From 4a40d80da118bdc5b1ecfc194d6fd5da81492c21 Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Fri, 3 Dec 2010 16:41:46 +0000 Subject: [PATCH] SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority. It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before. --- .../security/acls/domain/AclImplTests.java | 36 +++------ .../AclImplementationSecurityCheckTests.java | 31 ++++---- .../acls/jdbc/BasicLookupStrategyTests.java | 36 ++++----- .../acls/jdbc/EhCacheBasedAclCacheTests.java | 14 ++-- .../security/acls/sid/SidTests.java | 23 +++--- .../jdbcMutableAclServiceTests-context.xml | 6 +- ...AssertionAttributesUserDetailsService.java | 6 +- .../CasAuthenticationProviderTests.java | 14 ++-- .../CasAuthenticationTokenTests.java | 11 ++- ...pUserServiceBeanDefinitionParserTests.java | 13 ++-- .../hierarchicalroles/RoleHierarchyImpl.java | 23 ++---- .../access/intercept/RunAsManagerImpl.java | 8 +- .../jaas/JaasGrantedAuthority.java | 37 +++++++-- .../core/authority/AuthorityUtils.java | 2 +- .../core/authority/GrantedAuthorityImpl.java | 10 +-- .../authority/SimpleGrantedAuthority.java | 46 +++++++++++ ...edAttributes2GrantedAuthoritiesMapper.java | 4 +- ...leAttributes2GrantedAuthoritiesMapper.java | 6 +- .../core/userdetails/jdbc/JdbcDaoImpl.java | 6 +- .../userdetails/memory/UserAttribute.java | 4 +- .../provisioning/JdbcUserDetailsManager.java | 4 +- .../RunAsImplAuthenticationProviderTests.java | 34 +++----- .../access/vote/ConsensusBasedTests.java | 11 +-- .../AbstractAuthenticationTokenTests.java | 11 ++- .../AnonymousAuthenticationProviderTests.java | 14 ++-- .../jaas/JaasAuthenticationProviderTests.java | 15 ++-- .../authority/GrantedAuthorityImplTests.java | 77 ------------------- .../SimpleGrantedAuthorityTests.java | 54 +++++++++++++ ...tributes2GrantedAuthoritiesMapperTest.java | 10 +-- .../security/core/userdetails/UserTests.java | 4 +- .../JdbcUserDetailsManagerTests.java | 6 +- .../manual/src/docbook/technical-overview.xml | 4 +- .../FilterChainPerformanceTests.java | 17 ++-- .../DefaultLdapAuthoritiesPopulator.java | 6 +- .../userdetails/LdapUserDetailsManager.java | 4 +- .../userdetails/LdapUserDetailsMapper.java | 4 +- ...pplicationContext-common-authorization.xml | 2 +- .../applicationContext-dms-secure.xml | 6 +- .../authz/AuthorizeTagAttributeTests.java | 35 ++++----- .../AuthorizeTagExpressionLanguageTests.java | 16 ++-- .../velocity/AuthzImplAttributeTest.java | 15 +--- .../velocity/AuthzImplAuthorizeTagTest.java | 15 +--- .../SwitchUserGrantedAuthority.java | 40 ++++++++-- .../AnonymousAuthenticationFilterTests.java | 34 ++++---- .../switchuser/SwitchUserFilterTests.java | 20 ++--- 45 files changed, 380 insertions(+), 414 deletions(-) create mode 100644 core/src/main/java/org/springframework/security/core/authority/SimpleGrantedAuthority.java delete mode 100644 core/src/test/java/org/springframework/security/core/authority/GrantedAuthorityImplTests.java create mode 100644 core/src/test/java/org/springframework/security/core/authority/SimpleGrantedAuthorityTests.java diff --git a/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java b/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java index 6e2444a4f5..b249d35e7f 100644 --- a/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java +++ b/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java @@ -3,33 +3,17 @@ package org.springframework.security.acls.domain; import static org.junit.Assert.*; import static org.mockito.Mockito.*; -import java.lang.reflect.Field; -import java.util.*; - -import org.junit.After; -import org.junit.Before; -import org.junit.Test; -import org.springframework.security.acls.model.AccessControlEntry; -import org.springframework.security.acls.model.Acl; -import org.springframework.security.acls.model.AlreadyExistsException; -import org.springframework.security.acls.model.AuditableAccessControlEntry; -import org.springframework.security.acls.model.AuditableAcl; -import org.springframework.security.acls.model.ChildrenExistException; -import org.springframework.security.acls.model.MutableAcl; -import org.springframework.security.acls.model.MutableAclService; -import org.springframework.security.acls.model.NotFoundException; -import org.springframework.security.acls.model.ObjectIdentity; -import org.springframework.security.acls.model.OwnershipAcl; -import org.springframework.security.acls.model.Permission; -import org.springframework.security.acls.model.PermissionGrantingStrategy; -import org.springframework.security.acls.model.Sid; +import org.junit.*; +import org.springframework.security.acls.model.*; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.util.FieldUtils; +import java.lang.reflect.Field; +import java.util.*; + /** * Tests for {@link AclImpl}. @@ -201,9 +185,9 @@ public class AclImplTests { @Test public void deleteAceFailsForNonExistentElement() throws Exception { - AclAuthorizationStrategyImpl strategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] { - new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), - new GrantedAuthorityImpl("ROLE_GENERAL") }); + AclAuthorizationStrategyImpl strategy = new AclAuthorizationStrategyImpl( + new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"), + new SimpleGrantedAuthority("ROLE_GENERAL")); MutableAcl acl = new AclImpl(objectIdentity, (1), strategy, pgs, null, null, true, new PrincipalSid( "joe")); try { @@ -424,7 +408,7 @@ public class AclImplTests { acl.setEntriesInheriting(false); assertFalse(acl.isEntriesInheriting()); - ((OwnershipAcl) acl).setOwner(new PrincipalSid("ben")); + acl.setOwner(new PrincipalSid("ben")); assertEquals(acl.getOwner(), new PrincipalSid("ben")); } diff --git a/acl/src/test/java/org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.java b/acl/src/test/java/org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.java index 2163602934..4d64caebfc 100644 --- a/acl/src/test/java/org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.java +++ b/acl/src/test/java/org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.java @@ -2,9 +2,7 @@ package org.springframework.security.acls.domain; import static org.junit.Assert.*; -import org.junit.After; -import org.junit.Before; -import org.junit.Test; +import org.junit.*; import org.springframework.security.access.AccessDeniedException; import org.springframework.security.acls.model.Acl; import org.springframework.security.acls.model.MutableAcl; @@ -12,8 +10,7 @@ import org.springframework.security.acls.model.NotFoundException; import org.springframework.security.acls.model.ObjectIdentity; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; /** @@ -44,9 +41,9 @@ public class AclImplementationSecurityCheckTests { SecurityContextHolder.getContext().setAuthentication(auth); ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100)); - AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] { - new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), - new GrantedAuthorityImpl("ROLE_GENERAL") }); + AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( + new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"), + new SimpleGrantedAuthority("ROLE_GENERAL")); Acl acl = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger()); @@ -55,9 +52,9 @@ public class AclImplementationSecurityCheckTests { aclAuthorizationStrategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_OWNERSHIP); // Create another authorization strategy - AclAuthorizationStrategy aclAuthorizationStrategy2 = new AclAuthorizationStrategyImpl(new GrantedAuthority[] { - new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO"), - new GrantedAuthorityImpl("ROLE_THREE") }); + AclAuthorizationStrategy aclAuthorizationStrategy2 = new AclAuthorizationStrategyImpl( + new SimpleGrantedAuthority("ROLE_ONE"), new SimpleGrantedAuthority("ROLE_TWO"), + new SimpleGrantedAuthority("ROLE_THREE")); Acl acl2 = new AclImpl(identity, new Long(1), aclAuthorizationStrategy2, new ConsoleAuditLogger()); // Check access in case the principal has no authorization rights try { @@ -90,8 +87,8 @@ public class AclImplementationSecurityCheckTests { ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, new Long(100)); // Authorization strategy will require a different role for each access AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( - new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), - new GrantedAuthorityImpl("ROLE_GENERAL")); + new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"), + new SimpleGrantedAuthority("ROLE_GENERAL")); // Let's give the principal the ADMINISTRATION permission, without // granting access @@ -178,8 +175,8 @@ public class AclImplementationSecurityCheckTests { ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100); // Authorization strategy will require a different role for each access AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( - new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO"), - new GrantedAuthorityImpl("ROLE_GENERAL")); + new SimpleGrantedAuthority("ROLE_ONE"), new SimpleGrantedAuthority("ROLE_TWO"), + new SimpleGrantedAuthority("ROLE_GENERAL")); // Let's give the principal an ADMINISTRATION permission, with granting // access @@ -235,8 +232,8 @@ public class AclImplementationSecurityCheckTests { ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100); AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( - new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), - new GrantedAuthorityImpl("ROLE_GENERAL")); + new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"), + new SimpleGrantedAuthority("ROLE_GENERAL")); Acl acl = new AclImpl(identity, 1, aclAuthorizationStrategy, new ConsoleAuditLogger(), null, null, false, new PrincipalSid(auth)); diff --git a/acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java b/acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java index 42a3ad2961..a44b35503a 100644 --- a/acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java +++ b/acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java @@ -1,19 +1,10 @@ package org.springframework.security.acls.jdbc; -import java.util.Arrays; -import java.util.List; -import java.util.Map; - import junit.framework.Assert; import net.sf.ehcache.Cache; import net.sf.ehcache.CacheManager; import net.sf.ehcache.Ehcache; - -import org.junit.After; -import org.junit.AfterClass; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; +import org.junit.