GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

SEC-1882: Velocity AuthzImpl now works with Spring 3.0.6+

3.0.x
Rob Winch 13 years ago
parent
70d5ba536e
commit
aa489f7ff6
3 changed files with 159 additions and 9 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 151
      taglibs/src/main/java/org/springframework/security/taglibs/velocity/AuthzImpl.java
  2. 1
      taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAttributeTests.java
  3. 16
      taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAuthorizeTagTests.java

151
taglibs/src/main/java/org/springframework/security/taglibs/velocity/AuthzImpl.java
Unescape View File

@ -15,12 +15,30 @@ @@ -15,12 +15,30 @@
package org.springframework.security.taglibs.velocity;
import java.io.IOException;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.util.Enumeration;
import javax.servlet.Servlet;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpSession;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.JspWriter;
import javax.servlet.jsp.PageContext;
import javax.servlet.jsp.el.ExpressionEvaluator;
import javax.servlet.jsp.el.VariableResolver;
import javax.servlet.jsp.tagext.Tag;
import org.springframework.context.ApplicationContext;
import org.springframework.security.taglibs.authz.AuthenticationTag;
import org.springframework.security.taglibs.authz.LegacyAuthorizeTag;
import org.springframework.util.Assert;
/**
@ -31,6 +49,9 @@ import org.springframework.security.taglibs.authz.LegacyAuthorizeTag; @@ -31,6 +49,9 @@ import org.springframework.security.taglibs.authz.LegacyAuthorizeTag;
public class AuthzImpl implements Authz {
//~ Static fields/initializers =====================================================================================
private static final ServletContext SPEL_DISABLED_SERVLET_CONTEXT = (ServletContext) Proxy.newProxyInstance(AuthzImpl.class.getClassLoader(), new Class[] {ServletContext.class}, new DisabledSpringJspExpressionSupportActiveServletContext());
private static final PageContext SPEL_DISABLED_PAGE_CONTEXT = new PageContextAdapter(SPEL_DISABLED_SERVLET_CONTEXT);
static final int ALL_GRANTED = 1;
static final int ANY_GRANTED = 2;
static final int NONE_GRANTED = 3;
@ -76,6 +97,7 @@ public class AuthzImpl implements Authz { @@ -76,6 +97,7 @@ public class AuthzImpl implements Authz {
*/
private boolean ifGranted(String roles, int grantType) {
LegacyAuthorizeTag authorizeTag = new LegacyAuthorizeTag();
authorizeTag.setPageContext(getPageContext());
int result = -1;
@ -123,6 +145,10 @@ public class AuthzImpl implements Authz { @@ -123,6 +145,10 @@ public class AuthzImpl implements Authz {
this.appCtx = appCtx;
}
private PageContext getPageContext() {
return SPEL_DISABLED_PAGE_CONTEXT;
}
//~ Inner Classes ==================================================================================================
/**
@ -141,4 +167,129 @@ public class AuthzImpl implements Authz { @@ -141,4 +167,129 @@ public class AuthzImpl implements Authz {
lastMessage = msg;
}
}
private static final class DisabledSpringJspExpressionSupportActiveServletContext implements InvocationHandler {
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
if("getInitParameter".equals(method.getName())) {
return Boolean.FALSE.toString();
}
return null;
}
}
private static final class PageContextAdapter extends PageContext {
private final ServletContext servletContext;
public PageContextAdapter(ServletContext servletContext) {
Assert.notNull(servletContext, "servletContext cannot be null");
this.servletContext = servletContext;
}
public void setAttribute(String arg0, Object arg1, int arg2) {
throw new UnsupportedOperationException();
}
public void setAttribute(String arg0, Object arg1) {
throw new UnsupportedOperationException();
}
public void removeAttribute(String arg0, int arg1) {
throw new UnsupportedOperationException();
}
public void removeAttribute(String arg0) {
throw new UnsupportedOperationException();
}
public VariableResolver getVariableResolver() {
throw new UnsupportedOperationException();
}
public JspWriter getOut() {
throw new UnsupportedOperationException();
}
public ExpressionEvaluator getExpressionEvaluator() {
throw new UnsupportedOperationException();
}
public int getAttributesScope(String arg0) {
throw new UnsupportedOperationException();
}
@SuppressWarnings("rawtypes")
public Enumeration getAttributeNamesInScope(int arg0) {
throw new UnsupportedOperationException();
}
public Object getAttribute(String arg0, int arg1) {
throw new UnsupportedOperationException();
}
public Object getAttribute(String arg0) {
throw new UnsupportedOperationException();
}
public Object findAttribute(String arg0) {
throw new UnsupportedOperationException();
}
public void release() {
throw new UnsupportedOperationException();
}
public void initialize(Servlet arg0, ServletRequest arg1, ServletResponse arg2, String arg3, boolean arg4,
int arg5, boolean arg6) throws IOException, IllegalStateException, IllegalArgumentException {
throw new UnsupportedOperationException();
}
public void include(String arg0, boolean arg1) throws ServletException, IOException {
throw new UnsupportedOperationException();
}
public void include(String arg0) throws ServletException, IOException {
throw new UnsupportedOperationException();
}
public void handlePageException(Throwable arg0) throws ServletException, IOException {
throw new UnsupportedOperationException();
}
public void handlePageException(Exception arg0) throws ServletException, IOException {
throw new UnsupportedOperationException();
}
public HttpSession getSession() {
throw new UnsupportedOperationException();
}
public ServletContext getServletContext() {
return servletContext;
}
public ServletConfig getServletConfig() {
throw new UnsupportedOperationException();
}
public ServletResponse getResponse() {
throw new UnsupportedOperationException();
}
public ServletRequest getRequest() {
throw new UnsupportedOperationException();
}
public Object getPage() {
throw new UnsupportedOperationException();
}
public Exception getException() {
throw new UnsupportedOperationException();
}
public void forward(String arg0) throws ServletException, IOException {
throw new UnsupportedOperationException();
}
}
}

