Misc tidying up of old files and refactoring of tests

acl/pom.xml

@@ -17,15 +17,6 @@
             <artifactId>spring-security-core</artifactId>
             <version>${project.version}</version>
         </dependency>
-<!--
-        <dependency>
-            <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-core</artifactId>
-            <version>${project.version}</version>
-            <classifier>tests</classifier>
-            <scope>test</scope>
-        </dependency>
--->
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-core</artifactId>

acl/src/main/resources/createAclSchema.sql

@@ -1,4 +1,4 @@
--- Injected into DatabaseSeeder via applicationContext-test.xml (see test case JdbcAclServiceTests)
+-- ACL Schema SQL
 
 -- DROP TABLE ACL_ENTRY;
 -- DROP TABLE ACL_OBJECT_IDENTITY;
@@ -17,8 +17,6 @@ ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 100) NOT NULL PRIMARY KEY,
 CLASS VARCHAR_IGNORECASE(100) NOT NULL,
 CONSTRAINT UNIQUE_UK_2 UNIQUE(CLASS));
 
---INSERT INTO ACL_CLASS VALUES (1, 'sample.contact.Contact');
-
 CREATE TABLE ACL_OBJECT_IDENTITY(
 ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 100) NOT NULL PRIMARY KEY,
 OBJECT_ID_CLASS BIGINT NOT NULL,

acl/src/main/resources/jdbcMutableAclServiceTests-context.xml

@@ -56,8 +56,11 @@
         <constructor-arg ref="aclCache"/>
     </bean>
 
-    <bean id="dataSource" class="org.springframework.security.TestDataSource">
+    <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
-        <constructor-arg value="acltest" />
+        <property name="driverClassName" value="org.hsqldb.jdbcDriver"/>
+        <property name="url" value="jdbc:hsqldb:mem:acltest"/>
+        <property name="username" value="sa"/>
+        <property name="password" value=""/>
     </bean>
 
     <bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">

acl/src/test/java/org/springframework/security/acls/TargetObject.java

@@ -0,0 +1,11 @@
+package org.springframework.security.acls;
+
+/**
+ * Dummy domain object class
+ *
+ * @author Luke Taylor
+ * @version $Id$
+ */
+public final class TargetObject {
+
+}

acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java

@@ -43,6 +43,7 @@ import org.springframework.security.util.FieldUtils;
  * @author Andrei Stefan
  */
 public class AclImplTests {
+    private static final String TARGET_CLASS = "org.springframework.security.acls.TargetObject";
     private static final List<Permission> READ = Arrays.asList(BasePermission.READ );
     private static final List<Permission> WRITE = Arrays.asList(BasePermission.WRITE);
     private static final List<Permission> CREATE = Arrays.asList(BasePermission.CREATE );
@@ -54,7 +55,7 @@ public class AclImplTests {
     Mockery jmockCtx = new Mockery();
     AclAuthorizationStrategy mockAuthzStrategy;
     AuditLogger mockAuditLogger;
-    ObjectIdentity objectIdentity = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+    ObjectIdentity objectIdentity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
 
     // ~ Methods ========================================================================================================
 
@@ -258,7 +259,7 @@ public class AclImplTests {
         Authentication auth = new TestingAuthenticationToken("ben", "ignored", "ROLE_GENERAL","ROLE_GUEST");
         auth.setAuthenticated(true);
         SecurityContextHolder.getContext().setAuthentication(auth);
-        ObjectIdentity rootOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+        ObjectIdentity rootOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
 
         // Create an ACL which owner is not the authenticated principal
         MutableAcl rootAcl = new AclImpl(rootOid, new Long(1), mockAuthzStrategy, mockAuditLogger, null, null, false, new PrincipalSid(
@@ -298,11 +299,11 @@ public class AclImplTests {
         Authentication auth = new TestingAuthenticationToken("ben", "ignored","ROLE_GENERAL");
         auth.setAuthenticated(true);
         SecurityContextHolder.getContext().setAuthentication(auth);
-        ObjectIdentity grandParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+        ObjectIdentity grandParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
-        ObjectIdentity parentOid1 = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(101));
+        ObjectIdentity parentOid1 = new ObjectIdentityImpl(TARGET_CLASS, new Long(101));
-        ObjectIdentity parentOid2 = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(102));
+        ObjectIdentity parentOid2 = new ObjectIdentityImpl(TARGET_CLASS, new Long(102));
-        ObjectIdentity childOid1 = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(103));
+        ObjectIdentity childOid1 = new ObjectIdentityImpl(TARGET_CLASS, new Long(103));
-        ObjectIdentity childOid2 = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(104));
+        ObjectIdentity childOid2 = new ObjectIdentityImpl(TARGET_CLASS, new Long(104));
 