*; import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.Resource; import org.springframework.jdbc.core.JdbcTemplate; @@ -34,10 +25,11 @@ import org.springframework.security.acls.model.NotFoundException; import org.springframework.security.acls.model.ObjectIdentity; import org.springframework.security.acls.model.Permission; import org.springframework.security.acls.model.Sid; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.util.FileCopyUtils; +import java.util.*; + /** * Tests {@link BasicLookupStrategy} * @@ -101,7 +93,7 @@ public class BasicLookupStrategyTests { @Before public void initializeBeans() { EhCacheBasedAclCache cache = new EhCacheBasedAclCache(getCache()); - AclAuthorizationStrategy authorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthorityImpl("ROLE_ADMINISTRATOR")); + AclAuthorizationStrategy authorizationStrategy = new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_ADMINISTRATOR")); strategy = new BasicLookupStrategy(dataSource, cache, authorizationStrategy, new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger())); strategy.setPermissionFactory(new DefaultPermissionFactory()); @@ -157,7 +149,7 @@ public class BasicLookupStrategyTests { ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(102)); // Set a batch size to allow multiple database queries in order to retrieve all acls - ((BasicLookupStrategy) this.strategy).setBatchSize(1); + this.strategy.setBatchSize(1); Map map = this.strategy.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null); checkEntries(topParentOid, middleParentOid, childOid, map); } @@ -199,14 +191,14 @@ public class BasicLookupStrategyTests { Assert.assertEquals(topParent.getEntries().get(0).getSid(), new PrincipalSid("ben")); Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isAuditFailure()); Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isAuditSuccess()); - Assert.assertTrue(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isGranting()); + Assert.assertTrue((topParent.getEntries().get(0)).isGranting()); Assert.assertEquals(topParent.getEntries().get(1).getId(), Long.valueOf(2)); Assert.assertEquals(topParent.getEntries().get(1).getPermission(), BasePermission.WRITE); Assert.assertEquals(topParent.getEntries().get(1).getSid(), new PrincipalSid("ben")); Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries().get(1)).isAuditFailure()); Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries().get(1)).isAuditSuccess()); - Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries().get(1)).isGranting()); + Assert.assertFalse(topParent.getEntries().get(1).isGranting()); Assert.assertTrue(middleParent.isEntriesInheriting()); Assert.assertEquals(middleParent.getId(), Long.valueOf(2)); @@ -216,7 +208,7 @@ public class BasicLookupStrategyTests { Assert.assertEquals(middleParent.getEntries().get(0).getSid(), new PrincipalSid("ben")); Assert.assertFalse(((AuditableAccessControlEntry) middleParent.getEntries().get(0)).isAuditFailure()); Assert.assertFalse(((AuditableAccessControlEntry) middleParent.getEntries().get(0)).isAuditSuccess()); - Assert.assertTrue(((AuditableAccessControlEntry) middleParent.getEntries().get(0)).isGranting()); + Assert.assertTrue(middleParent.getEntries().get(0).isGranting()); Assert.assertTrue(child.isEntriesInheriting()); Assert.assertEquals(child.getId(), Long.valueOf(3)); @@ -244,11 +236,11 @@ public class BasicLookupStrategyTests { // Check that the child and all its parents were retrieved Assert.assertNotNull(map.get(childOid)); - Assert.assertEquals(childOid, ((Acl) map.get(childOid)).getObjectIdentity()); + Assert.assertEquals(childOid, map.get(childOid).getObjectIdentity()); Assert.assertNotNull(map.get(middleParentOid)); - Assert.assertEquals(middleParentOid, ((Acl) map.get(middleParentOid)).getObjectIdentity()); + Assert.assertEquals(middleParentOid, map.get(middleParentOid).getObjectIdentity()); Assert.assertNotNull(map.get(topParentOid)); - Assert.assertEquals(topParentOid, ((Acl) map.get(topParentOid)).getObjectIdentity()); + Assert.assertEquals(topParentOid, map.get(topParentOid).getObjectIdentity()); // The second parent shouldn't have been retrieved Assert.assertNull(map.get(middleParent2Oid)); @@ -279,7 +271,7 @@ public class BasicLookupStrategyTests { strategy.setBatchSize(6); Map foundAcls = strategy.readAclsById(childOids, sids); - Acl foundChildAcl = (Acl) foundAcls.get(childOid); + Acl foundChildAcl = foundAcls.get(childOid); Assert.assertNotNull(foundChildAcl); Assert.assertTrue(foundChildAcl.isGranted(checkPermission, sids, false)); @@ -293,7 +285,7 @@ public class BasicLookupStrategyTests { Assert.fail("It shouldn't have thrown NotFoundException"); } - Acl foundParent2Acl = (Acl) foundAcls.get(parent2Oid); + Acl foundParent2Acl = foundAcls.get(parent2Oid); Assert.assertNotNull(foundParent2Acl); Assert.assertTrue(foundParent2Acl.isGranted(checkPermission, sids, false)); } diff --git a/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java b/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java index a77109bbc0..44b47e2486 100644 --- a/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java +++ b/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java @@ -16,7 +16,7 @@ import org.springframework.security.acls.model.MutableAcl; import org.springframework.security.acls.model.ObjectIdentity; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.util.FieldUtils; @@ -124,8 +124,8 @@ public class EhCacheBasedAclCacheTests { public void testDiskSerializationOfMutableAclObjectInstance() throws Exception { ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(100)); AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( - new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), - new GrantedAuthorityImpl("ROLE_GENERAL")); + new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"), + new SimpleGrantedAuthority("ROLE_GENERAL")); MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, new ConsoleAuditLogger()); // Serialization test @@ -156,8 +156,8 @@ public class EhCacheBasedAclCacheTests { ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(100)); AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( - new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), - new GrantedAuthorityImpl("ROLE_GENERAL")); + new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"), + new SimpleGrantedAuthority("ROLE_GENERAL")); MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, new ConsoleAuditLogger()); assertEquals(0, cache.getDiskStoreSize()); @@ -210,8 +210,8 @@ public class EhCacheBasedAclCacheTests { ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(1)); ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(2)); AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( - new GrantedAuthorityImpl("ROLE_OWNERSHIP"), new GrantedAuthorityImpl("ROLE_AUDITING"), - new GrantedAuthorityImpl("ROLE_GENERAL")); + new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"), + new SimpleGrantedAuthority("ROLE_GENERAL")); MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, new ConsoleAuditLogger()); MutableAcl parentAcl = new AclImpl(identityParent, Long.valueOf(2), aclAuthorizationStrategy, new ConsoleAuditLogger()); diff --git a/acl/src/test/java/org/springframework/security/acls/sid/SidTests.java b/acl/src/test/java/org/springframework/security/acls/sid/SidTests.java index 1f8bd6a84c..7872d237c1 100644 --- a/acl/src/test/java/org/springframework/security/acls/sid/SidTests.java +++ b/acl/src/test/java/org/springframework/security/acls/sid/SidTests.java @@ -2,14 +2,13 @@ package org.springframework.security.acls.sid; import junit.framework.Assert; import junit.framework.TestCase; - import org.springframework.security.acls.domain.GrantedAuthoritySid; import org.springframework.security.acls.domain.PrincipalSid; import org.springframework.security.acls.model.Sid; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; public class SidTests extends TestCase { @@ -109,7 +108,7 @@ public class SidTests extends TestCase { } try { - GrantedAuthority ga = new GrantedAuthorityImpl(null); + GrantedAuthority ga = new SimpleGrantedAuthority(null); new GrantedAuthoritySid(ga); Assert.fail("It should have thrown IllegalArgumentException"); } @@ -118,7 +117,7 @@ public class SidTests extends TestCase { } try { - GrantedAuthority ga = new GrantedAuthorityImpl("ROLE_TEST"); + GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST"); new GrantedAuthoritySid(ga); Assert.assertTrue(true); } @@ -142,15 +141,15 @@ public class SidTests extends TestCase { } public void testGrantedAuthoritySidEquals() throws Exception { - GrantedAuthority ga = new GrantedAuthorityImpl("ROLE_TEST"); + GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST"); Sid gaSid = new GrantedAuthoritySid(ga); Assert.assertFalse(gaSid.equals(null)); Assert.assertFalse(gaSid.equals("DIFFERENT_TYPE_OBJECT")); Assert.assertTrue(gaSid.equals(gaSid)); Assert.assertTrue(gaSid.equals(new GrantedAuthoritySid(ga))); - Assert.assertTrue(gaSid.equals(new GrantedAuthoritySid(new GrantedAuthorityImpl("ROLE_TEST")))); - Assert.assertFalse(gaSid.equals(new GrantedAuthoritySid(new GrantedAuthorityImpl("ROLE_NOT_EQUAL")))); + Assert.assertTrue(gaSid.equals(new GrantedAuthoritySid(new SimpleGrantedAuthority("ROLE_TEST")))); + Assert.assertFalse(gaSid.equals(new GrantedAuthoritySid(new SimpleGrantedAuthority("ROLE_NOT_EQUAL")))); Assert.assertTrue(gaSid.equals(new GrantedAuthoritySid("ROLE_TEST"))); Assert.assertFalse(gaSid.equals(new GrantedAuthoritySid("ROLE_NOT_EQUAL"))); } @@ -159,26 +158,26 @@ public class SidTests extends TestCase { Authentication authentication = new TestingAuthenticationToken("johndoe", "password"); Sid