git a/.settings/org.eclipse.jdt.core.prefs b/.settings/org.eclipse.jdt.core.prefs new file mode 100644 index 0000000000..14078d58c8 --- /dev/null +++ b/.settings/org.eclipse.jdt.core.prefs @@ -0,0 +1,12 @@ +#Mon May 09 00:49:50 GMT 2005 +eclipse.preferences.version=1 +org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled +org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5 +org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve +org.eclipse.jdt.core.compiler.compliance=1.5 +org.eclipse.jdt.core.compiler.debug.lineNumber=generate +org.eclipse.jdt.core.compiler.debug.localVariable=generate +org.eclipse.jdt.core.compiler.debug.sourceFile=generate +org.eclipse.jdt.core.compiler.problem.assertIdentifier=error +org.eclipse.jdt.core.compiler.problem.enumIdentifier=error +org.eclipse.jdt.core.compiler.source=1.5 diff --git a/core/src/main/java/org/acegisecurity/acl/basic/NamedEntityObjectIdentity.java b/core/src/main/java/org/acegisecurity/acl/basic/NamedEntityObjectIdentity.java index 9fd70edd71..dae667fcdf 100644 --- a/core/src/main/java/org/acegisecurity/acl/basic/NamedEntityObjectIdentity.java +++ b/core/src/main/java/org/acegisecurity/acl/basic/NamedEntityObjectIdentity.java @@ -1,4 +1,4 @@ -/* Copyright 2004 Acegi Technology Pty Limited +/* Copyright 2004, 2005 Acegi Technology Pty Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -74,12 +74,12 @@ public class NamedEntityObjectIdentity implements AclObjectIdentity { Class clazz = object.getClass(); try { - Method method = clazz.getMethod("getId", null); - Object result = method.invoke(object, null); + Method method = clazz.getMethod("getId", new Class[] {}); + Object result = method.invoke(object, new Object[] {}); this.id = result.toString(); } catch (NoSuchMethodException nsme) { throw new IllegalArgumentException("Object of class '" + clazz - + "' does not provide the required getId() method: " + object); + + "' does not provide the required getId() method: " + object); } } diff --git a/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionAttributes.java b/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionAttributes.java index 5f8089d99c..aa42aa9a2c 100644 --- a/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionAttributes.java +++ b/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionAttributes.java @@ -1,4 +1,4 @@ -/* Copyright 2004 Acegi Technology Pty Limited +/* Copyright 2004, 2005 Acegi Technology Pty Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -142,7 +142,7 @@ public class MethodDefinitionAttributes extends AbstractMethodDefinitionSource { try { Method m = clazz.getDeclaredMethod(method.getName(), - method.getParameterTypes()); + (Class[]) method.getParameterTypes()); addMethodAttributes(definition, m); } catch (Exception e) { // this won't happen since we are getting a method from an interface that diff --git a/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionMap.java b/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionMap.java index 7e19f206b1..e7dfe9000a 100644 --- a/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionMap.java +++ b/core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionMap.java @@ -1,4 +1,4 @@ -/* Copyright 2004 Acegi Technology Pty Limited +/* Copyright 2004, 2005 Acegi Technology Pty Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -223,7 +223,7 @@ public class MethodDefinitionMap extends AbstractMethodDefinitionSource { try { // Look for the method on the current interface Method interfaceMethod = clazz.getDeclaredMethod(method.getName(), - method.getParameterTypes()); + (Class[]) method.getParameterTypes()); ConfigAttributeDefinition interfaceAssigned = (ConfigAttributeDefinition) this.methodMap .get(interfaceMethod); merge(definition, interfaceAssigned); diff --git a/core/src/main/java/org/acegisecurity/providers/dao/event/AuthenticationEvent.java b/core/src/main/java/org/acegisecurity/providers/dao/event/AuthenticationEvent.java index f31cb73e18..4a59e3fe47 