         // Create ACLs
         MutableAcl grandParentAcl = new AclImpl(grandParentOid, new Long(1), mockAuthzStrategy, mockAuditLogger, null, null, false,
@@ -431,8 +432,8 @@ public class AclImplTests {
                 new GrantedAuthorityImpl("ROLE_GENERAL") });
         auth.setAuthenticated(true);
         SecurityContextHolder.getContext().setAuthentication(auth);
-        ObjectIdentity identity = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
-        ObjectIdentity identity2 = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(101));
+        ObjectIdentity identity2 = new ObjectIdentityImpl(TARGET_CLASS, new Long(101));
         MutableAcl acl = new AclImpl(identity, new Long(1), mockAuthzStrategy, mockAuditLogger, null, null, true, new PrincipalSid(
                 "johndoe"));
         MutableAcl parentAcl = new AclImpl(identity2, new Long(2), mockAuthzStrategy, mockAuditLogger, null, null, true, new PrincipalSid(

acl/src/test/java/org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.java

@@ -23,6 +23,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
  * @author Andrei Stefan
  */
 public class AclImplementationSecurityCheckTests extends TestCase {
+    private static final String TARGET_CLASS = "org.springframework.security.acls.TargetObject";
 
     //~ Methods ========================================================================================================
 
@@ -39,7 +40,7 @@ public class AclImplementationSecurityCheckTests extends TestCase {
         auth.setAuthenticated(true);
         SecurityContextHolder.getContext().setAuthentication(auth);
 
-        ObjectIdentity identity = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
         AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
                 new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
                 new GrantedAuthorityImpl("ROLE_GENERAL") });
@@ -83,7 +84,7 @@ public class AclImplementationSecurityCheckTests extends TestCase {
         auth.setAuthenticated(true);
         SecurityContextHolder.getContext().setAuthentication(auth);
 
-        ObjectIdentity identity = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
         // Authorization strategy will require a different role for each access
         AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
                 new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
@@ -171,7 +172,7 @@ public class AclImplementationSecurityCheckTests extends TestCase {
         auth.setAuthenticated(true);
         SecurityContextHolder.getContext().setAuthentication(auth);
 
-        ObjectIdentity identity = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
         // Authorization strategy will require a different role for each access
         AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
                 new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO"),
@@ -229,7 +230,7 @@ public class AclImplementationSecurityCheckTests extends TestCase {
         auth.setAuthenticated(true);
         SecurityContextHolder.getContext().setAuthentication(auth);
 
-        ObjectIdentity identity = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
         AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
                 new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
                 new GrantedAuthorityImpl("ROLE_GENERAL") });

acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java

@@ -17,7 +17,7 @@ import org.junit.Test;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.core.io.Resource;
 import org.springframework.jdbc.core.JdbcTemplate;
-import org.springframework.security.TestDataSource;
+import org.springframework.jdbc.datasource.SingleConnectionDataSource;
 import org.springframework.security.acls.Acl;
 import org.springframework.security.acls.AuditableAccessControlEntry;
 import org.springframework.security.acls.MutableAcl;
@@ -43,12 +43,13 @@ import org.springframework.util.FileCopyUtils;
 public class BasicLookupStrategyTests {
 
     private static final Sid BEN_SID = new PrincipalSid("ben");
+    private static final String TARGET_CLASS = "org.springframework.security.acls.TargetObject";
 
     //~ Instance fields ================================================================================================
 
     private static JdbcTemplate jdbcTemplate;
     private BasicLookupStrategy strategy;
-    private static TestDataSource dataSource;
+    private static SingleConnectionDataSource dataSource;
     private static CacheManager cacheManager;
 
     //~ Methods ========================================================================================================
@@ -60,10 +61,11 @@ public class BasicLookupStrategyTests {
 
     @BeforeClass
     public static void createDatabase() throws Exception {
-        dataSource = new TestDataSource("lookupstrategytest");
+        dataSource = new SingleConnectionDataSource("jdbc:hsqldb:mem:lookupstrategytest", "sa", "", true);
+        dataSource.setDriverClassName("org.hsqldb.jdbcDriver");
         jdbcTemplate = new JdbcTemplate(dataSource);
 
-        Resource resource = new ClassPathResource("org/springframework/security/acls/jdbc/testData.sql");
+        Resource resource = new ClassPathResource("createAclSchema.sql");
         String sql = new String(FileCopyUtils.copyToByteArray(resource.getInputStream()));
         jdbcTemplate.execute(sql);
     }
@@ -82,7 +84,7 @@ public class BasicLookupStrategyTests {
     @Before
     public void populateDatabase() {
         String query = "INSERT INTO acl_sid(ID,PRINCIPAL,SID) VALUES (1,1,'ben');"
-                + "INSERT INTO acl_class(ID,CLASS) VALUES (2,'org.springframework.security.TargetObject');"
+                + "INSERT INTO acl_class(ID,CLASS) VALUES (2,'" + TARGET_CLASS + "');"
                 + "INSERT INTO acl_object_identity(ID,OBJECT_ID_CLASS,OBJECT_ID_IDENTITY,PARENT_OBJECT,OWNER_SID,ENTRIES_INHERITING) VALUES (1,2,100,null,1,1);"
                 + "INSERT INTO acl_object_identity(ID,OBJECT_ID_CLASS,OBJECT_ID_IDENTITY,PARENT_OBJECT,OWNER_SID,ENTRIES_INHERITING) VALUES (2,2,101,1,1,1);"
                 + "INSERT INTO acl_object_identity(ID,OBJECT_ID_CLASS,OBJECT_ID_IDENTITY,PARENT_OBJECT,OWNER_SID,ENTRIES_INHERITING) VALUES (3,2,102,2,1,1);"
@@ -120,10 +122,10 @@ public class BasicLookupStrategyTests {
 
