From fe88d6ec17254ba3eaf3d21528c977abc65a9266 Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Wed, 8 Feb 2006 01:24:38 +0000 Subject: [PATCH] SEC-134 fix. Authorities array is now copied on access. Also refactored token classes to move authorities to the base class. --- .../org/acegisecurity/Authentication.java | 5 ++ .../AbstractAdapterAuthenticationToken.java | 16 ++--- .../AbstractAuthenticationToken.java | 61 +++++++++++++++++-- .../providers/TestingAuthenticationToken.java | 11 +--- .../UsernamePasswordAuthenticationToken.java | 8 +-- .../AnonymousAuthenticationToken.java | 19 +----- .../providers/cas/CasAuthenticationToken.java | 27 ++------ .../RememberMeAuthenticationToken.java | 12 +--- .../x509/X509AuthenticationToken.java | 14 ++--- .../acegisecurity/runas/RunAsUserToken.java | 14 +---- .../MockRunAsAuthenticationToken.java | 10 +-- .../adapters/AuthByAdapterTests.java | 4 +- .../AbstractAuthenticationTokenTests.java | 9 +-- .../TestingAuthenticationTokenTests.java | 11 ++-- .../AnonymousAuthenticationTokenTests.java | 11 ++-- .../cas/CasAuthenticationTokenTests.java | 10 +-- .../RememberMeAuthenticationTokenTests.java | 10 +-- .../runas/RunAsUserTokenTests.java | 11 ++-- .../smb/NtlmAuthenticationToken.java | 10 +-- 19 files changed, 134 insertions(+), 139 deletions(-) diff --git a/core/src/main/java/org/acegisecurity/Authentication.java b/core/src/main/java/org/acegisecurity/Authentication.java index a3fd32c27c..b184d7d705 100644 --- a/core/src/main/java/org/acegisecurity/Authentication.java +++ b/core/src/main/java/org/acegisecurity/Authentication.java @@ -96,6 +96,11 @@ public interface Authentication extends Principal, Serializable { * that the principal has been granted. Note that classes should not rely * on this value as being valid unless it has been set by a trusted * AuthenticationManager. + *

+ * Implementations should ensure that modifications to the returned array + * do not affect the state of the Authentication object (e.g. by returning an + * array copy). + *

* * @return the authorities granted to the principal, or null * if authentication has not been completed diff --git a/core/src/main/java/org/acegisecurity/adapters/AbstractAdapterAuthenticationToken.java b/core/src/main/java/org/acegisecurity/adapters/AbstractAdapterAuthenticationToken.java index 6c7f8c5d79..44ef365562 100644 --- a/core/src/main/java/org/acegisecurity/adapters/AbstractAdapterAuthenticationToken.java +++ b/core/src/main/java/org/acegisecurity/adapters/AbstractAdapterAuthenticationToken.java @@ -29,13 +29,12 @@ public abstract class AbstractAdapterAuthenticationToken extends AbstractAuthenticationToken implements AuthByAdapter { //~ Instance fields ======================================================== - private GrantedAuthority[] authorities; private int keyHash; //~ Constructors =========================================================== protected AbstractAdapterAuthenticationToken() { - super(); + super(null); } /** @@ -48,9 +47,8 @@ public abstract class AbstractAdapterAuthenticationToken */ protected AbstractAdapterAuthenticationToken(String key, GrantedAuthority[] authorities) { - super(); + super(authorities); this.keyHash = key.hashCode(); - this.authorities = authorities; } //~ Methods ================================================================ @@ -73,10 +71,6 @@ public abstract class AbstractAdapterAuthenticationToken return true; } - public GrantedAuthority[] getAuthorities() { - return authorities; - } - public int getKeyHash() { return this.keyHash; } @@ -97,8 +91,10 @@ public abstract class AbstractAdapterAuthenticationToken * false otherwise */ public boolean isUserInRole(String role) { - for (int i = 0; i < this.authorities.length; i++) { - if (role.equals(this.authorities[i].getAuthority())) { + GrantedAuthority[] authorities = super.getAuthorities(); + + for (int i = 0; i < authorities.length; i++) { + if (role.equals(authorities[i].getAuthority())) { return true; } } diff --git a/core/src/main/java/org/acegisecurity/providers/AbstractAuthenticationToken.java b/core/src/main/java/org/acegisecurity/providers/AbstractAuthenticationToken.java index 0e28688f40..c58dfacbbe 100644 --- a/core/src/main/java/org/acegisecurity/providers/AbstractAuthenticationToken.java +++ b/core/src/main/java/org/acegisecurity/providers/AbstractAuthenticationToken.java @@ -16,17 +16,59 @@ package org.acegisecurity.providers; import org.acegisecurity.Authentication; +import org.acegisecurity.GrantedAuthority; import org.acegisecurity.userdetails.UserDetails; - /** - * Provides a String representation of the Authentication token. + * Base class for Authentication objects. + *