100644 --- a/core/src/main/java/org/acegisecurity/providers/dao/event/AuthenticationEvent.java +++ b/core/src/main/java/org/acegisecurity/providers/dao/event/AuthenticationEvent.java @@ -1,4 +1,4 @@ -/* Copyright 2004 Acegi Technology Pty Limited +/* Copyright 2004, 2005 Acegi Technology Pty Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,9 +17,9 @@ package net.sf.acegisecurity.providers.dao.event; import net.sf.acegisecurity.Authentication; import net.sf.acegisecurity.UserDetails; -import net.sf.acegisecurity.providers.dao.User; import org.springframework.context.ApplicationEvent; + import org.springframework.util.Assert; diff --git a/core/src/main/java/org/acegisecurity/providers/dao/salt/ReflectionSaltSource.java b/core/src/main/java/org/acegisecurity/providers/dao/salt/ReflectionSaltSource.java index 0e62b3c850..a87180ba3c 100644 --- a/core/src/main/java/org/acegisecurity/providers/dao/salt/ReflectionSaltSource.java +++ b/core/src/main/java/org/acegisecurity/providers/dao/salt/ReflectionSaltSource.java @@ -1,4 +1,4 @@ -/* Copyright 2004 Acegi Technology Pty Limited +/* Copyright 2004, 2005 Acegi Technology Pty Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,7 +18,6 @@ package net.sf.acegisecurity.providers.dao.salt; import net.sf.acegisecurity.AuthenticationServiceException; import net.sf.acegisecurity.UserDetails; import net.sf.acegisecurity.providers.dao.SaltSource; -import net.sf.acegisecurity.providers.dao.User; import org.springframework.beans.factory.InitializingBean; @@ -64,9 +63,9 @@ public class ReflectionSaltSource implements SaltSource, InitializingBean { public Object getSalt(UserDetails user) { try { Method reflectionMethod = user.getClass().getMethod(this.userPropertyToUse, - null); + new Class[] {}); - return reflectionMethod.invoke(user, null); + return reflectionMethod.invoke(user, new Object[] {}); } catch (Exception exception) { throw new AuthenticationServiceException(exception.getMessage()); } diff --git a/core/src/main/java/org/acegisecurity/providers/dao/salt/SystemWideSaltSource.java b/core/src/main/java/org/acegisecurity/providers/dao/salt/SystemWideSaltSource.java index 974b235013..50bf139bd4 100644 --- a/core/src/main/java/org/acegisecurity/providers/dao/salt/SystemWideSaltSource.java +++ b/core/src/main/java/org/acegisecurity/providers/dao/salt/SystemWideSaltSource.java @@ -1,4 +1,4 @@ -/* Copyright 2004 Acegi Technology Pty Limited +/* Copyright 2004, 2005 Acegi Technology Pty Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,6 @@ package net.sf.acegisecurity.providers.dao.salt; import net.sf.acegisecurity.UserDetails; import net.sf.acegisecurity.providers.dao.SaltSource; -import net.sf.acegisecurity.providers.dao.User; import org.springframework.beans.factory.InitializingBean; diff --git a/core/src/main/java/org/acegisecurity/userdetails/UserDetails.java b/core/src/main/java/org/acegisecurity/userdetails/UserDetails.java index e8f8ffc3cb..fc9e453f2f 100644 --- a/core/src/main/java/org/acegisecurity/userdetails/UserDetails.java +++ b/core/src/main/java/org/acegisecurity/userdetails/UserDetails.java @@ -15,8 +15,6 @@ package net.sf.acegisecurity; -import net.sf.acegisecurity.providers.dao.User; - import java.io.Serializable; diff --git a/core/src/main/java/org/acegisecurity/vote/BasicAclEntryVoter.java b/core/src/main/java/org/acegisecurity/vote/BasicAclEntryVoter.java index b19ac48de5..d758337e61 100644 --- a/core/src/main/java/org/acegisecurity/vote/BasicAclEntryVoter.java +++ b/core/src/main/java/org/acegisecurity/vote/BasicAclEntryVoter.java @@ -1,4 +1,4 @@ -/* Copyright 2004 Acegi Technology Pty Limited +/* Copyright 2004, 2005 Acegi Technology Pty Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -29,6 +29,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.springframework.beans.factory.InitializingBean; + import org.springframework.util.Assert; import java.lang.reflect.InvocationTargetException; @@ -195,12 +196,15 @@ public class BasicAclEntryVoter