     @Test
     public void testAclsRetrievalWithDefaultBatchSize() throws Exception {
-        ObjectIdentity topParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+        ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
-        ObjectIdentity middleParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(101));
+        ObjectIdentity middleParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(101));
         // Deliberately use an integer for the child, to reproduce bug report in SEC-819
-        ObjectIdentity childOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Integer(102));
+        ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, new Integer(102));
 
         Map<ObjectIdentity, Acl> map = this.strategy.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null);
         checkEntries(topParentOid, middleParentOid, childOid, map);
@@ -131,9 +133,9 @@ public class BasicLookupStrategyTests {
 
     @Test
     public void testAclsRetrievalFromCacheOnly() throws Exception {
-        ObjectIdentity topParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Integer(100));
+        ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Integer(100));
-        ObjectIdentity middleParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(101));
+        ObjectIdentity middleParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(101));
-        ObjectIdentity childOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(102));
+        ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(102));
 
         // Objects were put in cache
         strategy.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null);
@@ -147,9 +149,9 @@ public class BasicLookupStrategyTests {
 
     @Test
     public void testAclsRetrievalWithCustomBatchSize() throws Exception {
-        ObjectIdentity topParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+        ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
-        ObjectIdentity middleParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Integer(101));
+        ObjectIdentity middleParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Integer(101));
-        ObjectIdentity childOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(102));
+        ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(102));
 
         // Set a batch size to allow multiple database queries in order to retrieve all acls
         ((BasicLookupStrategy) this.strategy).setBatchSize(1);
@@ -229,10 +231,10 @@ public class BasicLookupStrategyTests {
         String query = "INSERT INTO acl_object_identity(ID,OBJECT_ID_CLASS,OBJECT_ID_IDENTITY,PARENT_OBJECT,OWNER_SID,ENTRIES_INHERITING) VALUES (4,2,103,1,1,1);";
         jdbcTemplate.execute(query);
 
-        ObjectIdentity topParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+        ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
-        ObjectIdentity middleParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Integer(101));
+        ObjectIdentity middleParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Integer(101));
-        ObjectIdentity childOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(102));
+        ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(102));
-        ObjectIdentity middleParent2Oid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(103));
+        ObjectIdentity middleParent2Oid = new ObjectIdentityImpl(TARGET_CLASS, new Long(103));
 
         // Retrieve the child
         Map<ObjectIdentity, Acl> map = this.strategy.readAclsById(Arrays.asList(childOid), null);
@@ -261,10 +263,10 @@ public class BasicLookupStrategyTests {
                 + "INSERT INTO acl_entry(ID,ACL_OBJECT_IDENTITY,ACE_ORDER,SID,MASK,GRANTING,AUDIT_SUCCESS,AUDIT_FAILURE) VALUES (5,4,0,1,1,1,0,0)";
         jdbcTemplate.execute(query);
 
-        ObjectIdentity grandParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(104));
+        ObjectIdentity grandParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(104));
-        ObjectIdentity parent1Oid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(105));
+        ObjectIdentity parent1Oid = new ObjectIdentityImpl(TARGET_CLASS, new Long(105));
-        ObjectIdentity parent2Oid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Integer(106));
+        ObjectIdentity parent2Oid = new ObjectIdentityImpl(TARGET_CLASS, new Integer(106));
-        ObjectIdentity childOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Integer(107));
+        ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, new Integer(107));
 
         // First lookup only child, thus populating the cache with grandParent, parent1 and child
         List<Permission> checkPermission = Arrays.asList(BasePermission.READ);
@@ -299,7 +301,7 @@ public class BasicLookupStrategyTests {
 
         jdbcTemplate.execute(query);
 
-        ObjectIdentity oid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(104));
+        ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS, new Long(104));
 
         strategy.readAclsById(Arrays.asList(oid), Arrays.asList(BEN_SID));
     }

acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java

@@ -40,10 +40,10 @@ import org.springframework.security.util.FieldUtils;
  * @author Andrei Stefan
  */
 public class EhCacheBasedAclCacheTests {
-    //~ Instance fields ================================================================================================
+    private static final String TARGET_CLASS = "org.springframework.security.acls.TargetObject";
+
     private static CacheManager cacheManager;
 
-    //~ Methods ========================================================================================================
     @BeforeClass
     public static void initCacheManaer() {
         cacheManager = new CacheManager();
@@ -128,7 +128,7 @@ public class EhCacheBasedAclCacheTests {
     // SEC-527
     @Test
     public void testDiskSerializationOfMutableAclObjectInstance() throws Exception {
-        ObjectIdentity identity = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
         AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
                 new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
                 new GrantedAuthorityImpl("ROLE_GENERAL") });
@@ -160,7 +160,7 @@ public class EhCacheBasedAclCacheTests {
         Ehcache cache = getCache();
         EhCacheBasedAclCache myCache = new EhCacheBasedAclCache(cache);
 
