root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Cleanup unused imports.

This commit is contained in:
Ben Alex 2006-02-09 06:00:25 +00:00
parent 96196bd637
commit e63b2ec9e6
24 changed files with 503 additions and 441 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/src/main/java/org/acegisecurity/concurrent/SessionRegistryUtils.java
View File

@ -17,8 +17,6 @@ package org.acegisecurity.concurrent;
import org.acegisecurity.Authentication;
import org.acegisecurity.ui.WebAuthenticationDetails;
import org.acegisecurity.userdetails.UserDetails;
import org.springframework.util.Assert;

6
core/src/main/java/org/acegisecurity/context/rmi/ContextPropagatingRemoteInvocation.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -17,7 +17,6 @@ package org.acegisecurity.context.rmi;
import org.acegisecurity.context.SecurityContext;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.aopalliance.intercept.MethodInvocation;
@ -118,11 +117,8 @@ public class ContextPropagatingRemoteInvocation extends RemoteInvocation {
}
try {
return super.invoke(targetObject);
} finally {
SecurityContextHolder.clearContext();
if (logger.isDebugEnabled()) {

2
core/src/main/java/org/acegisecurity/vote/AbstractAclVoter.java
View File

@ -28,8 +28,6 @@ import org.aspectj.lang.reflect.CodeSignature;
import org.springframework.util.Assert;
import java.lang.reflect.Method;
/**
* <p>

84
core/src/test/java/org/acegisecurity/context/rmi/ContextPropagatingRemoteInvocationTests.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -19,11 +19,11 @@ import junit.framework.TestCase;
import org.acegisecurity.Authentication;
import org.acegisecurity.TargetObject;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.context.rmi.ContextPropagatingRemoteInvocation;
import org.acegisecurity.context.rmi.ContextPropagatingRemoteInvocationFactory;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.acegisecurity.util.SimpleMethodInvocation;
import org.aopalliance.intercept.MethodInvocation;
@ -51,15 +51,53 @@ public class ContextPropagatingRemoteInvocationTests extends TestCase {
//~ Methods ================================================================
private ContextPropagatingRemoteInvocation getRemoteInvocation()
throws Exception {
Class clazz = TargetObject.class;
Method method = clazz.getMethod("makeLowerCase",
new Class[] {String.class});
MethodInvocation mi = new SimpleMethodInvocation(method,
new Object[] {"SOME_STRING"});
ContextPropagatingRemoteInvocationFactory factory = new ContextPropagatingRemoteInvocationFactory();
return (ContextPropagatingRemoteInvocation) factory
.createRemoteInvocation(mi);
}
public static void main(String[] args) {
junit.textui.TestRunner.run(ContextPropagatingRemoteInvocationTests.class);
}
public void testContextIsResetEvenIfExceptionOccurs()
throws Exception {
// Setup client-side context
Authentication clientSideAuthentication = new UsernamePasswordAuthenticationToken("marissa",
"koala");
SecurityContextHolder.getContext()
.setAuthentication(clientSideAuthentication);
ContextPropagatingRemoteInvocation remoteInvocation = getRemoteInvocation();
try {
// Set up the wrong arguments.
remoteInvocation.setArguments(new Object[] {});
remoteInvocation.invoke(TargetObject.class.newInstance());
fail("Expected IllegalArgumentException");
} catch (IllegalArgumentException e) {
// expected
}
assertNull("Authentication must be null ",
SecurityContextHolder.getContext().getAuthentication());
}
public void testNormalOperation() throws Exception {
// Setup client-side context
Authentication clientSideAuthentication = new UsernamePasswordAuthenticationToken("marissa",
"koala");
SecurityContextHolder.getContext().setAuthentication(clientSideAuthentication);
SecurityContextHolder.getContext()
.setAuthentication(clientSideAuthentication);
ContextPropagatingRemoteInvocation remoteInvocation = getRemoteInvocation();
@ -84,40 +122,4 @@ public class ContextPropagatingRemoteInvocationTests extends TestCase {
assertEquals("some_string Authentication empty",
remoteInvocation.invoke(new TargetObject()));
}
public void testContextIsResetEvenIfExceptionOccurs() throws Exception {
// Setup client-side context
Authentication clientSideAuthentication = new UsernamePasswordAuthenticationToken("marissa",
"koala");
SecurityContextHolder.getContext().setAuthentication(clientSideAuthentication);
ContextPropagatingRemoteInvocation remoteInvocation = getRemoteInvocation();
try {
// Set up the wrong arguments.
remoteInvocation.setArguments(new Object[] {});
remoteInvocation.invoke(TargetObject.class.newInstance());
fail("Expected IllegalArgumentException");
} catch(IllegalArgumentException e) {
// expected
}
assertNull("Authentication must be null ", SecurityContextHolder.getContext().getAuthentication());
}
private ContextPropagatingRemoteInvocation getRemoteInvocation()
throws Exception {
Class clazz = TargetObject.class;
Method method = clazz.getMethod("makeLowerCase",
new Class[] {String.class});
MethodInvocation mi = new SimpleMethodInvocation(method,
new Object[] {"SOME_STRING"});
ContextPropagatingRemoteInvocationFactory factory = new ContextPropagatingRemoteInvocationFactory();
return (ContextPropagatingRemoteInvocation) factory
.createRemoteInvocation(mi);
}
}

38
core/src/test/java/org/acegisecurity/intercept/web/FilterSecurityInterceptorTests.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -15,14 +15,6 @@
package org.acegisecurity.intercept.web;
import java.io.IOException;
import java.util.Iterator;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import junit.framework.TestCase;
import org.acegisecurity.AccessDecisionManager;
@ -38,12 +30,23 @@ import org.acegisecurity.MockAuthenticationManager;
import org.acegisecurity.MockRunAsManager;
import org.acegisecurity.RunAsManager;
import org.acegisecurity.SecurityConfig;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import java.io.IOException;
import java.util.Iterator;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
/**
* Tests {@link FilterSecurityInterceptor}.
@ -64,14 +67,14 @@ public class FilterSecurityInterceptorTests extends TestCase {
//~ Methods ================================================================
public final void setUp() throws Exception {
super.setUp();
}
public static void main(String[] args) {
junit.textui.TestRunner.run(FilterSecurityInterceptorTests.class);
}
public final void setUp() throws Exception {
super.setUp();
}
public void testEnsuresAccessDecisionManagerSupportsFilterInvocationClass()
throws Exception {
FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
@ -145,7 +148,8 @@ public class FilterSecurityInterceptorTests extends TestCase {
interceptor.setAccessDecisionManager(new MockAccessDecisionManager());
interceptor.setAuthenticationManager(new MockAuthenticationManager());
interceptor.setRunAsManager(new MockRunAsManager());
interceptor.setApplicationEventPublisher(MockApplicationContext.getContext());
interceptor.setApplicationEventPublisher(MockApplicationContext
.getContext());
// Setup a mock config attribute definition
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
@ -197,6 +201,7 @@ public class FilterSecurityInterceptorTests extends TestCase {
* test access denied events as the abstract parent enforces that logic,
* which is extensively tested separately.
*
* @throws Throwable DOCUMENT ME!
*/
public void testSuccessfulInvocation() throws Throwable {
// Setup the FilterSecurityInterceptor
@ -204,7 +209,8 @@ public class FilterSecurityInterceptorTests extends TestCase {
interceptor.setAccessDecisionManager(new MockAccessDecisionManager());
interceptor.setAuthenticationManager(new MockAuthenticationManager());
interceptor.setRunAsManager(new MockRunAsManager());
interceptor.setApplicationEventPublisher(MockApplicationContext.getContext());
interceptor.setApplicationEventPublisher(MockApplicationContext
.getContext());
// Setup a mock config attribute definition
ConfigAttributeDefinition def = new ConfigAttributeDefinition();

