root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 14 Packages Projects Releases Wiki Activity

Tidying up, removing compiler warnings etc.

This commit is contained in:
Luke Taylor 2008-12-20 00:16:49 +00:00
parent 8154161ef5
commit cc5966bc7e
255 changed files with 3993 additions and 4444 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
acl/src/main/java/org/springframework/security/acls/AclService.java
View File

@ -39,9 +39,10 @@ public interface AclService {
ObjectIdentity[] findChildren(ObjectIdentity parentIdentity);
/**
* Same as {@link #readAclsById(ObjectIdentity[])} except it returns only a single Acl.<p>This method
* should not be called as it does not leverage the underlaying implementation's potential ability to filter
* <tt>Acl</tt> entries based on a {@link Sid} parameter.</p>
* Same as {@link #readAclsById(ObjectIdentity[])} except it returns only a single Acl.
* <p>
* This method should not be called as it does not leverage the underlying implementation's potential ability to
* filter <tt>Acl</tt> entries based on a {@link Sid} parameter.</p>
*
* @param object to locate an {@link Acl} for
*

15
acl/src/main/java/org/springframework/security/acls/jdbc/BasicLookupStrategy.java
View File

@ -290,7 +290,7 @@ public final class BasicLookupStrategy implements LookupStrategy {
* already, and adding the returned elements to the cache etc.</p>
* <p>
* This subclass is required to return fully valid <code>Acl</code>s, including properly-configured
* parent ACLs.</p>
* parent ACLs.
*
*/
private Map<ObjectIdentity, Acl> lookupObjectIdentities(final ObjectIdentity[] objectIdentities, Sid[] sids) {
@ -349,7 +349,7 @@ public final class BasicLookupStrategy implements LookupStrategy {
*
* @param acls the AclImpls (with StubAclParents)
* @param findNow Long-based primary keys to retrieve
* @param sids DOCUMENT ME!
* @param sids
*/
private void lookupPrimaryKeys(final Map acls, final Set findNow, final Sid[] sids) {
Assert.notNull(acls, "ACLs are required");
@ -378,11 +378,14 @@ public final class BasicLookupStrategy implements LookupStrategy {
}
/**
* The main method.<p>WARNING: This implementation completely disregards the "sids" argument! Every item
* in the cache is expected to contain all SIDs. If you have serious performance needs (eg a very large number of
* The main method.
* <p>
* WARNING: This implementation completely disregards the "sids" argument! Every item in the cache is expected to
* contain all SIDs. If you have serious performance needs (e.g. a very large number of
* SIDs per object identity), you'll probably want to develop a custom {@link LookupStrategy} implementation
* instead.</p>
* <p>The implementation works in batch sizes specfied by {@link #batchSize}.</p>
* instead.
* <p>
* The implementation works in batch sizes specified by {@link #batchSize}.
*
* @param objects the identities to lookup (required)
* @param sids the SIDs for which identities are required (ignored by this implementation)

2
acl/src/main/java/org/springframework/security/acls/objectidentity/ObjectIdentity.java
View File

@ -62,7 +62,7 @@ public interface ObjectIdentity extends Serializable {
*
* @return the Java type of the domain object (never <tt>null</tt>)
*/
Class getJavaType();
Class<?> getJavaType();
/**
* @return a hash code representation of the <tt>ObjectIdentity</tt>

6
acl/src/test/java/org/springframework/security/acls/jdbc/AclPermissionInheritanceTests.java
View File

@ -12,7 +12,6 @@ import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.datasource.DataSourceTransactionManager;
import org.springframework.jdbc.datasource.DriverManagerDataSource;
import org.springframework.security.Authentication;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.acls.MutableAcl;
import org.springframework.security.acls.domain.AclAuthorizationStrategyImpl;
@ -24,6 +23,7 @@ import org.springframework.security.acls.sid.GrantedAuthoritySid;
import org.springframework.security.acls.sid.PrincipalSid;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.util.AuthorityUtils;
import org.springframework.transaction.TransactionStatus;
import org.springframework.transaction.support.DefaultTransactionDefinition;
@ -52,8 +52,8 @@ public class AclPermissionInheritanceTests extends TestCase {
aclService = createAclService(dataSource);
Authentication auth = new UsernamePasswordAuthenticationToken(
"system", "secret", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_IGNORED")});
Authentication auth = new UsernamePasswordAuthenticationToken("system", "secret",
AuthorityUtils.createAuthorityList("ROLE_IGNORED"));
SecurityContextHolder.getContext().setAuthentication(auth);
}

14
acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java
View File

@ -123,7 +123,7 @@ public class BasicLookupStrategyTests {
// Deliberately use an integer for the child, to reproduce bug report in SEC-819
ObjectIdentity childOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Integer(102));
Map map = this.strategy.readAclsById(new ObjectIdentity[] { topParentOid, middleParentOid, childOid }, null);
Map<ObjectIdentity, Acl> map = this.strategy.readAclsById(new ObjectIdentity[] { topParentOid, middleParentOid, childOid }, null);
checkEntries(topParentOid, middleParentOid, childOid, map);
}
@ -138,7 +138,7 @@ public class BasicLookupStrategyTests {
// Let's empty the database to force acls retrieval from cache
emptyDatabase();
Map map = this.strategy.readAclsById(new ObjectIdentity[] { topParentOid, middleParentOid, childOid }, null);
Map<ObjectIdentity, Acl> map = this.strategy.readAclsById(new ObjectIdentity[] { topParentOid, middleParentOid, childOid }, null);
checkEntries(topParentOid, middleParentOid, childOid, map);
}
@ -151,12 +151,12 @@ public class BasicLookupStrategyTests {
// Set a batch size to allow multiple database queries in order to retrieve all acls
((BasicLookupStrategy) this.strategy).setBatchSize(1);
Map map = this.strategy.readAclsById(new ObjectIdentity[] { topParentOid, middleParentOid, childOid }, null);
Map<ObjectIdentity, Acl> map = this.strategy.readAclsById(new ObjectIdentity[] { topParentOid, middleParentOid, childOid }, null);
checkEntries(topParentOid, middleParentOid, childOid, map);
}
private void checkEntries(ObjectIdentity topParentOid, ObjectIdentity middleParentOid, ObjectIdentity childOid, Map map)
throws Exception {
private void checkEntries(ObjectIdentity topParentOid, ObjectIdentity middleParentOid, ObjectIdentity childOid,
Map<ObjectIdentity, Acl> map) throws Exception {
Assert.assertEquals(3, map.size());
MutableAcl topParent = (MutableAcl) map.get(topParentOid);
@ -233,7 +233,7 @@ public class BasicLookupStrategyTests {
ObjectIdentity middleParent2Oid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(103));
// Retrieve the child
Map map = this.strategy.readAclsById(new ObjectIdentity[] { childOid }, null);
Map<ObjectIdentity, Acl> map = this.strategy.readAclsById(new ObjectIdentity[] { childOid }, null);
// Check that the child and all its parents were retrieved
Assert.assertNotNull(map.get(childOid));
@ -270,7 +270,7 @@ public class BasicLookupStrategyTests {
ObjectIdentity[] childOids = new ObjectIdentity[] { childOid };
((BasicLookupStrategy) this.strategy).setBatchSize(6);
Map foundAcls = strategy.readAclsById(childOids, sids);
Map<ObjectIdentity, Acl> foundAcls = strategy.readAclsById(childOids, sids);
Acl foundChildAcl = (Acl) foundAcls.get(childOid);
Assert.assertNotNull(foundChildAcl);

3
acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java
View File

@ -71,8 +71,7 @@ public class EhCacheBasedAclCacheTests {
@Test(expected=IllegalArgumentException.class)
public void constructorRejectsNullParameters() throws Exception {
AclCache aclCache = new EhCacheBasedAclCache(null);
fail("It should have thrown IllegalArgumentException");
new EhCacheBasedAclCache(null);
}
@Test

1
acl/src/test/java/org/springframework/security/acls/objectidentity/ObjectIdentityTests.java
View File

@ -163,6 +163,7 @@ public class ObjectIdentityTests {
}
}
@SuppressWarnings("unused")
private class MockOtherIdDomainObject {
private Object id;

24
acl/src/test/java/org/springframework/security/acls/sid/SidTests.java
View File

@ -19,7 +19,7 @@ public class SidTests extends TestCase {
// Check one String-argument constructor
try {
String string = null;
Sid principalSid = new PrincipalSid(string);
new PrincipalSid(string);
Assert.fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -27,7 +27,7 @@ public class SidTests extends TestCase {
}
try {
Sid principalSid = new PrincipalSid("");
new PrincipalSid("");
Assert.fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -35,7 +35,7 @@ public class SidTests extends TestCase {
}
try {
Sid principalSid = new PrincipalSid("johndoe");
new PrincipalSid("johndoe");
Assert.assertTrue(true);
}
catch (IllegalArgumentException notExpected) {
@ -45,7 +45,7 @@ public class SidTests extends TestCase {
// Check one Authentication-argument constructor
try {
Authentication authentication = null;
Sid principalSid = new PrincipalSid(authentication);
new PrincipalSid(authentication);
Assert.fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -54,7 +54,7 @@ public class SidTests extends TestCase {
try {
Authentication authentication = new TestingAuthenticationToken(null, "password");
Sid principalSid = new PrincipalSid(authentication);
new PrincipalSid(authentication);
Assert.fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -63,7 +63,7 @@ public class SidTests extends TestCase {
try {
Authentication authentication = new TestingAuthenticationToken("johndoe", "password");
Sid principalSid = new PrincipalSid(authentication);
new PrincipalSid(authentication);
Assert.assertTrue(true);
}
catch (IllegalArgumentException notExpected) {
@ -75,7 +75,7 @@ public class SidTests extends TestCase {
// Check one String-argument constructor
try {
String string = null;
Sid gaSid = new GrantedAuthoritySid(string);
new GrantedAuthoritySid(string);
Assert.fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -83,7 +83,7 @@ public class SidTests extends TestCase {
}
try {
Sid gaSid = new GrantedAuthoritySid("");
new GrantedAuthoritySid("");
Assert.fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -91,7 +91,7 @@ public class SidTests extends TestCase {
}
try {
Sid gaSid = new GrantedAuthoritySid("ROLE_TEST");
new GrantedAuthoritySid("ROLE_TEST");
Assert.assertTrue(true);
}
catch (IllegalArgumentException notExpected) {
@ -101,7 +101,7 @@ public class SidTests extends TestCase {
// Check one GrantedAuthority-argument constructor
try {
GrantedAuthority ga = null;
Sid gaSid = new GrantedAuthoritySid(ga);
new GrantedAuthoritySid(ga);
Assert.fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -110,7 +110,7 @@ public class SidTests extends TestCase {
try {
GrantedAuthority ga = new GrantedAuthorityImpl(null);
Sid gaSid = new GrantedAuthoritySid(ga);
new GrantedAuthoritySid(ga);
Assert.fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -119,7 +119,7 @@ public class SidTests extends TestCase {
try {
GrantedAuthority ga = new GrantedAuthorityImpl("ROLE_TEST");
Sid gaSid = new GrantedAuthoritySid(ga);
new GrantedAuthoritySid(ga);
Assert.assertTrue(true);
}
catch (IllegalArgumentException notExpected) {

38
cas/src/main/java/org/springframework/security/providers/cas/CasAuthenticationProvider.java
View File

@ -18,32 +18,23 @@ package org.springframework.security.providers.cas;
import org.jasig.cas.client.validation.Assertion;
import org.jasig.cas.client.validation.TicketValidationException;
import org.jasig.cas.client.validation.TicketValidator;
import org.springframework.security.SpringSecurityMessageSource;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.cas.cache.NullStatelessTicketCache;
import org.springframework.security.ui.cas.CasProcessingFilter;
import org.springframework.security.ui.cas.ServiceProperties;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.userdetails.UserDetailsChecker;
import org.springframework.security.userdetails.checker.AccountStatusUserDetailsChecker;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.MessageSource;
import org.springframework.context.MessageSourceAware;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.SpringSecurityMessageSource;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.cas.cache.NullStatelessTicketCache;
import org.springframework.security.ui.cas.CasProcessingFilter;
import org.springframework.security.ui.cas.ServiceProperties;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsChecker;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.userdetails.checker.AccountStatusUserDetailsChecker;
import org.springframework.util.Assert;
@ -60,9 +51,6 @@ import org.springframework.util.Assert;
* @version $Id$
*/
public class CasAuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware {
//~ Static fields/initializers =====================================================================================
private static final Log logger = LogFactory.getLog(CasAuthenticationProvider.class);
//~ Instance fields ================================================================================================

21
cas/src/test/java/org/springframework/security/providers/cas/CasAuthenticationProviderTests.java
View File

@ -30,6 +30,7 @@ import org.springframework.security.ui.cas.ServiceProperties;
import org.springframework.security.userdetails.User;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.util.AuthorityUtils;
import java.util.HashMap;
import java.util.Map;
@ -54,12 +55,12 @@ public class CasAuthenticationProviderTests {
private UserDetails makeUserDetails() {
return new User("user", "password", true, true, true, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
}
private UserDetails makeUserDetailsFromAuthoritiesPopulator() {
return new User("user", "password", true, true, true, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A"), new GrantedAuthorityImpl("ROLE_B")});
AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B"));
}
private ServiceProperties makeServiceProperties() {
@ -83,8 +84,8 @@ public class CasAuthenticationProviderTests {
cap.setTicketValidator(new MockTicketValidator(true));
cap.afterPropertiesSet();
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(CasProcessingFilter.CAS_STATEFUL_IDENTIFIER,
"ST-123");
UsernamePasswordAuthenticationToken token =
new UsernamePasswordAuthenticationToken(CasProcessingFilter.CAS_STATEFUL_IDENTIFIER, "ST-123");
token.setDetails("details");
Authentication result = cap.authenticate(token);
@ -124,8 +125,8 @@ public class CasAuthenticationProviderTests {
cap.setServiceProperties(makeServiceProperties());
cap.afterPropertiesSet();
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(CasProcessingFilter.CAS_STATELESS_IDENTIFIER,
"ST-456");
UsernamePasswordAuthenticationToken token =
new UsernamePasswordAuthenticationToken(CasProcessingFilter.CAS_STATELESS_IDENTIFIER, "ST-456");
token.setDetails("details");
Authentication result = cap.authenticate(token);
@ -183,7 +184,7 @@ public class CasAuthenticationProviderTests {
cap.afterPropertiesSet();
CasAuthenticationToken token = new CasAuthenticationToken("WRONG_KEY", makeUserDetails(), "credentials",
new GrantedAuthority[] {new GrantedAuthorityImpl("XX")}, makeUserDetails(), assertion);
AuthorityUtils.createAuthorityList("XX"), makeUserDetails(), assertion);
cap.authenticate(token);
}
@ -275,7 +276,7 @@ public class CasAuthenticationProviderTests {
cap.afterPropertiesSet();
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("some_normal_user",
"password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A")});
"password", AuthorityUtils.createAuthorityList("ROLE_A"));
assertEquals(null, cap.authenticate(token));
}
@ -295,10 +296,10 @@ public class CasAuthenticationProviderTests {
}
private class MockStatelessTicketCache implements StatelessTicketCache {
private Map cache = new HashMap();
private Map<String, CasAuthenticationToken> cache = new HashMap<String, CasAuthenticationToken>();
public CasAuthenticationToken getByTicketId(String serviceTicket) {
return (CasAuthenticationToken) cache.get(serviceTicket);
return cache.get(serviceTicket);
}
public void putTicketInCache(CasAuthenticationToken token) {

11
cas/src/test/java/org/springframework/security/providers/cas/cache/AbstractStatelessTicketCacheTests.java vendored
View File