-        ObjectIdentity identity = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
         AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
                 new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
                 new GrantedAuthorityImpl("ROLE_GENERAL") });
@@ -178,7 +178,7 @@ public class EhCacheBasedAclCacheTests {
         assertEquals(myCache.getFromCache(identity), acl);
 
         // Put another object in cache
-        ObjectIdentity identity2 = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(101));
+        ObjectIdentity identity2 = new ObjectIdentityImpl(TARGET_CLASS, new Long(101));
         MutableAcl acl2 = new AclImpl(identity2, new Long(2), aclAuthorizationStrategy, new ConsoleAuditLogger());
 
         myCache.putInCache(acl2);
@@ -187,7 +187,7 @@ public class EhCacheBasedAclCacheTests {
 
         // Try to evict an entry that doesn't exist
         myCache.evictFromCache(new Long(3));
-        myCache.evictFromCache(new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(102)));
+        myCache.evictFromCache(new ObjectIdentityImpl(TARGET_CLASS, new Long(102)));
         assertEquals(cache.getSize(), 4);
         assertEquals(4, cache.getDiskStoreSize());
 
@@ -213,8 +213,8 @@ public class EhCacheBasedAclCacheTests {
         auth.setAuthenticated(true);
         SecurityContextHolder.getContext().setAuthentication(auth);
 
-        ObjectIdentity identity = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+        ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
-        ObjectIdentity identityParent = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(101));
+        ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, new Long(101));
         AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
                 new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"),
                 new GrantedAuthorityImpl("ROLE_GENERAL") });

acl/src/test/java/org/springframework/security/acls/jdbc/JdbcMutableAclServiceTests.java

@@ -36,6 +36,7 @@ import org.springframework.security.acls.ChildrenExistException;
 import org.springframework.security.acls.MutableAcl;
 import org.springframework.security.acls.NotFoundException;
 import org.springframework.security.acls.Permission;
+import org.springframework.security.acls.TargetObject;
 import org.springframework.security.acls.domain.BasePermission;
 import org.springframework.security.acls.objectidentity.ObjectIdentity;
 import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
@@ -56,19 +57,21 @@ import org.springframework.transaction.annotation.Transactional;
  * @author Andrei Stefan
  * @version $Id:JdbcMutableAclServiceTests.java 1754 2006-11-17 02:01:21Z benalex $
  */
-@ContextConfiguration(locations={"/org/springframework/security/acls/jdbc/applicationContext-test.xml"})
+@ContextConfiguration(locations={"/jdbcMutableAclServiceTests-context.xml"})
 public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4SpringContextTests {
     //~ Constant fields ================================================================================================
 
+    private static final String TARGET_CLASS = TargetObject.class.getName();
+
     private final Authentication auth = new TestingAuthenticationToken("ben", "ignored","ROLE_ADMINISTRATOR");
 
     public static final String SELECT_ALL_CLASSES = "SELECT * FROM acl_class WHERE class = ?";
 
     //~ Instance fields ================================================================================================
 
-    private final ObjectIdentity topParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+    private final ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
-    private final ObjectIdentity middleParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(101));
+    private final ObjectIdentity middleParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(101));
-    private final ObjectIdentity childOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(102));
+    private final ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(102));
 
     @Autowired
     private JdbcMutableAclService jdbcMutableAclService;
@@ -85,7 +88,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
 
     @Before
     public void createTables() throws IOException {
-        new DatabaseSeeder(dataSource, new ClassPathResource("org/springframework/security/acls/jdbc/testData.sql"));
+        new DatabaseSeeder(dataSource, new ClassPathResource("createAclSchema.sql"));
     }
 
     @After
@@ -313,7 +316,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
     @Rollback
     public void testCreateAclForADuplicateDomainObject() throws Exception {
         SecurityContextHolder.getContext().setAuthentication(auth);
-        ObjectIdentity duplicateOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100));
+        ObjectIdentity duplicateOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
         jdbcMutableAclService.createAcl(duplicateOid);
         // Try to add the same object second time
         try {
@@ -370,7 +373,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
 
         // Remove the child and check all related database rows were removed accordingly
         jdbcMutableAclService.deleteAcl(childOid, false);
-        assertEquals(1, jdbcTemplate.queryForList(SELECT_ALL_CLASSES, new Object[] {"org.springframework.security.TargetObject"} ).size());
+        assertEquals(1, jdbcTemplate.queryForList(SELECT_ALL_CLASSES, new Object[] {TARGET_CLASS} ).size());
         assertEquals(0, jdbcTemplate.queryForList("select * from acl_object_identity").size());
         assertEquals(0, jdbcTemplate.queryForList("select * from acl_entry").size());
 