13
core/src/test/java/org/acegisecurity/providers/TestingAuthenticationTokenTests.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -19,7 +19,6 @@ import junit.framework.TestCase;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.providers.rememberme.RememberMeAuthenticationToken;
/**
@ -41,14 +40,14 @@ public class TestingAuthenticationTokenTests extends TestCase {
//~ Methods ================================================================
public final void setUp() throws Exception {
super.setUp();
}
public static void main(String[] args) {
junit.textui.TestRunner.run(TestingAuthenticationTokenTests.class);
}
public final void setUp() throws Exception {
super.setUp();
}
public void testAuthenticated() {
TestingAuthenticationToken token = new TestingAuthenticationToken("Test",
"Password", null);
@ -72,7 +71,7 @@ public class TestingAuthenticationTokenTests extends TestCase {
Class clazz = TestingAuthenticationToken.class;
try {
clazz.getDeclaredConstructor((Class[])null);
clazz.getDeclaredConstructor((Class[]) null);
fail("Should have thrown NoSuchMethodException");
} catch (NoSuchMethodException expected) {
assertTrue(true);

14
core/src/test/java/org/acegisecurity/providers/anonymous/AnonymousAuthenticationTokenTests.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -19,8 +19,8 @@ import junit.framework.TestCase;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.acegisecurity.providers.rememberme.RememberMeAuthenticationToken;
import java.util.List;
import java.util.Vector;
@ -45,14 +45,14 @@ public class AnonymousAuthenticationTokenTests extends TestCase {
//~ Methods ================================================================
public final void setUp() throws Exception {
super.setUp();
}
public static void main(String[] args) {
junit.textui.TestRunner.run(AnonymousAuthenticationTokenTests.class);
}
public final void setUp() throws Exception {
super.setUp();
}
public void testConstructorRejectsNulls() {
try {
new AnonymousAuthenticationToken(null, "Test",
@ -131,7 +131,7 @@ public class AnonymousAuthenticationTokenTests extends TestCase {
Class clazz = AnonymousAuthenticationToken.class;
try {
clazz.getDeclaredConstructor((Class[])null);
clazz.getDeclaredConstructor((Class[]) null);
fail("Should have thrown NoSuchMethodException");
} catch (NoSuchMethodException expected) {
assertTrue(true);

49
core/src/test/java/org/acegisecurity/providers/anonymous/AnonymousProcessingFilterTests.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -12,6 +12,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.acegisecurity.providers.anonymous;
import junit.framework.TestCase;
@ -20,9 +21,11 @@ import org.acegisecurity.Authentication;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.MockFilterConfig;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.TestingAuthenticationToken;
import org.acegisecurity.userdetails.memory.UserAttribute;
import org.springframework.mock.web.MockHttpServletRequest;
@ -45,6 +48,8 @@ import javax.servlet.ServletResponse;
* @version $Id$
*/
public class AnonymousProcessingFilterTests extends TestCase {
//~ Constructors ===========================================================
public AnonymousProcessingFilterTests() {
super();
}
@ -53,10 +58,30 @@ public class AnonymousProcessingFilterTests extends TestCase {
super(arg0);
}
//~ Methods ================================================================
private void executeFilterInContainerSimulator(FilterConfig filterConfig,
Filter filter, ServletRequest request, ServletResponse response,
FilterChain filterChain) throws ServletException, IOException {
filter.init(filterConfig);
filter.doFilter(request, response, filterChain);
filter.destroy();
}
public static void main(String[] args) {
junit.textui.TestRunner.run(AnonymousProcessingFilterTests.class);
}
protected void setUp() throws Exception {
super.setUp();
SecurityContextHolder.clearContext();
}
protected void tearDown() throws Exception {
super.tearDown();
SecurityContextHolder.clearContext();
}
public void testDetectsMissingKey() throws Exception {
UserAttribute user = new UserAttribute();
user.setPassword("anonymousUsername");
@ -107,7 +132,7 @@ public class AnonymousProcessingFilterTests extends TestCase {
// Put an Authentication object into the SecurityContextHolder
Authentication originalAuth = new TestingAuthenticationToken("user",
"password",
new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE_A") });
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A")});
SecurityContextHolder.getContext().setAuthentication(originalAuth);
// Setup our filter correctly
@ -162,23 +187,7 @@ public class AnonymousProcessingFilterTests extends TestCase {
assertNull(SecurityContextHolder.getContext().getAuthentication());
}
protected void setUp() throws Exception {
super.setUp();
SecurityContextHolder.clearContext();
}
protected void tearDown() throws Exception {
super.tearDown();
SecurityContextHolder.clearContext();
}
private void executeFilterInContainerSimulator(FilterConfig filterConfig,
Filter filter, ServletRequest request, ServletResponse response,
FilterChain filterChain) throws ServletException, IOException {
filter.init(filterConfig);
filter.doFilter(request, response, filterChain);
filter.destroy();
}
//~ Inner Classes ==========================================================
private class MockFilterChain implements FilterChain {
private boolean expectToProceed;