principalSid = new PrincipalSid(authentication); - Assert.assertTrue(principalSid.hashCode() == new String("johndoe").hashCode()); + Assert.assertTrue(principalSid.hashCode() == "johndoe".hashCode()); Assert.assertTrue(principalSid.hashCode() == new PrincipalSid("johndoe").hashCode()); Assert.assertTrue(principalSid.hashCode() != new PrincipalSid("scott").hashCode()); Assert.assertTrue(principalSid.hashCode() != new PrincipalSid(new TestingAuthenticationToken("scott", "password")).hashCode()); } public void testGrantedAuthoritySidHashCode() throws Exception { - GrantedAuthority ga = new GrantedAuthorityImpl("ROLE_TEST"); + GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST"); Sid gaSid = new GrantedAuthoritySid(ga); - Assert.assertTrue(gaSid.hashCode() == new String("ROLE_TEST").hashCode()); + Assert.assertTrue(gaSid.hashCode() == "ROLE_TEST".hashCode()); Assert.assertTrue(gaSid.hashCode() == new GrantedAuthoritySid("ROLE_TEST").hashCode()); Assert.assertTrue(gaSid.hashCode() != new GrantedAuthoritySid("ROLE_TEST_2").hashCode()); - Assert.assertTrue(gaSid.hashCode() != new GrantedAuthoritySid(new GrantedAuthorityImpl("ROLE_TEST_2")).hashCode()); + Assert.assertTrue(gaSid.hashCode() != new GrantedAuthoritySid(new SimpleGrantedAuthority("ROLE_TEST_2")).hashCode()); } public void testGetters() throws Exception { Authentication authentication = new TestingAuthenticationToken("johndoe", "password"); PrincipalSid principalSid = new PrincipalSid(authentication); - GrantedAuthority ga = new GrantedAuthorityImpl("ROLE_TEST"); + GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST"); GrantedAuthoritySid gaSid = new GrantedAuthoritySid(ga); Assert.assertTrue("johndoe".equals(principalSid.getPrincipal())); diff --git a/acl/src/test/resources/jdbcMutableAclServiceTests-context.xml b/acl/src/test/resources/jdbcMutableAclServiceTests-context.xml index ef0d8750ad..9a79d18f8b 100644 --- a/acl/src/test/resources/jdbcMutableAclServiceTests-context.xml +++ b/acl/src/test/resources/jdbcMutableAclServiceTests-context.xml @@ -36,13 +36,13 @@ - + - + - + diff --git a/cas/src/main/java/org/springframework/security/cas/userdetails/GrantedAuthorityFromAssertionAttributesUserDetailsService.java b/cas/src/main/java/org/springframework/security/cas/userdetails/GrantedAuthorityFromAssertionAttributesUserDetailsService.java index aecd7b4e73..1f11037ba4 100644 --- a/cas/src/main/java/org/springframework/security/cas/userdetails/GrantedAuthorityFromAssertionAttributesUserDetailsService.java +++ b/cas/src/main/java/org/springframework/security/cas/userdetails/GrantedAuthorityFromAssertionAttributesUserDetailsService.java @@ -17,7 +17,7 @@ package org.springframework.security.cas.userdetails; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.util.Assert; import org.jasig.cas.client.validation.Assertion; @@ -62,11 +62,11 @@ public final class GrantedAuthorityFromAssertionAttributesUserDetailsService ext final List list = (List) value; for (final Object o : list) { - grantedAuthorities.add(new GrantedAuthorityImpl(this.convertToUpperCase ? o.toString().toUpperCase() : o.toString())); + grantedAuthorities.add(new SimpleGrantedAuthority(this.convertToUpperCase ? o.toString().toUpperCase() : o.toString())); } } else { - grantedAuthorities.add(new GrantedAuthorityImpl(this.convertToUpperCase ? value.toString().toUpperCase() : value.toString())); + grantedAuthorities.add(new SimpleGrantedAuthority(this.convertToUpperCase ? value.toString().toUpperCase() : value.toString())); } } diff --git a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java index e2fd40aefe..e77f897d3a 100644 --- a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java +++ b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java @@ -18,28 +18,26 @@ package org.springframework.security.cas.authentication; import static org.junit.Assert.*; -import java.util.HashMap; -import java.util.Map; - import org.jasig.cas.client.validation.Assertion; import org.jasig.cas.client.validation.AssertionImpl; import org.jasig.cas.client.validation.TicketValidationException; import org.jasig.cas.client.validation.TicketValidator; -import org.junit.Test; +import org.junit.*; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.cas.ServiceProperties; import org.springframework.security.cas.web.CasAuthenticationFilter; import org.springframework.security.core.Authentication; -import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.AuthenticationUserDetailsService; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UsernameNotFoundException; +import java.util.*; + /** * Tests {@link CasAuthenticationProvider}. @@ -98,8 +96,8 @@ public class CasAuthenticationProviderTests { CasAuthenticationToken casResult = (CasAuthenticationToken) result; assertEquals(makeUserDetailsFromAuthoritiesPopulator(), casResult.getPrincipal()); assertEquals("ST-123", casResult.getCredentials()); - assertTrue(casResult.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_A"))); - assertTrue(casResult.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_B"))); + assertTrue(casResult.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_A"))); + assertTrue(casResult.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_B"))); assertEquals(cap.getKey().hashCode(), casResult.getKeyHash()); assertEquals("details", casResult.getDetails()); diff --git a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java index b43501a813..16dc11f1d6 100644 --- a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java +++ b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java @@ -15,19 +15,18 @@ package org.springframework.security.cas.authentication; -import java.util.List; - import junit.framework.TestCase; - import org.jasig.cas.client.validation.Assertion; import org.jasig.cas.client.validation.AssertionImpl; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; +import java.util.*; + /** * Tests {@link CasAuthenticationToken}. * @@ -108,8 +107,8 @@ public class CasAuthenticationTokenTests extends TestCase { assertEquals("key".hashCode(), token.getKeyHash()); assertEquals(makeUserDetails(), token.getPrincipal()); assertEquals("Password", token.getCredentials()); - assertTrue(token.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_ONE"))); - assertTrue(token.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_TWO"))); + assertTrue(token.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_ONE"))); + assertTrue(token.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_TWO"))); assertEquals(assertion, token.getAssertion()); assertEquals(makeUserDetails().getUsername(), token.getUserDetails().getUsername()); } diff --git a/config/src/test/java/org/springframework/security/config/ldap/LdapUserServiceBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/ldap/LdapUserServiceBeanDefinitionParserTests.java index 2f1d44fe1d..6a156edad5 100644 --- a/config/src/test/java/org/springframework/security/config/ldap/LdapUserServiceBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/ldap/LdapUserServiceBeanDefinitionParserTests.java @@ -1,17 +1,12 @@ package org.springframework.security.config.ldap; import static org.junit.Assert.*; -import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.*; import static org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser.*; -import java.util.Set; - -import org.junit.After; -import org.junit.Test; -import org.springframework.security.config.ldap.LdapUserServiceBeanDefinitionParser; +import org.junit.*; import org.springframework.security.config.util.InMemoryXmlApplicationContext; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.GrantedAuthorityImpl; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.ldap.search.FilterBasedLdapUserSearch; @@ -24,6 +19,8 @@ import org.springframework.security.ldap.userdetails.Person; import org.springframework.security.ldap.userdetails.PersonContextMapper; import org.w3c.dom.Element; +import java.util.*; + /** * @author Luke Taylor */ @@ -108,7 +105,7 @@ public class LdapUserServiceBeanDefinitionParserTests { Set authorities = AuthorityUtils.authorityListToSet(ben.getAuthorities()); assertEquals(3, authorities.size()); - assertTrue(authorities.contains(new GrantedAuthorityImpl("ROLE_DEVELOPER"))); + assertTrue(authorities.contains("ROLE_DEVELOPER")); } diff --git a/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java b/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java index 0aeb4bd081..abf1dc8654 100755 --- a/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java +++ b/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java @@ -15,22 +15,15 @@ package org.springframework.security.access.hierarchicalroles; -import java.util.ArrayList; -import java.util.Collection; -import java.util.HashMap; -import java.util.HashSet; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Set; -import java.util.regex.Matcher; -import java.util.regex.Pattern; - import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; + +import java.util.*; +import java.util.regex.Matcher; +import java.util.regex.Pattern; /** *

@@ -173,8 +166,8 @@ public class RoleHierarchyImpl implements RoleHierarchy { rolesReachableInOneStepMap = new HashMap>(); while (roleHierarchyMatcher.find()) { - GrantedAuthority higherRole = new GrantedAuthorityImpl(roleHierarchyMatcher.group(2)); - GrantedAuthority lowerRole = new GrantedAuthorityImpl(roleHierarchyMatcher.group(3)); + GrantedAuthority higherRole = new SimpleGrantedAuthority(roleHierarchyMatcher.group(2)); + GrantedAuthority lowerRole = new SimpleGrantedAuthority(roleHierarchyMatcher.group(3)); Set rolesReachableInOneStepSet; if (!rolesReachableInOneStepMap.containsKey(higherRole)) { @@ -210,7 +203,7 @@ public class RoleHierarchyImpl implements RoleHierarchy { while (!rolesToVisitSet.isEmpty()) { // take a role from the rolesToVisit set - GrantedAuthority aRole = (GrantedAuthority) rolesToVisitSet.iterator().next(); + GrantedAuthority aRole = rolesToVisitSet.iterator().next(); rolesToVisitSet.remove(aRole); addReachableRoles(visitedRolesSet, aRole); if (rolesReachableInOneStepMap.containsKey(aRole)) { diff --git a/core/src/main/java/org/springframework/security/access/intercept/RunAsManagerImpl.java b/core/src/main/java/org/springframework/security/access/intercept/RunAsManagerImpl.java index 7706060bd0..665bb69e00 100644 --- a/core/src/main/java/org/springframework/security/access/intercept/RunAsManagerImpl.java +++ b/core/src/main/java/org/springframework/security/access/intercept/RunAsManagerImpl.java @@ -23,7 +23,7 @@ import org.springframework.beans.factory.InitializingBean; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.util.Assert; @@ -32,8 +32,8 @@ import org.springframework.util.Assert; *