@@ -385,10 +388,10 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
     @Rollback
     public void identityWithIntegerIdIsSupportedByCreateAcl() throws Exception {
         SecurityContextHolder.getContext().setAuthentication(auth);
-        ObjectIdentity oid = new ObjectIdentityImpl("org.springframework.security.TargetObject", Integer.valueOf(101));
+        ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS, Integer.valueOf(101));
         jdbcMutableAclService.createAcl(oid);
 
-        assertNotNull(jdbcMutableAclService.readAclById(new ObjectIdentityImpl("org.springframework.security.TargetObject", Long.valueOf(101))));
+        assertNotNull(jdbcMutableAclService.readAclById(new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(101))));
     }
 
     /**
@@ -400,8 +403,8 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
         auth.setAuthenticated(true);
         SecurityContextHolder.getContext().setAuthentication(auth);
 
-        ObjectIdentity parentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(104));
+        ObjectIdentity parentOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(104));
-        ObjectIdentity childOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(105));
+        ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(105));
 
         MutableAcl parent = jdbcMutableAclService.createAcl(parentOid);
         MutableAcl child = jdbcMutableAclService.createAcl(childOid);
@@ -433,7 +436,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
    auth.setAuthenticated(true);
    SecurityContextHolder.getContext().setAuthentication(auth);
 
-   ObjectIdentity topParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(110));
+   ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(110));
    MutableAcl topParent = jdbcMutableAclService.createAcl(topParentOid);
 
    // Add an ACE permission entry

config/src/test/java/org/springframework/security/config/FilterChainProxyConfigTests.java

@@ -23,6 +23,7 @@ import java.util.List;
 
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -33,7 +34,6 @@ import org.springframework.beans.factory.BeanCreationException;
 import org.springframework.context.support.ClassPathXmlApplicationContext;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.security.MockFilterConfig;
 import org.springframework.security.web.FilterChainProxy;
 import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
 import org.springframework.security.web.context.SecurityContextPersistenceFilter;
@@ -136,7 +136,7 @@ public class FilterChainProxyConfigTests {
     }
 
     private void doNormalOperation(FilterChainProxy filterChainProxy) throws Exception {
-        filterChainProxy.init(new MockFilterConfig());
+        filterChainProxy.init(mock(FilterConfig.class));
 
         MockHttpServletRequest request = new MockHttpServletRequest();
         request.setServletPath("/foo/secure/super/somefile.html");

config/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java

@@ -1,7 +1,7 @@
 package org.springframework.security.config;
 
-import static org.junit.Assert.*;
 import static org.hamcrest.Matchers.*;
+import static org.junit.Assert.*;
 import static org.springframework.security.config.ConfigTestUtils.AUTH_PROVIDER_XML;
 import static org.springframework.security.config.HttpSecurityBeanDefinitionParser.*;
 
@@ -20,7 +20,6 @@ import org.springframework.mock.web.MockFilterChain;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 import org.springframework.mock.web.MockHttpSession;
-import org.springframework.security.MockAuthenticationEntryPoint;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.access.ConfigAttribute;
 import org.springframework.security.access.SecurityConfig;
@@ -47,6 +46,7 @@ import org.springframework.security.web.access.intercept.FilterSecurityIntercept
 import org.springframework.security.web.authentication.AnonymousProcessingFilter;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
+import org.springframework.security.web.authentication.AuthenticationProcessingFilterEntryPoint;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
@@ -650,12 +650,17 @@ public class HttpSecurityBeanDefinitionParserTests {
     public void customEntryPointIsSupported() throws Exception {
         setContext(
                 "<http auto-config='true' entry-point-ref='entryPoint'/>" +
-                "<b:bean id='entryPoint' class='" + MockAuthenticationEntryPoint.class.getName() + "'>" +
+                "<b:bean id='entryPoint' class='" + MockEntryPoint.class.getName() + "'>" +
-                "    <b:constructor-arg value='/customlogin'/>" +
                 "</b:bean>" + AUTH_PROVIDER_XML);
         ExceptionTranslationFilter etf = (ExceptionTranslationFilter) getFilters("/someurl").get(AUTO_CONFIG_FILTERS-3);
         assertTrue("ExceptionTranslationFilter should be configured with custom entry point",
-                etf.getAuthenticationEntryPoint() instanceof MockAuthenticationEntryPoint);
+                etf.getAuthenticationEntryPoint() instanceof MockEntryPoint);
+    }
+
+    private static class MockEntryPoint extends AuthenticationProcessingFilterEntryPoint {
+        public MockEntryPoint() {
+            super.setLoginFormUrl("/notused");
+        }
     }
 