@ -5,15 +5,14 @@ import java.util.List;
import org.jasig.cas.client.validation.Assertion;
import org.jasig.cas.client.validation.AssertionImpl;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.cas.CasAuthenticationToken;
import org.springframework.security.userdetails.User;
import org.springframework.security.util.AuthorityUtils;
/**
*
* @author Scott Battaglia
* @version $Revision$ $Date$
* @version $Id$
* @since 2.0
*
*/
@ -23,13 +22,11 @@ public abstract class AbstractStatelessTicketCacheTests {
List<String> proxyList = new ArrayList<String>();
proxyList.add("https://localhost/newPortal/j_spring_cas_security_check");
User user = new User("rod", "password", true, true, true, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
User user = new User("rod", "password", true, true, true, true, AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
final Assertion assertion = new AssertionImpl("rod");
return new CasAuthenticationToken("key", user, "ST-0-ER94xMJmn6pha35CQRoZ",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}, user,
assertion);
AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), user, assertion);
}
}

3
core/src/main/java/org/springframework/security/GrantedAuthority.java
View File

@ -26,13 +26,10 @@ import org.springframework.security.userdetails.UserDetails;
* A <code>GrantedAuthority</code> must either represent itself as a
* <code>String</code> or be specifically supported by an {@link
* AccessDecisionManager}.
* </p>
*
* <p>
* Implementations must implement {@link Comparable} in order to ensure that
* array sorting logic guaranteed by {@link UserDetails#getAuthorities()} can
* be reliably implemented.
* </p>
*
* @author Ben Alex
* @version $Id$

1
core/src/main/java/org/springframework/security/concurrent/ConcurrentSessionFilter.java
View File

@ -24,7 +24,6 @@ import org.springframework.security.ui.logout.SecurityContextLogoutHandler;
import org.springframework.security.util.UrlUtils;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;

2
core/src/main/java/org/springframework/security/config/ConfigUtils.java
View File

@ -87,11 +87,13 @@ abstract class ConfigUtils {
((ArrayList) authManager.getPropertyValues().getPropertyValue("providerBeanNames").getValue()).add(beanName);
}
@SuppressWarnings("unchecked")
static ManagedList getRegisteredAfterInvocationProviders(ParserContext parserContext) {
BeanDefinition manager = registerAfterInvocationProviderManagerIfNecessary(parserContext);
return (ManagedList) manager.getPropertyValues().getPropertyValue("providers").getValue();
}
@SuppressWarnings("unchecked")
private static BeanDefinition registerAfterInvocationProviderManagerIfNecessary(ParserContext parserContext) {
if(parserContext.getRegistry().containsBeanDefinition(BeanIds.AFTER_INVOCATION_MANAGER)) {
return parserContext.getRegistry().getBeanDefinition(BeanIds.AFTER_INVOCATION_MANAGER);

1
core/src/main/java/org/springframework/security/config/FilterInvocationDefinitionSourceBeanDefinitionParser.java
View File

@ -27,7 +27,6 @@ public class FilterInvocationDefinitionSourceBeanDefinitionParser extends Abstra
return "org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource";
}
@SuppressWarnings("unchecked")
protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
List<Element> interceptUrls = DomUtils.getChildElementsByTagName(element, "intercept-url");

1
core/src/main/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParser.java
View File

@ -166,6 +166,7 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser {
pc.getRegistry().registerBeanDefinition(ACCESS_MANAGER_ID, accessMgrBuilder.getBeanDefinition());
}
@SuppressWarnings("unchecked")
private void registerDelegatingMethodDefinitionSource(ParserContext parserContext, ManagedList delegates, Object source) {
if (parserContext.getRegistry().containsBeanDefinition(DELEGATING_METHOD_DEFINITION_SOURCE_ID)) {
parserContext.getReaderContext().error("Duplicate <global-method-security> detected.", source);

1
core/src/main/java/org/springframework/security/config/InterceptMethodsBeanDefinitionDecorator.java
View File

@ -42,7 +42,6 @@ class InternalInterceptMethodsBeanDefinitionDecorator extends AbstractIntercepto
static final String ATT_ACCESS = "access";
private static final String ATT_ACCESS_MGR = "access-decision-manager-ref";
@SuppressWarnings("unchecked")
protected BeanDefinition createInterceptorDefinition(Node node) {
Element interceptMethodsElt = (Element)node;
BeanDefinitionBuilder interceptor = BeanDefinitionBuilder.rootBeanDefinition(MethodSecurityInterceptor.class);

3
core/src/main/java/org/springframework/security/config/SessionRegistryInjectionBeanPostProcessor.java
View File

@ -56,7 +56,6 @@ class SessionRegistryInjectionBeanPostProcessor implements BeanPostProcessor, Be
return bean;
}
@SuppressWarnings("unchecked")
private SessionRegistry getSessionRegistry() {
if (sessionRegistry != null) {
return sessionRegistry;
@ -84,7 +83,7 @@ class SessionRegistryInjectionBeanPostProcessor implements BeanPostProcessor, Be
logger.warn("More than one SessionRegistry instance in application context. Possible configuration errors may result.");
}
sessionRegistry = (SessionRegistry) sessionRegs.get(0);
sessionRegistry = sessionRegs.get(0);
return sessionRegistry;
}

6
core/src/main/java/org/springframework/security/event/authentication/InteractiveAuthenticationSuccessEvent.java
View File

@ -30,11 +30,11 @@ import org.springframework.util.Assert;
public class InteractiveAuthenticationSuccessEvent extends AbstractAuthenticationEvent {
//~ Instance fields ================================================================================================
private Class generatedBy;
private Class<?> generatedBy;
//~ Constructors ===================================================================================================
public InteractiveAuthenticationSuccessEvent(Authentication authentication, Class generatedBy) {
public InteractiveAuthenticationSuccessEvent(Authentication authentication, Class<?> generatedBy) {
super(authentication);
Assert.notNull(generatedBy);
this.generatedBy = generatedBy;
@ -48,7 +48,7 @@ public class InteractiveAuthenticationSuccessEvent extends AbstractAuthenticatio
*
* @return the class
*/
public Class getGeneratedBy() {
public Class<?> getGeneratedBy() {
return generatedBy;
}
}

5
core/src/main/java/org/springframework/security/event/authentication/LoggerListener.java
View File

@ -23,8 +23,9 @@ import org.springframework.util.ClassUtils;
/**
* Outputs authentication-related application events to Commons Logging.<P>All authentication events are logged at
* the warning level.</p>
* Outputs authentication-related application events to Commons Logging.
* <p>
* All authentication events are logged at the warning level.
*
* @author Ben Alex
* @version $Id$

13
core/src/main/java/org/springframework/security/intercept/method/MapBasedMethodDefinitionSource.java
View File

@ -20,7 +20,6 @@ import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
@ -88,7 +87,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
return findAttributesSpecifiedAgainst(method, targetClass);
}
private List<ConfigAttribute> findAttributesSpecifiedAgainst(Method method, Class clazz) {
private List<ConfigAttribute> findAttributesSpecifiedAgainst(Method method, Class<?> clazz) {
RegisteredMethod registeredMethod = new RegisteredMethod(method, clazz);
if (methodMap.containsKey(registeredMethod)) {
return (List<ConfigAttribute>) methodMap.get(registeredMethod);
@ -118,7 +117,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
Assert.hasText(methodName, "Method not found for '" + name + "'");
String typeName = name.substring(0, lastDotIndex);
Class type = ClassUtils.resolveClassName(typeName, this.beanClassLoader);
Class<?> type = ClassUtils.resolveClassName(typeName, this.beanClassLoader);
addSecureMethod(type, methodName, attr);
}
@ -131,7 +130,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
* @param mappedName mapped method name, which the javaType has declared or inherited
* @param attr required authorities associated with the method
*/
public void addSecureMethod(Class javaType, String mappedName, List<ConfigAttribute> attr) {
public void addSecureMethod(Class<?> javaType, String mappedName, List<ConfigAttribute> attr) {
String name = javaType.getName() + '.' + mappedName;
if (logger.isDebugEnabled()) {
@ -179,7 +178,7 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
* the existing match will be retained, so that if this method is called for a more general pointcut
* it will not override a more specific one which has already been added. This
*/
public void addSecureMethod(Class javaType, Method method, List<ConfigAttribute> attr) {
public void addSecureMethod(Class<?> javaType, Method method, List<ConfigAttribute> attr) {
RegisteredMethod key = new RegisteredMethod(method, javaType);
if (methodMap.containsKey(key)) {
@ -255,9 +254,9 @@ public class MapBasedMethodDefinitionSource extends AbstractFallbackMethodDefini
*/
private class RegisteredMethod {
private Method method;
private Class registeredJavaType;
private Class<?> registeredJavaType;
public RegisteredMethod(Method method, Class registeredJavaType) {
public RegisteredMethod(Method method, Class<?> registeredJavaType) {
Assert.notNull(method, "Method required");
Assert.notNull(registeredJavaType, "Registered Java Type required");
this.method = method;

28
core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditor.java
View File

@ -15,23 +15,18 @@
package org.springframework.security.intercept.method;
import org.springframework.security.ConfigAttribute;
import org.springframework.security.SecurityConfig;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.propertyeditors.PropertiesEditor;
import org.springframework.util.StringUtils;
import java.beans.PropertyEditorSupport;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.Map;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import org.springframework.beans.propertyeditors.PropertiesEditor;
import org.springframework.security.ConfigAttribute;
import org.springframework.security.SecurityConfig;
import org.springframework.util.StringUtils;
/**
@ -44,12 +39,9 @@ import java.util.LinkedHashMap;
* @version $Id$
*/
public class MethodDefinitionSourceEditor extends PropertyEditorSupport {
//~ Static fields/initializers =====================================================================================
private static final Log logger = LogFactory.getLog(MethodDefinitionSourceEditor.class);
//~ Methods ========================================================================================================
@SuppressWarnings("unchecked")
public void setAsText(String s) throws IllegalArgumentException {
if ((s == null) || "".equals(s)) {
setValue(new MapBasedMethodDefinitionSource());
@ -63,7 +55,7 @@ public class MethodDefinitionSourceEditor extends PropertyEditorSupport {
Properties props = (Properties) propertiesEditor.getValue();
// Now we have properties, process each one individually
Map mappings = new LinkedHashMap();
Map<String, List<ConfigAttribute>> mappings = new LinkedHashMap<String, List<ConfigAttribute>>();
for (Iterator iter = props.keySet().iterator(); iter.hasNext();) {
String name = (String) iter.next();

25
core/src/main/java/org/springframework/security/intercept/method/ProtectPointcutPostProcessor.java
View File

@ -2,7 +2,6 @@ package org.springframework.security.intercept.method;
import java.lang.reflect.Method;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
@ -29,25 +28,18 @@ import org.springframework.util.StringUtils;
* having every method of every bean defined in the Spring application context compared with
* those pointcuts. Where a match is found, the matching method will be registered with the
* {@link MapBasedMethodDefinitionSource}.
* </p>
*
* <p>
* It is very important to understand that only the <b>first</b> pointcut that matches a given
* method will be taken as authoritative for that method. This is why pointcuts should be provided
* as a <tt>LinkedHashMap</tt>, because their order is very important.
* </p>
*
* <p>
* Note also that only beans defined in the Spring application context will be examined by this
* class.
* </p>
*
* <p>
* Because this class registers method security metadata with {@link MapBasedMethodDefinitionSource},
* normal Spring Security capabilities such as {@link MethodDefinitionSourceAdvisor} can be used.
* It does not matter the fact the method metadata was originally obtained from an AspectJ pointcut
* expression evaluation.
* </p>
*
* @author Ben Alex
* @verion $Id$
@ -58,7 +50,7 @@ public final class ProtectPointcutPostProcessor implements BeanPostProcessor {
private static final Log logger = LogFactory.getLog(ProtectPointcutPostProcessor.class);
private Map<String,List<ConfigAttribute>> pointcutMap = new LinkedHashMap();
private Map<String,List<ConfigAttribute>> pointcutMap = new LinkedHashMap<String,List<ConfigAttribute>>();
private MapBasedMethodDefinitionSource mapBasedMethodDefinitionSource;
private PointcutParser parser;
@ -66,8 +58,8 @@ public final class ProtectPointcutPostProcessor implements BeanPostProcessor {
Assert.notNull(mapBasedMethodDefinitionSource, "MapBasedMethodDefinitionSource to populate is required");
this.mapBasedMethodDefinitionSource = mapBasedMethodDefinitionSource;
// Setup AspectJ pointcut expression parser
Set supportedPrimitives = new HashSet();
// Set up AspectJ pointcut expression parser
Set<PointcutPrimitive> supportedPrimitives = new HashSet<PointcutPrimitive>(3);
supportedPrimitives.add(PointcutPrimitive.EXECUTION);
supportedPrimitives.add(PointcutPrimitive.ARGS);
supportedPrimitives.add(PointcutPrimitive.REFERENCE);
@ -96,10 +88,7 @@ public final class ProtectPointcutPostProcessor implements BeanPostProcessor {
// Check to see if any of those methods are compatible with our pointcut expressions
for (int i = 0; i < methods.length; i++) {
Iterator iter = pointcutMap.keySet().iterator();
while (iter.hasNext()) {
String ex = iter.next().toString();
for (String ex : pointcutMap.keySet()) {
// Parse the presented AspectJ pointcut expression
PointcutExpression expression = parser.parsePointcutExpression(ex);
@ -114,7 +103,7 @@ public final class ProtectPointcutPostProcessor implements BeanPostProcessor {
return bean;
}
private boolean attemptMatch(Class targetClass, Method method, PointcutExpression expression, String beanName) {
private boolean attemptMatch(Class<?> targetClass, Method method, PointcutExpression expression, String beanName) {
// Determine if the presented AspectJ pointcut expression matches this method
boolean matches = expression.matchesMethodExecution(method).alwaysMatches();
@ -134,9 +123,7 @@ public final class ProtectPointcutPostProcessor implements BeanPostProcessor {
public void setPointcutMap(Map<String, List<ConfigAttribute>> map) {
Assert.notEmpty(map);
Iterator i = map.keySet().iterator();
while (i.hasNext()) {
String expression = i.next().toString();
for (String expression : map.keySet()) {
List<ConfigAttribute> value = map.get(expression);
addPointcut(expression, value);
}

1
core/src/main/java/org/springframework/security/intercept/method/aopalliance/MethodDefinitionSourceAdvisor.java
View File

@ -115,6 +115,7 @@ public class MethodDefinitionSourceAdvisor extends AbstractPointcutAdvisor imple
//~ Inner Classes ==================================================================================================
class MethodDefinitionSourcePointcut extends StaticMethodMatcherPointcut {
@SuppressWarnings("unchecked")
public boolean matches(Method m, Class targetClass) {
return attributeSource.getAttributes(m, targetClass) != null;
}

17
core/src/main/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulator.java
View File

@ -29,8 +29,8 @@ import org.apache.commons.logging.LogFactory;
import javax.naming.directory.SearchControls;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
@ -181,7 +181,7 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
Set<GrantedAuthority> roles = getGroupMembershipRoles(userDn, username);
Set extraRoles = getAdditionalRoles(user, username);
Set<GrantedAuthority> extraRoles = getAdditionalRoles(user, username);
if (extraRoles != null) {
roles.addAll(extraRoles);
@ -198,28 +198,25 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
}
public Set<GrantedAuthority> getGroupMembershipRoles(String userDn, String username) {
Set authorities = new HashSet();
if (getGroupSearchBase() == null) {
return authorities;
return Collections.emptySet();
}
Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
if (logger.isDebugEnabled()) {
logger.debug("Searching for roles for user '" + username + "', DN = " + "'" + userDn + "', with filter "
+ groupSearchFilter + " in search base '" + getGroupSearchBase() + "'");
}
Set userRoles = ldapTemplate.searchForSingleAttributeValues(getGroupSearchBase(), groupSearchFilter,
Set<String> userRoles = ldapTemplate.searchForSingleAttributeValues(getGroupSearchBase(), groupSearchFilter,
new String[]{userDn, username}, groupRoleAttribute);
if (logger.isDebugEnabled()) {
logger.debug("Roles from search: " + userRoles);
}
Iterator it = userRoles.iterator();
while (it.hasNext()) {
String role = (String) it.next();
for (String role : userRoles) {
if (convertToUpperCase) {
role = role.toUpperCase();