* Is activated if any {@link ConfigAttribute#getAttribute()} is prefixed with RUN_AS_. * If found, it generates a new {@link RunAsUserToken} containing the same principal, credentials and granted - * authorities as the original {@link Authentication} object, along with {@link GrantedAuthorityImpl}s for each - * RUN_AS_ indicated. The created GrantedAuthorityImpls will be prefixed with a special + * authorities as the original {@link Authentication} object, along with {@link SimpleGrantedAuthority}s for each + * RUN_AS_ indicated. The created SimpleGrantedAuthoritys will be prefixed with a special * prefix indicating that it is a role (default prefix value is ROLE_), and then the remainder of the * RUN_AS_ keyword. For example, RUN_AS_FOO will result in the creation of a granted * authority of ROLE_RUN_AS_FOO. @@ -66,7 +66,7 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean { for (ConfigAttribute attribute : attributes) { if (this.supports(attribute)) { - GrantedAuthority extraAuthority = new GrantedAuthorityImpl(getRolePrefix() + attribute.getAttribute()); + GrantedAuthority extraAuthority = new SimpleGrantedAuthority(getRolePrefix() + attribute.getAttribute()); newAuthorities.add(extraAuthority); } } diff --git a/core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java b/core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java index 68f1c488f0..3bfcc36c45 100644 --- a/core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java +++ b/core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java @@ -15,29 +15,29 @@ package org.springframework.security.authentication.jaas; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.GrantedAuthority; import java.security.Principal; /** - * Extends GrantedAuthorityImpl to hold the principal that an AuthorityGranter justified as a reason to grant this - * Authority.
+ * {@code GrantedAuthority} which, in addition to the assigned role, holds the principal that an + * {@link AuthorityGranter} used as a reason to grant this authority. * * @author Ray Krueger * * @see AuthorityGranter */ -public class JaasGrantedAuthority extends GrantedAuthorityImpl { +public final class JaasGrantedAuthority implements GrantedAuthority { //~ Instance fields ================================================================================================ - private static final long serialVersionUID = 1L; + private final String role; private final Principal principal; //~ Constructors =================================================================================================== public JaasGrantedAuthority(String role, Principal principal) { - super(role); + this.role = role; this.principal = principal; } @@ -46,4 +46,29 @@ public class JaasGrantedAuthority extends GrantedAuthorityImpl { public Principal getPrincipal() { return principal; } + + public String getAuthority() { + return role; + } + + public int hashCode() { + return 31 ^ principal.hashCode() ^ role.hashCode(); + } + + public boolean equals(Object obj) { + if (this == obj) { + return true; + } + + if (obj instanceof JaasGrantedAuthority) { + JaasGrantedAuthority jga = (JaasGrantedAuthority) obj; + return this.role.equals(jga.role) && this.principal.equals(jga.principal); + } + + return false; + } + + public String toString() { + return "Jaas Authority [" + role + "," + principal + "]" ; + } } diff --git a/core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java b/core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java index ab2f9218f7..25a9bdbc12 100644 --- a/core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java +++ b/core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java @@ -49,7 +49,7 @@ public abstract class AuthorityUtils { List authorities = new ArrayList(roles.length); for (String role : roles) { - authorities.add(new GrantedAuthorityImpl(role)); + authorities.add(new SimpleGrantedAuthority(role)); } return authorities; diff --git a/core/src/main/java/org/springframework/security/core/authority/GrantedAuthorityImpl.java b/core/src/main/java/org/springframework/security/core/authority/GrantedAuthorityImpl.java index dc24af598f..6235771d53 100644 --- a/core/src/main/java/org/springframework/security/core/authority/GrantedAuthorityImpl.java +++ b/core/src/main/java/org/springframework/security/core/authority/GrantedAuthorityImpl.java @@ -15,8 +15,6 @@ package org.springframework.security.core.authority; -import java.io.Serializable; - import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import org.springframework.util.Assert; @@ -27,16 +25,14 @@ import org.springframework.util.Assert; * *

* Stores a String representation of an authority granted to the {@link Authentication} object. - *

- * If compared to a custom authority which returns null from {@link #getAuthority}, the compareTo - * method will return -1, so the custom authority will take precedence. * * @author Ben Alex + * @deprecated Use the final class {@link SimpleGrantedAuthority} or implement your own. */ -public class GrantedAuthorityImpl implements GrantedAuthority, Serializable { +@Deprecated +public class GrantedAuthorityImpl implements GrantedAuthority { //~ Instance fields ================================================================================================ - private static final long serialVersionUID = 1L; private final String role; //~ Constructors =================================================================================================== diff --git a/core/src/main/java/org/springframework/security/core/authority/SimpleGrantedAuthority.java b/core/src/main/java/org/springframework/security/core/authority/SimpleGrantedAuthority.java new file mode 100644 index 0000000000..51aefbd4ce --- /dev/null +++ b/core/src/main/java/org/springframework/security/core/authority/SimpleGrantedAuthority.java @@ -0,0 +1,46 @@ +package org.springframework.security.core.authority; + +import org.springframework.security.core.GrantedAuthority; +import org.springframework.util.Assert; + +/** + * Basic concrete implementation of a {@link GrantedAuthority}. + * + *

+ * Stores a {@code String} representation of an authority granted to the + * {@link org.springframework.security.core.Authentication Authentication} object. + * + * @author Luke Taylor + */ +public final class SimpleGrantedAuthority implements GrantedAuthority { + private final String role; + + public SimpleGrantedAuthority(String role) { + Assert.hasText(role, "A granted authority textual representation is required"); + this.role = role; + } + + public String getAuthority() { + return role; + } + + public boolean equals(Object obj) { + if (this == obj) { + return true; + } + + if (obj instanceof SimpleGrantedAuthority) { + return role.equals(((SimpleGrantedAuthority) obj).role); + } + + return false; + } + + public int hashCode() { + return this.role.hashCode(); + } + + public String toString() { + return this.role; + } +} diff --git a/core/src/main/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapper.java b/core/src/main/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapper.java index 203c489550..0f98ba5cc2 100755 --- a/core/src/main/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapper.java +++ b/core/src/main/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapper.java @@ -4,7 +4,7 @@ import java.util.*; import org.springframework.beans.factory.InitializingBean; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.util.Assert; import org.springframework.util.StringUtils; @@ -130,7 +130,7 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper implements Attributes2G while ( st.hasMoreTokens() ) { String nextToken = st.nextToken(); if ( StringUtils.hasText(nextToken) ) { - result.add(new GrantedAuthorityImpl(nextToken)); + result.add(new SimpleGrantedAuthority(nextToken)); } } } diff --git a/core/src/main/java/org/springframework/security/core/authority/mapping/SimpleAttributes2GrantedAuthoritiesMapper.java b/core/src/main/java/org/springframework/security/core/authority/mapping/SimpleAttributes2GrantedAuthoritiesMapper.java index 723eb2e442..5ec87b939f 100755 --- a/core/src/main/java/org/springframework/security/core/authority/mapping/SimpleAttributes2GrantedAuthoritiesMapper.java +++ b/core/src/main/java/org/springframework/security/core/authority/mapping/SimpleAttributes2GrantedAuthoritiesMapper.java @@ -1,7 +1,7 @@ package org.springframework.security.core.authority.mapping; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import java.util.ArrayList; import java.util.Collection; @@ -67,9 +67,9 @@ public class SimpleAttributes2GrantedAuthoritiesMapper implements Attributes2Gra attribute = attribute.toUpperCase(Locale.getDefault()); } if (isAddPrefixIfAlreadyExisting() || !attribute.startsWith(getAttributePrefix())) { - return new GrantedAuthorityImpl(getAttributePrefix() + attribute); + return new SimpleGrantedAuthority(getAttributePrefix() + attribute); } else { - return new GrantedAuthorityImpl(attribute); + return new SimpleGrantedAuthority(attribute); } } diff --git a/core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java b/core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java index ba99ef6e7e..aff4939e5e 100644 --- a/core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java +++ b/core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java @@ -29,7 +29,7 @@ import