     @Test

samples/contacts/readme.txt

@@ -1,20 +0,0 @@
-
-
-The contacts application demonstrates the main Acegi Security features in action in a web application. Prior to version
-1.0.5, the application was built into several separate WAR files, each using different features - X.509, CAS, LDAP etc.
-
-In the interest of simplicity it has now been refactored into a single web application which uses a form login.
-The web application context is loaded from /WEB-INF/applicationContext-acegi-security.xml.
-The other context files have been left in the WEB-INF directory for reference but aren't used in the application.
-
-To run the application, assuming you have checked out the source tree from subversion, run
-
-mvn install
-
-from the project root. Then run
-
-mvn jetty:run
-
-from the contacts sample directory. This should start the web application on port 8080 for you to try out.
-
-$Id$

samples/contacts/xdocs/downloads.html

@@ -1,33 +0,0 @@
-<!--
- * ========================================================================
- * 
- * Copyright 2004 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * 
- * ========================================================================
--->
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-
-<head>
-<title>Contacts Sample Downloads</title>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
-</head>
-
-<body>
-  <h1>Acegi Security Downloads</h1>
-  <p>Please see the <a href="../../downloads.html">main downloads page</a>.</p>
-</body>
-</html>

samples/contacts/xdocs/ssl/acegisecurity.txt

@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIC1DCCAj0CBECA2vQwDQYJKoZIhvcNAQEEBQAwgbAxEDAOBgNVBAYTB1Vua25vd24xEDAOBgNV
-BAgTB1Vua25vd24xEDAOBgNVBAcTB1Vua25vd24xOTA3BgNVBAoTMFRFU1QgQ0VSVElGSUNBVEUg
-T05MWS4gRE8gTk9UIFVTRSBJTiBQUk9EVUNUSU9OLjEpMCcGA1UECxMgQWNlZ2kgU2VjdXJpdHkg
-U3lzdGVtIGZvciBTcHJpbmcxEjAQBgNVBAMTCWxvY2FsaG9zdDAeFw0wNDA0MTcwNzIxMjRaFw0z
-MTA5MDIwNzIxMjRaMIGwMRAwDgYDVQQGEwdVbmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYD
-VQQHEwdVbmtub3duMTkwNwYDVQQKEzBURVNUIENFUlRJRklDQVRFIE9OTFkuIERPIE5PVCBVU0Ug
-SU4gUFJPRFVDVElPTi4xKTAnBgNVBAsTIEFjZWdpIFNlY3VyaXR5IFN5c3RlbSBmb3IgU3ByaW5n
-MRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANwJCiDthTNC
-SJZ87CYkhWWDBciaFRvuDldzgEGwEUF5gNczd8Er66Pvh+Ir350hjE4LsDfi5iQNOuhbRR37LvW5
-7CrKG3W+vq7K3Zr9JEqhP/U2ocPLQQF4/NbBKStRacGGY1O3koTqp9W8gE0vSlC3/KhoOoPWHkGh
-NZXOxuwLAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAdTlsziREdIR00/+tufCq/ACHSo2nJr1yRzIi
-cVOXJBws0f+M3TUSIaODFv/54bZnWtjlWGa55uhc425+LrkOtqus7cMoNnyte/C6g/gcnArkKVhL
-C68LGqARe9DK1ycquA4KmgiKyhi9a54kKA6BC4bmmEI98HpB6uxxvOB+ChE=
------END CERTIFICATE-----

web/src/test/java/org/springframework/security/MockAuthenticationEntryPoint.java

@@ -1,51 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security;
-
-import java.io.IOException;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.web.AuthenticationEntryPoint;
-
-
-/**
- * Performs a HTTP redirect to the constructor-indicated URL.
- *
- * @author Ben Alex
- * @version $Id$
- */
-public class MockAuthenticationEntryPoint implements AuthenticationEntryPoint {
-    //~ Instance fields ================================================================================================
-
-    private String url;
-
-    //~ Constructors ===================================================================================================
-
-    public MockAuthenticationEntryPoint(String url) {
-        this.url = url;
-    }
-
-    //~ Methods ========================================================================================================
-
-    public void commence(HttpServletRequest request, HttpServletResponse response,
-            AuthenticationException authenticationException) throws IOException, ServletException {
-        response.sendRedirect(request.getContextPath() + url);
-    }
-}

web/src/test/java/org/springframework/security/web/access/ExceptionTranslationFilterTests.java

@@ -22,21 +22,21 @@ import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
 import junit.framework.TestCase;
 
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.security.MockAuthenticationEntryPoint;
 import org.springframework.security.MockPortResolver;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
 import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.web.access.AccessDeniedHandlerImpl;
+import org.springframework.security.web.AuthenticationEntryPoint;
-import org.springframework.security.web.access.ExceptionTranslationFilter;
 import org.springframework.security.web.savedrequest.SavedRequest;
 
 /**
@@ -85,7 +85,7 @@ public class ExceptionTranslationFilterTests extends TestCase {
 
         // Test
         ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
-        filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
+        filter.setAuthenticationEntryPoint(mockEntryPoint());
 
         MockHttpServletResponse response = new MockHttpServletResponse();
         filter.doFilter(request, response, chain);
@@ -111,7 +111,7 @@ public class ExceptionTranslationFilterTests extends TestCase {
 
         // Test
         ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
-        filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
+        filter.setAuthenticationEntryPoint(mockEntryPoint());
         filter.setAccessDeniedHandler(adh);
 
         MockHttpServletResponse response = new MockHttpServletResponse();
@@ -124,7 +124,7 @@ public class ExceptionTranslationFilterTests extends TestCase {
     public void testGettersSetters() {
         ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
 