16
core/src/main/java/org/springframework/security/providers/jaas/AuthorityGranter.java
View File

@ -21,14 +21,11 @@ import java.util.Set;
/**
* The AuthorityGranter interface is used to map a given principal to role
* names.
*
* <P>
* The AuthorityGranter interface is used to map a given principal to role names.
* <p>
* If a Windows NT login module were to be used from JAAS, an AuthrityGranter
* implementation could be created to map a NT Group Principal to a ROLE_USER
* role for instance. <br>
* </p>
* role for instance.
*
* @author Ray Krueger
* @version $Id$
@ -40,13 +37,14 @@ public interface AuthorityGranter {
* The grant method is called for each principal returned from the LoginContext subject. If the
* AuthorityGranter wishes to grant any authorities, it should return a java.util.Set containing the role names it
* wishes to grant, such as ROLE_USER. If the AuthrityGranter does not wish to grant any authorities it should
* return null. <br>
* return null.
* <p>
* The set may contain any object as all objects in the returned set will be passed to the JaasGrantedAuthority
* constructor using toString().
*
* @param principal One of the principals from the LoginContext.getSubect().getPrincipals() method.
*
* @return A java.util.Set of role names to grant, or null meaning no roles should be granted for the principal.
* @return the role names to grant, or null, meaning no roles should be granted to the principal.
*/
Set grant(Principal principal);
Set<String> grant(Principal principal);
}

95
core/src/main/java/org/springframework/security/providers/jaas/JaasAuthenticationProvider.java
View File

@ -15,40 +15,11 @@
package org.springframework.security.providers.jaas;
import org.springframework.security.SpringSecurityException;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.context.HttpSessionContextIntegrationFilter;
import org.springframework.security.context.SecurityContext;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.jaas.event.JaasAuthenticationFailedEvent;
import org.springframework.security.providers.jaas.event.JaasAuthenticationSuccessEvent;
import org.springframework.security.ui.session.HttpSessionDestroyedEvent;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.*;
import org.springframework.core.io.Resource;
import org.springframework.util.Assert;
import java.io.IOException;
import java.security.Principal;
import java.security.Security;
import java.util.Arrays;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.callback.Callback;
@ -58,6 +29,27 @@ import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.ApplicationEvent;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.ApplicationEventPublisherAware;
import org.springframework.context.ApplicationListener;
import org.springframework.core.io.Resource;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.SpringSecurityException;
import org.springframework.security.context.HttpSessionSecurityContextRepository;
import org.springframework.security.context.SecurityContext;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.jaas.event.JaasAuthenticationFailedEvent;
import org.springframework.security.providers.jaas.event.JaasAuthenticationSuccessEvent;
import org.springframework.security.ui.session.HttpSessionDestroyedEvent;
import org.springframework.util.Assert;
/**
* An {@link AuthenticationProvider} implementation that retrieves user details from a JAAS login configuration.
@ -177,39 +169,39 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
* only throws a AuthenticationServiceException, with the message of the LoginException that will be
* thrown, should the loginContext.login() method fail.
*/
public Authentication authenticate(Authentication auth)
throws AuthenticationException {
if (auth instanceof UsernamePasswordAuthenticationToken) {
public Authentication authenticate(Authentication auth) throws AuthenticationException {
if (!(auth instanceof UsernamePasswordAuthenticationToken)) {
return null;
}
UsernamePasswordAuthenticationToken request = (UsernamePasswordAuthenticationToken) auth;
Set<GrantedAuthority> authorities;
try {
//Create the LoginContext object, and pass our InternallCallbackHandler
// Create the LoginContext object, and pass our InternallCallbackHandler
LoginContext loginContext = new LoginContext(loginContextName, new InternalCallbackHandler(auth));
//Attempt to login the user, the LoginContext will call our InternalCallbackHandler at this point.
// Attempt to login the user, the LoginContext will call our InternalCallbackHandler at this point.
loginContext.login();
//create a set to hold the authorities, and add any that have already been applied.
Set<GrantedAuthority> authorities = new HashSet();
// Create a set to hold the authorities, and add any that have already been applied.
authorities = new HashSet<GrantedAuthority>();
if (request.getAuthorities() != null) {
authorities.addAll(request.getAuthorities());
}
//get the subject principals and pass them to each of the AuthorityGranters
Set principals = loginContext.getSubject().getPrincipals();
for (Iterator iterator = principals.iterator(); iterator.hasNext();) {
Principal principal = (Principal) iterator.next();
// Get the subject principals and pass them to each of the AuthorityGranters
Set<Principal> principals = loginContext.getSubject().getPrincipals();
for (Principal principal : principals) {
for (int i = 0; i < authorityGranters.length; i++) {
AuthorityGranter granter = authorityGranters[i];
Set roles = granter.grant(principal);
Set<String> roles = granter.grant(principal);
//If the granter doesn't wish to grant any authorities, it should return null.
// If the granter doesn't wish to grant any authorities, it should return null.
if ((roles != null) && !roles.isEmpty()) {
for (Iterator roleIterator = roles.iterator(); roleIterator.hasNext();) {
String role = roleIterator.next().toString();
for (String role : roles) {
authorities.add(new JaasGrantedAuthority(role, principal));
}
}
@ -218,14 +210,14 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
//Convert the authorities set back to an array and apply it to the token.
JaasAuthenticationToken result = new JaasAuthenticationToken(request.getPrincipal(),
request.getCredentials(),
(GrantedAuthority[]) authorities.toArray(new GrantedAuthority[0]), loginContext);
request.getCredentials(), new ArrayList<GrantedAuthority>(authorities), loginContext);
//Publish the success event
publishSuccessEvent(result);
//we're done, return the token.
return result;
} catch (LoginException loginException) {
SpringSecurityException ase = loginExceptionResolver.resolveException(loginException);
@ -234,9 +226,6 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
}
}
return null;
}
/**
* Hook method for configuring Jaas
*
@ -318,13 +307,13 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
/**
* Handles the logout by getting the SecurityContext for the session that was destroyed. <b>MUST NOT use
* SecurityContextHolder we are logging out a session that is not related to the current user.</b>
* SecurityContextHolder as we are logging out a session that is not related to the current user.</b>
*
* @param event
*/
protected void handleLogout(HttpSessionDestroyedEvent event) {
SecurityContext context = (SecurityContext)
event.getSession().getAttribute(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY);
event.getSession().getAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY);
if (context == null) {
log.debug("The destroyed session has no SecurityContext");

4
core/src/main/java/org/springframework/security/providers/jaas/JaasAuthenticationToken.java
View File

@ -15,6 +15,8 @@
package org.springframework.security.providers.jaas;
import java.util.List;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
@ -40,7 +42,7 @@ public class JaasAuthenticationToken extends UsernamePasswordAuthenticationToken
this.loginContext = loginContext;
}
public JaasAuthenticationToken(Object principal, Object credentials, GrantedAuthority[] authorities,
public JaasAuthenticationToken(Object principal, Object credentials, List<GrantedAuthority> authorities,
LoginContext loginContext) {
super(principal, credentials, authorities);
this.loginContext = loginContext;

23
core/src/main/java/org/springframework/security/providers/jaas/SecurityContextLoginModule.java
View File

@ -32,16 +32,18 @@ import javax.security.auth.spi.LoginModule;
/**
* An implementation of {@link LoginModule} that uses a Spring Security {@link
* org.springframework.security.context.SecurityContext SecurityContext} to provide authentication.<p>This LoginModule
* provides opposite functionality to the {@link JaasAuthenticationProvider} API, and should not really be used in
* conjunction with it.</p>
* <p>The {@link JaasAuthenticationProvider} allows Spring Security to authenticate against Jaas.</p>
* <p>The SecurityContextLoginModule allows a Jaas based application to authenticate against Spring Security.
* org.springframework.security.context.SecurityContext SecurityContext} to provide authentication.
* <p>
* This LoginModule provides opposite functionality to the {@link JaasAuthenticationProvider} API, and should not
* really be used in conjunction with it.
* <p>
* The {@link JaasAuthenticationProvider} allows Spring Security to authenticate against Jaas.
* <p>
* The SecurityContextLoginModule allows a Jaas based application to authenticate against Spring Security.
* If there is no Authentication in the {@link SecurityContextHolder} the login() method will throw a LoginException
* by default.
* This functionality can be changed with the <tt>ignoreMissingAuthentication</tt> option by setting it to "true".
* Setting ignoreMissingAuthentication=true will tell the SecurityContextLoginModule to simply return false and be
* ignored if the authentication is null.</p>
* by default. This functionality can be changed with the <tt>ignoreMissingAuthentication</tt> option by setting it
* to "true". Setting ignoreMissingAuthentication=true will tell the SecurityContextLoginModule to simply return false
* and be ignored if the authentication is null.
*
* @author Brian Moseley
* @author Ray Krueger
@ -107,11 +109,12 @@ public class SecurityContextLoginModule implements LoginModule {
* <code>LoginContext</code> likely won't provide one that understands Spring Security. Also ignores the
* <code>sharedState</code> and <code>options</code> parameters, since none are recognized.
*
* @param subject the <code>Subject</code> to be authenticated. <p>
* @param subject the <code>Subject</code> to be authenticated.
* @param callbackHandler is ignored
* @param sharedState is ignored
* @param options are ignored
*/
@SuppressWarnings("unchecked")
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
this.subject = subject;

22
core/src/main/java/org/springframework/security/providers/ldap/authenticator/PasswordComparisonAuthenticator.java
View File

@ -15,6 +15,11 @@
package org.springframework.security.providers.ldap.authenticator;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.ldap.NameNotFoundException;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.ldap.core.support.BaseLdapPathContextSource;
import org.springframework.security.Authentication;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.ldap.LdapUtils;
@ -22,16 +27,8 @@ import org.springframework.security.ldap.SpringSecurityLdapTemplate;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.encoding.PasswordEncoder;
import org.springframework.security.userdetails.UsernameNotFoundException;
import org.springframework.ldap.NameNotFoundException;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.ldap.core.support.BaseLdapPathContextSource;
import org.springframework.util.Assert;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import java.util.Iterator;
/**
* An {@link org.springframework.security.providers.ldap.LdapAuthenticator LdapAuthenticator} which compares the login
@ -71,17 +68,16 @@ public final class PasswordComparisonAuthenticator extends AbstractLdapAuthentic
String username = authentication.getName();
String password = (String)authentication.getCredentials();
Iterator dns = getUserDns(username).iterator();
SpringSecurityLdapTemplate ldapTemplate = new SpringSecurityLdapTemplate(getContextSource());
while (dns.hasNext() && user == null) {
final String userDn = (String) dns.next();
for (String userDn : getUserDns(username)) {
try {
user = ldapTemplate.retrieveEntry(userDn, getUserAttributes());
} catch (NameNotFoundException ignore) {
}
if (user != null) {
break;
}
}
if (user == null && getUserSearch() != null) {

23
core/src/main/java/org/springframework/security/providers/preauth/PreAuthenticatedAuthenticationProvider.java
View File

@ -1,21 +1,17 @@
package org.springframework.security.providers.preauth;
import java.util.Arrays;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.userdetails.AuthenticationUserDetailsService;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsChecker;
import org.springframework.security.userdetails.checker.AccountStatusUserDetailsChecker;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.Ordered;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.userdetails.AuthenticationUserDetailsService;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsChecker;
import org.springframework.security.userdetails.checker.AccountStatusUserDetailsChecker;
import org.springframework.util.Assert;
/**
@ -87,8 +83,7 @@ public class PreAuthenticatedAuthenticationProvider implements AuthenticationPro
userDetailsChecker.check(ud);
PreAuthenticatedAuthenticationToken result =
new PreAuthenticatedAuthenticationToken(ud, authentication.getCredentials(),
ud.getAuthorities().toArray(new GrantedAuthority[0]));
new PreAuthenticatedAuthenticationToken(ud, authentication.getCredentials(), ud.getAuthorities());
result.setDetails(authentication.getDetails());
return result;

11
core/src/main/java/org/springframework/security/providers/rcp/RemoteAuthenticationManager.java
View File

@ -29,11 +29,12 @@ public interface RemoteAuthenticationManager {
/**
* Attempts to authenticate the remote client using the presented username and password. If authentication
* is successful, an array of <code>GrantedAuthority[]</code> objects will be returned.<p>In order to
* maximise remoting protocol compatibility, a design decision was taken to operate with minimal arguments and
* return only the minimal amount of information required for remote clients to enable/disable relevant user
* interface commands etc. There is nothing preventing users from implementing their own equivalent package that
* works with more complex object types.</p>
* is successful, an array of <code>GrantedAuthority[]</code> objects will be returned.
* <p>
* In order to maximise remoting protocol compatibility, a design decision was taken to operate with minimal
* arguments and return only the minimal amount of information required for remote clients to enable/disable
* relevant user interface commands etc. There is nothing preventing users from implementing their own equivalent
* package that works with more complex object types.
*
* @param username the username the remote client wishes to authenticate with.
* @param password the password the remote client wishes to authenticate with.

14
core/src/main/java/org/springframework/security/providers/rcp/RemoteAuthenticationProvider.java
View File

@ -15,6 +15,8 @@
package org.springframework.security.providers.rcp;
import java.util.Arrays;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.GrantedAuthority;
@ -28,11 +30,13 @@ import org.springframework.util.Assert;
/**
* Client-side object which queries a {@link RemoteAuthenticationManager} to validate an authentication request.<p>A
* new <code>Authentication</code> object is created by this class comprising the request <code>Authentication</code>
* Client-side object which queries a {@link RemoteAuthenticationManager} to validate an authentication request.
* <p>
* A new <code>Authentication</code> object is created by this class comprising the request <code>Authentication</code>
* object's <code>principal</code>, <code>credentials</code> and the <code>GrantedAuthority</code>[]s returned by the
* <code>RemoteAuthenticationManager</code>.</p>
* <p>The <code>RemoteAuthenticationManager</code> should not require any special username or password setting on
* <code>RemoteAuthenticationManager</code>.
* <p>
* The <code>RemoteAuthenticationManager</code> should not require any special username or password setting on
* the remoting client proxy factory to execute the call. Instead the entire authentication request must be
* encapsulated solely within the <code>Authentication</code> request object. In practical terms this means the
* <code>RemoteAuthenticationManager</code> will <b>not</b> be protected by BASIC or any other HTTP-level
@ -60,7 +64,7 @@ public class RemoteAuthenticationProvider implements AuthenticationProvider, Ini
String password = authentication.getCredentials().toString();
GrantedAuthority[] authorities = remoteAuthenticationManager.attemptAuthentication(username, password);
return new UsernamePasswordAuthenticationToken(username, password, authorities);
return new UsernamePasswordAuthenticationToken(username, password, Arrays.asList(authorities));
}
public RemoteAuthenticationManager getRemoteAuthenticationManager() {

32
core/src/main/java/org/springframework/security/providers/rememberme/RememberMeAuthenticationProvider.java
View File