org.springframework.jdbc.core.support.JdbcDaoSupport; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.SpringSecurityMessageSource; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; @@ -210,7 +210,7 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService { public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException { String roleName = rolePrefix + rs.getString(2); - return new GrantedAuthorityImpl(roleName); + return new SimpleGrantedAuthority(roleName); } }); } @@ -225,7 +225,7 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService { public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException { String roleName = getRolePrefix() + rs.getString(3); - return new GrantedAuthorityImpl(roleName); + return new SimpleGrantedAuthority(roleName); } }); } diff --git a/core/src/main/java/org/springframework/security/core/userdetails/memory/UserAttribute.java b/core/src/main/java/org/springframework/security/core/userdetails/memory/UserAttribute.java index 3f67100e0f..88e75690d5 100644 --- a/core/src/main/java/org/springframework/security/core/userdetails/memory/UserAttribute.java +++ b/core/src/main/java/org/springframework/security/core/userdetails/memory/UserAttribute.java @@ -20,7 +20,7 @@ import java.util.List; import java.util.Vector; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; /** @@ -65,7 +65,7 @@ public class UserAttribute { public void setAuthoritiesAsString(List authoritiesAsStrings) { setAuthorities(new ArrayList(authoritiesAsStrings.size())); for(String authority : authoritiesAsStrings) { - addAuthority(new GrantedAuthorityImpl(authority)); + addAuthority(new SimpleGrantedAuthority(authority)); } } diff --git a/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java b/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java index a49996c9a5..25d3cae70d 100644 --- a/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java +++ b/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java @@ -7,7 +7,7 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.UserCache; import org.springframework.security.core.userdetails.UserDetails; @@ -334,7 +334,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException { String roleName = getRolePrefix() + rs.getString(3); - return new GrantedAuthorityImpl(roleName); + return new SimpleGrantedAuthority(roleName); } }); } diff --git a/core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java index 1acb758c89..903d863634 100644 --- a/core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java +++ b/core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java @@ -15,39 +15,32 @@ package org.springframework.security.access.intercept; -import junit.framework.TestCase; +import static org.junit.Assert.*; - -import org.springframework.security.access.intercept.RunAsImplAuthenticationProvider; -import org.springframework.security.access.intercept.RunAsUserToken; +import org.junit.*; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; -import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.GrantedAuthorityImpl; /** * Tests {@link RunAsImplAuthenticationProvider}. */ -public class RunAsImplAuthenticationProviderTests extends TestCase { +public class RunAsImplAuthenticationProviderTests { + @Test(expected = BadCredentialsException.class) public void testAuthenticationFailDueToWrongKey() { RunAsUserToken token = new RunAsUserToken("wrong_key", "Test", "Password", AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class); RunAsImplAuthenticationProvider provider = new RunAsImplAuthenticationProvider(); provider.setKey("hello_world"); - try { - provider.authenticate(token); - fail("Should have thrown BadCredentialsException"); - } catch (BadCredentialsException expected) { - assertTrue(true); - } + provider.authenticate(token); } + @Test public void testAuthenticationSuccess() { RunAsUserToken token = new RunAsUserToken("my_password", "Test", "Password", AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class); @@ -56,33 +49,28 @@ public class RunAsImplAuthenticationProviderTests extends TestCase { Authentication result = provider.authenticate(token); - if (!(result instanceof RunAsUserToken)) { - fail("Should have returned RunAsUserToken"); - } + Assert.assertTrue("Should have returned RunAsUserToken", result instanceof RunAsUserToken); RunAsUserToken resultCast = (RunAsUserToken) result; assertEquals("my_password".hashCode(), resultCast.getKeyHash()); } + @Test(expected = IllegalArgumentException.class) public void testStartupFailsIfNoKey() throws Exception { RunAsImplAuthenticationProvider provider = new RunAsImplAuthenticationProvider(); - try { - provider.afterPropertiesSet(); - fail("Should have thrown IllegalArgumentException"); - } catch (IllegalArgumentException expected) { - assertTrue(true); - } + provider.afterPropertiesSet(); } + @Test public void testStartupSuccess() throws Exception { RunAsImplAuthenticationProvider provider = new RunAsImplAuthenticationProvider(); provider.setKey("hello_world"); assertEquals("hello_world", provider.getKey()); provider.afterPropertiesSet(); - assertTrue(true); } + @Test public void testSupports() { RunAsImplAuthenticationProvider provider = new RunAsImplAuthenticationProvider(); assertTrue(provider.supports(RunAsUserToken.class)); diff --git a/core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java b/core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java index 302b0df264..7c1a89e377 100644 --- a/core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java +++ b/core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java @@ -17,19 +17,14 @@ package org.springframework.security.access.vote; import static org.junit.Assert.*; -import java.util.List; -import java.util.Vector; - -import org.junit.Test; +import org.junit.*; import org.springframework.security.access.AccessDecisionVoter; import org.springframework.security.access.AccessDeniedException; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.SecurityConfig; -import org.springframework.security.access.vote.ConsensusBased; -import org.springframework.security.access.vote.RoleVoter; import org.springframework.security.authentication.TestingAuthenticationToken; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; + +import java.util.*; /** diff --git a/core/src/test/java/org/springframework/security/authentication/AbstractAuthenticationTokenTests.java b/core/src/test/java/org/springframework/security/authentication/AbstractAuthenticationTokenTests.java index 23a579e0de..36ad983113 100644 --- a/core/src/test/java/org/springframework/security/authentication/AbstractAuthenticationTokenTests.java +++ b/core/src/test/java/org/springframework/security/authentication/AbstractAuthenticationTokenTests.java @@ -17,13 +17,12 @@ package org.springframework.security.authentication; import static org.junit.Assert.*; -import java.util.List; - -import org.junit.Before; -import org.junit.Test; +import org.junit.*; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; + +import java.util.*; /** @@ -49,7 +48,7 @@ public class AbstractAuthenticationTokenTests { List gotAuthorities = (List) token.getAuthorities(); assertNotSame(authorities, gotAuthorities); - gotAuthorities.set(0, new GrantedAuthorityImpl("ROLE_SUPER_USER")); + gotAuthorities.set(0, new SimpleGrantedAuthority("ROLE_SUPER_USER")); } @Test diff --git a/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationProviderTests.java index 7b51c87889..2bcad8d377 100644 --- a/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationProviderTests.java +++ b/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationProviderTests.java @@ -15,17 +15,15 @@ package org.springframework.security.authentication.anonymous; -import junit.framework.TestCase; - +import static org.junit.Assert.*; +import org.junit.*; import org.springframework.security.authentication.AnonymousAuthenticationProvider; import org.springframework.security.authentication.AnonymousAuthenticationToken; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; -import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.GrantedAuthorityImpl; /** @@ -33,10 +31,11 @@ import org.springframework.security.core.authority.GrantedAuthorityImpl; * * @author Ben Alex */ -public class AnonymousAuthenticationProviderTests extends TestCase { +public class AnonymousAuthenticationProviderTests { //~ Methods ======================================================================================================== + @Test public void testDetectsAnInvalidKey() throws Exception { AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider(); aap.setKey("qwerty"); @@ -51,6 +50,7 @@ public class AnonymousAuthenticationProviderTests extends TestCase { } } + @Test public void testDetectsMissingKey() throws Exception { AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider(); @@ -62,6 +62,7 @@ public class AnonymousAuthenticationProviderTests extends TestCase { } } + @Test public void testGettersSetters() throws Exception { AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider(); aap.setKey("qwerty"); @@ -69,6 +70,7 @@ public class AnonymousAuthenticationProviderTests extends TestCase { assertEquals("qwerty", aap.getKey()); } + @Test public void testIgnoresClassesItDoesNotSupport() throws Exception { AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider(); aap.setKey("qwerty"); @@ -80,6 +82,7 @@ public class AnonymousAuthenticationProviderTests extends TestCase { assertNull(aap.authenticate(token)); } + @Test public void testNormalOperation() throws Exception { AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider(); aap.setKey("qwerty"); @@ -92,6 +95,7 @@ public class AnonymousAuthenticationProviderTests extends TestCase { assertEquals(result, token); } + @Test public void testSupports() { AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider(); assertTrue(aap.supports(AnonymousAuthenticationToken.class)); diff --git a/core/src/test/java/org/springframework/security/authentication/jaas/JaasAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/authentication/jaas/JaasAuthenticationProviderTests.java index 57ea87a75b..3f832b6785 100644 --- a/core/src/test/java/org/springframework/security/authentication/jaas/JaasAuthenticationProviderTests.java +++ b/core/src/test/java/org/springframework/security/authentication/jaas/JaasAuthenticationProviderTests.java @@ -23,8 +23,7 @@ import java.io.FileOutputStream; import java.io.PrintWriter; import java.net.URL; import java.security.Security; -import java.util.Collection; -import java.util.List; +import java.util.