+ * Implementations which use this class should be immutable. + *

* * @author Ben Alex + * @author Luke Taylor * @version $Id$ */ public abstract class AbstractAuthenticationToken implements Authentication { + + //~ Instance fields + private GrantedAuthority[] authorities; + + //~ Constructors =========================================================== + + /** + * Retained for compatibility with subclasses written before the + * AbstractAuthenticationToken(GrantedAuthority[]) constructor + * was introduced. + * + * @deprecated in favour of the constructor which takes a GrantedAuthority[] + * argument. + */ + public AbstractAuthenticationToken() { + + } + + /** + * Creates a token with the supplied array of authorities. + * + * @param authorities the list of GrantedAuthoritys for the principal + * represented by this authentication object. A null value + * indicates that no authorities have been granted. + */ + public AbstractAuthenticationToken(GrantedAuthority[] authorities) { + if(authorities != null) { + for (int i = 0; i < authorities.length; i++) { + if(authorities[i] == null) { + throw new IllegalArgumentException("Granted authority element " + i + + " is null - GrantedAuthority[] cannot contain any null elements"); + } + } + } + + this.authorities = authorities; + } + //~ Methods ================================================================ public boolean equals(Object obj) { @@ -53,8 +95,8 @@ public abstract class AbstractAuthenticationToken implements Authentication { } return (this.getPrincipal().equals(test.getPrincipal()) - && this.getCredentials().equals(test.getCredentials()) - && (this.isAuthenticated() == test.isAuthenticated())); + && this.getCredentials().equals(test.getCredentials()) + && (this.isAuthenticated() == test.isAuthenticated())); } return false; @@ -78,6 +120,17 @@ public abstract class AbstractAuthenticationToken implements Authentication { return this.getPrincipal().toString(); } + public GrantedAuthority[] getAuthorities() { + if(authorities == null) { + return null; + } + + GrantedAuthority[] copy = new GrantedAuthority[authorities.length]; + System.arraycopy(authorities, 0, copy, 0, authorities.length); + + return copy; + } + public int hashCode() { int code = 2305; diff --git a/core/src/main/java/org/acegisecurity/providers/TestingAuthenticationToken.java b/core/src/main/java/org/acegisecurity/providers/TestingAuthenticationToken.java index 3ea1d66c86..efc9be12da 100644 --- a/core/src/main/java/org/acegisecurity/providers/TestingAuthenticationToken.java +++ b/core/src/main/java/org/acegisecurity/providers/TestingAuthenticationToken.java @@ -35,20 +35,15 @@ public class TestingAuthenticationToken extends AbstractAuthenticationToken { private Object credentials; private Object principal; - private GrantedAuthority[] authorities; private boolean authenticated = false; //~ Constructors =========================================================== public TestingAuthenticationToken(Object principal, Object credentials, GrantedAuthority[] authorities) { + super(authorities); this.principal = principal; this.credentials = credentials; - this.authorities = authorities; - } - - protected TestingAuthenticationToken() { - throw new IllegalArgumentException("Cannot use default constructor"); } //~ Methods ================================================================ @@ -61,10 +56,6 @@ public class TestingAuthenticationToken extends AbstractAuthenticationToken { return this.authenticated; } - public GrantedAuthority[] getAuthorities() { - return this.authorities; - } - public Object getCredentials() { return this.credentials; } diff --git a/core/src/main/java/org/acegisecurity/providers/UsernamePasswordAuthenticationToken.java b/core/src/main/java/org/acegisecurity/providers/UsernamePasswordAuthenticationToken.java index 