34
core/src/test/java/org/acegisecurity/providers/jaas/SecurityContextLoginModuleTests.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -18,12 +18,12 @@ package org.acegisecurity.providers.jaas;
import junit.framework.TestCase;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.HashMap;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
@ -45,6 +45,17 @@ public class SecurityContextLoginModuleTests extends TestCase {
//~ Methods ================================================================
protected void setUp() throws Exception {
module = new SecurityContextLoginModule();
module.initialize(subject, null, null, null);
SecurityContextHolder.clearContext();
}
protected void tearDown() throws Exception {
SecurityContextHolder.clearContext();
module = null;
}
public void testAbort() throws Exception {
assertFalse("Should return false, no auth is set", module.abort());
SecurityContextHolder.getContext().setAuthentication(auth);
@ -87,9 +98,9 @@ public class SecurityContextLoginModuleTests extends TestCase {
try {
SecurityContextHolder.getContext().setAuthentication(null);
module.login();
fail("LoginException expected, the authentication is null in the SecurityContext");
} catch (Exception e) {
}
fail(
"LoginException expected, the authentication is null in the SecurityContext");
} catch (Exception e) {}
}
public void testNullAuthenticationInSecurityContextIgnored()
@ -107,15 +118,4 @@ public class SecurityContextLoginModuleTests extends TestCase {
public void testNullLogout() throws Exception {
assertFalse(module.logout());
}
protected void setUp() throws Exception {
module = new SecurityContextLoginModule();
module.initialize(subject, null, null, null);
SecurityContextHolder.clearContext();
}
protected void tearDown() throws Exception {
SecurityContextHolder.clearContext();
module = null;
}
}

35
core/src/test/java/org/acegisecurity/taglibs/authz/AuthorizeTagAttributeTests.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -19,8 +19,9 @@ import junit.framework.TestCase;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.TestingAuthenticationToken;
import javax.servlet.jsp.JspException;
@ -41,6 +42,21 @@ public class AuthorizeTagAttributeTests extends TestCase {
//~ Methods ================================================================
protected void setUp() throws Exception {
super.setUp();
currentUser = new TestingAuthenticationToken("abc", "123",
new GrantedAuthority[] {new GrantedAuthorityImpl(
"ROLE_SUPERVISOR"), new GrantedAuthorityImpl(
"ROLE_RESTRICTED"),});
SecurityContextHolder.getContext().setAuthentication(currentUser);
}
protected void tearDown() throws Exception {
SecurityContextHolder.clearContext();
}
public void testAssertsIfAllGrantedSecond() throws JspException {
authorizeTag.setIfAllGranted("ROLE_SUPERVISOR,ROLE_SUPERTELLER");
authorizeTag.setIfAnyGranted("ROLE_RESTRICTED");
@ -85,19 +101,4 @@ public class AuthorizeTagAttributeTests extends TestCase {
assertEquals("allows request - principal does not have ROLE_TELLER",
Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag());
}
protected void setUp() throws Exception {
super.setUp();
currentUser = new TestingAuthenticationToken("abc", "123",
new GrantedAuthority[] {new GrantedAuthorityImpl(
"ROLE_SUPERVISOR"), new GrantedAuthorityImpl(
"ROLE_RESTRICTED"),});
SecurityContextHolder.getContext().setAuthentication(currentUser);
}
protected void tearDown() throws Exception {
SecurityContextHolder.clearContext();
}
}

50
core/src/test/java/org/acegisecurity/taglibs/authz/AuthorizeTagCustomGrantedAuthorityTests.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -18,8 +18,9 @@ package org.acegisecurity.taglibs.authz;
import junit.framework.TestCase;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.TestingAuthenticationToken;
import javax.servlet.jsp.JspException;
@ -40,28 +41,6 @@ public class AuthorizeTagCustomGrantedAuthorityTests extends TestCase {
//~ Methods ================================================================
public void testAllowsRequestWhenCustomAuthorityPresentsCorrectRole()
throws JspException {
authorizeTag.setIfAnyGranted("ROLE_TELLER");
assertEquals("authorized - ROLE_TELLER in both sets",
Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag());
}
public void testRejectsRequestWhenCustomAuthorityReturnsNull()
throws JspException {
authorizeTag.setIfAnyGranted("ROLE_TELLER");
SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(
"abc", "123",
new GrantedAuthority[] {new CustomGrantedAuthority(null)}));
try {
authorizeTag.doStartTag();
fail("Failed to reject GrantedAuthority with NULL getAuthority()");
} catch (IllegalArgumentException expected) {
assertTrue("expected", true);
}
}
protected void setUp() throws Exception {
super.setUp();
@ -76,6 +55,29 @@ public class AuthorizeTagCustomGrantedAuthorityTests extends TestCase {
SecurityContextHolder.clearContext();
}
public void testAllowsRequestWhenCustomAuthorityPresentsCorrectRole()
throws JspException {
authorizeTag.setIfAnyGranted("ROLE_TELLER");
assertEquals("authorized - ROLE_TELLER in both sets",
Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag());
}
public void testRejectsRequestWhenCustomAuthorityReturnsNull()
throws JspException {
authorizeTag.setIfAnyGranted("ROLE_TELLER");
SecurityContextHolder.getContext()
.setAuthentication(new TestingAuthenticationToken(
"abc", "123",
new GrantedAuthority[] {new CustomGrantedAuthority(null)}));
try {
authorizeTag.doStartTag();
fail("Failed to reject GrantedAuthority with NULL getAuthority()");
} catch (IllegalArgumentException expected) {
assertTrue("expected", true);
}
}
//~ Inner Classes ==========================================================
private static class CustomGrantedAuthority implements GrantedAuthority {

37
core/src/test/java/org/acegisecurity/taglibs/authz/AuthorizeTagExpressionLanguageTests.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -19,8 +19,9 @@ import junit.framework.TestCase;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.TestingAuthenticationToken;
import org.springframework.mock.web.MockPageContext;
@ -41,6 +42,22 @@ public class AuthorizeTagExpressionLanguageTests extends TestCase {
//~ Methods ================================================================
protected void setUp() throws Exception {
super.setUp();
pageContext = new MockPageContext();
authorizeTag.setPageContext(pageContext);
currentUser = new TestingAuthenticationToken("abc", "123",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_TELLER"),});
SecurityContextHolder.getContext().setAuthentication(currentUser);
}
protected void tearDown() throws Exception {
SecurityContextHolder.clearContext();
}
public void testAllGrantedUsesExpressionLanguageWhenExpressionIsEL()
throws JspException {
pageContext.setAttribute("authority", "ROLE_TELLER");
@ -67,20 +84,4 @@ public class AuthorizeTagExpressionLanguageTests extends TestCase {
assertEquals("allows body - authority var contains ROLE_TELLER",
Tag.SKIP_BODY, authorizeTag.doStartTag());
}
protected void setUp() throws Exception {
super.setUp();
pageContext = new MockPageContext();
authorizeTag.setPageContext(pageContext);
currentUser = new TestingAuthenticationToken("abc", "123",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_TELLER"),});
SecurityContextHolder.getContext().setAuthentication(currentUser);
}
protected void tearDown() throws Exception {
SecurityContextHolder.clearContext();
}
}