*; import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; @@ -41,7 +40,7 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextImpl; import org.springframework.security.core.session.SessionDestroyedEvent; @@ -193,11 +192,12 @@ public class JaasAuthenticationProviderTests { assertNotNull(jaasProvider.getLoginContextName()); Collection list = auth.getAuthorities(); + Set set = AuthorityUtils.authorityListToSet(list); - assertTrue("GrantedAuthorities should contain ROLE_TEST1", list.contains(new GrantedAuthorityImpl("ROLE_TEST1"))); - assertTrue("GrantedAuthorities should contain ROLE_TEST2", list.contains(new GrantedAuthorityImpl("ROLE_TEST2"))); - assertTrue("GrantedAuthorities should contain ROLE_1", list.contains(defaultAuths.get(0))); - assertTrue("GrantedAuthorities should contain ROLE_2", list.contains(defaultAuths.get(1))); + assertTrue("GrantedAuthorities should contain ROLE_1", set.contains("ROLE_ONE")); + assertTrue("GrantedAuthorities should contain ROLE_2", set.contains("ROLE_TWO")); + assertTrue("GrantedAuthorities should contain ROLE_TEST1", set.contains("ROLE_TEST1")); + assertTrue("GrantedAuthorities should contain ROLE_TEST2", set.contains("ROLE_TEST2")); boolean foundit = false; @@ -213,7 +213,6 @@ public class JaasAuthenticationProviderTests { assertNotNull("Success event should be fired", eventCheck.successEvent); assertEquals("Auth objects should be equal", auth, eventCheck.successEvent.getAuthentication()); - assertNull("Failure event should not be fired", eventCheck.failedEvent); } diff --git a/core/src/test/java/org/springframework/security/core/authority/GrantedAuthorityImplTests.java b/core/src/test/java/org/springframework/security/core/authority/GrantedAuthorityImplTests.java deleted file mode 100644 index a3d881c914..0000000000 --- a/core/src/test/java/org/springframework/security/core/authority/GrantedAuthorityImplTests.java +++ /dev/null @@ -1,77 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.core.authority; - -import static org.junit.Assert.*; - -import org.junit.Test; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; - - -/** - * Tests {@link GrantedAuthorityImpl}. - * - * @author Ben Alex - */ -public class GrantedAuthorityImplTests { - - @Test - public void equalsBehavesAsExpected() throws Exception { - GrantedAuthorityImpl auth1 = new GrantedAuthorityImpl("TEST"); - GrantedAuthorityImpl auth2 = new GrantedAuthorityImpl("TEST"); - assertEquals(auth1, auth2); - - String authString1 = "TEST"; - assertEquals(auth1, authString1); - - String authString2 = "NOT_EQUAL"; - assertTrue(!auth1.equals(authString2)); - - GrantedAuthorityImpl auth3 = new GrantedAuthorityImpl("NOT_EQUAL"); - assertTrue(!auth1.equals(auth3)); - - MockGrantedAuthority mock1 = new MockGrantedAuthority("TEST"); - assertEquals(auth1, mock1); - - MockGrantedAuthority mock2 = new MockGrantedAuthority("NOT_EQUAL"); - assertTrue(!auth1.equals(mock2)); - - Integer int1 = Integer.valueOf(222); - assertTrue(!auth1.equals(int1)); - } - - @Test - public void toStringReturnsAuthorityValue() { - GrantedAuthorityImpl auth = new GrantedAuthorityImpl("TEST"); - assertEquals("TEST", auth.toString()); - } - - - //~ Inner Classes ================================================================================================== - - private class MockGrantedAuthority implements GrantedAuthority { - private String role; - - public MockGrantedAuthority(String role) { - this.role = role; - } - - public String getAuthority() { - return this.role; - } - } -} diff --git a/core/src/test/java/org/springframework/security/core/authority/SimpleGrantedAuthorityTests.java b/core/src/test/java/org/springframework/security/core/authority/SimpleGrantedAuthorityTests.java new file mode 100644 index 0000000000..a96360ae34 --- /dev/null +++ b/core/src/test/java/org/springframework/security/core/authority/SimpleGrantedAuthorityTests.java @@ -0,0 +1,54 @@ +/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.springframework.security.core.authority; + +import static org.junit.Assert.*; +import static org.mockito.Mockito.*; + +import org.junit.*; +import org.springframework.security.core.GrantedAuthority; + + +/** + * Tests {@link SimpleGrantedAuthority}. + * + * @author Ben Alex + */ +public class SimpleGrantedAuthorityTests { + + @Test + public void equalsBehavesAsExpected() throws Exception { + SimpleGrantedAuthority auth1 = new SimpleGrantedAuthority("TEST"); + assertEquals(auth1, auth1); + assertEquals(auth1, new SimpleGrantedAuthority("TEST")); + + assertFalse(auth1.equals("TEST")); + + SimpleGrantedAuthority auth3 = new SimpleGrantedAuthority("NOT_EQUAL"); + assertTrue(!auth1.equals(auth3)); + + assertFalse(auth1.equals(mock(GrantedAuthority.class))); + + assertFalse(auth1.equals(Integer.valueOf(222))); + } + + @Test + public void toStringReturnsAuthorityValue() { + SimpleGrantedAuthority auth = new SimpleGrantedAuthority("TEST"); + assertEquals("TEST", auth.toString()); + } + +} diff --git a/core/src/test/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapperTest.java b/core/src/test/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapperTest.java index e01a1ec636..450a638106 100755 --- a/core/src/test/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapperTest.java +++ b/core/src/test/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapperTest.java @@ -4,7 +4,7 @@ import static org.junit.Assert.assertTrue; import org.junit.Test; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import java.util.*; @@ -157,11 +157,11 @@ public class MapBasedAttributes2GrantedAuthoritiesMapperTest { private HashMap getValidAttributes2GrantedAuthoritiesMap() { HashMap m = new HashMap(); m.put("role1","ga1"); - m.put("role2",new GrantedAuthorityImpl("ga2")); - m.put("role3",Arrays.asList("ga3",new GrantedAuthorityImpl("ga4"))); + m.put("role2",new SimpleGrantedAuthority("ga2")); + m.put("role3",Arrays.asList("ga3",new SimpleGrantedAuthority("ga4"))); m.put("role4","ga5,ga6"); - m.put("role5",Arrays.asList("ga7","ga8",new Object[]{new GrantedAuthorityImpl("ga9")})); - m.put("role6",new Object[]{"ga10","ga11",new Object[]{new GrantedAuthorityImpl("ga12")}}); + m.put("role5",Arrays.asList("ga7","ga8",new Object[]{new SimpleGrantedAuthority("ga9")})); + m.put("role6",new Object[]{"ga10","ga11",new Object[]{new SimpleGrantedAuthority("ga12")}}); m.put("role7",new String[]{"ga13","ga14"}); m.put("role8",new String[]{"ga13","ga14",null}); m.put("role9",null); diff --git a/core/src/test/java/org/springframework/security/core/userdetails/UserTests.java b/core/src/test/java/org/springframework/security/core/userdetails/UserTests.java index 5c3165e342..13151544c3 100644 --- a/core/src/test/java/org/springframework/security/core/userdetails/UserTests.java +++ b/core/src/test/java/org/springframework/security/core/userdetails/UserTests.java @@ -26,7 +26,7 @@ import java.util.Set; import org.junit.Test; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; /** @@ -98,7 +98,7 @@ public class UserTests { try { List auths = AuthorityUtils.createAuthorityList("ROLE_ONE"); auths.add(null); - auths.add(new GrantedAuthorityImpl("ROLE_THREE")); + auths.add(new SimpleGrantedAuthority("ROLE_THREE")); new User(null, "koala", true, true, true, true, auths); fail("Should have thrown IllegalArgumentException"); } catch (IllegalArgumentException expected) { diff --git a/core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java b/core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java index 58e980e486..4f51c477a3 100644 --- a/core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java +++ b/core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java @@ -23,7 +23,7 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserCache; @@ -268,7 +268,7 @@ public class JdbcUserDetailsManagerTests { @Test public void addGroupAuthorityInsertsCorrectGroupAuthorityRow() throws Exception { - GrantedAuthority auth = new GrantedAuthorityImpl("ROLE_X"); + GrantedAuthority auth = new SimpleGrantedAuthority("ROLE_X"); manager.addGroupAuthority("GROUP_0", auth); template.queryForObject("select authority from group_authorities where authority = 'ROLE_X' and group_id = 0", String.class); @@ -276,7 +276,7 @@ public class JdbcUserDetailsManagerTests { @Test public void deleteGroupAuthorityRemovesCorrectRows() throws Exception { - GrantedAuthority auth = new GrantedAuthorityImpl("ROLE_A"); + GrantedAuthority auth = new SimpleGrantedAuthority("ROLE_A"); manager.removeGroupAuthority("GROUP_0", auth); assertEquals(0, template.queryForList("select authority from group_authorities where group_id = 0").size()); diff --git a/docs/manual/src/docbook/technical-overview.xml b/docs/manual/src/docbook/technical-overview.xml index dd83e67f56..5437be7e4f 100644 --- a/docs/manual/src/docbook/technical-overview.xml +++ b/docs/manual/src/docbook/technical-overview.xml @@ -246,7 +246,7 @@ if (principal instanceof UserDetails) { look at some code as an example. import org.springframework.security.authentication.*; import org.springframework.security.core.*; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; public class AuthenticationExample { @@ -278,7 +278,7 @@ class SampleAuthenticationManager implements AuthenticationManager { static final List<GrantedAuthority> AUTHORITIES = new ArrayList<GrantedAuthority>(); static { - AUTHORITIES.add(new GrantedAuthorityImpl("ROLE_USER")); + AUTHORITIES.add(new SimpleGrantedAuthority("ROLE_USER")); } public Authentication authenticate(Authentication auth) throws AuthenticationException { diff --git a/itest/context/src/test/java/org/springframework/security/performance/FilterChainPerformanceTests.java b/itest/context/src/test/java/org/springframework/security/performance/FilterChainPerformanceTests.java index 3d9a4f6fcf..a43c6255eb 100644 --- a/itest/context/src/test/java/org/springframework/security/performance/FilterChainPerformanceTests.java +++ b/itest/context/src/test/java/org/springframework/security/performance/FilterChainPerformanceTests.java @@ -1,14 +1,6 @@ package org.springframework.security.performance; -import java.util.Arrays; -import java.util.List; - -import javax.servlet.http.HttpSession; - -import org.junit.After; -import org.junit.AfterClass; -import org.junit.Before; -import org.junit.Test; +import org.junit.*; import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; @@ -18,7 +10,7 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.mock.web.MockHttpSession; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.FilterChainProxy; import org.springframework.security.web.context.HttpSessionSecurityContextRepository; @@ -26,6 +18,9 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.util.StopWatch; +import javax.servlet.http.HttpSession; +import java.util.*; + /** * * @author Luke Taylor @@ -122,7 +117,7 @@ public class FilterChainPerformanceTests { GrantedAuthority[] roles = new GrantedAuthority[howMany]; for (int i = howMany - 1; i >=0 ; i--) { - roles[i] = new GrantedAuthorityImpl("ROLE_" + i); + roles[i] = new SimpleGrantedAuthority("ROLE_" + i); } return Arrays.asList(roles); diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java index 19ab6d0701..a4f7a7e1d9 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java @@ -16,7 +16,7 @@ package org.springframework.security.ldap.userdetails; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.ldap.SpringSecurityLdapTemplate; import org.springframework.ldap.core.ContextSource; import org.springframework.ldap.core.DirContextOperations; @@ -222,7 +222,7 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator role = role.toUpperCase(); } - authorities.add(new GrantedAuthorityImpl(rolePrefix + role)); + authorities.add(new SimpleGrantedAuthority(rolePrefix + role)); } return authorities; @@ -261,7 +261,7 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator */ public void setDefaultRole(String defaultRole) { Assert.notNull(defaultRole, "The defaultRole property cannot be set to null"); - this.defaultRole = new GrantedAuthorityImpl(defaultRole); + this.defaultRole = new SimpleGrantedAuthority(defaultRole); } public void setGroupRoleAttribute(String groupRoleAttribute) { diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java index 13900ba100..68351eb188 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java @@ -46,7 +46,7 @@ import org.springframework.ldap.core.SearchExecutor; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UsernameNotFoundException; @@ -112,7 +112,7 @@ public class LdapUserDetailsManager implements UserDetailsManager { Object group = ne.next(); String role = group.toString(); - return new GrantedAuthorityImpl(rolePrefix + role.toUpperCase()); + return new SimpleGrantedAuthority(rolePrefix + role.toUpperCase()); } }; diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java index f1c6f6486e..963c9fa708 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java @@ -22,7 +22,7 @@ import org.apache.commons.logging.LogFactory; import org.springframework.ldap.core.DirContextAdapter; import org.springframework.ldap.core.DirContextOperations; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.ldap.ppolicy.PasswordPolicyControl; import org.springframework.security.ldap.ppolicy.PasswordPolicyResponseControl; @@ -138,7 +138,7 @@ public class LdapUserDetailsMapper implements UserDetailsContextMapper { if (convertToUpperCase) { role = ((String) role).toUpperCase(); } - return new GrantedAuthorityImpl(rolePrefix + role); + return new SimpleGrantedAuthority(rolePrefix + role); } return null; } diff --git a/samples/contacts/src/main/resources/applicationContext-common-authorization.xml b/samples/contacts/src/main/resources/applicationContext-common-authorization.xml index 05a099eb96..355e611c6b 100644 --- a/samples/contacts/src/main/resources/applicationContext-common-authorization.xml +++ b/samples/contacts/src/main/resources/applicationContext-common-authorization.xml @@ -30,7 +30,7 @@ - + diff --git a/samples/dms/src/main/resources/applicationContext-dms-secure.xml b/samples/dms/src/main/resources/applicationContext-dms-secure.xml index aa00d294ad..28703bfe0e 100755 --- a/samples/dms/src/main/resources/applicationContext-dms-secure.xml +++ b/samples/dms/src/main/resources/applicationContext-dms-secure.xml @@ -163,13 +163,13 @@ - + - + - + diff --git a/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagAttributeTests.java b/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagAttributeTests.java index 2e53ca72aa..19fc4b02df 100644 --- a/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagAttributeTests.java +++ b/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagAttributeTests.java @@ -15,44 +15,38 @@ package org.springframework.security.taglibs.authz; -import junit.framework.TestCase; +import static org.junit.Assert.assertEquals; +import org.junit.*; import org.springframework.security.authentication.TestingAuthenticationToken; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; import org.springframework.security.core.context.SecurityContextHolder; - import javax.servlet.jsp.JspException; import javax.servlet.jsp.tagext.Tag; /** - * DOCUMENT ME! - * * @author Francois Beausoleil */ -public class AuthorizeTagAttributeTests extends TestCase { +public class AuthorizeTagAttributeTests { //~ Instance fields ================================================================================================ private final JspAuthorizeTag authorizeTag = new JspAuthorizeTag(); - private TestingAuthenticationToken currentUser; //~ Methods ======================================================================================================== - protected void setUp() throws Exception { - super.setUp(); - - currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR","ROLE_RESTRICTED"); - - SecurityContextHolder.getContext().setAuthentication(currentUser); + @Before + public void setUp() throws Exception { + SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR", "ROLE_RESTRICTED")); } - protected void tearDown() throws Exception { + @After + public void tearDown() throws Exception { SecurityContextHolder.clearContext(); } + @Test public void testAssertsIfAllGrantedSecond() throws JspException { authorizeTag.setIfAllGranted("ROLE_SUPERVISOR,ROLE_SUPERTELLER"); authorizeTag.setIfAnyGranted("ROLE_RESTRICTED"); @@ -60,11 +54,13 @@ public class AuthorizeTagAttributeTests extends TestCase { authorizeTag.doStartTag()); } + @Test public void testAssertsIfAnyGrantedLast() throws JspException { authorizeTag.setIfAnyGranted("ROLE_BANKER"); assertEquals("prevents request - principal is missing ROLE_BANKER", Tag.SKIP_BODY, authorizeTag.doStartTag()); } + @Test public void testAssertsIfNotGrantedFirst() throws JspException { authorizeTag.setIfNotGranted("ROLE_RESTRICTED"); authorizeTag.setIfAllGranted("ROLE_SUPERVISOR,ROLE_RESTRICTED"); @@ -72,21 +68,22 @@ public class AuthorizeTagAttributeTests extends TestCase { assertEquals("prevents request - principal has ROLE_RESTRICTED", Tag.SKIP_BODY, authorizeTag.doStartTag()); } + @Test public void testAssertsIfNotGrantedIgnoresWhitespaceInAttribute() throws JspException { authorizeTag.setIfAnyGranted("\tROLE_SUPERVISOR \t, \r\n\t ROLE_TELLER "); assertEquals("allows request - principal has ROLE_SUPERVISOR", Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag()); } - public void testIfAllGrantedIgnoresWhitespaceInAttribute() - throws JspException { + @Test + public void testIfAllGrantedIgnoresWhitespaceInAttribute() throws JspException { authorizeTag.setIfAllGranted("\nROLE_SUPERVISOR\t,ROLE_RESTRICTED\t\n\r "); assertEquals("allows request - principal has ROLE_RESTRICTED " + "and ROLE_SUPERVISOR", Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag()); } - public void testIfNotGrantedIgnoresWhitespaceInAttribute() - throws JspException { + @Test + public void testIfNotGrantedIgnoresWhitespaceInAttribute() throws JspException { authorizeTag.setIfNotGranted(" \t ROLE_TELLER \r"); assertEquals("allows request - principal does not have ROLE_TELLER", Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag()); diff --git a/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagExpressionLanguageTests.java b/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagExpressionLanguageTests.java index 7c66a72a11..e426412e31 100644 --- a/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagExpressionLanguageTests.java +++ b/taglibs/src/test/java/org/springframework/security/taglibs/authz/AuthorizeTagExpressionLanguageTests.java @@ -15,17 +15,15 @@ package org.springframework.security.taglibs.authz; -import javax.servlet.jsp.JspException; -import javax.servlet.jsp.el.VariableResolver; -import javax.servlet.jsp.tagext.Tag; - import junit.framework.TestCase; import org.springframework.mock.web.MockPageContext; import org.springframework.security.authentication.TestingAuthenticationToken; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; import org.springframework.security.core.context.SecurityContextHolder; +import javax.servlet.jsp.JspException; +import javax.servlet.jsp.el.VariableResolver; +import javax.servlet.jsp.tagext.Tag; + /** * Test case to implement commons-el expression language expansion. @@ -35,7 +33,6 @@ public class AuthorizeTagExpressionLanguageTests extends TestCase { private final JspAuthorizeTag authorizeTag = new JspAuthorizeTag(); private MockPageContext pageContext; - private TestingAuthenticationToken currentUser; //~ Methods ======================================================================================================== @@ -46,10 +43,7 @@ public class AuthorizeTagExpressionLanguageTests