44910efe56..fffecc0178 100644 --- a/core/src/main/java/org/acegisecurity/providers/UsernamePasswordAuthenticationToken.java +++ b/core/src/main/java/org/acegisecurity/providers/UsernamePasswordAuthenticationToken.java @@ -39,7 +39,6 @@ public class UsernamePasswordAuthenticationToken private Object credentials; private Object details = null; private Object principal; - private GrantedAuthority[] authorities; private boolean authenticated; //~ Constructors =========================================================== @@ -54,6 +53,7 @@ public class UsernamePasswordAuthenticationToken */ public UsernamePasswordAuthenticationToken(Object principal, Object credentials) { + super(null); this.principal = principal; this.credentials = credentials; this.authenticated = false; @@ -72,9 +72,9 @@ public class UsernamePasswordAuthenticationToken */ public UsernamePasswordAuthenticationToken(Object principal, Object credentials, GrantedAuthority[] authorities) { + super(authorities); this.principal = principal; this.credentials = credentials; - this.authorities = authorities; this.authenticated = true; } @@ -94,10 +94,6 @@ public class UsernamePasswordAuthenticationToken return this.authenticated; } - public GrantedAuthority[] getAuthorities() { - return this.authorities; - } - public Object getCredentials() { return this.credentials; } diff --git a/core/src/main/java/org/acegisecurity/providers/anonymous/AnonymousAuthenticationToken.java b/core/src/main/java/org/acegisecurity/providers/anonymous/AnonymousAuthenticationToken.java index 4016b74944..1cd660e5c1 100644 --- a/core/src/main/java/org/acegisecurity/providers/anonymous/AnonymousAuthenticationToken.java +++ b/core/src/main/java/org/acegisecurity/providers/anonymous/AnonymousAuthenticationToken.java @@ -34,7 +34,6 @@ public class AnonymousAuthenticationToken extends AbstractAuthenticationToken //~ Instance fields ======================================================== private Object principal; - private GrantedAuthority[] authorities; private boolean authenticated; private int keyHash; @@ -51,6 +50,9 @@ public class AnonymousAuthenticationToken extends AbstractAuthenticationToken */ public AnonymousAuthenticationToken(String key, Object principal, GrantedAuthority[] authorities) { + + super(authorities); + if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal) || (authorities == null) || (authorities.length == 0)) { @@ -58,22 +60,11 @@ public class AnonymousAuthenticationToken extends AbstractAuthenticationToken "Cannot pass null or empty values to constructor"); } - for (int i = 0; i < authorities.length; i++) { - Assert.notNull(authorities[i], - "Granted authority element " + i - + " is null - GrantedAuthority[] cannot contain any null elements"); - } - this.keyHash = key.hashCode(); this.principal = principal; - this.authorities = authorities; this.authenticated = true; } - protected AnonymousAuthenticationToken() { - throw new IllegalArgumentException("Cannot use default constructor"); - } - //~ Methods ================================================================ public void setAuthenticated(boolean isAuthenticated) { @@ -84,10 +75,6 @@ public class AnonymousAuthenticationToken extends AbstractAuthenticationToken return this.authenticated; } - public GrantedAuthority[] getAuthorities() { - return this.authorities; - } - /** * Always returns an empty String * diff --git a/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationToken.java b/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationToken.java index 7698309a46..bd8737f5d5 100644 --- a/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationToken.java +++ b/core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationToken.java @@ -43,7 +43,6 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken private Object principal; private String proxyGrantingTicketIou; private UserDetails userDetails; - private GrantedAuthority[] authorities; private boolean authenticated; private int keyHash; @@ -72,6 +71,7 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken public CasAuthenticationToken(String key, Object principal, Object credentials, GrantedAuthority[] authorities, UserDetails userDetails, List proxyList, String