1
taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAttributeTests.java
Unescape View File

@ -31,7 +31,6 @@ import javax.servlet.jsp.JspException; @@ -31,7 +31,6 @@ import javax.servlet.jsp.JspException;
* Ignoring these tests so that we can rename the file, but still get tests to pass till SEC-1882 can be
* addressed.
*/
@Ignore
public class AuthzImplAttributeTests extends TestCase {
//~ Instance fields ================================================================================================

16
taglibs/src/test/java/org/springframework/security/taglibs/velocity/AuthzImplAuthorizeTagTests.java
Unescape View File

@ -51,7 +51,7 @@ public class AuthzImplAuthorizeTagTests extends TestCase { @@ -51,7 +51,7 @@ public class AuthzImplAuthorizeTagTests extends TestCase {
SecurityContextHolder.clearContext();
}
public void IGNOREtestAlwaysReturnsUnauthorizedIfNoUserFound() {
public void testAlwaysReturnsUnauthorizedIfNoUserFound() {
SecurityContextHolder.getContext().setAuthentication(null);
//prevents request - no principal in Context
@ -65,39 +65,39 @@ public class AuthzImplAuthorizeTagTests extends TestCase { @@ -65,39 +65,39 @@ public class AuthzImplAuthorizeTagTests extends TestCase {
assertFalse(authz.noneGranted(""));
}
public void IGNOREtestOutputsBodyIfOneRolePresent() {
public void testOutputsBodyIfOneRolePresent() {
//authorized - ROLE_TELLER in both sets
assertTrue(authz.anyGranted("ROLE_TELLER"));
}
public void IGNOREtestOutputsBodyWhenAllGranted() {
public void testOutputsBodyWhenAllGranted() {
// allows request - all required roles granted on principal
assertTrue(authz.allGranted("ROLE_SUPERVISOR,ROLE_TELLER"));
}
public void IGNOREtestOutputsBodyWhenNotGrantedSatisfied() {
public void testOutputsBodyWhenNotGrantedSatisfied() {
// allows request - principal doesn't have ROLE_BANKER
assertTrue(authz.noneGranted("ROLE_BANKER"));
}
public void IGNOREtestPreventsBodyOutputIfNoSecureContext() {
public void testPreventsBodyOutputIfNoSecureContext() {
SecurityContextHolder.getContext().setAuthentication(null);
// prevents output - no context defined
assertFalse(authz.anyGranted("ROLE_BANKER"));
}
public void IGNOREtestSkipsBodyIfNoAnyRolePresent() {
public void testSkipsBodyIfNoAnyRolePresent() {
// unauthorized - ROLE_BANKER not in granted authorities
assertFalse(authz.anyGranted("ROLE_BANKER"));
}
public void IGNOREtestSkipsBodyWhenMissingAnAllGranted() {
public void testSkipsBodyWhenMissingAnAllGranted() {
// prevents request - missing ROLE_BANKER on principal
assertFalse(authz.allGranted("ROLE_SUPERVISOR,ROLE_TELLER,ROLE_BANKER"));
}
public void IGNOREtestSkipsBodyWhenNotGrantedUnsatisfied() {
public void testSkipsBodyWhenNotGrantedUnsatisfied() {
// prevents request - principal has ROLE_TELLER
assertFalse(authz.noneGranted("ROLE_TELLER"));
}

Write Preview
Loading…
Cancel
Save