35
core/src/test/java/org/acegisecurity/taglibs/authz/AuthorizeTagTests.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -19,8 +19,9 @@ import junit.framework.TestCase;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.TestingAuthenticationToken;
import javax.servlet.jsp.JspException;
@ -41,6 +42,21 @@ public class AuthorizeTagTests extends TestCase {
//~ Methods ================================================================
protected void setUp() throws Exception {
super.setUp();
currentUser = new TestingAuthenticationToken("abc", "123",
new GrantedAuthority[] {new GrantedAuthorityImpl(
"ROLE_SUPERVISOR"), new GrantedAuthorityImpl(
"ROLE_TELLER"),});
SecurityContextHolder.getContext().setAuthentication(currentUser);
}
protected void tearDown() throws Exception {
SecurityContextHolder.clearContext();
}
public void testAlwaysReturnsUnauthorizedIfNoUserFound()
throws JspException {
SecurityContextHolder.getContext().setAuthentication(null);
@ -107,19 +123,4 @@ public class AuthorizeTagTests extends TestCase {
assertEquals("prevents request - principal has ROLE_TELLER",
Tag.SKIP_BODY, authorizeTag.doStartTag());
}
protected void setUp() throws Exception {
super.setUp();
currentUser = new TestingAuthenticationToken("abc", "123",
new GrantedAuthority[] {new GrantedAuthorityImpl(
"ROLE_SUPERVISOR"), new GrantedAuthorityImpl(
"ROLE_TELLER"),});
SecurityContextHolder.getContext().setAuthentication(currentUser);
}
protected void tearDown() throws Exception {
SecurityContextHolder.clearContext();
}
}

3
core/src/test/java/org/acegisecurity/taglibs/velocity/AuthzImplAttributeTest.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -21,7 +21,6 @@ import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.TestingAuthenticationToken;

3
core/src/test/java/org/acegisecurity/taglibs/velocity/AuthzImplAuthorizeTagTest.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -21,7 +21,6 @@ import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.TestingAuthenticationToken;

78
core/src/test/java/org/acegisecurity/ui/AbstractProcessingFilterTests.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -24,9 +24,11 @@ import org.acegisecurity.BadCredentialsException;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.MockAuthenticationManager;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices;
import org.springframework.mock.web.MockFilterConfig;
@ -66,10 +68,39 @@ public class AbstractProcessingFilterTests extends TestCase {
//~ Methods ================================================================
private MockHttpServletRequest createMockRequest() {
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/j_mock_post");
request.setScheme("http");
request.setServerName("www.example.com");
request.setRequestURI("/mycontext/j_mock_post");
return request;
}
private void executeFilterInContainerSimulator(FilterConfig filterConfig,
Filter filter, ServletRequest request, ServletResponse response,
FilterChain filterChain) throws ServletException, IOException {
filter.init(filterConfig);
filter.doFilter(request, response, filterChain);
filter.destroy();
}
public static void main(String[] args) {
junit.textui.TestRunner.run(AbstractProcessingFilterTests.class);
}
protected void setUp() throws Exception {
super.setUp();
SecurityContextHolder.clearContext();
}
protected void tearDown() throws Exception {
super.tearDown();
SecurityContextHolder.clearContext();
}
public void testDefaultProcessesFilterUrlWithPathParameter() {
MockHttpServletRequest request = createMockRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
@ -367,7 +398,8 @@ public class AbstractProcessingFilterTests extends TestCase {
throws Exception {
// Setup our HTTP request
MockHttpServletRequest request = createMockRequest();
request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY,
request.getSession()
.setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY,
"/my-destination");
// Setup our filter configuration
@ -396,7 +428,8 @@ public class AbstractProcessingFilterTests extends TestCase {
throws Exception {
// Setup our HTTP request
MockHttpServletRequest request = createMockRequest();
request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY,
request.getSession()
.setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY,
"/my-destination");
// Setup our filter configuration
@ -417,35 +450,6 @@ public class AbstractProcessingFilterTests extends TestCase {
assertNotNull(SecurityContextHolder.getContext().getAuthentication());
}
protected void setUp() throws Exception {
super.setUp();
SecurityContextHolder.clearContext();
}
protected void tearDown() throws Exception {
super.tearDown();
SecurityContextHolder.clearContext();
}
private MockHttpServletRequest createMockRequest() {
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/j_mock_post");
request.setScheme("http");
request.setServerName("www.example.com");
request.setRequestURI("/mycontext/j_mock_post");
return request;
}
private void executeFilterInContainerSimulator(FilterConfig filterConfig,
Filter filter, ServletRequest request, ServletResponse response,
FilterChain filterChain) throws ServletException, IOException {
filter.init(filterConfig);
filter.doFilter(request, response, filterChain);
filter.destroy();
}
//~ Inner Classes ==========================================================
private class MockAbstractProcessingFilter extends AbstractProcessingFilter {
@ -468,10 +472,6 @@ public class AbstractProcessingFilterTests extends TestCase {
super();
}
public String getDefaultFilterProcessesUrl() {
return "/j_mock_post";
}
public Authentication attemptAuthentication(HttpServletRequest request)
throws AuthenticationException {
if (grantAccess) {
@ -482,6 +482,10 @@ public class AbstractProcessingFilterTests extends TestCase {
}
}
public String getDefaultFilterProcessesUrl() {
return "/j_mock_post";
}
public void init(FilterConfig arg0) throws ServletException {}
public boolean requiresAuthentication(HttpServletRequest request,

19
core/src/test/java/org/acegisecurity/ui/ExceptionTranslationFilterTests.java
View File

@ -15,13 +15,6 @@
package org.acegisecurity.ui;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import junit.framework.TestCase;
import org.acegisecurity.AccessDeniedException;
@ -30,13 +23,23 @@ import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.MockAuthenticationEntryPoint;
import org.acegisecurity.MockPortResolver;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken;
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
/**
* Tests {@link ExceptionTranslationFilter}.