@ -15,36 +15,25 @@
package org.springframework.security.providers.rememberme;
import org.springframework.security.SpringSecurityMessageSource;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.providers.AuthenticationProvider;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.MessageSource;
import org.springframework.context.MessageSourceAware;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.SpringSecurityMessageSource;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.util.Assert;
/**
* An {@link AuthenticationProvider} implementation that validates {@link
* org.springframework.security.providers.rememberme.RememberMeAuthenticationToken}s.<p>To be successfully validated, the
* {@link org.springframework.security.providers.rememberme.RememberMeAuthenticationToken#getKeyHash()} must match this class'
* {@link #getKey()}.</p>
* An {@link AuthenticationProvider} implementation that validates {@link RememberMeAuthenticationToken}s.
* <p>
* To be successfully validated, the {@link RememberMeAuthenticationToken#getKeyHash()} must match this class'
* {@link #getKey()}.
*/
public class RememberMeAuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware {
//~ Static fields/initializers =====================================================================================
private static final Log logger = LogFactory.getLog(RememberMeAuthenticationProvider.class);
//~ Instance fields ================================================================================================
protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
@ -57,8 +46,7 @@ public class RememberMeAuthenticationProvider implements AuthenticationProvider,
Assert.notNull(this.messages, "A message source must be set");
}
public Authentication authenticate(Authentication authentication)
throws AuthenticationException {
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
if (!supports(authentication.getClass())) {
return null;
}

3
core/src/main/java/org/springframework/security/providers/rememberme/RememberMeAuthenticationToken.java
View File

@ -39,6 +39,9 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i
//~ Constructors ===================================================================================================
/**
* @deprecated
*/
public RememberMeAuthenticationToken(String key, Object principal, GrantedAuthority[] authorities) {
this(key, principal, Arrays.asList(authorities));
}

44
core/src/main/java/org/springframework/security/securechannel/ChannelDecisionManagerImpl.java
View File

@ -24,6 +24,7 @@ import org.springframework.util.Assert;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
@ -52,35 +53,26 @@ public class ChannelDecisionManagerImpl implements ChannelDecisionManager, Initi
//~ Instance fields ================================================================================================
private List channelProcessors;
private List<ChannelProcessor> channelProcessors;
//~ Methods ========================================================================================================
public void afterPropertiesSet() throws Exception {
checkIfValidList(this.channelProcessors);
Assert.notEmpty(channelProcessors, "A list of ChannelProcessors is required");
}
private void checkIfValidList(List listToCheck) {
Assert.notEmpty(listToCheck, "A list of ChannelProcessors is required");
}
public void decide(FilterInvocation invocation, List<ConfigAttribute> config) throws IOException, ServletException {
public void decide(FilterInvocation invocation, List<ConfigAttribute> config)
throws IOException, ServletException {
Iterator attrs = config.iterator();
Iterator<ConfigAttribute> attrs = config.iterator();
while (attrs.hasNext()) {
ConfigAttribute attribute = (ConfigAttribute) attrs.next();
ConfigAttribute attribute = attrs.next();
if (ANY_CHANNEL.equals(attribute.getAttribute())) {
return;
}
}
Iterator iter = this.channelProcessors.iterator();
while (iter.hasNext()) {
ChannelProcessor processor = (ChannelProcessor) iter.next();
for (ChannelProcessor processor : channelProcessors) {
processor.decide(invocation, config);
if (invocation.getResponse().isCommitted()) {
@ -89,22 +81,20 @@ public class ChannelDecisionManagerImpl implements ChannelDecisionManager, Initi
}
}
protected List getChannelProcessors() {
protected List<ChannelProcessor> getChannelProcessors() {
return this.channelProcessors;
}
public void setChannelProcessors(List newList) {
checkIfValidList(newList);
@SuppressWarnings("cast")
public void setChannelProcessors(List<?> newList) {
Assert.notEmpty(newList, "A list of ChannelProcessors is required");
channelProcessors = new ArrayList<ChannelProcessor>(newList.size());
Iterator iter = newList.iterator();
while (iter.hasNext()) {
Object currentObject = iter.next();
for (Object currentObject : newList) {
Assert.isInstanceOf(ChannelProcessor.class, currentObject, "ChannelProcessor " +
currentObject.getClass().getName() + " must implement ChannelProcessor");
channelProcessors.add((ChannelProcessor)currentObject);
}
this.channelProcessors = newList;
}
public boolean supports(ConfigAttribute attribute) {
@ -112,11 +102,7 @@ public class ChannelDecisionManagerImpl implements ChannelDecisionManager, Initi
return true;
}
Iterator iter = this.channelProcessors.iterator();
while (iter.hasNext()) {
ChannelProcessor processor = (ChannelProcessor) iter.next();
for (ChannelProcessor processor : channelProcessors) {
if (processor.supports(attribute)) {
return true;
}

23
core/src/main/java/org/springframework/security/securechannel/ChannelProcessor.java
View File

@ -26,17 +26,12 @@ import javax.servlet.ServletException;
/**
* Decides whether a web channel meets a specific security condition.
*
* <P>
* <code>ChannelProcessor</code> implementations are iterated by the {@link
* ChannelDecisionManagerImpl}.
* </p>
*
* <P>
* <p>
* <code>ChannelProcessor</code> implementations are iterated by the {@link ChannelDecisionManagerImpl}.
* <p>
* If an implementation has an issue with the channel security, they should
* take action themselves. The callers of the implementation do not take any
* action.
* </p>
*
* @author Ben Alex
* @version $Id$
@ -49,16 +44,16 @@ public interface ChannelProcessor {
* security based on the requested list of <tt>ConfigAttribute</tt>s.
*
*/
void decide(FilterInvocation invocation, List<ConfigAttribute> config)
throws IOException, ServletException;
void decide(FilterInvocation invocation, List<ConfigAttribute> config) throws IOException, ServletException;
/**
* Indicates whether this <code>ChannelProcessor</code> is able to process the passed
* <code>ConfigAttribute</code>.<p>This allows the <code>ChannelProcessingFilter</code> to check every
* configuration attribute can be consumed by the configured <code>ChannelDecisionManager</code>.</p>
* <code>ConfigAttribute</code>.
* <p>
* This allows the <code>ChannelProcessingFilter</code> to check every configuration attribute can be consumed
* by the configured <code>ChannelDecisionManager</code>.
*
* @param attribute a configuration attribute that has been configured against the
* <code>ChannelProcessingFilter</code>
* @param attribute a configuration attribute that has been configured against the <tt>ChannelProcessingFilter</tt>.
*
* @return true if this <code>ChannelProcessor</code> can support the passed configuration attribute
*/

34
core/src/main/java/org/springframework/security/securechannel/InsecureChannelProcessor.java
View File

@ -15,29 +15,26 @@
package org.springframework.security.securechannel;
import org.springframework.security.ConfigAttribute;
import org.springframework.security.intercept.web.FilterInvocation;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import javax.servlet.ServletException;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.ConfigAttribute;
import org.springframework.security.intercept.web.FilterInvocation;
import org.springframework.util.Assert;
/**
* <p>Ensures channel security is inactive by review of <code>HttpServletRequest.isSecure()</code> responses.</p>
* <P>The class responds to one case-sensitive keyword, {@link #getInsecureKeyword}. If this keyword is detected,
* Ensures channel security is inactive by review of <code>HttpServletRequest.isSecure()</code> responses.
* <p>
* The class responds to one case-sensitive keyword, {@link #getInsecureKeyword}. If this keyword is detected,
* <code>HttpServletRequest.isSecure()</code> is used to determine the channel security offered. If channel security
* is present, the configured <code>ChannelEntryPoint</code> is called. By default the entry point is {@link
* RetryWithHttpEntryPoint}.</p>
* <P>The default <code>insecureKeyword</code> is <code>REQUIRES_INSECURE_CHANNEL</code>.</p>
* RetryWithHttpEntryPoint}.
* <p>
* The default <code>insecureKeyword</code> is <code>REQUIRES_INSECURE_CHANNEL</code>.
*
* @author Ben Alex
* @version $Id$
@ -55,17 +52,12 @@ public class InsecureChannelProcessor implements InitializingBean, ChannelProces
Assert.notNull(entryPoint, "entryPoint required");
}
public void decide(FilterInvocation invocation, List<ConfigAttribute> config)
throws IOException, ServletException {
public void decide(FilterInvocation invocation, List<ConfigAttribute> config) throws IOException, ServletException {
if ((invocation == null) || (config == null)) {
throw new IllegalArgumentException("Nulls cannot be provided");
}
Iterator iter = config.iterator();
while (iter.hasNext()) {
ConfigAttribute attribute = (ConfigAttribute) iter.next();
for (ConfigAttribute attribute : config) {
if (supports(attribute)) {
if (invocation.getHttpRequest().isSecure()) {
entryPoint.commence(invocation.getRequest(), invocation.getResponse());

34
core/src/main/java/org/springframework/security/securechannel/SecureChannelProcessor.java
View File

@ -15,29 +15,26 @@
package org.springframework.security.securechannel;
import org.springframework.security.ConfigAttribute;
import org.springframework.security.intercept.web.FilterInvocation;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import javax.servlet.ServletException;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.ConfigAttribute;
import org.springframework.security.intercept.web.FilterInvocation;
import org.springframework.util.Assert;
/**
* <p>Ensures channel security is active by review of <code>HttpServletRequest.isSecure()</code> responses.</p>
* <P>The class responds to one case-sensitive keyword, {@link #getSecureKeyword}. If this keyword is detected,
* Ensures channel security is active by review of <code>HttpServletRequest.isSecure()</code> responses.
* <p>
* The class responds to one case-sensitive keyword, {@link #getSecureKeyword}. If this keyword is detected,
* <code>HttpServletRequest.isSecure()</code> is used to determine the channel security offered. If channel security
* is not present, the configured <code>ChannelEntryPoint</code> is called. By default the entry point is {@link
* RetryWithHttpsEntryPoint}.</p>
* <P>The default <code>secureKeyword</code> is <code>REQUIRES_SECURE_CHANNEL</code>.</p>
* RetryWithHttpsEntryPoint}.
* <p>
* The default <code>secureKeyword</code> is <code>REQUIRES_SECURE_CHANNEL</code>.
*
* @author Ben Alex
* @version $Id$
@ -55,15 +52,10 @@ public class SecureChannelProcessor implements InitializingBean, ChannelProcesso
Assert.notNull(entryPoint, "entryPoint required");
}
public void decide(FilterInvocation invocation, List<ConfigAttribute> config)
throws IOException, ServletException {
public void decide(FilterInvocation invocation, List<ConfigAttribute> config) throws IOException, ServletException {
Assert.isTrue((invocation != null) && (config != null), "Nulls cannot be provided");
Iterator iter = config.iterator();
while (iter.hasNext()) {
ConfigAttribute attribute = (ConfigAttribute) iter.next();
for (ConfigAttribute attribute : config) {
if (supports(attribute)) {
if (!invocation.getHttpRequest().isSecure()) {
entryPoint.commence(invocation.getRequest(), invocation.getResponse());

11
core/src/main/java/org/springframework/security/token/SecureRandomFactoryBean.java
View File

@ -13,14 +13,14 @@ import org.springframework.util.FileCopyUtils;
*
* @author Ben Alex
* @since 2.0.1
*
* @version $Id$
*/
public class SecureRandomFactoryBean implements FactoryBean {
public class SecureRandomFactoryBean implements FactoryBean<SecureRandom> {
private String algorithm = "SHA1PRNG";
private Resource seed;
public Object getObject() throws Exception {
public SecureRandom getObject() throws Exception {
SecureRandom rnd = SecureRandom.getInstance(algorithm);
if (seed != null) {
@ -35,7 +35,7 @@ public class SecureRandomFactoryBean implements FactoryBean {
return rnd;
}
public Class getObjectType() {
public Class<SecureRandom> getObjectType() {
return SecureRandom.class;
}
@ -44,8 +44,7 @@ public class SecureRandomFactoryBean implements FactoryBean {
}
/**
* Allows the Pseudo Random Number Generator (PRNG) algorithm to be nominated. Defaults to
* SHA1PRNG.
* Allows the Pseudo Random Number Generator (PRNG) algorithm to be nominated. Defaults to "SHA1PRNG".
*
* @param algorithm to use (mandatory)
*/

2
core/src/main/java/org/springframework/security/ui/SavedRequestAwareAuthenticationSuccessHandler.java
View File

@ -1,8 +1,6 @@
package org.springframework.security.ui;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;

13
core/src/main/java/org/springframework/security/ui/preauth/websphere/WASSecurityHelper.java
View File

@ -17,7 +17,7 @@ import org.apache.commons.logging.LogFactory;
/**
* WebSphere Security helper class to allow retrieval of the current username and groups.
* <p>
* See Spring Security JIRA SEC-477.
* See Spring Security Jira SEC-477.
*
* @author Ruud Senden
* @author Stephane Manciot
@ -35,7 +35,7 @@ final class WASSecurityHelper {
private static Method getSecurityName = null;
// SEC-803
private static Class wsCredentialClass = null;
private static Class<?> wsCredentialClass = null;
/**
* Get the security name for the given subject.
@ -91,6 +91,7 @@ final class WASSecurityHelper {
* The securityname for which to retrieve the WebSphere group names
* @return the WebSphere group names for the given security name
*/
@SuppressWarnings("unchecked")
private static final String[] getWebSphereGroups(final String securityName) {
Context ic = null;
try {
@ -148,9 +149,9 @@ final class WASSecurityHelper {
private static final Method getMethod(String className, String methodName, String[] parameterTypeNames) {
try {
Class c = Class.forName(className);
Class<?> c = Class.forName(className);
final int len = parameterTypeNames.length;
Class[] parameterTypes = new Class[len];
Class<?>[] parameterTypes = new Class[len];
for (int i = 0; i < len; i++) {
parameterTypes[i] = Class.forName(parameterTypeNames[i]);
}
@ -186,14 +187,14 @@ final class WASSecurityHelper {
}
// SEC-803
private static final Class getWSCredentialClass() {
private static final Class<?> getWSCredentialClass() {
if (wsCredentialClass == null) {
wsCredentialClass = getClass("com.ibm.websphere.security.cred.WSCredential");
}
return wsCredentialClass;
}
private static final Class getClass(String className) {
private static final Class<?> getClass(String className) {
try {
return Class.forName(className);
} catch (ClassNotFoundException e) {

3
core/src/main/java/org/springframework/security/ui/preauth/websphere/WebSpherePreAuthenticatedAuthenticationDetailsSource.java
View File

@ -70,8 +70,7 @@ public class WebSpherePreAuthenticatedAuthenticationDetailsSource extends Authen
List<String> webSphereGroups = Arrays.asList(WASSecurityHelper.getGroupsForCurrentUser());
List<GrantedAuthority> userGas = webSphereGroups2GrantedAuthoritiesMapper.getGrantedAuthorities(webSphereGroups);
if (logger.isDebugEnabled()) {
logger.debug("WebSphere groups: " + webSphereGroups + " mapped to Granted Authorities: "
+ Arrays.asList(userGas));
logger.debug("WebSphere groups: " + webSphereGroups + " mapped to Granted Authorities: " + userGas);
}
return userGas;
}

6
core/src/main/java/org/springframework/security/ui/rememberme/InMemoryTokenRepositoryImpl.java
View File

@ -14,10 +14,10 @@ import java.util.Map;
* @version $Id$
*/
public class InMemoryTokenRepositoryImpl implements PersistentTokenRepository {
private Map seriesTokens = new HashMap();
private Map<String, PersistentRememberMeToken> seriesTokens = new HashMap<String, PersistentRememberMeToken>();
public synchronized void createNewToken(PersistentRememberMeToken token) {
PersistentRememberMeToken current = (PersistentRememberMeToken) seriesTokens.get(token.getSeries());
PersistentRememberMeToken current = seriesTokens.get(token.getSeries());
if (current != null) {
throw new DataIntegrityViolationException("Series Id '"+ token.getSeries() +"' already exists!");
@ -41,7 +41,7 @@ public class InMemoryTokenRepositoryImpl implements PersistentTokenRepository {
}
public synchronized void removeUserTokens(String username) {
Iterator series = seriesTokens.keySet().iterator();
Iterator<String> series = seriesTokens.keySet().iterator();
while (series.hasNext()) {
Object seriesId = series.next();

18
core/src/main/java/org/springframework/security/ui/rememberme/JdbcTokenRepositoryImpl.java
View File