proxyGrantingTicketIou) { + super(authorities); if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal) || (credentials == null) || "".equals(credentials) || (authorities == null) @@ -81,26 +81,15 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken "Cannot pass null or empty values to constructor"); } - for (int i = 0; i < authorities.length; i++) { - Assert.notNull(authorities[i], - "Granted authority element " + i - + " is null - GrantedAuthority[] cannot contain any null elements"); - } - this.keyHash = key.hashCode(); this.principal = principal; this.credentials = credentials; - this.authorities = authorities; this.userDetails = userDetails; this.proxyList = proxyList; this.proxyGrantingTicketIou = proxyGrantingTicketIou; this.authenticated = true; } - protected CasAuthenticationToken() { - throw new IllegalArgumentException("Cannot use default constructor"); - } - //~ Methods ================================================================ public boolean equals(Object obj) { @@ -132,10 +121,6 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken return false; } - public GrantedAuthority[] getAuthorities() { - return this.authorities; - } - public Object getCredentials() { return this.credentials; } @@ -177,12 +162,10 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken public String toString() { StringBuffer sb = new StringBuffer(); sb.append(super.toString()); - sb.append("; Credentials (Service/Proxy Ticket): "); - sb.append(this.credentials); - sb.append("; Proxy-Granting Ticket IOU: "); - sb.append(this.proxyGrantingTicketIou); - sb.append("; Proxy List: "); - sb.append(this.proxyList.toString()); + sb.append("; Credentials (Service/Proxy Ticket): ").append(this.credentials); + sb.append("; Proxy-Granting Ticket IOU: ").append(this.proxyGrantingTicketIou); + sb.append("; Proxy List: ").append(this.proxyList); + return (sb.toString()); } diff --git a/core/src/main/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationToken.java b/core/src/main/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationToken.java index f460561f1d..5dbc277f23 100644 --- a/core/src/main/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationToken.java +++ b/core/src/main/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationToken.java @@ -40,7 +40,6 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken //~ Instance fields ======================================================== private Object principal; - private GrantedAuthority[] authorities; private int keyHash; private boolean authenticated; @@ -57,6 +56,8 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken */ public RememberMeAuthenticationToken(String key, Object principal, GrantedAuthority[] authorities) { + super(authorities); + if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal) || (authorities == null) || (authorities.length == 0)) { @@ -72,14 +73,9 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken this.keyHash = key.hashCode(); this.principal = principal; - this.authorities = authorities; this.authenticated = true; } - protected RememberMeAuthenticationToken() { - throw new IllegalArgumentException("Cannot use default constructor"); - } - //~ Methods ================================================================ public void setAuthenticated(boolean isAuthenticated) { @@ -90,10 +86,6 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken return this.authenticated; } - public GrantedAuthority[] getAuthorities() { - return this.authorities; - } - /** * Always returns an empty String * diff --git a/core/src/main/java/org/acegisecurity/providers/x509/X509AuthenticationToken.java b/core/src/main/java/org/acegisecurity/providers/x509/X509AuthenticationToken.java index b98cce57b6..69c0bfa54e 100644 --- a/core/src/main/java/org/acegisecurity/providers/x509/X509AuthenticationToken.java +++ b/core/src/main/java/org/acegisecurity/providers/x509/X509AuthenticationToken.java @@ -31,7 +31,6 @@ public class X509AuthenticationToken extends AbstractAuthenticationToken { private X509Certificate credentials; private Object principal; - private GrantedAuthority[] authorities; private boolean authenticated = false; private Object details = null; @@ -39,13 +38,16 @@ public class X509AuthenticationToken extends AbstractAuthenticationToken { /** Used for an authentication request */ public X509AuthenticationToken(X509Certificate credentials) { + super(null); this.credentials = credentials; } - public X509AuthenticationToken(Object principal, X509Certificate credentials, GrantedAuthority[] authorities) { + public X509AuthenticationToken(Object principal, + X509Certificate credentials, + GrantedAuthority[] authorities) { + super(authorities); + this.principal = principal; this.credentials = credentials; - this.principal = principal; - this.authorities = authorities; } //~ Methods ================================================================ @@ -67,10 +69,6 @@ public class X509AuthenticationToken extends AbstractAuthenticationToken { return authenticated; } - public GrantedAuthority[] getAuthorities() { - return authorities; - } - public Object getCredentials() { return credentials; } diff --git a/core/src/main/java/org/acegisecurity/runas/RunAsUserToken.java b/core/src/main/java/org/acegisecurity/runas/RunAsUserToken.java index 79689a1911..01539effa8 100644 --- a/core/src/main/java/org/acegisecurity/runas/RunAsUserToken.java +++ b/core/src/main/java/org/acegisecurity/runas/RunAsUserToken.java @@ -32,7 +32,6 @@ public class RunAsUserToken extends AbstractAuthenticationToken { private Class originalAuthentication; private Object credentials; private Object principal; - private GrantedAuthority[] authorities; private int keyHash; private boolean authenticated; @@ -40,19 +39,14 @@ public class RunAsUserToken extends AbstractAuthenticationToken { public RunAsUserToken(String key, Object principal, Object credentials, GrantedAuthority[] authorities, Class originalAuthentication) { - super(); + super(authorities); this.keyHash = key.hashCode(); - this.authorities = authorities; this.principal = principal; this.credentials = credentials; this.originalAuthentication = originalAuthentication; this.authenticated = true; } - protected RunAsUserToken() { - throw new IllegalArgumentException("Cannot use default constructor"); - } - //~ Methods ================================================================ public void setAuthenticated(boolean isAuthenticated) { @@ -63,10 +57,6 @@ public class RunAsUserToken extends AbstractAuthenticationToken { return this.authenticated; } - public GrantedAuthority[] getAuthorities() { - return this.authorities; - } - public Object getCredentials() { return this.credentials; } @@ -85,7 +75,7 @@ public class RunAsUserToken extends AbstractAuthenticationToken { public String toString() { StringBuffer sb = new StringBuffer(super.toString()); - sb.append("; Original Class: " + this.originalAuthentication.getName()); + sb.append("; Original Class: ").append(this.originalAuthentication.getName()); return sb.toString(); } diff --git a/core/src/test/java/org/acegisecurity/MockRunAsAuthenticationToken.java b/core/src/test/java/org/acegisecurity/MockRunAsAuthenticationToken.java index 37067616fa..40731255c1 100644 --- a/core/src/test/java/org/acegisecurity/MockRunAsAuthenticationToken.java +++ b/core/src/test/java/org/acegisecurity/MockRunAsAuthenticationToken.java @@ -30,6 +30,12 @@ public class MockRunAsAuthenticationToken extends AbstractAuthenticationToken { private boolean authenticated = false; + //~ Constructors =========================================================== + + public MockRunAsAuthenticationToken() { + super(null); + } + //~ Methods ================================================================ public void setAuthenticated(boolean isAuthenticated) { @@ -40,10 +46,6 @@ public class MockRunAsAuthenticationToken extends AbstractAuthenticationToken { return authenticated; } - public GrantedAuthority[] getAuthorities() { - return null; - } - public Object getCredentials() { return null; } diff --git a/core/src/test/java/org/acegisecurity/adapters/AuthByAdapterTests.java b/core/src/test/java/org/acegisecurity/adapters/AuthByAdapterTests.java index fe60574b35..90870467fd 100644 --- a/core/src/test/java/org/acegisecurity/adapters/AuthByAdapterTests.java +++ b/core/src/test/java/org/acegisecurity/adapters/AuthByAdapterTests.java @@ -24,6 +24,8 @@ import org.acegisecurity.GrantedAuthorityImpl; import org.acegisecurity.providers.UsernamePasswordAuthenticationToken; +import