85
core/src/test/java/org/acegisecurity/ui/basicauth/BasicProcessingFilterTests.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -17,29 +17,33 @@ package org.acegisecurity.ui.basicauth;
import org.acegisecurity.MockAuthenticationEntryPoint;
import org.acegisecurity.MockAuthenticationManager;
import org.acegisecurity.MockFilterConfig;
import org.acegisecurity.MockFilterChain;
import org.acegisecurity.providers.dao.DaoAuthenticationProvider;
import org.acegisecurity.providers.ProviderManager;
import org.acegisecurity.MockFilterConfig;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.ProviderManager;
import org.acegisecurity.providers.dao.DaoAuthenticationProvider;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.memory.InMemoryDaoImpl;
import org.acegisecurity.userdetails.memory.UserMapEditor;
import org.acegisecurity.userdetails.memory.UserMap;
import org.acegisecurity.userdetails.memory.UserMapEditor;
import org.apache.commons.codec.binary.Base64;
import org.springframework.context.ApplicationEventPublisher;
import org.jmock.Mock;
import org.jmock.MockObjectTestCase;
import org.springframework.context.ApplicationEvent;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.mock.web.MockHttpSession;
import org.jmock.MockObjectTestCase;
import org.jmock.Mock;
import java.io.IOException;
import java.util.Arrays;
import javax.servlet.Filter;
@ -55,7 +59,10 @@ import javax.servlet.ServletRequest;
* @version $Id$
*/
public class BasicProcessingFilterTests extends MockObjectTestCase {
//~ Instance fields ========================================================
private BasicProcessingFilter filter;
//~ Constructors ===========================================================
public BasicProcessingFilterTests() {
@ -68,6 +75,24 @@ public class BasicProcessingFilterTests extends MockObjectTestCase {
//~ Methods ================================================================
private MockHttpServletResponse executeFilterInContainerSimulator(
Filter filter, ServletRequest request, boolean expectChainToProceed)
throws ServletException, IOException {
filter.init(new MockFilterConfig());
MockHttpServletResponse response = new MockHttpServletResponse();
Mock mockChain = mock(FilterChain.class);
FilterChain chain = (FilterChain) mockChain.proxy();
mockChain.expects(expectChainToProceed ? once() : never())
.method("doFilter");
filter.doFilter(request, response, chain);
filter.destroy();
return response;
}
public static void main(String[] args) {
junit.textui.TestRunner.run(BasicProcessingFilterTests.class);
}
@ -80,7 +105,7 @@ public class BasicProcessingFilterTests extends MockObjectTestCase {
InMemoryDaoImpl dao = new InMemoryDaoImpl();
UserMapEditor editor = new UserMapEditor();
editor.setAsText("marissa=koala,ROLE_ONE,ROLE_TWO,enabled\r\n");
dao.setUserMap((UserMap)editor.getValue());
dao.setUserMap((UserMap) editor.getValue());
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
provider.setUserDetailsService(dao);
@ -215,8 +240,8 @@ public class BasicProcessingFilterTests extends MockObjectTestCase {
throws Exception {
try {
BasicProcessingFilter filter = new BasicProcessingFilter();
filter.setAuthenticationEntryPoint(
new MockAuthenticationEntryPoint("x"));
filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint(
"x"));
filter.afterPropertiesSet();
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
@ -253,8 +278,8 @@ public class BasicProcessingFilterTests extends MockObjectTestCase {
request.setSession(new MockHttpSession());
// Test - the filter chain will not be invoked, as we get a 403 forbidden response
MockHttpServletResponse response =
executeFilterInContainerSimulator(filter, request, false);
MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
request, false);
assertNull(SecurityContextHolder.getContext().getAuthentication());
assertEquals(401, response.getStatus());
@ -270,35 +295,19 @@ public class BasicProcessingFilterTests extends MockObjectTestCase {
request.setSession(new MockHttpSession());
// Test - the filter chain will not be invoked, as we get a 403 forbidden response
MockHttpServletResponse response =
executeFilterInContainerSimulator(filter, request, false);
MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
request, false);
assertNull(SecurityContextHolder.getContext().getAuthentication());
assertEquals(401, response.getStatus());
}
private MockHttpServletResponse executeFilterInContainerSimulator(Filter filter,
ServletRequest request, boolean expectChainToProceed)
throws ServletException, IOException {
filter.init(new MockFilterConfig());
MockHttpServletResponse response = new MockHttpServletResponse();
Mock mockChain = mock(FilterChain.class);
FilterChain chain = (FilterChain)mockChain.proxy();
//~ Inner Classes ==========================================================
mockChain.expects( expectChainToProceed ? once() : never() ).method("doFilter");
private class MockApplicationEventPublisher
implements ApplicationEventPublisher {
public MockApplicationEventPublisher() {}
filter.doFilter(request, response, chain);
filter.destroy();
return response;
}
private class MockApplicationEventPublisher implements ApplicationEventPublisher {
public MockApplicationEventPublisher() {
}
public void publishEvent(ApplicationEvent event) {
}
public void publishEvent(ApplicationEvent event) {}
}
}