-        filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
+        filter.setAuthenticationEntryPoint(mockEntryPoint());
         assertTrue(filter.getAuthenticationEntryPoint() != null);
 
         filter.setPortResolver(new MockPortResolver(80, 443));
@@ -146,7 +146,7 @@ public class ExceptionTranslationFilterTests extends TestCase {
 
         // Test
         ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
-        filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
+        filter.setAuthenticationEntryPoint(mockEntryPoint());
         filter.setPortResolver(new MockPortResolver(80, 443));
         /*
          * Disabled the call to afterPropertiesSet as it requires
@@ -177,7 +177,7 @@ public class ExceptionTranslationFilterTests extends TestCase {
 
         // Test
         ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
-        filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
+        filter.setAuthenticationEntryPoint(mockEntryPoint());
         filter.setPortResolver(new MockPortResolver(8080, 8443));
         /*
          * Disabled the call to afterPropertiesSet as it requires
@@ -195,7 +195,7 @@ public class ExceptionTranslationFilterTests extends TestCase {
     public void testSavedRequestIsNotStoredForPostIfJustUseSaveRequestOnGetIsSet() throws Exception {
         ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
         filter.setJustUseSavedRequestOnGet(true);
-        filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
+        filter.setAuthenticationEntryPoint(mockEntryPoint());
         filter.setPortResolver(new MockPortResolver(8080, 8443));
         MockHttpServletRequest request = new MockHttpServletRequest();
         MockFilterChain chain = new MockFilterChain(false, true, false, false);
@@ -218,7 +218,7 @@ public class ExceptionTranslationFilterTests extends TestCase {
 
     public void testStartupDetectsMissingPortResolver() throws Exception {
         ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
-        filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
+        filter.setAuthenticationEntryPoint(mockEntryPoint());
         filter.setPortResolver(null);
 
         try {
@@ -240,7 +240,7 @@ public class ExceptionTranslationFilterTests extends TestCase {
 
         // Test
         ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
-        filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("/login.jsp"));
+        filter.setAuthenticationEntryPoint(mockEntryPoint());
 
         MockHttpServletResponse response = new MockHttpServletResponse();
         filter.doFilter(request, response, chain);
@@ -257,7 +257,7 @@ public class ExceptionTranslationFilterTests extends TestCase {
     public void testThrowIOException() throws Exception {
         ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
 
-        filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint(""));
+        filter.setAuthenticationEntryPoint(mockEntryPoint());
         /*
          * Disabled the call to afterPropertiesSet as it requires
          * applicationContext to be injected before it is invoked. We do not
@@ -278,7 +278,7 @@ public class ExceptionTranslationFilterTests extends TestCase {
     public void testThrowServletException() throws Exception {
         ExceptionTranslationFilter filter = new ExceptionTranslationFilter();
 
-        filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint(""));
+        filter.setAuthenticationEntryPoint(mockEntryPoint());
         /*
          * Disabled the call to afterPropertiesSet as it requires
          * applicationContext to be injected before it is invoked. We do not
@@ -296,6 +296,15 @@ public class ExceptionTranslationFilterTests extends TestCase {
         }
     }
 
+    private AuthenticationEntryPoint mockEntryPoint() {
+        return new AuthenticationEntryPoint() {
+            public void commence(HttpServletRequest request, HttpServletResponse response,
+                    AuthenticationException authException) throws IOException, ServletException {
+                response.sendRedirect(request.getContextPath() + "/login.jsp");
+            }
+        };
+    }
+
     // ~ Inner Classes =================================================================================================
 
     private class MockFilterChain implements FilterChain {

web/src/test/java/org/springframework/security/web/authentication/AnonymousProcessingFilterTests.java

@@ -15,6 +15,7 @@
 
 package org.springframework.security.web.authentication;
 
+import static org.mockito.Mockito.mock;
 import junit.framework.TestCase;
 
 import org.springframework.security.MockFilterConfig;
@@ -144,7 +145,7 @@ public class AnonymousProcessingFilterTests extends TestCase {
         // Test
         MockHttpServletRequest request = new MockHttpServletRequest();
         request.setRequestURI("x");
-        executeFilterInContainerSimulator(new MockFilterConfig(), filter, request, new MockHttpServletResponse(),
+        executeFilterInContainerSimulator(mock(FilterConfig.class), filter, request, new MockHttpServletResponse(),
             new MockFilterChain(true));
 
         // Ensure filter didn't change our original object
@@ -164,7 +165,7 @@ public class AnonymousProcessingFilterTests extends TestCase {
 
         MockHttpServletRequest request = new MockHttpServletRequest();
         request.setRequestURI("x");
-        executeFilterInContainerSimulator(new MockFilterConfig(), filter, request, new MockHttpServletResponse(),
+        executeFilterInContainerSimulator(mock(FilterConfig.class), filter, request, new MockHttpServletResponse(),
             new MockFilterChain(true));
 
         Authentication auth = SecurityContextHolder.getContext().getAuthentication();
@@ -174,7 +175,7 @@ public class AnonymousProcessingFilterTests extends TestCase {
 