java.util.Arrays; + /** * Tests {@link AuthByAdapterProvider} * @@ -67,7 +69,7 @@ public class AuthByAdapterTests extends TestCase { assertEquals(token.getCredentials(), response.getCredentials()); assertEquals(token.getPrincipal(), response.getPrincipal()); - assertEquals(token.getAuthorities(), response.getAuthorities()); + assertTrue(Arrays.equals(token.getAuthorities(), response.getAuthorities())); if (!response.getClass().equals(token.getClass())) { fail("Should have returned same type of object it was given"); diff --git a/core/src/test/java/org/acegisecurity/providers/AbstractAuthenticationTokenTests.java b/core/src/test/java/org/acegisecurity/providers/AbstractAuthenticationTokenTests.java index e782b42c9b..e102c44fd5 100644 --- a/core/src/test/java/org/acegisecurity/providers/AbstractAuthenticationTokenTests.java +++ b/core/src/test/java/org/acegisecurity/providers/AbstractAuthenticationTokenTests.java @@ -148,22 +148,17 @@ public class AbstractAuthenticationTokenTests extends TestCase { private class MockAuthenticationImpl extends AbstractAuthenticationToken { private Object credentials; private Object principal; - private GrantedAuthority[] authorities; private boolean authenticated = false; public MockAuthenticationImpl(Object principal, Object credentials, GrantedAuthority[] authorities) { + super(authorities); this.principal = principal; this.credentials = credentials; - this.authorities = authorities; } private MockAuthenticationImpl() { - super(); - } - - public GrantedAuthority[] getAuthorities() { - return this.authorities; + super(null); } public Object getCredentials() { diff --git a/core/src/test/java/org/acegisecurity/providers/TestingAuthenticationTokenTests.java b/core/src/test/java/org/acegisecurity/providers/TestingAuthenticationTokenTests.java index 5f4d6117ea..6cd27e24f5 100644 --- a/core/src/test/java/org/acegisecurity/providers/TestingAuthenticationTokenTests.java +++ b/core/src/test/java/org/acegisecurity/providers/TestingAuthenticationTokenTests.java @@ -19,6 +19,7 @@ import junit.framework.TestCase; import org.acegisecurity.GrantedAuthority; import org.acegisecurity.GrantedAuthorityImpl; +import org.acegisecurity.providers.rememberme.RememberMeAuthenticationToken; /** @@ -67,11 +68,13 @@ public class TestingAuthenticationTokenTests extends TestCase { assertEquals("ROLE_TWO", token.getAuthorities()[1].getAuthority()); } - public void testNoArgConstructor() { + public void testNoArgConstructorDoesntExist() { + Class clazz = TestingAuthenticationToken.class; + try { - new TestingAuthenticationToken(); - fail("Should have thrown IllegalArgumentException"); - } catch (IllegalArgumentException expected) { + clazz.getDeclaredConstructor((Class[])null); + fail("Should have thrown NoSuchMethodException"); + } catch (NoSuchMethodException expected) { assertTrue(true); } } diff --git a/core/src/test/java/org/acegisecurity/providers/anonymous/AnonymousAuthenticationTokenTests.java b/core/src/test/java/org/acegisecurity/providers/anonymous/AnonymousAuthenticationTokenTests.java index 9c1f45f494..cd136945c0 100644 --- a/core/src/test/java/org/acegisecurity/providers/anonymous/AnonymousAuthenticationTokenTests.java +++ b/core/src/test/java/org/acegisecurity/providers/anonymous/AnonymousAuthenticationTokenTests.java @@ -20,6 +20,7 @@ import junit.framework.TestCase; import org.acegisecurity.GrantedAuthority; import org.acegisecurity.GrantedAuthorityImpl; import org.acegisecurity.providers.UsernamePasswordAuthenticationToken; +import org.acegisecurity.providers.rememberme.RememberMeAuthenticationToken; import java.util.List; import java.util.Vector; @@ -126,11 +127,13 @@ public class AnonymousAuthenticationTokenTests extends TestCase { assertTrue(token.isAuthenticated()); } - public void testNoArgConstructor() { + public void testNoArgConstructorDoesntExist() { + Class clazz = AnonymousAuthenticationToken.class; + try { - new AnonymousAuthenticationToken(); - fail("Should have thrown IllegalArgumentException"); - } catch (IllegalArgumentException expected) { + clazz.getDeclaredConstructor((Class[])null); + fail("Should have thrown NoSuchMethodException"); + } catch (NoSuchMethodException expected) { assertTrue(true); } } diff --git