SEC-719: Refactor portlet code to make more use of core classes

http://jira.springframework.org/browse/SEC-719. Removed portlet-specific cache interface and implementations in favour of using (identical) ones from core.
This commit is contained in:
Luke Taylor 2008-03-17 14:45:44 +00:00
parent 8f7b216de3
commit cd61d76aaf
6 changed files with 3 additions and 270 deletions

View File

@ -26,7 +26,8 @@ import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationServiceException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.providers.portlet.cache.NullUserCache;
import org.springframework.security.providers.dao.UserCache;
import org.springframework.security.providers.dao.cache.NullUserCache;
import org.springframework.security.userdetails.UserDetails;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@ -73,8 +74,7 @@ public class PortletAuthenticationProvider
return PortletAuthenticationToken.class.isAssignableFrom(authentication);
}
public Authentication authenticate(Authentication authentication)
throws AuthenticationException {
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
// make sure we support the authentication
if (!supports(authentication.getClass())) {

View File

@ -1,39 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.providers.portlet;
import org.springframework.security.userdetails.UserDetails;
/**
* Provides a cache of {@link UserDetails} objects for the
* {@link PortletAuthenticationProvider}.
*
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public interface UserCache {
//~ Methods ========================================================================================================
public UserDetails getUserFromCache(String username);
public void putUserInCache(UserDetails user);
public void removeUserFromCache(String username);
}

View File

@ -1,102 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.providers.portlet.cache;
import net.sf.ehcache.Cache;
import net.sf.ehcache.CacheException;
import net.sf.ehcache.Element;
import org.springframework.security.providers.portlet.UserCache;
import org.springframework.security.userdetails.UserDetails;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.dao.DataRetrievalFailureException;
import org.springframework.util.Assert;
/**
* <code>UserCache</code> implementation for portlets that uses an injected
* <a href="http://ehcache.sourceforge.net">ehcache</a>.
*
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public class EhCacheBasedUserCache
implements UserCache, InitializingBean {
//~ Static fields/initializers =====================================================================================
private static final Log logger = LogFactory.getLog(EhCacheBasedUserCache.class);
//~ Instance fields ================================================================================================
private Cache cache;
//~ Methods ========================================================================================================
public void afterPropertiesSet() throws Exception {
Assert.notNull(cache, "cache mandatory");
}
public UserDetails getUserFromCache(String username) {
Element element = null;
try {
element = cache.get(username);
} catch (CacheException cacheException) {
throw new DataRetrievalFailureException("Cache failure: "
+ cacheException.getMessage());
}
if (logger.isDebugEnabled())
logger.debug("Cache hit: " + (element != null) + "; username: " + username);
return (element != null ? (UserDetails) element.getValue() : null);
}
public void putUserInCache(UserDetails user) {
Element element = new Element(user.getUsername(), user);
if (logger.isDebugEnabled())
logger.debug("Cache put: " + element.getKey());
cache.put(element);
}
public void removeUserFromCache(UserDetails user) {
this.removeUserFromCache(user.getUsername());
}
public void removeUserFromCache(String username) {
if (logger.isDebugEnabled())
logger.debug("Cache remove: " + username);
cache.remove(username);
}
public Cache getCache() {
return cache;
}
public void setCache(Cache cache) {
this.cache = cache;
}
}

View File

@ -1,41 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.providers.portlet.cache;
import org.springframework.security.providers.portlet.UserCache;
import org.springframework.security.userdetails.UserDetails;
/**
* <code>UserCache</code> implementation for portlets that does nothing.
*
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public class NullUserCache implements UserCache {
//~ Methods ========================================================================================================
public UserDetails getUserFromCache(String username) {
return null;
}
public void putUserInCache(UserDetails user) {}
public void removeUserFromCache(String username) {}
}

View File

@ -1,5 +0,0 @@
<html>
<body>
User caches for the Portlet provider.
</body>
</html>

View File

@ -1,80 +0,0 @@
/*
* Copyright 2005-2007 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.providers.portlet.cache;
import net.sf.ehcache.Cache;
import net.sf.ehcache.CacheManager;
import org.springframework.security.providers.portlet.PortletTestUtils;
import org.junit.Test;
import org.junit.BeforeClass;
import org.junit.AfterClass;
import static org.junit.Assert.*;
/**
* Tests for {@link EhCacheBasedUserCache}.
*
* @author John A. Lewis
* @since 2.0
* @version $Id$
*/
public class EhCacheBasedUserCacheTests {
//~ Static fields/initializers =====================================================================================
private static CacheManager cacheManager;
@BeforeClass
public static void initCacheManaer() {
cacheManager = new CacheManager();
cacheManager.addCache(new Cache("portletusercachetests", 500, false, false, 30, 30));
}
@AfterClass
public static void shutdownCacheManager() {
cacheManager.removalAll();
cacheManager.shutdown();
}
private Cache getCache() {
Cache cache = cacheManager.getCache("portletusercachetests");
cache.removeAll();
return cache;
}
@Test
public void testCacheOperation() throws Exception {
// Create the cache
EhCacheBasedUserCache cache = new EhCacheBasedUserCache();
cache.setCache(getCache());
cache.afterPropertiesSet();
// Check it gets stored in the cache
cache.putUserInCache(PortletTestUtils.createUser());
assertEquals(PortletTestUtils.TESTCRED, cache.getUserFromCache(PortletTestUtils.TESTUSER).getPassword());
// Check it gets removed from the cache
cache.removeUserFromCache(PortletTestUtils.TESTUSER);
assertNull(cache.getUserFromCache(PortletTestUtils.TESTUSER));
// Check it doesn't return values for null user
assertNull(cache.getUserFromCache(null));
}
}