@ -48,10 +48,10 @@ public class JdbcTokenRepositoryImpl extends JdbcDaoSupport implements Persisten
private String removeUserTokensSql = DEF_REMOVE_USER_TOKENS_SQL;
private boolean createTableOnStartup;
protected MappingSqlQuery tokensBySeriesMapping;
protected SqlUpdate insertToken;
protected SqlUpdate updateToken;
protected SqlUpdate removeUserTokens;
private MappingSqlQuery<PersistentRememberMeToken> tokensBySeriesMapping;
private SqlUpdate insertToken;
private SqlUpdate updateToken;
private SqlUpdate removeUserTokens;
protected void initDao() {
tokensBySeriesMapping = new TokensBySeriesMapping(getDataSource());
@ -111,14 +111,14 @@ public class JdbcTokenRepositoryImpl extends JdbcDaoSupport implements Persisten
//~ Inner Classes ==================================================================================================
protected class TokensBySeriesMapping extends MappingSqlQuery {
private class TokensBySeriesMapping extends MappingSqlQuery<PersistentRememberMeToken> {
protected TokensBySeriesMapping(DataSource ds) {
super(ds, tokensBySeriesSql);
declareParameter(new SqlParameter(Types.VARCHAR));
compile();
}
protected Object mapRow(ResultSet rs, int rowNum) throws SQLException {
protected PersistentRememberMeToken mapRow(ResultSet rs, int rowNum) throws SQLException {
PersistentRememberMeToken token =
new PersistentRememberMeToken(rs.getString(1), rs.getString(2), rs.getString(3), rs.getTimestamp(4));
@ -126,7 +126,7 @@ public class JdbcTokenRepositoryImpl extends JdbcDaoSupport implements Persisten
}
}
protected class UpdateToken extends SqlUpdate {
private class UpdateToken extends SqlUpdate {
public UpdateToken(DataSource ds) {
super(ds, updateTokenSql);
@ -138,7 +138,7 @@ public class JdbcTokenRepositoryImpl extends JdbcDaoSupport implements Persisten
}
}
protected class InsertToken extends SqlUpdate {
private class InsertToken extends SqlUpdate {
public InsertToken(DataSource ds) {
super(ds, insertTokenSql);
@ -150,7 +150,7 @@ public class JdbcTokenRepositoryImpl extends JdbcDaoSupport implements Persisten
}
}
protected class RemoveUserTokens extends SqlUpdate {
private class RemoveUserTokens extends SqlUpdate {
public RemoveUserTokens(DataSource ds) {
super(ds, removeUserTokensSql);
declareParameter(new SqlParameter(Types.VARCHAR));

16
core/src/main/java/org/springframework/security/ui/savedrequest/FastHttpDateFormat.java
View File

@ -26,8 +26,9 @@ import java.util.TimeZone;
/**
* <p>Utility class to generate HTTP dates.</p>
* <p>This class is based on code in Apache Tomcat.</p>
* Utility class to generate HTTP dates.
* <p>
* This class is based on code in Apache Tomcat.
*
* @author Remy Maucherat
* @author Andrey Grebnev
@ -46,7 +47,7 @@ public class FastHttpDateFormat {
new SimpleDateFormat("EEE MMMM d HH:mm:ss yyyy", Locale.US)
};
/** GMT timezone - all HTTP dates are on GMT */
/** GMT time zone - all HTTP dates are on GMT */
protected static final TimeZone gmtZone = TimeZone.getTimeZone("GMT");
static {
@ -64,10 +65,10 @@ public class FastHttpDateFormat {
protected static String currentDate = null;
/** Formatter cache. */
protected static final HashMap formatCache = new HashMap();
protected static final HashMap<Long,String> formatCache = new HashMap<Long,String>();
/** Parser cache. */
protected static final HashMap parseCache = new HashMap();
protected static final HashMap<String,Long> parseCache = new HashMap<String,Long>();
//~ Methods ========================================================================================================
@ -84,7 +85,7 @@ public class FastHttpDateFormat {
Long longValue = new Long(value);
try {
cachedDate = (String) formatCache.get(longValue);
cachedDate = formatCache.get(longValue);
} catch (Exception e) {}
if (cachedDate != null) {
@ -163,7 +164,7 @@ public class FastHttpDateFormat {
* @param value The string to parse
* @param threadLocalformats Array of formats to use for parsing. If <code>null</code>, HTTP formats are used.
*
* @return Parsed date (or -1 if error occured)
* @return Parsed date (or -1 if error occurred)
*/
public static final long parseDate(String value, DateFormat[] threadLocalformats) {
Long cachedDate = null;
@ -205,6 +206,7 @@ public class FastHttpDateFormat {
* @param key Key to be updated
* @param value New value
*/
@SuppressWarnings("unchecked")
private static void updateCache(HashMap cache, Object key, Object value) {
if (value == null) {
return;

3
core/src/main/java/org/springframework/security/userdetails/jdbc/JdbcDaoImpl.java
View File

@ -186,6 +186,7 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
* Executes the SQL <tt>usersByUsernameQuery</tt> and returns a list of UserDetails objects.
* There should normally only be one matching user.
*/
@SuppressWarnings("unchecked")
protected List<UserDetails> loadUsersByUsername(String username) {
return getJdbcTemplate().query(usersByUsernameQuery, new String[] {username}, new RowMapper() {
public Object mapRow(ResultSet rs, int rowNum) throws SQLException {
@ -203,6 +204,7 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
*
* @return a list of GrantedAuthority objects for the user
*/
@SuppressWarnings("unchecked")
protected List<GrantedAuthority> loadUserAuthorities(String username) {
return getJdbcTemplate().query(authoritiesByUsernameQuery, new String[] {username}, new RowMapper() {
public Object mapRow(ResultSet rs, int rowNum) throws SQLException {
@ -219,6 +221,7 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
*
* @return a list of GrantedAuthority objects for the user
*/
@SuppressWarnings("unchecked")
protected List<GrantedAuthority> loadGroupAuthorities(String username) {
return getJdbcTemplate().query(groupAuthoritiesByUsernameQuery, new String[] {username}, new RowMapper() {
public Object mapRow(ResultSet rs, int rowNum) throws SQLException {

11
core/src/main/java/org/springframework/security/userdetails/jdbc/JdbcUserDetailsManager.java
View File

@ -189,7 +189,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
String username = currentUser.getName();
// If an authentication manager has been set, reauthenticate the user with the supplied password.
// If an authentication manager has been set, re-authenticate the user with the supplied password.
if (authenticationManager != null) {
logger.debug("Reauthenticating user '"+ username + "' for password change request.");
@ -200,7 +200,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
logger.debug("Changing password for user '"+ username + "'");
getJdbcTemplate().update(changePasswordSql, new String[] {newPassword, username});
getJdbcTemplate().update(changePasswordSql, newPassword, username);
SecurityContextHolder.getContext().setAuthentication(createNewAuthentication(currentUser, newPassword));
@ -218,7 +218,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
}
public boolean userExists(String username) {
List users = getJdbcTemplate().queryForList(userExistsSql, new Object[] {username});
List<String> users = getJdbcTemplate().queryForList(userExistsSql, new String[] {username}, String.class);
if (users.size() > 1) {
throw new IncorrectResultSizeDataAccessException("More than one user found with name '" + username + "'", 1);
@ -245,7 +245,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
logger.debug("Creating new group '" + groupName + "' with authorities " +
AuthorityUtils.authorityListToSet(authorities));
getJdbcTemplate().update(insertGroupSql, new String[] {groupName});
getJdbcTemplate().update(insertGroupSql, new Object[] {groupName});
final int groupId = findGroupId(groupName);
@ -280,7 +280,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
Assert.hasText(oldName);
Assert.hasText(newName);
getJdbcTemplate().update(renameGroupSql, new String[] {newName, oldName});
getJdbcTemplate().update(renameGroupSql, new Object[] {newName, oldName});
}
public void addUserToGroup(final String username, final String groupName) {
@ -316,6 +316,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
userCache.removeUserFromCache(username);
}
@SuppressWarnings("unchecked")
public List<GrantedAuthority> findGroupAuthorities(String groupName) {
logger.debug("Loading authorities for group '" + groupName + "'");
Assert.hasText(groupName);

12
core/src/main/java/org/springframework/security/userdetails/ldap/LdapUserDetailsManager.java
View File

@ -49,6 +49,7 @@ import javax.naming.directory.BasicAttribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapContext;
import java.util.Arrays;
import java.util.LinkedList;
@ -107,7 +108,7 @@ public class LdapUserDetailsManager implements UserDetailsManager {
public Object mapFromAttributes(Attributes attributes) throws NamingException {
Attribute roleAttr = attributes.get(groupRoleAttributeName);
NamingEnumeration ne = roleAttr.getAll();
NamingEnumeration<?> ne = roleAttr.getAll();
// assert ne.hasMore();
Object group = ne.next();
String role = group.toString();
@ -204,9 +205,10 @@ public class LdapUserDetailsManager implements UserDetailsManager {
* @param username the user whose roles are required.
* @return the granted authorities returned by the group search
*/
@SuppressWarnings("unchecked")
List<GrantedAuthority> getUserAuthorities(final DistinguishedName dn, final String username) {
SearchExecutor se = new SearchExecutor() {
public NamingEnumeration executeSearch(DirContext ctx) throws NamingException {
public NamingEnumeration<SearchResult> executeSearch(DirContext ctx) throws NamingException {
DistinguishedName fullDn = LdapUtils.getFullDn(dn, ctx);
SearchControls ctrls = new SearchControls();
ctrls.setReturningAttributes(new String[] {groupRoleAttributeName});
@ -257,9 +259,9 @@ public class LdapUserDetailsManager implements UserDetailsManager {
copyToContext(user, ctx);
// Remove the objectclass attribute from the list of mods (if present).
List mods = new LinkedList(Arrays.asList(ctx.getModificationItems()));
List<ModificationItem> mods = new LinkedList<ModificationItem>(Arrays.asList(ctx.getModificationItems()));
ListIterator<ModificationItem> modIt = mods.listIterator();
ListIterator modIt = mods.listIterator();
while(modIt.hasNext()) {
ModificationItem mod = (ModificationItem) modIt.next();
Attribute a = mod.getAttribute();
@ -268,7 +270,7 @@ public class LdapUserDetailsManager implements UserDetailsManager {
}
}
template.modifyAttributes(dn, (ModificationItem[]) mods.toArray(new ModificationItem[mods.size()]));
template.modifyAttributes(dn, mods.toArray(new ModificationItem[mods.size()]));
// template.rebind(dn, ctx, null);
// Remove the old authorities and replace them with the new one

6
core/src/main/java/org/springframework/security/userdetails/memory/UserMap.java
View File

@ -38,7 +38,7 @@ public class UserMap {
//~ Instance fields ================================================================================================
private Map userMap = new HashMap();
private Map<String, UserDetails> userMap = new HashMap<String, UserDetails>();
//~ Methods ========================================================================================================
@ -66,7 +66,7 @@ public class UserMap {
* @throws UsernameNotFoundException if the user could not be found
*/
public UserDetails getUser(String username) throws UsernameNotFoundException {
UserDetails result = (UserDetails) this.userMap.get(username.toLowerCase());
UserDetails result = this.userMap.get(username.toLowerCase());
if (result == null) {
throw new UsernameNotFoundException("Could not find user: " + username, username);
@ -90,7 +90,7 @@ public class UserMap {
* @param users {@link Map} &lt;{@link String}, {@link UserDetails}> with pairs (username, userdetails)
* @since 1.1
*/
public void setUsers(Map users) {
public void setUsers(Map<String, UserDetails> users) {
this.userMap = users;
}
}

2
core/src/main/java/org/springframework/security/userdetails/memory/UserMapEditor.java
View File

@ -49,7 +49,7 @@ public class UserMapEditor extends PropertyEditorSupport {
// Now we have properties, process each one individually
UserAttributeEditor configAttribEd = new UserAttributeEditor();
for (Iterator iter = props.keySet().iterator(); iter.hasNext();) {
for (Iterator<?> iter = props.keySet().iterator(); iter.hasNext();) {
String username = (String) iter.next();
String value = props.getProperty(username);

6
core/src/main/java/org/springframework/security/util/FieldUtils.java
View File

@ -36,7 +36,7 @@ public final class FieldUtils {
//~ Methods ========================================================================================================
public static String getAccessorName(String fieldName, Class type) {
public static String getAccessorName(String fieldName, Class<?> type) {
Assert.hasText(fieldName, "FieldName required");
Assert.notNull(type, "Type required");
@ -57,7 +57,7 @@ public final class FieldUtils {
*
* @throws IllegalStateException if field could not be found
*/
public static Field getField(Class clazz, String fieldName) throws IllegalStateException {
public static Field getField(Class<?> clazz, String fieldName) throws IllegalStateException {
Assert.notNull(clazz, "Class required");
Assert.hasText(fieldName, "Field name required");
@ -83,7 +83,7 @@ public final class FieldUtils {
Assert.notNull(bean, "Bean cannot be null");
Assert.hasText(fieldName, "Field name required");
String[] nestedFields = StringUtils.tokenizeToStringArray(fieldName, ".");
Class componentClass = bean.getClass();
Class<?> componentClass = bean.getClass();
Field field = null;
Object value = bean;

5
core/src/main/java/org/springframework/security/util/RegexUrlPathMatcher.java
View File

@ -1,8 +1,5 @@
package org.springframework.security.util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import java.util.regex.Pattern;
/**
@ -10,8 +7,6 @@ import java.util.regex.Pattern;
* @version $Id$
*/
public class RegexUrlPathMatcher implements UrlMatcher {
private static final Log logger = LogFactory.getLog(RegexUrlPathMatcher.class);
private boolean requiresLowerCaseUrl = false;
public Object compile(String path) {

13
core/src/main/java/org/springframework/security/util/SessionUtils.java
View File

@ -2,7 +2,6 @@ package org.springframework.security.util;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
@ -24,6 +23,7 @@ public final class SessionUtils {
SessionUtils() {}
@SuppressWarnings("unchecked")
public static void startNewSessionIfRequired(HttpServletRequest request, boolean migrateAttributes,
SessionRegistry sessionRegistry) {
@ -39,10 +39,10 @@ public final class SessionUtils {
logger.debug("Invalidating session with Id '" + originalSessionId +"' " + (migrateAttributes ? "and" : "without") + " migrating attributes.");
}
HashMap attributesToMigrate = null;
HashMap<String, Object> attributesToMigrate = null;
if (migrateAttributes) {
attributesToMigrate = new HashMap();
attributesToMigrate = new HashMap<String, Object>();
Enumeration enumer = session.getAttributeNames();
@ -60,11 +60,8 @@ public final class SessionUtils {
}
if (attributesToMigrate != null) {
Iterator iter = attributesToMigrate.entrySet().iterator();
while (iter.hasNext()) {
Map.Entry entry = (Map.Entry) iter.next();
session.setAttribute((String) entry.getKey(), entry.getValue());
for (Map.Entry<String, Object> entry : attributesToMigrate.entrySet()) {
session.setAttribute(entry.getKey(), entry.getValue());
}
}

3
core/src/main/java/org/springframework/security/util/ThrowableAnalyzer.java
View File

@ -127,7 +127,8 @@ public class ThrowableAnalyzer {
*
* @return the types for which extractors are registered
*/
final Class[] getRegisteredTypes() {
@SuppressWarnings("unchecked")
final Class<? extends Throwable>[] getRegisteredTypes() {
Set<Class<? extends Throwable>> typeList = this.extractorMap.keySet();
return typeList.toArray(new Class[typeList.size()]);
}

6
core/src/main/java/org/springframework/security/wrapper/SavedRequestAwareWrapper.java
View File