implements AccessDecisionVoter, } public void afterPropertiesSet() throws Exception { - Assert.notNull(processConfigAttribute, "A processConfigAttribute is mandatory"); + Assert.notNull(processConfigAttribute, + "A processConfigAttribute is mandatory"); Assert.notNull(aclManager, "An aclManager is mandatory"); - Assert.notNull(processDomainObjectClass, "A processDomainObjectClass is mandatory"); + Assert.notNull(processDomainObjectClass, + "A processDomainObjectClass is mandatory"); if ((requirePermission == null) || (requirePermission.length == 0)) { - throw new IllegalArgumentException("One or more requirePermission entries is mandatory"); + throw new IllegalArgumentException( + "One or more requirePermission entries is mandatory"); } } @@ -248,8 +252,10 @@ public class BasicAclEntryVoter implements AccessDecisionVoter, if ((internalMethod != null) && !"".equals(internalMethod)) { try { Class clazz = domainObject.getClass(); - Method method = clazz.getMethod(internalMethod, null); - domainObject = method.invoke(domainObject, null); + Method method = clazz.getMethod(internalMethod, + new Class[] {}); + domainObject = method.invoke(domainObject, + new Object[] {}); } catch (NoSuchMethodException nsme) { throw new AuthorizationServiceException( "Object of class '" + domainObject.getClass() diff --git a/domain/project.properties b/domain/project.properties new file mode 100644 index 0000000000..17760d73e0 --- /dev/null +++ b/domain/project.properties @@ -0,0 +1,12 @@ +# $Id$ + +# Values in this file will be overriden by any values with the same name +# in the user-created build.properties file. + +# Compile settings +# +# Java 1.5 is required because we use enums extensively in this subproject +# (main Acegi Security project / parent) is Java 1.3 compatible +# +maven.compile.target=1.5 +maven.compile.source=1.5 diff --git a/sandbox/src/test/java/org/acegisecurity/providers/dao/ldap/BaseLdapTestCase.java b/sandbox/src/test/java/org/acegisecurity/providers/dao/ldap/BaseLdapTestCase.java index 8c36474c00..c95573afd5 100644 --- a/sandbox/src/test/java/org/acegisecurity/providers/dao/ldap/BaseLdapTestCase.java +++ b/sandbox/src/test/java/org/acegisecurity/providers/dao/ldap/BaseLdapTestCase.java @@ -1,49 +1,76 @@ +/* Copyright 2004, 2005 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + package net.sf.acegisecurity.providers.dao.ldap; -import java.io.IOException; -import java.io.InputStream; +import junit.framework.TestCase; + import java.util.Hashtable; + import javax.naming.Context; import javax.naming.NamingException; import javax.naming.directory.DirContext; import javax.naming.directory.InitialDirContext; -import junit.framework.TestCase; -/** Important note: this class merely defines certain - * base properties needed by all LDAP unit tests. + +/** + * Important note: this class merely defines certain base properties needed by + * all LDAP unit tests. */ public class BaseLdapTestCase extends TestCase { + //~ Static fields/initializers ============================================= // static finalizers, they'd be nice, as LdapTestHelper // never seems to get the chance to cleanup after itself - protected static LdapTestHelper ldapTestHelper = new LdapTestHelper(); - + protected static LdapTestHelper ldapTestHelper = new LdapTestHelper(); + static { //InputStream in = BaseLdapTestCase.class.getResourceAsStream("net/sf/acegisecurity/providers/dao/ldap/test-data.ldif"); + /* InputStream in = ldapTestHelper.getClass().getResourceAsStream("test-data.ldif"); - try { - ldapTestHelper.importLDIF(in); - } catch (Exception x) { - x.printStackTrace(); - ldapTestHelper.shutdownServer(); - ldapTestHelper = null; - throw new RuntimeException("Server initialization failed."); - } */ - DirContentsInitializer.initialize( ldapTestHelper.getServerContext() ); + try { + ldapTestHelper.importLDIF(in); + } catch (Exception x) { + x.printStackTrace(); + ldapTestHelper.shutdownServer(); + ldapTestHelper = null; + throw