217
core/src/test/java/org/acegisecurity/ui/digestauth/DigestProcessingFilterTests.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -15,28 +15,33 @@
package org.acegisecurity.ui.digestauth;
import org.acegisecurity.MockFilterConfig;
import org.acegisecurity.MockFilterChain;
import org.acegisecurity.MockFilterConfig;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.dao.cache.NullUserCache;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.memory.InMemoryDaoImpl;
import org.acegisecurity.userdetails.memory.UserMapEditor;
import org.acegisecurity.userdetails.memory.UserMap;
import org.acegisecurity.userdetails.memory.UserMapEditor;
import org.acegisecurity.util.StringSplitUtils;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.jmock.Mock;
import org.jmock.MockObjectTestCase;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.util.StringUtils;
import org.jmock.MockObjectTestCase;
import org.jmock.Mock;
import java.io.IOException;
import java.util.Map;
import javax.servlet.Filter;
@ -44,6 +49,7 @@ import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
/**
* Tests {@link DigestProcessingFilter}.
*
@ -52,6 +58,8 @@ import javax.servlet.ServletRequest;
* @version $Id$
*/
public class DigestProcessingFilterTests extends MockObjectTestCase {
//~ Static fields/initializers =============================================
private static final String NC = "00000002";
private static final String CNONCE = "c822c727a648aba7";
private static final String REALM = "The Correct Realm Name";
@ -60,19 +68,19 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
private static final String USERNAME = "marissa";
private static final String PASSWORD = "koala";
private static final String REQUEST_URI = "/some_file.html";
/** A standard valid nonce with a validity period of 60 seconds */
private static final String NONCE = generateNonce(60);
//~ Instance fields ========================================================
//~ Instance Fields ========================================================
// private ApplicationContext ctx;
private DigestProcessingFilter filter;
private MockHttpServletRequest request;
//~ Constructors ===========================================================
public DigestProcessingFilterTests() {
}
public DigestProcessingFilterTests() {}
public DigestProcessingFilterTests(String arg0) {
super(arg0);
@ -80,6 +88,42 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
//~ Methods ================================================================
private String createAuthorizationHeader(String username, String realm,
String nonce, String uri, String responseDigest, String qop, String nc,
String cnonce) {
return "Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"";
}
private MockHttpServletResponse executeFilterInContainerSimulator(
Filter filter, ServletRequest request, boolean expectChainToProceed)
throws ServletException, IOException {
filter.init(new MockFilterConfig());
MockHttpServletResponse response = new MockHttpServletResponse();
Mock mockChain = mock(FilterChain.class);
FilterChain chain = (FilterChain) mockChain.proxy();
mockChain.expects(expectChainToProceed ? once() : never())
.method("doFilter");
filter.doFilter(request, response, chain);
filter.destroy();
return response;
}
private static String generateNonce(int validitySeconds) {
long expiryTime = System.currentTimeMillis() + (validitySeconds * 1000);
String signatureValue = new String(DigestUtils.md5Hex(expiryTime + ":"
+ KEY));
String nonceValue = expiryTime + ":" + signatureValue;
return new String(Base64.encodeBase64(nonceValue.getBytes()));
}
public static void main(String[] args) {
junit.textui.TestRunner.run(DigestProcessingFilterTests.class);
}
@ -87,11 +131,12 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
protected void setUp() throws Exception {
super.setUp();
SecurityContextHolder.clearContext();
// Create User Details Service
InMemoryDaoImpl dao = new InMemoryDaoImpl();
UserMapEditor editor = new UserMapEditor();
editor.setAsText("marissa=koala,ROLE_ONE,ROLE_TWO,enabled\r\n");
dao.setUserMap((UserMap)editor.getValue());
dao.setUserMap((UserMap) editor.getValue());
DigestProcessingFilterEntryPoint ep = new DigestProcessingFilterEntryPoint();
ep.setRealmName(REALM);
@ -140,18 +185,19 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
public void testExpiredNonceReturnsForbiddenWithStaleHeader()
throws Exception {
String nonce = generateNonce(0);
String responseDigest = DigestProcessingFilter.generateDigest(false,
USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC, CNONCE);
USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC,
CNONCE);
request.addHeader("Authorization",
createAuthorizationHeader(USERNAME, REALM, nonce, REQUEST_URI,
responseDigest, QOP, NC, CNONCE));
Thread.sleep(1000); // ensures token expired
MockHttpServletResponse response =
executeFilterInContainerSimulator(filter, request, false);
MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
request, false);
assertNull(SecurityContextHolder.getContext().getAuthentication());
assertEquals(401, response.getStatus());
@ -166,7 +212,6 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
public void testFilterIgnoresRequestsContainingNoAuthorizationHeader()
throws Exception {
executeFilterInContainerSimulator(filter, request, true);
assertNull(SecurityContextHolder.getContext().getAuthentication());
@ -193,8 +238,8 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
request.addHeader("Authorization",
"Digest " + new String(Base64.encodeBase64(token.getBytes())));
MockHttpServletResponse response =
executeFilterInContainerSimulator(filter, request, false);
MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
request, false);
assertEquals(401, response.getStatus());
assertNull(SecurityContextHolder.getContext().getAuthentication());
@ -203,8 +248,8 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
public void testMalformedHeaderReturnsForbidden() throws Exception {
request.addHeader("Authorization", "Digest scsdcsdc");
MockHttpServletResponse response =
executeFilterInContainerSimulator(filter, request, false);
MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
request, false);
assertNull(SecurityContextHolder.getContext().getAuthentication());
assertEquals(401, response.getStatus());
@ -215,14 +260,15 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
String nonce = "NOT_BASE_64_ENCODED";
String responseDigest = DigestProcessingFilter.generateDigest(false,
USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC, CNONCE);
USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC,
CNONCE);
request.addHeader("Authorization",
createAuthorizationHeader(USERNAME, REALM, nonce, REQUEST_URI,
responseDigest, QOP, NC, CNONCE));
MockHttpServletResponse response =
executeFilterInContainerSimulator(filter, request, false);
MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
request, false);
assertNull(SecurityContextHolder.getContext().getAuthentication());
assertEquals(401, response.getStatus());
@ -230,18 +276,18 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
public void testNonceWithIncorrectSignatureForNumericFieldReturnsForbidden()
throws Exception {
String nonce = new String(Base64.encodeBase64(
"123456:incorrectStringPassword".getBytes()));
String responseDigest = DigestProcessingFilter.generateDigest(false,
USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC, CNONCE);
USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC,
CNONCE);
request.addHeader("Authorization",
createAuthorizationHeader(USERNAME, REALM, nonce, REQUEST_URI,
responseDigest, QOP, NC, CNONCE));
MockHttpServletResponse response =
executeFilterInContainerSimulator(filter, request, false);
MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
request, false);
assertNull(SecurityContextHolder.getContext().getAuthentication());
assertEquals(401, response.getStatus());
@ -249,18 +295,18 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
public void testNonceWithNonNumericFirstElementReturnsForbidden()
throws Exception {
String nonce = new String(Base64.encodeBase64(
"hello:ignoredSecondElement".getBytes()));
String responseDigest = DigestProcessingFilter.generateDigest(false,
USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC, CNONCE);
USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC,
CNONCE);
request.addHeader("Authorization",