@ -168,6 +168,7 @@ public class SavedRequestAwareWrapper extends SecurityContextHolderAwareRequestW
}
@Override
@SuppressWarnings("unchecked")
public Enumeration getHeaderNames() {
if (savedRequest == null) {
return super.getHeaderNames();
@ -177,6 +178,7 @@ public class SavedRequestAwareWrapper extends SecurityContextHolderAwareRequestW
}
@Override
@SuppressWarnings("unchecked")
public Enumeration getHeaders(String name) {
if (savedRequest == null) {
return super.getHeaders(name);
@ -223,6 +225,7 @@ public class SavedRequestAwareWrapper extends SecurityContextHolderAwareRequestW
}
@Override
@SuppressWarnings("unchecked")
public Enumeration getLocales() {
if (savedRequest == null) {
return super.getLocales();
@ -278,6 +281,7 @@ public class SavedRequestAwareWrapper extends SecurityContextHolderAwareRequestW
}
@Override
@SuppressWarnings("unchecked")
public Map getParameterMap() {
if (savedRequest == null) {
return super.getParameterMap();
@ -293,6 +297,7 @@ public class SavedRequestAwareWrapper extends SecurityContextHolderAwareRequestW
return parameterMap;
}
@SuppressWarnings("unchecked")
private Set<String> getCombinedParameterNames() {
Set<String> names = new HashSet<String>();
names.addAll(super.getParameterMap().keySet());
@ -305,6 +310,7 @@ public class SavedRequestAwareWrapper extends SecurityContextHolderAwareRequestW
}
@Override
@SuppressWarnings("unchecked")
public Enumeration getParameterNames() {
return new Enumerator(getCombinedParameterNames());
}

13
core/src/test/java/org/springframework/security/AuthenticationTrustResolverImplTests.java
View File

@ -20,6 +20,7 @@ import junit.framework.TestCase;
import org.springframework.security.providers.TestingAuthenticationToken;
import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
import org.springframework.security.providers.rememberme.RememberMeAuthenticationToken;
import org.springframework.security.util.AuthorityUtils;
/**
@ -35,21 +36,17 @@ public class AuthenticationTrustResolverImplTests extends TestCase {
public void testCorrectOperationIsAnonymous() {
AuthenticationTrustResolverImpl trustResolver = new AuthenticationTrustResolverImpl();
assertTrue(trustResolver.isAnonymous(
new AnonymousAuthenticationToken("ignored", "ignored",
new GrantedAuthority[] {new GrantedAuthorityImpl("ignored")})));
new AnonymousAuthenticationToken("ignored", "ignored", AuthorityUtils.createAuthorityList("ignored"))));
assertFalse(trustResolver.isAnonymous(
new TestingAuthenticationToken("ignored", "ignored",
new GrantedAuthority[] {new GrantedAuthorityImpl("ignored")})));
new TestingAuthenticationToken("ignored", "ignored", AuthorityUtils.createAuthorityList("ignored"))));
}
public void testCorrectOperationIsRememberMe() {
AuthenticationTrustResolverImpl trustResolver = new AuthenticationTrustResolverImpl();
assertTrue(trustResolver.isRememberMe(
new RememberMeAuthenticationToken("ignored", "ignored",
new GrantedAuthority[] {new GrantedAuthorityImpl("ignored")})));
new RememberMeAuthenticationToken("ignored", "ignored", AuthorityUtils.createAuthorityList("ignored"))));
assertFalse(trustResolver.isAnonymous(
new TestingAuthenticationToken("ignored", "ignored",
new GrantedAuthority[] {new GrantedAuthorityImpl("ignored")})));
new TestingAuthenticationToken("ignored", "ignored", AuthorityUtils.createAuthorityList("ignored"))));
}
public void testGettersSetters() {

39
core/src/test/java/org/springframework/security/MockFilterChain.java
View File

@ -1,39 +0,0 @@
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
/**
* Mocks a <code>FilterChain</code> but with no behaviour.
*
* @author Ben Alex
* @version $Id$
*/
public class MockFilterChain implements FilterChain {
//~ Methods ========================================================================================================
public void doFilter(ServletRequest arg0, ServletResponse arg1)
throws IOException, ServletException {
throw new UnsupportedOperationException("mock method not implemented");
}
}

2
core/src/test/java/org/springframework/security/MockFilterConfig.java
View File

@ -28,9 +28,9 @@ import javax.servlet.ServletContext;
* @author Ben Alex
* @version $Id$
*/
@SuppressWarnings("unchecked")
public class MockFilterConfig implements FilterConfig {
//~ Instance fields ================================================================================================
private Map map = new HashMap();
//~ Methods ========================================================================================================

1
core/src/test/java/org/springframework/security/MockJoinPoint.java
View File

@ -29,6 +29,7 @@ import java.lang.reflect.Method;
* @author Ben Alex
* @version $Id$
*/
@SuppressWarnings("unchecked")
public class MockJoinPoint implements JoinPoint {
//~ Instance fields ================================================================================================

1
core/src/test/java/org/springframework/security/authoritymapping/XmlMappableRolesRetrieverTests.java
View File

@ -14,6 +14,7 @@ import junit.framework.TestCase;
* @author TSARDD
* @since 18-okt-2007
*/
@SuppressWarnings("unchecked")
public class XmlMappableRolesRetrieverTests extends TestCase {
private static final String DEFAULT_XML = "<roles><role>Role1</role><role>Role2</role></roles>";

1
core/src/test/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParserTests.java
View File

@ -191,6 +191,7 @@ public class GlobalMethodSecurityBeanDefinitionParserTests {
// Expression configuration tests
@SuppressWarnings("unchecked")
@Test
public void expressionVoterAndAfterInvocationProviderUseSameExpressionHandlerInstance() throws Exception {
setContext("<global-method-security expression-annotations='enabled'/>" + AUTH_PROVIDER_XML);

19
core/src/test/java/org/springframework/security/config/InterceptMethodsBeanDefinitionDecoratorTests.java
View File

@ -1,15 +1,16 @@
package org.springframework.security.config;
import static org.junit.Assert.fail;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.security.AccessDeniedException;
import org.springframework.security.AuthenticationCredentialsNotFoundException;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.AuthenticationCredentialsNotFoundException;
import org.springframework.security.AccessDeniedException;
import static org.junit.Assert.*;
import org.junit.*;
import org.springframework.security.util.AuthorityUtils;
/**
* @author Luke Taylor
@ -51,7 +52,7 @@ public class InterceptMethodsBeanDefinitionDecoratorTests {
@Test
public void targetShouldAllowProtectedMethodInvocationWithCorrectRole() {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_USER")});
AuthorityUtils.createAuthorityList("ROLE_USER"));
SecurityContextHolder.getContext().setAuthentication(token);
@ -61,7 +62,7 @@ public class InterceptMethodsBeanDefinitionDecoratorTests {
@Test
public void targetShouldPreventProtectedMethodInvocationWithIncorrectRole() {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_SOMEOTHERROLE")});
AuthorityUtils.createAuthorityList("ROLE_SOMEOTHERROLE"));
SecurityContextHolder.getContext().setAuthentication(token);
try {

9
core/src/test/java/org/springframework/security/config/Jsr250AnnotationDrivenBeanDefinitionParserTests.java
View File

@ -5,11 +5,10 @@ import org.junit.Before;
import org.junit.Test;
import org.springframework.security.AccessDeniedException;
import org.springframework.security.AuthenticationCredentialsNotFoundException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.annotation.BusinessService;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.util.AuthorityUtils;
import org.springframework.security.util.InMemoryXmlApplicationContext;
/**
@ -46,7 +45,7 @@ public class Jsr250AnnotationDrivenBeanDefinitionParserTests {
@Test
public void permitAllShouldBeDefaultAttribute() {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_USER")});
AuthorityUtils.createAuthorityList("ROLE_USER"));
SecurityContextHolder.getContext().setAuthentication(token);
target.someOther(0);
@ -55,7 +54,7 @@ public class Jsr250AnnotationDrivenBeanDefinitionParserTests {
@Test
public void targetShouldAllowProtectedMethodInvocationWithCorrectRole() {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_USER")});
AuthorityUtils.createAuthorityList("ROLE_USER"));
SecurityContextHolder.getContext().setAuthentication(token);
target.someUserMethod1();
@ -64,7 +63,7 @@ public class Jsr250AnnotationDrivenBeanDefinitionParserTests {
@Test(expected=AccessDeniedException.class)
public void targetShouldPreventProtectedMethodInvocationWithIncorrectRole() {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_SOMEOTHERROLE")});
AuthorityUtils.createAuthorityList("ROLE_SOMEOTHERROLE"));
SecurityContextHolder.getContext().setAuthentication(token);
target.someAdminMethod();

4
core/src/test/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParserTests.java
View File

@ -41,7 +41,7 @@ public class LdapUserServiceBeanDefinitionParserTests {
UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS");
UserDetails ben = uds.loadUserByUsername("ben");
Set authorities = AuthorityUtils.authorityListToSet(ben.getAuthorities());
Set<String> authorities = AuthorityUtils.authorityListToSet(ben.getAuthorities());
assertEquals(3, authorities.size());
assertTrue(authorities.contains("ROLE_DEVELOPERS"));
}
@ -87,7 +87,7 @@ public class LdapUserServiceBeanDefinitionParserTests {
UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS");
UserDetails ben = uds.loadUserByUsername("ben");
Set authorities = AuthorityUtils.authorityListToSet(ben.getAuthorities());
Set<String> authorities = AuthorityUtils.authorityListToSet(ben.getAuthorities());
assertEquals(3, authorities.size());
assertTrue(authorities.contains(new GrantedAuthorityImpl("ROLE_DEVELOPER")));

1
core/src/test/java/org/springframework/security/context/HttpSessionContextIntegrationFilterTests.java
View File

@ -40,6 +40,7 @@ import javax.servlet.ServletResponse;
* @author Ben Alex
* @version $Id$
*/
@SuppressWarnings("deprecation")
public class HttpSessionContextIntegrationFilterTests extends TestCase {
// Build an Authentication object we simulate came from HttpSession
private UsernamePasswordAuthenticationToken sessionPrincipal = new UsernamePasswordAuthenticationToken(

14
core/src/test/java/org/springframework/security/context/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutorTests.java
View File

@ -40,19 +40,9 @@ import java.util.Map;
* @version $Id$
*/
public class AuthenticationSimpleHttpInvokerRequestExecutorTests extends TestCase {
//~ Constructors ===================================================================================================
public AuthenticationSimpleHttpInvokerRequestExecutorTests() {
super();
}
public AuthenticationSimpleHttpInvokerRequestExecutorTests(String arg0) {
super(arg0);
}
//~ Methods ========================================================================================================
protected void tearDown() throws Exception {
super.tearDown();
SecurityContextHolder.clearContext();
@ -91,7 +81,7 @@ public class AuthenticationSimpleHttpInvokerRequestExecutorTests extends TestCas
//~ Inner Classes ==================================================================================================
private class MockHttpURLConnection extends HttpURLConnection {
private Map requestProperties = new HashMap();
private Map<String,String> requestProperties = new HashMap<String,String>();
public MockHttpURLConnection(URL u) {
super(u);
@ -106,7 +96,7 @@ public class AuthenticationSimpleHttpInvokerRequestExecutorTests extends TestCas
}
public String getRequestProperty(String key) {
return (String) requestProperties.get(key);
return requestProperties.get(key);
}
public void setRequestProperty(String key, String value) {

2
core/src/test/java/org/springframework/security/context/rmi/ContextPropagatingRemoteInvocationTests.java
View File

@ -47,7 +47,7 @@ public class ContextPropagatingRemoteInvocationTests extends TestCase {
}
private ContextPropagatingRemoteInvocation getRemoteInvocation() throws Exception {
Class clazz = TargetObject.class;
Class<TargetObject> clazz = TargetObject.class;
Method method = clazz.getMethod("makeLowerCase", new Class[] {String.class});
MethodInvocation mi = new SimpleMethodInvocation(new TargetObject(), method, "SOME_STRING");

2
core/src/test/java/org/springframework/security/event/authentication/AuthenticationEventTests.java
View File

@ -67,7 +67,7 @@ public class AuthenticationEventTests extends TestCase {
AuthenticationException exception = new DisabledException("TEST");
try {
AuthenticationFailureDisabledEvent event = new AuthenticationFailureDisabledEvent(null, exception);
new AuthenticationFailureDisabledEvent(null, exception);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertTrue(true);

20
core/src/test/java/org/springframework/security/expression/method/ExpressionAnnotationMethodDefinitionSourceTests.java
View File

@ -116,40 +116,40 @@ public class ExpressionAnnotationMethodDefinitionSourceTests {
//~ Inner Classes ==================================================================================================
public static interface ReturnVoid {
public void doSomething(List param);
public void doSomething(List<?> param);
}
public static interface ReturnAList {
public List doSomething(List param);
public List<?> doSomething(List<?> param);
}
@PreAuthorize("interfaceAuthzExpression")
public static interface ReturnAnotherList {
@PreAuthorize("interfaceMethodAuthzExpression")
@PreFilter(filterTarget="param", value="interfacePreFilterExpression")
public List doSomething(List param);
public List<?> doSomething(List<?> param);
}
@PreAuthorize("someExpression")
public static class ReturnVoidImpl1 implements ReturnVoid {
public void doSomething(List param) {}
public void doSomething(List<?> param) {}
}
@PreAuthorize("someExpression")
public static class ReturnVoidImpl2 implements ReturnVoid {
@PreFilter(filterTarget="param", value="somePreFilterExpression")
public void doSomething(List param) {}
public void doSomething(List<?> param) {}
}
public static class ReturnVoidImpl3 implements ReturnVoid {
@PreFilter(filterTarget="param", value="somePreFilterExpression")
public void doSomething(List param) {}
public void doSomething(List<?> param) {}
}
public static class ReturnAListImpl1 implements ReturnAList {
@PostFilter("somePostFilterExpression")
public List doSomething(List param) {return param;}
public List<?> doSomething(List<?> param) {return param;}
}
public static class ReturnAListImpl2 implements ReturnAList {
@ -157,16 +157,16 @@ public class ExpressionAnnotationMethodDefinitionSourceTests {
@PreFilter(filterTarget="param", value="somePreFilterExpression")
@PostFilter("somePostFilterExpression")
@PostAuthorize("somePostAuthorizeExpression")
public List doSomething(List param) {return param;}
public List<?> doSomething(List<?> param) {return param;}
}
public static class ReturnAnotherListImpl1 implements ReturnAnotherList {
public List doSomething(List param) {return param;}
public List<?> doSomething(List<?> param) {return param;}
}
public static class ReturnAnotherListImpl2 implements ReturnAnotherList {
@PreFilter(filterTarget="param", value="classMethodPreFilterExpression")
public List doSomething(List param) {return param;}
public List<?> doSomething(List<?> param) {return param;}
}
}

16
core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java
View File

@ -17,7 +17,6 @@ package org.springframework.security.intercept.method;
import java.lang.reflect.AccessibleObject;
import java.lang.reflect.Method;
import java.util.Iterator;
import java.util.List;
import junit.framework.TestCase;
@ -37,16 +36,8 @@ import org.springframework.security.TargetObject;
* @author Ben Alex
* @version $Id$
*/
@SuppressWarnings("deprecation")
public class MethodDefinitionSourceEditorTests extends TestCase {
//~ Constructors ===================================================================================================
public MethodDefinitionSourceEditorTests() {
}
public MethodDefinitionSourceEditorTests(String arg0) {
super(arg0);
}
//~ Methods ========================================================================================================
public final void setUp() throws Exception {
@ -59,7 +50,7 @@ public class MethodDefinitionSourceEditorTests extends TestCase {
MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue();
Class clazz = TargetObject.class;
Class<TargetObject> clazz = TargetObject.class;
Method method = clazz.getMethod("countLength", new Class[] {String.class});
MockJoinPoint joinPoint = new MockJoinPoint(new TargetObject(), method);
@ -146,7 +137,6 @@ public class MethodDefinitionSourceEditorTests extends TestCase {
"org.springframework.security.TargetObject.countLength=ROLE_ONE,ROLE_TWO,RUN_AS_ENTRY\r\norg.springframework.security.TargetObject.make*=ROLE_NINE,ROLE_SUPERVISOR");
MapBasedMethodDefinitionSource map = (MapBasedMethodDefinitionSource) editor.getValue();
Iterator iter = map.getAllConfigAttributes().iterator();
assertEquals(5, map.getAllConfigAttributes().size());
}
@ -220,7 +210,7 @@ public class MethodDefinitionSourceEditorTests extends TestCase {
private Method method;
private Object targetObject;
public MockMethodInvocation(Class clazz, String methodName, Class[] parameterTypes, Object targetObject)
public MockMethodInvocation(Class<?> clazz, String methodName, Class<?>[] parameterTypes, Object targetObject)
throws NoSuchMethodException {
this.method = clazz.getMethod(methodName, parameterTypes);
this.targetObject = targetObject;