extends TestCase { } }; authorizeTag.setPageContext(pageContext); - - currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_TELLER"); - - SecurityContextHolder.getContext().setAuthentication(currentUser); + SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("abc", "123", "ROLE_TELLER")); } protected void tearDown() throws Exception { diff --git a/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAttributeTest.java b/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAttributeTest.java index 54f666cd2b..97a42e3f63 100644 --- a/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAttributeTest.java +++ b/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAttributeTest.java @@ -16,20 +16,12 @@ package org.springframework.security.taglibs.velocity; import junit.framework.TestCase; - - import org.springframework.security.authentication.TestingAuthenticationToken; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; import org.springframework.security.core.context.SecurityContextHolder; - import javax.servlet.jsp.JspException; -/** - * DOCUMENT ME! - */ public class AuthzImplAttributeTest extends TestCase { //~ Instance fields ================================================================================================ @@ -39,11 +31,8 @@ public class AuthzImplAttributeTest extends TestCase { //~ Methods ======================================================================================================== protected void setUp() throws Exception { - super.setUp(); - - currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR","ROLE_RESTRICTED"); - - SecurityContextHolder.getContext().setAuthentication(currentUser); + SecurityContextHolder.getContext().setAuthentication( + new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR","ROLE_RESTRICTED")); } protected void tearDown() throws Exception { diff --git a/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAuthorizeTagTest.java b/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAuthorizeTagTest.java index 29021f9741..760b8a8495 100644 --- a/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAuthorizeTagTest.java +++ b/taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAuthorizeTagTest.java @@ -16,30 +16,19 @@ package org.springframework.security.taglibs.velocity; import junit.framework.TestCase; - - import org.springframework.security.authentication.TestingAuthenticationToken; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; import org.springframework.security.core.context.SecurityContextHolder; - - -/** - * DOCUMENT ME! - */ public class AuthzImplAuthorizeTagTest extends TestCase { //~ Instance fields ================================================================================================ private Authz authz = new AuthzImpl(); - private TestingAuthenticationToken currentUser; //~ Methods ======================================================================================================== protected void setUp() throws Exception { - currentUser = new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR", "ROLE_TELLER"); - - SecurityContextHolder.getContext().setAuthentication(currentUser); + SecurityContextHolder.getContext().setAuthentication( + new TestingAuthenticationToken("abc", "123", "ROLE_SUPERVISOR", "ROLE_TELLER")); } protected void tearDown() throws Exception { diff --git a/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserGrantedAuthority.java b/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserGrantedAuthority.java index fc75161e54..2a08cf926b 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserGrantedAuthority.java +++ b/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserGrantedAuthority.java @@ -16,27 +16,28 @@ package org.springframework.security.web.authentication.switchuser; import org.springframework.security.core.Authentication; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.GrantedAuthority; /** - * Custom GrantedAuthority used by {@link org.springframework.security.web.authentication.switchuser.SwitchUserFilter}

Stores - * the Authentication object of the original user to be used later when 'exiting' from a user switch.

+ * Custom {@code GrantedAuthority} used by + * {@link org.springframework.security.web.authentication.switchuser.SwitchUserFilter} + *

+ * Stores the {@code Authentication} object of the original user to be used later when 'exiting' from a user switch. * * @author Mark St.Godard * * @see org.springframework.security.web.authentication.switchuser.SwitchUserFilter */ -public class SwitchUserGrantedAuthority extends GrantedAuthorityImpl { +public final class SwitchUserGrantedAuthority implements GrantedAuthority { //~ Instance fields ================================================================================================ - - private static final long serialVersionUID = 1L; + private final String role; private final Authentication source; //~ Constructors =================================================================================================== public SwitchUserGrantedAuthority(String role, Authentication source) { - super(role); + this.role = role; this.source = source; } @@ -50,4 +51,29 @@ public class SwitchUserGrantedAuthority extends GrantedAuthorityImpl { public Authentication getSource() { return source; } + + public String getAuthority() { + return role; + } + + public int hashCode() { + return 31 ^ source.hashCode() ^ role.hashCode(); + } + + public boolean equals(Object obj) { + if (this == obj) { + return true; + } + + if (obj instanceof SwitchUserGrantedAuthority) { + SwitchUserGrantedAuthority swa = (SwitchUserGrantedAuthority) obj; + return this.role.equals(swa.role) && this.source.equals(swa.source); + } + + return false; + } + + public String toString() { + return "Switch User Authority [" + role + "," + source + "]" ; + } } diff --git a/web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java index 471763d75f..4575852e42 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java @@ -16,30 +16,26 @@ package org.springframework.security.web.authentication; import static org.junit.Assert.*; -import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.*; -import java.io.IOException; - -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; - -import org.junit.After; -import org.junit.Before; -import org.junit.Test; +import org.junit.*; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; -import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.memory.UserAttribute; +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import java.io.IOException; + /** * Tests {@link AnonymousAuthenticationFilter}. @@ -65,7 +61,7 @@ public class AnonymousAuthenticationFilterTests { public void testDetectsMissingKey() throws Exception { UserAttribute user = new UserAttribute(); user.setPassword("anonymousUsername"); - user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS")); + user.addAuthority(new SimpleGrantedAuthority("ROLE_ANONYMOUS")); AnonymousAuthenticationFilter filter = new AnonymousAuthenticationFilter(); filter.setUserAttribute(user); @@ -83,7 +79,7 @@ public class AnonymousAuthenticationFilterTests { public void testGettersSetters() throws Exception { UserAttribute user = new UserAttribute(); user.setPassword("anonymousUsername"); - user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS")); + user.addAuthority(new SimpleGrantedAuthority("ROLE_ANONYMOUS")); AnonymousAuthenticationFilter filter = new AnonymousAuthenticationFilter(); filter.setKey("qwerty"); @@ -104,7 +100,7 @@ public class AnonymousAuthenticationFilterTests { // Setup our filter correctly UserAttribute user = new UserAttribute(); user.setPassword("anonymousUsername"); - user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS")); + user.addAuthority(new SimpleGrantedAuthority("ROLE_ANONYMOUS")); AnonymousAuthenticationFilter filter = new AnonymousAuthenticationFilter(); filter.setKey("qwerty"); @@ -125,7 +121,7 @@ public class AnonymousAuthenticationFilterTests { public void testOperationWhenNoAuthenticationInSecurityContextHolder() throws Exception { UserAttribute user = new UserAttribute(); user.setPassword("anonymousUsername"); - user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS")); + user.addAuthority(new SimpleGrantedAuthority("ROLE_ANONYMOUS")); AnonymousAuthenticationFilter filter = new AnonymousAuthenticationFilter(); filter.setKey("qwerty"); diff --git a/web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilterTests.java index 958c25f892..dc6dc4576a 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilterTests.java @@ -18,15 +18,7 @@ package org.springframework.security.web.authentication.switchuser; import static org.junit.Assert.*; import static org.mockito.Mockito.*; -import java.util.ArrayList; -import java.util.Collection; -import java.util.List; - -import javax.servlet.FilterChain; - -import org.junit.After; -import org.junit.Before; -import org.junit.Test; +import org.junit.*; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.authentication.AccountExpiredException; @@ -37,7 +29,7 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; @@ -46,9 +38,9 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.util.FieldUtils; import org.springframework.security.web.DefaultRedirectStrategy; import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler; -import org.springframework.security.web.authentication.switchuser.SwitchUserAuthorityChanger; -import org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority; -import org.springframework.security.web.authentication.switchuser.SwitchUserFilter; + +import javax.servlet.FilterChain; +import java.util.*; /** @@ -370,7 +362,7 @@ public class SwitchUserFilterTests { filter.setSwitchUserAuthorityChanger(new SwitchUserAuthorityChanger() { public Collection modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, Collection authoritiesToBeGranted) { List auths = new ArrayList(); - auths.add(new GrantedAuthorityImpl("ROLE_NEW")); + auths.add(new SimpleGrantedAuthority("ROLE_NEW")); return auths; } });