new RuntimeException("Server initialization failed."); + } */ + DirContentsInitializer.initialize(ldapTestHelper.getServerContext()); + } + + //~ Methods ================================================================ + + protected DirContext getClientContext() throws NamingException { + Hashtable env = new Hashtable(); + env.put(Context.PROVIDER_URL, "ldap://localhost:389/ou=system"); + env.put(Context.INITIAL_CONTEXT_FACTORY, + "com.sun.jndi.ldap.LdapCtxFactory"); + env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system"); + env.put(Context.SECURITY_CREDENTIALS, "secret"); + + return new InitialDirContext(env); + } + + /** + * DOCUMENT ME! + * + * @return The server context for LDAP ops. used for things like + * addding/removing users. + */ + protected DirContext getServerContext() { + return ldapTestHelper.getServerContext(); } - - protected DirContext getClientContext() throws NamingException { - Hashtable env = new Hashtable(); - env.put( Context.PROVIDER_URL, "ldap://localhost:389/ou=system" ); - env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" ); - env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" ); - env.put( Context.SECURITY_CREDENTIALS, "secret" ); - return new InitialDirContext( env ); - } - - /** @return The server context for LDAP ops. used for things like addding/removing users. */ - protected DirContext getServerContext() { - return ldapTestHelper.getServerContext(); - } - } diff --git a/sandbox/src/test/java/org/acegisecurity/providers/dao/ldap/LdapPasswordAuthenticationTest.java b/sandbox/src/test/java/org/acegisecurity/providers/dao/ldap/LdapPasswordAuthenticationTest.java index 4e5f8afe0e..dfbdc0cf6f 100644 --- a/sandbox/src/test/java/org/acegisecurity/providers/dao/ldap/LdapPasswordAuthenticationTest.java +++ b/sandbox/src/test/java/org/acegisecurity/providers/dao/ldap/LdapPasswordAuthenticationTest.java @@ -1,41 +1,112 @@ -package net.sf.acegisecurity.providers.dao.ldap; +/* Copyright 2004, 2005 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ -import javax.naming.NamingException; +package net.sf.acegisecurity.providers.dao.ldap; import net.sf.acegisecurity.BadCredentialsException; import net.sf.acegisecurity.UserDetails; -import net.sf.acegisecurity.GrantedAuthority; +import javax.naming.NamingException; + + +/** + * DOCUMENT ME! + * + * @author $author$ + * @version $Revision$ + */ public class LdapPasswordAuthenticationTest extends BaseLdapTestCase { - - private LdapPasswordAuthenticationDao dao; - - private String DEFAULT_ROLE = "DEFAULT_ROLE"; - - /** Setup the basic properties of our LdapPasswordAuthenticationDao */ - protected void setUp() { - dao = new LdapPasswordAuthenticationDao(); - dao.setURL("ldap://localhost:389/ou=system"); - } - + //~ Instance fields ======================================================== - public void testSimpleUidUser() throws NamingException { + private LdapPasswordAuthenticationDao dao; + private String DEFAULT_ROLE = "DEFAULT_ROLE"; + + //~ Methods ================================================================ + + public void testEmptyRoles() { dao.setUserContext("uid={0},ou=users,ou=system"); - dao.setDefaultRole(DEFAULT_ROLE); + try { - UserDetails userDetails = dao.loadUserByUsernameAndPassword("one.user", "plaintext"); - assertEquals(1, userDetails.getAuthorities().length ); - assertEquals(DEFAULT_ROLE, userDetails.getAuthorities()[0].getAuthority() ); + UserDetails userDetails = dao.loadUserByUsernameAndPassword("user.two", + "plaintext2"); + fail("No roles are accessible for user; this test _should_ fail."); + } catch (BadCredentialsException ex) { + assertTrue("No roles are accessible for user; this test _should_ fail.", + ex.getMessage().startsWith(LdapPasswordAuthenticationDao.BAD_CREDENTIALS_EXCEPTION_MESSAGE)); + } + } + + public void testSimpleCnUser() throws NamingException { + dao.setUserContext("cn={0},ou=users,ou=system"); + dao.setDefaultRole(DEFAULT_ROLE); + + try { + UserDetails userDetails = dao.loadUserByUsernameAndPassword("user.two", + "plaintext2"); + assertEquals(1, userDetails.getAuthorities().length); + assertEquals(DEFAULT_ROLE, + userDetails.getAuthorities()[0].getAuthority()); } catch (BadCredentialsException ex) { fail(); } } - + + public void testSimpleMultiUserContext() throws NamingException { + dao.setUserContexts(new String[] {"uid={0},ou=users,ou=system", "cn={0},ou=users,ou=system"}); + dao.setDefaultRole(DEFAULT_ROLE); + + try { + UserDetails userDetails = dao.loadUserByUsernameAndPassword("one.user", + "plaintext"); + assertEquals(1, userDetails.getAuthorities().length); + assertEquals(DEFAULT_ROLE, + userDetails.getAuthorities()[0].getAuthority()); + + UserDetails userDetails2 = dao.loadUserByUsernameAndPassword("user.two", + "plaintext2"); + assertEquals(1, userDetails2.getAuthorities().length); + assertEquals(DEFAULT_ROLE, + userDetails2.getAuthorities()[0].getAuthority()); + } catch (BadCredentialsException ex) { + fail(); + } + } + + public void testSimpleUidUser() throws NamingException { + dao.setUserContext("uid={0},ou=users,ou=system"); + dao.setDefaultRole(DEFAULT_ROLE); + + try { + UserDetails userDetails = dao.loadUserByUsernameAndPassword("one.user", + "plaintext"); + assertEquals(1, userDetails.getAuthorities().length); + assertEquals(DEFAULT_ROLE, + userDetails.getAuthorities()[0].getAuthority()); + } catch (BadCredentialsException ex) { + fail(); + } + } + public void testSimpleUidUserBadPassword() throws NamingException { dao.setUserContext("uid={0},ou=users,ou=system"); dao.setDefaultRole(DEFAULT_ROLE); + try { - UserDetails userDetails = dao.loadUserByUsernameAndPassword("one.user", "plainlywrong"); + UserDetails userDetails = dao.loadUserByUsernameAndPassword("one.user", + "plainlywrong"); + //assertEquals(1, userDetails.getAuthorities().length ); //assertEquals(DEFAULT_ROLE, userDetails.getAuthorities()[0].getAuthority() ); fail(); @@ -43,51 +114,19 @@ public class LdapPasswordAuthenticationTest extends BaseLdapTestCase { assertTrue(true); } } - - public void testSimpleCnUser() throws NamingException { - dao.setUserContext("cn={0},ou=users,ou=system"); - dao.setDefaultRole(DEFAULT_ROLE); - try { - UserDetails userDetails = dao.loadUserByUsernameAndPassword("user.two", "plaintext2"); - assertEquals(1, userDetails.getAuthorities().length ); - assertEquals(DEFAULT_ROLE, userDetails.getAuthorities()[0].getAuthority() ); - } catch (BadCredentialsException ex) { - fail(); - } + + /** + * Setup the basic properties of our LdapPasswordAuthenticationDao + */ + protected void setUp() { + dao = new LdapPasswordAuthenticationDao(); + dao.setURL("ldap://localhost:389/ou=system"); } - - public void testSimpleMultiUserContext() throws NamingException { - dao.setUserContexts(new String[]{"uid={0},ou=users,ou=system", "cn={0},ou=users,ou=system"}); - dao.setDefaultRole(DEFAULT_ROLE); - try { - UserDetails userDetails = dao.loadUserByUsernameAndPassword("one.user", "plaintext"); - assertEquals(1, userDetails.getAuthorities().length ); - assertEquals(DEFAULT_ROLE, userDetails.getAuthorities()[0].getAuthority() ); - - UserDetails userDetails2 = dao.loadUserByUsernameAndPassword("user.two", "plaintext2"); - assertEquals(1, userDetails2.getAuthorities().length ); - assertEquals(DEFAULT_ROLE, userDetails2.getAuthorities()[0].getAuthority() ); - } catch (BadCredentialsException ex) { - fail(); - } - } - - public void testEmptyRoles() { - dao.setUserContext("uid={0},ou=users,ou=system"); - try { - UserDetails userDetails = dao.loadUserByUsernameAndPassword("user.two", "plaintext2"); - fail("No roles are accessible for user; this test _should_ fail."); - } catch (BadCredentialsException ex) { - assertTrue("No roles are accessible for user; this test _should_ fail.", - ex.getMessage().startsWith(LdapPasswordAuthenticationDao.BAD_CREDENTIALS_EXCEPTION_MESSAGE) ); - } - } - + /* * @todo: * 1. two different groups... * 2. two groups, limit 'roles' * 3. other stuff... */ - }