2
core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java
View File

@ -19,7 +19,6 @@ import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Vector;
import org.aopalliance.intercept.MethodInvocation;
import org.aspectj.lang.JoinPoint;
@ -28,7 +27,6 @@ import org.springframework.security.SecurityConfig;
/**
*
* @author Ben Alex
* @version $Id$
*/

1
core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorTests.java
View File

@ -51,6 +51,7 @@ import org.springframework.security.runas.RunAsUserToken;
* @author Ben Alex
* @version $Id$
*/
@SuppressWarnings("unchecked")
public class MethodSecurityInterceptorTests {
private Mockery jmock = new JUnit4Mockery();
private TestingAuthenticationToken token;

3
core/src/test/java/org/springframework/security/intercept/method/aspectj/AspectJSecurityInterceptorTests.java
View File

@ -28,7 +28,6 @@ import org.junit.Test;
import org.springframework.security.AccessDecisionManager;
import org.springframework.security.AccessDeniedException;
import org.springframework.security.AuthenticationManager;
import org.springframework.security.ITargetObject;
import org.springframework.security.MockJoinPoint;
import org.springframework.security.SecurityConfig;
import org.springframework.security.TargetObject;
@ -77,6 +76,7 @@ public class AspectJSecurityInterceptorTests {
}
@Test
@SuppressWarnings("unchecked")
public void callbackIsInvokedWhenPermissionGranted() throws Exception {
jmock.checking(new Expectations() {{
oneOf(mds).getAttributes(with(any(JoinPoint.class))); will (returnValue(SecurityConfig.createList("ROLE_USER")));
@ -90,6 +90,7 @@ public class AspectJSecurityInterceptorTests {
jmock.assertIsSatisfied();
}
@SuppressWarnings("unchecked")
@Test(expected=AccessDeniedException.class)
public void callbackIsNotInvokedWhenPermissionDenied() throws Exception {
jmock.checking(new Expectations() {{

2
core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSourceTests.java
View File

@ -24,9 +24,9 @@ import org.junit.Test;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.ConfigAttribute;
import org.springframework.security.MockFilterChain;
import org.springframework.security.SecurityConfig;
import org.springframework.security.util.AntUrlPathMatcher;
import org.springframework.security.util.MockFilterChain;
/**
* Tests parts of {@link DefaultFilterInvocationDefinitionSource} not tested by {@link

3
core/src/test/java/org/springframework/security/intercept/web/FilterInvocationTests.java
View File

@ -17,12 +17,11 @@ package org.springframework.security.intercept.web;
import static org.junit.Assert.*;
import org.springframework.security.MockFilterChain;
import org.junit.Test;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.util.MockFilterChain;
/**
* Tests {@link FilterInvocation}.

2
core/src/test/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluatorTests.java
View File

@ -74,6 +74,7 @@ public class WebInvocationPrivilegeEvaluatorTests {
SecurityContextHolder.clearContext();
}
@SuppressWarnings("unchecked")
@Test
public void allowsAccessIfAccessDecisionMangerDoes() throws Exception {
Authentication token = new TestingAuthenticationToken("test", "Password", "MOCK_INDEX");
@ -92,6 +93,7 @@ public class WebInvocationPrivilegeEvaluatorTests {
jmock.assertIsSatisfied();
}
@SuppressWarnings("unchecked")
@Test
public void deniesAccessIfAccessDecisionMangerDoes() throws Exception {
Authentication token = new TestingAuthenticationToken("test", "Password", "MOCK_INDEX");

9
core/src/test/java/org/springframework/security/ldap/LdapUtilsTests.java
View File

@ -15,7 +15,10 @@
package org.springframework.security.ldap;
import static org.junit.Assert.*;
import static org.junit.Assert.assertEquals;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import org.jmock.Expectations;
import org.jmock.Mockery;
@ -24,10 +27,6 @@ import org.jmock.integration.junit4.JUnit4Mockery;
import org.junit.Test;
import org.junit.runner.RunWith;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
/**
* Tests {@link LdapUtils}

24
core/src/test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateTests.java
View File

@ -15,12 +15,6 @@
package org.springframework.security.ldap;
import org.springframework.ldap.UncategorizedLdapException;
import org.springframework.ldap.core.ContextExecutor;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.ldap.core.DistinguishedName;
import org.springframework.ldap.core.LdapEncoder;
import org.junit.Test;
import static org.junit.Assert.*;
import java.util.Set;
@ -29,7 +23,11 @@ import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.ldap.LdapName;
import javax.naming.directory.SearchResult;
import org.junit.Test;
import org.springframework.ldap.UncategorizedLdapException;
import org.springframework.ldap.core.ContextExecutor;
/**
* @author Luke Taylor
@ -94,7 +92,7 @@ public class SpringSecurityLdapTemplateTests extends AbstractLdapIntegrationTest
public void roleSearchReturnsCorrectNumberOfRoles() {
String param = "uid=ben,ou=people,dc=springframework,dc=org";
Set values = template.searchForSingleAttributeValues("ou=groups", "(member={0})", new String[] {param}, "ou");
Set<String> values = template.searchForSingleAttributeValues("ou=groups", "(member={0})", new String[] {param}, "ou");
assertEquals("Expected 3 results from search", 3, values.size());
assertTrue(values.contains("developer"));
@ -106,7 +104,7 @@ public class SpringSecurityLdapTemplateTests extends AbstractLdapIntegrationTest
public void testRoleSearchForMissingAttributeFailsGracefully() {
String param = "uid=ben,ou=people,dc=springframework,dc=org";
Set values = template.searchForSingleAttributeValues("ou=groups", "(member={0})", new String[] {param}, "mail");
Set<String> values = template.searchForSingleAttributeValues("ou=groups", "(member={0})", new String[] {param}, "mail");
assertEquals(0, values.size());
}
@ -115,14 +113,14 @@ public class SpringSecurityLdapTemplateTests extends AbstractLdapIntegrationTest
public void roleSearchWithEscapedCharacterSucceeds() throws Exception {
String param = "cn=mouse\\, jerry,ou=people,dc=springframework,dc=org";
Set values = template.searchForSingleAttributeValues("ou=groups", "(member={0})", new String[] {param}, "cn");
Set<String> values = template.searchForSingleAttributeValues("ou=groups", "(member={0})", new String[] {param}, "cn");
assertEquals(1, values.size());
}
@Test
public void nonSpringLdapSearchCodeTestMethod() throws Exception {
java.util.Hashtable env = new java.util.Hashtable();
java.util.Hashtable<String, String> env = new java.util.Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost:53389");
env.put(Context.SECURITY_PRINCIPAL, "");
@ -135,7 +133,7 @@ public class SpringSecurityLdapTemplateTests extends AbstractLdapIntegrationTest
controls.setReturningAttributes(null);
String param = "cn=mouse\\, jerry,ou=people,dc=springframework,dc=org";
javax.naming.NamingEnumeration results =
javax.naming.NamingEnumeration<SearchResult> results =
ctx.search("ou=groups,dc=springframework,dc=org",
"(member={0})", new String[] {param},
controls);
@ -147,7 +145,7 @@ public class SpringSecurityLdapTemplateTests extends AbstractLdapIntegrationTest
public void searchForSingleEntryWithEscapedCharsInDnSucceeds() {
String param = "mouse, jerry";
DirContextOperations jerry = template.searchForSingleEntry("ou=people", "(cn={0})", new String[] {param});
template.searchForSingleEntry("ou=people", "(cn={0})", new String[] {param});
}
}

7
core/src/test/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulatorTests.java
View File

@ -44,7 +44,6 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio
super.onSetUp();
populator = new DefaultLdapAuthoritiesPopulator(getContextSource(), "ou=groups");
}
@Test
@ -74,7 +73,7 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio
assertEquals("Should have 2 roles", 2, authorities.size());
Set roles = new HashSet();
Set<String> roles = new HashSet<String>();
roles.add(authorities.get(0).toString());
roles.add(authorities.get(1).toString());
assertTrue(roles.contains("ROLE_DEVELOPER"));
@ -105,7 +104,7 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio
List<GrantedAuthority> authorities = populator.getGrantedAuthorities(ctx, "manager");
assertEquals("Should have 2 roles", 2, authorities.size());
Set roles = new HashSet(2);
Set<String> roles = new HashSet<String>(2);
roles.add(authorities.get(0).getAuthority());
roles.add(authorities.get(1).getAuthority());
assertTrue(roles.contains("ROLE_MANAGER"));
@ -123,7 +122,7 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio
List<GrantedAuthority> authorities = populator.getGrantedAuthorities(ctx, "manager");
assertEquals("Should have 3 roles", 3, authorities.size());
Set roles = new HashSet(3);
Set<String> roles = new HashSet<String>(3);
roles.add(authorities.get(0).getAuthority());
roles.add(authorities.get(1).getAuthority());
roles.add(authorities.get(2).getAuthority());

3
core/src/test/java/org/springframework/security/matcher/AuthenticationMatcher.java
View File

@ -9,7 +9,6 @@ import org.springframework.security.Authentication;
public class AuthenticationMatcher extends TypeSafeMatcher<Authentication> {
private String username;
private String password;
private String[] authorities;
@Override
public boolean matchesSafely(Authentication auth) {
@ -46,6 +45,4 @@ public class AuthenticationMatcher extends TypeSafeMatcher<Authentication> {
return matcher;
}
}

2
core/src/test/java/org/springframework/security/providers/AbstractAuthenticationTokenTests.java
View File

@ -19,8 +19,6 @@ import static org.junit.Assert.*;
import java.util.List;
import junit.framework.TestCase;
import org.junit.Before;
import org.junit.Test;
import org.springframework.security.GrantedAuthority;

15
core/src/test/java/org/springframework/security/providers/anonymous/AnonymousAuthenticationProviderTests.java
View File

@ -23,6 +23,7 @@ import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.TestingAuthenticationToken;
import org.springframework.security.util.AuthorityUtils;
/**
@ -32,14 +33,6 @@ import org.springframework.security.providers.TestingAuthenticationToken;
* @version $Id$
*/
public class AnonymousAuthenticationProviderTests extends TestCase {
//~ Constructors ===================================================================================================
public AnonymousAuthenticationProviderTests() {
}
public AnonymousAuthenticationProviderTests(String arg0) {
super(arg0);
}
//~ Methods ========================================================================================================
@ -48,10 +41,10 @@ public class AnonymousAuthenticationProviderTests extends TestCase {
aap.setKey("qwerty");
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("WRONG_KEY", "Test",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
try {
Authentication result = aap.authenticate(token);
aap.authenticate(token);
fail("Should have thrown BadCredentialsException");
} catch (BadCredentialsException expected) {
}
@ -92,7 +85,7 @@ public class AnonymousAuthenticationProviderTests extends TestCase {
aap.setKey("qwerty");
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("qwerty", "Test",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
Authentication result = aap.authenticate(token);

3
core/src/test/java/org/springframework/security/providers/anonymous/AnonymousAuthenticationTokenTests.java
View File

@ -20,7 +20,6 @@ import java.util.List;
import junit.framework.TestCase;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.util.AuthorityUtils;
@ -51,7 +50,7 @@ public class AnonymousAuthenticationTokenTests extends TestCase {
}
try {
new AnonymousAuthenticationToken("key", "Test", new GrantedAuthority[] {null});
new AnonymousAuthenticationToken("key", "Test", (List<GrantedAuthority>)null);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
}

26
core/src/test/java/org/springframework/security/providers/dao/DaoAuthenticationProviderTests.java
View File

@ -15,6 +15,8 @@
package org.springframework.security.providers.dao;
import java.util.List;
import junit.framework.TestCase;
import org.springframework.security.AccountExpiredException;
@ -24,7 +26,6 @@ import org.springframework.security.BadCredentialsException;
import org.springframework.security.CredentialsExpiredException;
import org.springframework.security.DisabledException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.LockedException;
import org.springframework.security.providers.TestingAuthenticationToken;
@ -38,12 +39,12 @@ import org.springframework.security.userdetails.User;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.userdetails.UsernameNotFoundException;
import org.springframework.security.util.AuthorityUtils;
import org.springframework.dao.DataAccessException;
import org.springframework.dao.DataRetrievalFailureException;
/**
* Tests {@link DaoAuthenticationProvider}.
*
@ -51,6 +52,9 @@ import org.springframework.dao.DataRetrievalFailureException;
* @version $Id$
*/
public class DaoAuthenticationProviderTests extends TestCase {
private static final List<GrantedAuthority> ROLES_12 = AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO");
//~ Methods ========================================================================================================
public void testAuthenticateFailsForIncorrectPasswordCase() {
@ -458,8 +462,7 @@ public class DaoAuthenticationProviderTests extends TestCase {
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
if ("rod".equals(username)) {
return new User("rod", password, true, true, true, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
return new User("rod", password, true, true, true, true, ROLES_12);
} else {
throw new UsernameNotFoundException("Could not find: " + username);
}
@ -474,8 +477,7 @@ public class DaoAuthenticationProviderTests extends TestCase {
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
if ("rod".equals(username)) {
return new User("rod", "koala{SYSTEM_SALT_VALUE}", true, true, true, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
return new User("rod", "koala{SYSTEM_SALT_VALUE}", true, true, true, true, ROLES_12);
} else {
throw new UsernameNotFoundException("Could not find: " + username);
}
@ -486,8 +488,7 @@ public class DaoAuthenticationProviderTests extends TestCase {
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
if ("peter".equals(username)) {
return new User("peter", "opal", false, true, true, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
return new User("peter", "opal", false, true, true, true, ROLES_12);
} else {
throw new UsernameNotFoundException("Could not find: " + username);
}
@ -498,8 +499,7 @@ public class DaoAuthenticationProviderTests extends TestCase {
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
if ("peter".equals(username)) {
return new User("peter", "opal", true, false, true, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
return new User("peter", "opal", true, false, true, true, ROLES_12);
} else {
throw new UsernameNotFoundException("Could not find: " + username);
}
@ -510,8 +510,7 @@ public class DaoAuthenticationProviderTests extends TestCase {
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
if ("peter".equals(username)) {
return new User("peter", "opal", true, true, true, false,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
return new User("peter", "opal", true, true, true, false, ROLES_12);
} else {
throw new UsernameNotFoundException("Could not find: " + username);
}
@ -522,8 +521,7 @@ public class DaoAuthenticationProviderTests extends TestCase {
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
if ("peter".equals(username)) {
return new User("peter", "opal", true, true, false, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
return new User("peter", "opal", true, true, false, true, ROLES_12);
} else {
throw new UsernameNotFoundException("Could not find: " + username);
}

2
core/src/test/java/org/springframework/security/providers/dao/MockUserCache.java
View File

@ -10,7 +10,7 @@ import org.springframework.security.userdetails.User;
import org.springframework.security.userdetails.UserDetails;
public class MockUserCache implements UserCache {
private Map cache = new HashMap();
private Map<String, UserDetails> cache = new HashMap<String, UserDetails>();
public UserDetails getUserFromCache(String username) {
return (User) cache.get(username);