createAuthorizationHeader(USERNAME, REALM, nonce, REQUEST_URI,
responseDigest, QOP, NC, CNONCE));
MockHttpServletResponse response =
executeFilterInContainerSimulator(filter, request, false);
MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
request, false);
assertNull(SecurityContextHolder.getContext().getAuthentication());
assertEquals(401, response.getStatus());
@ -268,18 +314,18 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
public void testNonceWithoutTwoColonSeparatedElementsReturnsForbidden()
throws Exception {
String nonce = new String(Base64.encodeBase64(
"a base 64 string without a colon".getBytes()));
String responseDigest = DigestProcessingFilter.generateDigest(false,
USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC, CNONCE);
USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, nonce, NC,
CNONCE);
request.addHeader("Authorization",
createAuthorizationHeader(USERNAME, REALM, nonce, REQUEST_URI,
responseDigest, QOP, NC, CNONCE));
MockHttpServletResponse response =
executeFilterInContainerSimulator(filter, request, false);
MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
request, false);
assertNull(SecurityContextHolder.getContext().getAuthentication());
assertEquals(401, response.getStatus());
@ -287,11 +333,11 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
public void testNormalOperationWhenPasswordIsAlreadyEncoded()
throws Exception {
String encodedPassword = DigestProcessingFilter.encodePasswordInA1Format(USERNAME,
REALM, PASSWORD);
String responseDigest = DigestProcessingFilter.generateDigest(true,
USERNAME, REALM, encodedPassword, "GET", REQUEST_URI, QOP, NONCE, NC, CNONCE);
USERNAME, REALM, encodedPassword, "GET", REQUEST_URI, QOP,
NONCE, NC, CNONCE);
request.addHeader("Authorization",
createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
@ -307,9 +353,9 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
public void testNormalOperationWhenPasswordNotAlreadyEncoded()
throws Exception {
String responseDigest = DigestProcessingFilter.generateDigest(false,
USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, NONCE, NC, CNONCE);
USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, NONCE, NC,
CNONCE);
request.addHeader("Authorization",
createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
@ -325,7 +371,6 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
public void testOtherAuthorizationSchemeIsIgnored()
throws Exception {
request.addHeader("Authorization", "SOME_OTHER_AUTHENTICATION_SCHEME");
executeFilterInContainerSimulator(filter, request, true);
@ -333,19 +378,6 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
assertNull(SecurityContextHolder.getContext().getAuthentication());
}
public void testStartupDetectsMissingUserDetailsService()
throws Exception {
try {
DigestProcessingFilter filter = new DigestProcessingFilter();
filter.setAuthenticationEntryPoint(new DigestProcessingFilterEntryPoint());
filter.afterPropertiesSet();
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertEquals("A UserDetailsService is required",
expected.getMessage());
}
}
public void testStartupDetectsMissingAuthenticationEntryPoint()
throws Exception {
try {
@ -359,11 +391,24 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
}
}
public void testStartupDetectsMissingUserDetailsService()
throws Exception {
try {
DigestProcessingFilter filter = new DigestProcessingFilter();
filter.setAuthenticationEntryPoint(new DigestProcessingFilterEntryPoint());
filter.afterPropertiesSet();
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertEquals("A UserDetailsService is required",
expected.getMessage());
}
}
public void testSuccessLoginThenFailureLoginResultsInSessionLosingToken()
throws Exception {
String responseDigest = DigestProcessingFilter.generateDigest(false,
USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, NONCE, NC, CNONCE);
USERNAME, REALM, PASSWORD, "GET", REQUEST_URI, QOP, NONCE, NC,
CNONCE);
request.addHeader("Authorization",
createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
@ -375,14 +420,16 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
// Now retry, giving an invalid nonce
responseDigest = DigestProcessingFilter.generateDigest(false, USERNAME,
REALM, "WRONG_PASSWORD", "GET", REQUEST_URI, QOP, NONCE, NC, CNONCE);
REALM, "WRONG_PASSWORD", "GET", REQUEST_URI, QOP, NONCE, NC,
CNONCE);
request = new MockHttpServletRequest();
request.addHeader("Authorization",
createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
responseDigest, QOP, NC, CNONCE));
MockHttpServletResponse response =
executeFilterInContainerSimulator(filter, request, false);
MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
request, false);
// Check we lost our previous authentication
assertNull(SecurityContextHolder.getContext().getAuthentication());
@ -391,7 +438,6 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
public void testWrongCnonceBasedOnDigestReturnsForbidden()
throws Exception {
String cnonce = "NOT_SAME_AS_USED_FOR_DIGEST_COMPUTATION";
String responseDigest = DigestProcessingFilter.generateDigest(false,
@ -402,15 +448,14 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
responseDigest, QOP, NC, cnonce));
MockHttpServletResponse response =
executeFilterInContainerSimulator(filter, request, false);
MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
request, false);
assertNull(SecurityContextHolder.getContext().getAuthentication());
assertEquals(401, response.getStatus());
}
public void testWrongDigestReturnsForbidden() throws Exception {
String password = "WRONG_PASSWORD";
String responseDigest = DigestProcessingFilter.generateDigest(false,
USERNAME, REALM, password, "GET", REQUEST_URI, QOP, NONCE, NC,
@ -420,8 +465,8 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
responseDigest, QOP, NC, CNONCE));
MockHttpServletResponse response =
executeFilterInContainerSimulator(filter, request, false);
MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
request, false);
assertNull(SecurityContextHolder.getContext().getAuthentication());
assertEquals(401, response.getStatus());
@ -437,8 +482,8 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
createAuthorizationHeader(USERNAME, realm, NONCE, REQUEST_URI,
responseDigest, QOP, NC, CNONCE));
MockHttpServletResponse response =
executeFilterInContainerSimulator(filter, request, false);
MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
request, false);
assertNull(SecurityContextHolder.getContext().getAuthentication());
assertEquals(401, response.getStatus());
@ -446,49 +491,17 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
public void testWrongUsernameReturnsForbidden() throws Exception {
String responseDigest = DigestProcessingFilter.generateDigest(false,
"NOT_A_KNOWN_USER", REALM, PASSWORD, "GET", REQUEST_URI, QOP, NONCE, NC,
CNONCE);
"NOT_A_KNOWN_USER", REALM, PASSWORD, "GET", REQUEST_URI, QOP,
NONCE, NC, CNONCE);
request.addHeader("Authorization",
createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
responseDigest, QOP, NC, CNONCE));
MockHttpServletResponse response =
executeFilterInContainerSimulator(filter, request, false);
MockHttpServletResponse response = executeFilterInContainerSimulator(filter,
request, false);
assertNull(SecurityContextHolder.getContext().getAuthentication());
assertEquals(401, response.getStatus());
}
private String createAuthorizationHeader(String username, String realm,
String nonce, String uri, String responseDigest, String qop, String nc,
String cnonce) {
return "Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"";
}
private MockHttpServletResponse executeFilterInContainerSimulator(Filter filter,
ServletRequest request, boolean expectChainToProceed)
throws ServletException, IOException {
filter.init(new MockFilterConfig());
MockHttpServletResponse response = new MockHttpServletResponse();
Mock mockChain = mock(FilterChain.class);
FilterChain chain = (FilterChain)mockChain.proxy();
mockChain.expects( expectChainToProceed ? once() : never() ).method("doFilter");
filter.doFilter(request, response, chain);
filter.destroy();
return response;
}
private static String generateNonce(int validitySeconds) {
long expiryTime = System.currentTimeMillis() + (validitySeconds * 1000);
String signatureValue = new String(DigestUtils.md5Hex(expiryTime + ":" + KEY));
String nonceValue = expiryTime + ":" + signatureValue;
return new String(Base64.encodeBase64( nonceValue.getBytes() ));
}
}