         // Now test operation if we have removeAfterRequest = true
         filter.setRemoveAfterRequest(true); // set to default value
-        executeFilterInContainerSimulator(new MockFilterConfig(), filter, request, new MockHttpServletResponse(),
+        executeFilterInContainerSimulator(mock(FilterConfig.class), filter, request, new MockHttpServletResponse(),
             new MockFilterChain(true));
         assertNull(SecurityContextHolder.getContext().getAuthentication());
     }

web/src/test/java/org/springframework/security/web/authentication/rememberme/RememberMeProcessingFilterTests.java

@@ -34,7 +34,6 @@ import junit.framework.TestCase;
 import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.security.MockFilterConfig;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.TestingAuthenticationToken;
@@ -127,7 +126,7 @@ public class RememberMeProcessingFilterTests extends TestCase {
         // Test
         MockHttpServletRequest request = new MockHttpServletRequest();
         request.setRequestURI("x");
-        executeFilterInContainerSimulator(new MockFilterConfig(), filter, request, new MockHttpServletResponse(),
+        executeFilterInContainerSimulator(mock(FilterConfig.class), filter, request, new MockHttpServletResponse(),
             new MockFilterChain(true));
 
         // Ensure filter didn't change our original object
@@ -145,7 +144,7 @@ public class RememberMeProcessingFilterTests extends TestCase {
 
         MockHttpServletRequest request = new MockHttpServletRequest();
         request.setRequestURI("x");
-        executeFilterInContainerSimulator(new MockFilterConfig(), filter, request, new MockHttpServletResponse(),
+        executeFilterInContainerSimulator(mock(FilterConfig.class), filter, request, new MockHttpServletResponse(),
             new MockFilterChain(true));
 
         // Ensure filter setup with our remembered authentication object
@@ -170,7 +169,7 @@ public class RememberMeProcessingFilterTests extends TestCase {
 
         MockHttpServletRequest request = new MockHttpServletRequest();
         request.setRequestURI("x");
-        executeFilterInContainerSimulator(new MockFilterConfig(), filter, request, new MockHttpServletResponse(),
+        executeFilterInContainerSimulator(mock(FilterConfig.class), filter, request, new MockHttpServletResponse(),
             new MockFilterChain(true));
 
         assertEquals(failedAuth, SecurityContextHolder.getContext().getAuthentication());

web/src/test/java/org/springframework/security/web/authentication/www/BasicProcessingFilterTests.java

@@ -24,6 +24,7 @@ import java.io.IOException;
 
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
@@ -35,14 +36,13 @@ import org.junit.Test;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 import org.springframework.mock.web.MockHttpSession;
-import org.springframework.security.MockAuthenticationEntryPoint;
-import org.springframework.security.MockFilterConfig;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.security.web.authentication.WebAuthenticationDetails;
 
 
@@ -63,7 +63,7 @@ public class BasicProcessingFilterTests {
 
     private MockHttpServletResponse executeFilterInContainerSimulator(Filter filter, final ServletRequest request,
                     final boolean expectChainToProceed) throws ServletException, IOException {
-        filter.init(new MockFilterConfig());
+        filter.init(mock(FilterConfig.class));
 
         final MockHttpServletResponse response = new MockHttpServletResponse();
 
@@ -115,7 +115,7 @@ public class BasicProcessingFilterTests {
         filter.setAuthenticationManager(manager);
         assertTrue(filter.getAuthenticationManager() != null);
 
-        filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("sx"));
+        filter.setAuthenticationEntryPoint(mock(AuthenticationEntryPoint.class));
         assertTrue(filter.getAuthenticationEntryPoint() != null);
     }
 
@@ -175,7 +175,7 @@ public class BasicProcessingFilterTests {
     @Test(expected=IllegalArgumentException.class)
     public void testStartupDetectsMissingAuthenticationManager() throws Exception {
         BasicProcessingFilter filter = new BasicProcessingFilter();
-        filter.setAuthenticationEntryPoint(new MockAuthenticationEntryPoint("x"));
+        filter.setAuthenticationEntryPoint(mock(AuthenticationEntryPoint.class));
         filter.afterPropertiesSet();
     }
 

web/src/test/java/org/springframework/security/web/authentication/www/DigestProcessingFilterTests.java

@@ -16,12 +16,14 @@
 package org.springframework.security.web.authentication.www;
 
 import static org.junit.Assert.*;
+import static org.mockito.Mockito.mock;
 
 import java.io.IOException;
 import java.util.Map;
 
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 
@@ -35,7 +37,6 @@ import org.junit.Before;
 import org.junit.Test;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.security.MockFilterConfig;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.cache.NullUserCache;
@@ -86,7 +87,7 @@ public class DigestProcessingFilterTests {
 
     private MockHttpServletResponse executeFilterInContainerSimulator(Filter filter, final ServletRequest request,
                                                                       final boolean expectChainToProceed) throws ServletException, IOException {
-        filter.init(new MockFilterConfig());
+        filter.init(mock(FilterConfig.class));
 
         final MockHttpServletResponse response = new MockHttpServletResponse();