23
core/src/test/java/org/springframework/security/providers/dao/cache/EhCacheBasedUserCacheTests.java vendored
View File

@ -16,19 +16,16 @@
package org.springframework.security.providers.dao.cache;
import net.sf.ehcache.Ehcache;
import net.sf.ehcache.CacheManager;
import net.sf.ehcache.Cache;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.userdetails.User;
import org.junit.BeforeClass;
import org.junit.AfterClass;
import org.junit.Test;
import static org.junit.Assert.*;
import net.sf.ehcache.Cache;
import net.sf.ehcache.CacheManager;
import net.sf.ehcache.Ehcache;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.Test;
import org.springframework.security.userdetails.User;
import org.springframework.security.util.AuthorityUtils;
/**
* Tests {@link EhCacheBasedUserCache}.
@ -61,7 +58,7 @@ public class EhCacheBasedUserCacheTests {
private User getUser() {
return new User("john", "password", true, true, true, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
}
@Test

23
core/src/test/java/org/springframework/security/providers/dao/cache/NullUserCacheTests.java vendored
View File

@ -17,10 +17,8 @@ package org.springframework.security.providers.dao.cache;
import junit.framework.TestCase;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.userdetails.User;
import org.springframework.security.util.AuthorityUtils;
/**
@ -30,29 +28,12 @@ import org.springframework.security.userdetails.User;
* @version $Id$
*/
public class NullUserCacheTests extends TestCase {
//~ Constructors ===================================================================================================
public NullUserCacheTests() {
super();
}
public NullUserCacheTests(String arg0) {
super(arg0);
}
//~ Methods ========================================================================================================
private User getUser() {
return new User("john", "password", true, true, true, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
}
public static void main(String[] args) {
junit.textui.TestRunner.run(NullUserCacheTests.class);
}
public final void setUp() throws Exception {
super.setUp();
AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
}
public void testCacheOperation() throws Exception {

14
core/src/test/java/org/springframework/security/providers/dao/salt/ReflectionSaltSourceTests.java
View File

@ -15,15 +15,13 @@
package org.springframework.security.providers.dao.salt;
import org.springframework.security.AuthenticationServiceException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.userdetails.User;
import org.springframework.security.userdetails.UserDetails;
import static junit.framework.Assert.assertEquals;
import org.junit.Test;
import static junit.framework.Assert.*;
import org.springframework.security.AuthenticationServiceException;
import org.springframework.security.userdetails.User;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.util.AuthorityUtils;
/**
* Tests {@link ReflectionSaltSource}.
@ -33,7 +31,7 @@ import static junit.framework.Assert.*;
*/
public class ReflectionSaltSourceTests {
private UserDetails user = new User("scott", "wombat", true, true, true, true,
new GrantedAuthority[] {new GrantedAuthorityImpl("HOLDER")});
AuthorityUtils.createAuthorityList("HOLDER"));
//~ Methods ========================================================================================================

16
core/src/test/java/org/springframework/security/providers/jaas/JaasAuthenticationProviderTests.java
View File

@ -33,7 +33,7 @@ import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.LockedException;
import org.springframework.security.SpringSecurityException;
import org.springframework.security.context.HttpSessionContextIntegrationFilter;
import org.springframework.security.context.HttpSessionSecurityContextRepository;
import org.springframework.security.context.SecurityContextImpl;
import org.springframework.security.providers.TestingAuthenticationToken;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
@ -136,11 +136,7 @@ public class JaasAuthenticationProviderTests extends TestCase {
}
public void testFull() throws Exception {
GrantedAuthorityImpl role1 = new GrantedAuthorityImpl("ROLE_1");
GrantedAuthorityImpl role2 = new GrantedAuthorityImpl("ROLE_2");
GrantedAuthority[] defaultAuths = new GrantedAuthority[] {role1, role2,};
List<GrantedAuthority> defaultAuths = AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO");
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("user", "password",
defaultAuths);
@ -153,12 +149,12 @@ public class JaasAuthenticationProviderTests extends TestCase {
assertNotNull(jaasProvider.getLoginConfig());
assertNotNull(jaasProvider.getLoginContextName());
List list = auth.getAuthorities();
List<GrantedAuthority> list = auth.getAuthorities();
assertTrue("GrantedAuthorities should contain ROLE_TEST1", list.contains(new GrantedAuthorityImpl("ROLE_TEST1")));
assertTrue("GrantedAuthorities should contain ROLE_TEST2", list.contains(new GrantedAuthorityImpl("ROLE_TEST2")));
assertTrue("GrantedAuthorities should contain ROLE_1", list.contains(role1));
assertTrue("GrantedAuthorities should contain ROLE_2", list.contains(role2));
assertTrue("GrantedAuthorities should contain ROLE_1", list.contains(defaultAuths.get(0)));
assertTrue("GrantedAuthorities should contain ROLE_2", list.contains(defaultAuths.get(1)));
boolean foundit = false;
@ -209,7 +205,7 @@ public class JaasAuthenticationProviderTests extends TestCase {
context.setAuthentication(token);
MockHttpSession mockSession = new MockHttpSession();
mockSession.setAttribute(HttpSessionContextIntegrationFilter.SPRING_SECURITY_CONTEXT_KEY, context);
mockSession.setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, context);
jaasProvider.onApplicationEvent(new HttpSessionDestroyedEvent(mockSession));

15
core/src/test/java/org/springframework/security/providers/jaas/Sec760Tests.java
View File

@ -1,18 +1,12 @@
package org.springframework.security.providers.jaas;
import java.net.URL;
import java.security.Security;
import javax.security.auth.login.LoginContext;
import junit.framework.Assert;
import org.junit.Test;
import org.springframework.core.io.ClassPathResource;
import org.springframework.security.Authentication;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.util.AuthorityUtils;
/**
* Tests bug reported in SEC-760.
@ -44,13 +38,8 @@ public class Sec760Tests {
}
private void testAuthenticate(JaasAuthenticationProvider p1) {
GrantedAuthorityImpl role1 = new GrantedAuthorityImpl("ROLE_1");
GrantedAuthorityImpl role2 = new GrantedAuthorityImpl("ROLE_2");
GrantedAuthority[] defaultAuths = new GrantedAuthority[] {role1, role2,};
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("user", "password",
defaultAuths);
AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
Authentication auth = p1.authenticate(token);
Assert.assertNotNull(auth);

11
core/src/test/java/org/springframework/security/providers/jaas/SecurityContextLoginModuleTests.java
View File

@ -21,6 +21,7 @@ import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import java.security.Principal;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
@ -38,7 +39,7 @@ public class SecurityContextLoginModuleTests extends TestCase {
//~ Instance fields ================================================================================================
private SecurityContextLoginModule module = null;
private Subject subject = new Subject(false, new HashSet(), new HashSet(), new HashSet());
private Subject subject = new Subject(false, new HashSet<Principal>(), new HashSet<Object>(), new HashSet<Object>());
private UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("principal",
"credentials");
@ -87,8 +88,7 @@ public class SecurityContextLoginModuleTests extends TestCase {
subject.getPrincipals().contains(auth));
}
public void testNullAuthenticationInSecurityContext()
throws Exception {
public void testNullAuthenticationInSecurityContext() throws Exception {
try {
SecurityContextHolder.getContext().setAuthentication(null);
module.login();
@ -96,11 +96,10 @@ public class SecurityContextLoginModuleTests extends TestCase {
} catch (Exception e) {}
}
public void testNullAuthenticationInSecurityContextIgnored()
throws Exception {
public void testNullAuthenticationInSecurityContextIgnored() throws Exception {
module = new SecurityContextLoginModule();
Map options = new HashMap();
Map<String, String> options = new HashMap<String, String>();
options.put("ignoreMissingAuthentication", "true");
module.initialize(subject, null, null, options);

5
core/src/test/java/org/springframework/security/providers/jaas/TestAuthorityGranter.java
View File

@ -22,7 +22,6 @@ import java.util.Set;
/**
* DOCUMENT ME!
*
* @author Ray Krueger
* @version $Id$
@ -30,8 +29,8 @@ import java.util.Set;
public class TestAuthorityGranter implements AuthorityGranter {
//~ Methods ========================================================================================================
public Set grant(Principal principal) {
Set rtnSet = new HashSet();
public Set<String> grant(Principal principal) {
Set<String> rtnSet = new HashSet<String>();
if (principal.getName().equals("TEST_PRINCIPAL")) {
rtnSet.add("ROLE_TEST1");

3
core/src/test/java/org/springframework/security/providers/jaas/TestLoginModule.java
View File

@ -26,8 +26,6 @@ import javax.security.auth.spi.LoginModule;
/**
* DOCUMENT ME!
*
* @author Ray Krueger
* @version $Id$
*/
@ -48,6 +46,7 @@ public class TestLoginModule implements LoginModule {
return true;
}
@SuppressWarnings("unchecked")
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
this.subject = subject;

1
core/src/test/java/org/springframework/security/providers/preauth/PreAuthenticatedAuthenticationProviderTests.java
View File

@ -21,7 +21,6 @@ import org.springframework.security.util.AuthorityUtils;
* @since 18-okt-2007
*/
public class PreAuthenticatedAuthenticationProviderTests {
private static final String SUPPORTED_USERNAME = "dummyUser";
@Test(expected = IllegalArgumentException.class)
public final void afterPropertiesSet() {

21
core/src/test/java/org/springframework/security/providers/preauth/PreAuthenticatedAuthenticationTokenTests.java
View File

@ -1,13 +1,12 @@
package org.springframework.security.providers.preauth;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.GrantedAuthority;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import junit.framework.TestCase;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.util.AuthorityUtils;
/**
*
* @author TSARDD
@ -40,16 +39,16 @@ public class PreAuthenticatedAuthenticationTokenTests extends TestCase {
public void testPreAuthenticatedAuthenticationTokenResponse() {
Object principal = "dummyUser";
Object credentials = "dummyCredentials";
GrantedAuthority[] gas = new GrantedAuthority[] { new GrantedAuthorityImpl("Role1") };
PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(principal, credentials, gas);
List<GrantedAuthority> gas = AuthorityUtils.createAuthorityList("Role1");
PreAuthenticatedAuthenticationToken token =
new PreAuthenticatedAuthenticationToken(principal, credentials, gas);
assertEquals(principal, token.getPrincipal());
assertEquals(credentials, token.getCredentials());
assertNull(token.getDetails());
assertNotNull(token.getAuthorities());
Collection expectedColl = Arrays.asList(gas);
Collection resultColl = token.getAuthorities();
assertTrue("GrantedAuthority collections do not match; result: " + resultColl + ", expected: " + expectedColl,
expectedColl.containsAll(resultColl) && resultColl.containsAll(expectedColl));
List<GrantedAuthority> resultColl = token.getAuthorities();
assertTrue("GrantedAuthority collections do not match; result: " + resultColl + ", expected: " + gas,
gas.containsAll(resultColl) && resultColl.containsAll(gas));
}

12
core/src/test/java/org/springframework/security/providers/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsServiceTests.java
View File

@ -1,10 +1,7 @@
package org.springframework.security.providers.preauth;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.*;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import org.junit.Test;
@ -67,11 +64,8 @@ public class PreAuthenticatedGrantedAuthoritiesUserDetailsServiceTests {
// PreAuthenticatedGrantedAuthoritiesUserDetailsService
//assertEquals(ud.getPassword(),password);
Collection expectedColl = Arrays.asList(gas);
Collection resultColl = Arrays.asList(ud.getAuthorities());
assertTrue("GrantedAuthority collections do not match; result: " + resultColl + ", expected: " + expectedColl, expectedColl
.containsAll(resultColl)
&& resultColl.containsAll(expectedColl));
assertTrue("GrantedAuthority collections do not match; result: " + ud.getAuthorities() + ", expected: " + gas,
gas.containsAll(ud.getAuthorities()) && ud.getAuthorities().containsAll(gas));
}
}

16
core/src/test/java/org/springframework/security/providers/preauth/UserDetailsByNameServiceWrapperTests.java
View File

@ -1,16 +1,14 @@
package org.springframework.security.providers.preauth;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsByNameServiceWrapper;
import org.springframework.security.userdetails.UsernameNotFoundException;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.userdetails.User;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.GrantedAuthority;
import junit.framework.TestCase;
import org.springframework.dao.DataAccessException;
import org.springframework.security.userdetails.User;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsByNameServiceWrapper;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.userdetails.UsernameNotFoundException;
import org.springframework.security.util.AuthorityUtils;
/**
*
@ -32,7 +30,7 @@ public class UserDetailsByNameServiceWrapperTests extends TestCase {
public final void testGetUserDetails() throws Exception {
UserDetailsByNameServiceWrapper svc = new UserDetailsByNameServiceWrapper();
final User user = new User("dummy", "dummy", true, true, true, true, new GrantedAuthority[] { new GrantedAuthorityImpl("dummy") });
final User user = new User("dummy", "dummy", true, true, true, true, AuthorityUtils.NO_AUTHORITIES);
svc.setUserDetailsService(new UserDetailsService() {
public UserDetails loadUserByUsername(String name) throws UsernameNotFoundException, DataAccessException {
if (user != null && user.getUsername().equals(name)) {

12
core/src/test/java/org/springframework/security/providers/rcp/RemoteAuthenticationManagerImplTests.java
View File

@ -17,7 +17,6 @@ package org.springframework.security.providers.rcp;
import junit.framework.TestCase;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.MockAuthenticationManager;
@ -30,14 +29,6 @@ import org.springframework.security.MockAuthenticationManager;
public class RemoteAuthenticationManagerImplTests extends TestCase {
//~ Methods ========================================================================================================
public static void main(String[] args) {
junit.textui.TestRunner.run(RemoteAuthenticationManagerImplTests.class);
}
public final void setUp() throws Exception {
super.setUp();
}
public void testFailedAuthenticationReturnsRemoteAuthenticationException() {
RemoteAuthenticationManagerImpl manager = new RemoteAuthenticationManagerImpl();
manager.setAuthenticationManager(new MockAuthenticationManager(false));
@ -75,7 +66,6 @@ public class RemoteAuthenticationManagerImplTests extends TestCase {
RemoteAuthenticationManagerImpl manager = new RemoteAuthenticationManagerImpl();
manager.setAuthenticationManager(new MockAuthenticationManager(true));
GrantedAuthority[] result = manager.attemptAuthentication("rod", "password");
assertTrue(true);
manager.attemptAuthentication("rod", "password");
}
}

19
core/src/test/java/org/springframework/security/providers/rememberme/RememberMeAuthenticationProviderTests.java
View File

@ -19,10 +19,8 @@ import junit.framework.TestCase;
import org.springframework.security.Authentication;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.TestingAuthenticationToken;
import org.springframework.security.util.AuthorityUtils;
/**
@ -32,15 +30,6 @@ import org.springframework.security.providers.TestingAuthenticationToken;
* @version $Id$
*/
public class RememberMeAuthenticationProviderTests extends TestCase {
//~ Constructors ===================================================================================================
public RememberMeAuthenticationProviderTests() {
}
public RememberMeAuthenticationProviderTests(String arg0) {
super(arg0);
}
//~ Methods ========================================================================================================
public void testDetectsAnInvalidKey() throws Exception {
@ -48,10 +37,10 @@ public class RememberMeAuthenticationProviderTests extends TestCase {
aap.setKey("qwerty");
RememberMeAuthenticationToken token = new RememberMeAuthenticationToken("WRONG_KEY", "Test",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
try {
Authentication result = aap.authenticate(token);
aap.authenticate(token);
fail("Should have thrown BadCredentialsException");
} catch (BadCredentialsException expected) {
}
@ -91,7 +80,7 @@ public class RememberMeAuthenticationProviderTests extends TestCase {
aap.setKey("qwerty");
RememberMeAuthenticationToken token = new RememberMeAuthenticationToken("qwerty", "Test",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
Authentication result = aap.authenticate(token);

Some files were not shown because too many files have changed in this diff Show More