1
core/src/test/java/org/acegisecurity/ui/rememberme/RememberMeProcessingFilterTests.java
View File

@ -24,7 +24,6 @@ import org.acegisecurity.MockAuthenticationManager;
import org.acegisecurity.MockFilterConfig;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.TestingAuthenticationToken;

11
samples/contacts/src/main/java/sample/contact/ClientApplication.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -16,8 +16,9 @@
package sample.contact;
import org.acegisecurity.Authentication;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.context.SecurityContextImpl;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.springframework.beans.factory.ListableBeanFactory;
@ -75,7 +76,8 @@ public class ClientApplication {
"Trying to find setUsername(String) method on: "
+ object.getClass().getName());
Method method = object.getClass().getMethod("setUsername",
Method method = object.getClass()
.getMethod("setUsername",
new Class[] {String.class});
System.out.println("Found; Trying to setUsername(String) to "
+ authentication.getPrincipal());
@ -95,7 +97,8 @@ public class ClientApplication {
"Trying to find setPassword(String) method on: "
+ object.getClass().getName());
Method method = object.getClass().getMethod("setPassword",
Method method = object.getClass()
.getMethod("setPassword",
new Class[] {String.class});
method.invoke(object,
new Object[] {authentication.getCredentials()});

35
sandbox/src/main/java/org/acegisecurity/providers/ldap/authenticator/controls/PasswordPolicyControlFactory.java
View File

@ -1,35 +1,50 @@
package org.acegisecurity.providers.ldap.authenticator.controls;
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import java.io.ByteArrayInputStream;
import java.io.IOException;
package org.acegisecurity.providers.ldap.authenticator.controls;
import javax.naming.ldap.Control;
import javax.naming.ldap.ControlFactory;
/**
* Transforms a control object to a PasswordPolicyResponseControl object, if
* appropriate.
* appropriate.
*
* @author Stefan Zoerner
* @author Luke Taylor
* @version $Id$
*/
public class PasswordPolicyControlFactory extends ControlFactory {
//~ Methods ================================================================
/**
* Creates an instance of PasswordPolicyResponseControl if the passed
* control is a response control of this type. Attributes of the result are
* filled with the correct values (e.g. error code).
*
* control is a response control of this type. Attributes of the result
* are filled with the correct values (e.g. error code).
*
* @param ctl the control the check
* @return a response control of type PasswordPolicyResponseControl, or null
*
* @return a response control of type PasswordPolicyResponseControl, or
* null
*/
public Control getControlInstance(Control ctl) {
if (ctl.getID().equals(PasswordPolicyControl.OID)) {
return new PasswordPolicyResponseControl(ctl.getEncodedValue());
}
return null;
}
}
}

92
sandbox/src/main/java/org/acegisecurity/providers/ldap/authenticator/controls/PasswordPolicyResponseControlTests.java
View File

@ -1,14 +1,22 @@
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.acegisecurity.providers.ldap.authenticator.controls;
import junit.framework.TestCase;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import java.util.Hashtable;
/**
* Tests for <tt>PasswordPolicyResponse</tt>.
@ -17,8 +25,12 @@ import java.util.Hashtable;
* @version $Id$
*/
public class PasswordPolicyResponseControlTests extends TestCase {
//~ Methods ================================================================
/**
* Useful method for obtaining data from a server for use in tests
*/
/** Useful method for obtaining data from a server for use in tests */
// public void testAgainstServer() throws Exception {
// Hashtable env = new Hashtable();
// env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
@ -60,49 +72,17 @@ public class PasswordPolicyResponseControlTests extends TestCase {
//
// return null;
// }
public void testOpenLDAP33SecondsTillPasswordExpiryCtrlIsParsedCorrectly() {
byte[] ctrlBytes = {0x30, 0x05, (byte)0xA0, 0x03, (byte)0xA0, 0x1, 0x21};
byte[] ctrlBytes = {0x30, 0x05, (byte) 0xA0, 0x03, (byte) 0xA0, 0x1, 0x21};
PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
assertTrue(ctrl.hasWarning());
assertEquals(33, ctrl.getTimeBeforeExpiration());
}
public void testOpenLDAPPasswordExpiredCtrlIsParsedCorrectly() {
byte[] ctrlBytes = {0x30, 0x03, (byte)0xA1, 0x01, 0x00};
PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
assertTrue(ctrl.hasError() && ctrl.isExpired());
assertFalse(ctrl.hasWarning());
}
public void testOpenLDAPAccountLockedCtrlIsParsedCorrectly() {
byte[] ctrlBytes = {0x30, 0x03, (byte)0xA1, 0x01, 0x01};
PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
assertTrue(ctrl.hasError() && ctrl.isLocked());
assertFalse(ctrl.hasWarning());
}
public void testOpenLDAP5GraceLoginsRemainingCtrlIsParsedCorrectly() {
byte[] ctrlBytes = {0x30, 0x05, (byte)0xA0, 0x03, (byte)0xA1, 0x01, 0x05};
PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
assertTrue(ctrl.hasWarning());
assertEquals(5, ctrl.getGraceLoginsRemaining());
}
public void testOpenLDAP496GraceLoginsRemainingCtrlIsParsedCorrectly() {
byte[] ctrlBytes = {0x30, 0x06, (byte)0xA0, 0x04, (byte)0xA1, 0x02, 0x01, (byte)0xF0};
byte[] ctrlBytes = {0x30, 0x06, (byte) 0xA0, 0x04, (byte) 0xA1, 0x02, 0x01, (byte) 0xF0};
PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
@ -110,4 +90,30 @@ public class PasswordPolicyResponseControlTests extends TestCase {
assertEquals(496, ctrl.getGraceLoginsRemaining());
}
}
public void testOpenLDAP5GraceLoginsRemainingCtrlIsParsedCorrectly() {
byte[] ctrlBytes = {0x30, 0x05, (byte) 0xA0, 0x03, (byte) 0xA1, 0x01, 0x05};
PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
assertTrue(ctrl.hasWarning());
assertEquals(5, ctrl.getGraceLoginsRemaining());
}
public void testOpenLDAPAccountLockedCtrlIsParsedCorrectly() {
byte[] ctrlBytes = {0x30, 0x03, (byte) 0xA1, 0x01, 0x01};
PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
assertTrue(ctrl.hasError() && ctrl.isLocked());
assertFalse(ctrl.hasWarning());
}
public void testOpenLDAPPasswordExpiredCtrlIsParsedCorrectly() {
byte[] ctrlBytes = {0x30, 0x03, (byte) 0xA1, 0x01, 0x00};
PasswordPolicyResponseControl ctrl = new PasswordPolicyResponseControl(ctrlBytes);
assertTrue(ctrl.hasError() && ctrl.isExpired());
assertFalse(ctrl.hasWarning());
}
}

1
sandbox/src/main/java/org/acegisecurity/providers/smb/NtlmAuthenticationToken.java
View File

@ -20,7 +20,6 @@ import jcifs.UniAddress;
import jcifs.smb.NtlmPasswordAuthentication;
import org.acegisecurity.Authentication;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.providers.AbstractAuthenticationToken;