a/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationTokenTests.java b/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationTokenTests.java index 812a62b9d6..fc342ca986 100644 --- a/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationTokenTests.java +++ b/core/src/test/java/org/acegisecurity/providers/cas/CasAuthenticationTokenTests.java @@ -178,11 +178,13 @@ public class CasAuthenticationTokenTests extends TestCase { token.getUserDetails().getUsername()); } - public void testNoArgConstructor() { + public void testNoArgConstructorDoesntExist() { + Class clazz = CasAuthenticationToken.class; + try { - new CasAuthenticationToken(); - fail("Should have thrown IllegalArgumentException"); - } catch (IllegalArgumentException expected) { + clazz.getDeclaredConstructor((Class[])null); + fail("Should have thrown NoSuchMethodException"); + } catch (NoSuchMethodException expected) { assertTrue(true); } } diff --git a/core/src/test/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationTokenTests.java b/core/src/test/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationTokenTests.java index 834b2d00b5..84afe57503 100644 --- a/core/src/test/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationTokenTests.java +++ b/core/src/test/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationTokenTests.java @@ -126,11 +126,13 @@ public class RememberMeAuthenticationTokenTests extends TestCase { assertTrue(token.isAuthenticated()); } - public void testNoArgConstructor() { + public void testNoArgConstructorDoesntExist() { + Class clazz = RememberMeAuthenticationToken.class; + try { - new RememberMeAuthenticationToken(); - fail("Should have thrown IllegalArgumentException"); - } catch (IllegalArgumentException expected) { + clazz.getDeclaredConstructor((Class[])null); + fail("Should have thrown NoSuchMethodException"); + } catch (NoSuchMethodException expected) { assertTrue(true); } } diff --git a/core/src/test/java/org/acegisecurity/runas/RunAsUserTokenTests.java b/core/src/test/java/org/acegisecurity/runas/RunAsUserTokenTests.java index 3aa7b7a377..a1f06528c8 100644 --- a/core/src/test/java/org/acegisecurity/runas/RunAsUserTokenTests.java +++ b/core/src/test/java/org/acegisecurity/runas/RunAsUserTokenTests.java @@ -71,11 +71,14 @@ public class RunAsUserTokenTests extends TestCase { token.getOriginalAuthentication()); } - public void testNoArgsConstructor() { + + public void testNoArgConstructorDoesntExist() { + Class clazz = RunAsUserToken.class; + try { - new RunAsUserToken(); - fail("Should have thrown IllegalArgumentException"); - } catch (IllegalArgumentException expected) { + clazz.getDeclaredConstructor((Class[])null); + fail("Should have thrown NoSuchMethodException"); + } catch (NoSuchMethodException expected) { assertTrue(true); } } diff --git a/sandbox/src/main/java/org/acegisecurity/providers/smb/NtlmAuthenticationToken.java b/sandbox/src/main/java/org/acegisecurity/providers/smb/NtlmAuthenticationToken.java index 49effaedc0..16fb94576a 100644 --- a/sandbox/src/main/java/org/acegisecurity/providers/smb/NtlmAuthenticationToken.java +++ b/sandbox/src/main/java/org/acegisecurity/providers/smb/NtlmAuthenticationToken.java @@ -38,7 +38,6 @@ public class NtlmAuthenticationToken extends AbstractAuthenticationToken { private NtlmPasswordAuthentication ntlmPasswordAuthentication; private transient UniAddress domainController; - private GrantedAuthority[] authorities; private boolean authenticated; //~ Constructors =========================================================== @@ -46,6 +45,7 @@ public class NtlmAuthenticationToken extends AbstractAuthenticationToken { public NtlmAuthenticationToken( NtlmPasswordAuthentication ntlmPasswordAuthentication, UniAddress domainController) { + super(null); this.ntlmPasswordAuthentication = ntlmPasswordAuthentication; this.domainController = domainController; } @@ -60,14 +60,6 @@ public class NtlmAuthenticationToken extends AbstractAuthenticationToken { return authenticated; } - public void setAuthorities(GrantedAuthority[] authorities) { - this.authorities = authorities; - } - - public GrantedAuthority[] getAuthorities() { - return authorities; - } - public Object getCredentials() { return ntlmPasswordAuthentication.getPassword(); }