From c9de2f6c9f2e5d554dc51dfddf165bf752048be4 Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Tue, 29 Jan 2008 15:09:20 +0000 Subject: [PATCH] SEC-532: Remove FilterInvocationDefinitionSource-related classes which are no longer needed. --- .../web/FIDSToFilterChainMapConverter.java | 16 +- .../web/FilterInvocationDefinition.java | 27 --- .../web/FilterInvocationDefinitionMap.java | 36 ---- ...athBasedFilterInvocationDefinitionMap.java | 70 ------- ...ExpBasedFilterInvocationDefinitionMap.java | 42 ---- .../PreAuthenticatedUserDetailsService.java | 5 +- .../security/util/AntUrlPathMatcher.java | 8 + .../security/util/FilterChainProxy.java | 13 +- ...ilterInvocationDefinitionSourceTests.java} | 42 ++-- ...InvocationDefinitionSourceEditorTests.java | 43 +++- ...nDefinitionSourceEditorWithPathsTests.java | 197 ------------------ .../web/FilterSecurityInterceptorTests.java | 15 +- .../web/MockFilterInvocationDefinition.java | 64 ------ .../RegExpBasedFilterDefinitionMapTests.java | 121 ----------- .../security/util/FilterChainProxyTests.java | 5 +- 15 files changed, 94 insertions(+), 610 deletions(-) delete mode 100644 core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinition.java delete mode 100644 core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionMap.java delete mode 100644 core/src/main/java/org/springframework/security/intercept/web/PathBasedFilterInvocationDefinitionMap.java delete mode 100644 core/src/main/java/org/springframework/security/intercept/web/RegExpBasedFilterInvocationDefinitionMap.java rename core/src/test/java/org/springframework/security/intercept/web/{PathBasedFilterInvocationDefinitionMapTests.java => DefaultFilterInvocationDefinitionSourceTests.java} (79%) delete mode 100644 core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorWithPathsTests.java delete mode 100644 core/src/test/java/org/springframework/security/intercept/web/MockFilterInvocationDefinition.java delete mode 100644 core/src/test/java/org/springframework/security/intercept/web/RegExpBasedFilterDefinitionMapTests.java diff --git a/core/src/main/java/org/springframework/security/intercept/web/FIDSToFilterChainMapConverter.java b/core/src/main/java/org/springframework/security/intercept/web/FIDSToFilterChainMapConverter.java index 1e8ca652ca..c0a17a3845 100644 --- a/core/src/main/java/org/springframework/security/intercept/web/FIDSToFilterChainMapConverter.java +++ b/core/src/main/java/org/springframework/security/intercept/web/FIDSToFilterChainMapConverter.java @@ -5,6 +5,7 @@ import org.springframework.util.Assert; import org.springframework.security.ConfigAttribute; import org.springframework.security.ConfigAttributeDefinition; import org.springframework.security.util.FilterChainProxy; +import org.springframework.security.util.UrlMatcher; import javax.servlet.Filter; import java.util.*; @@ -24,16 +25,13 @@ import java.util.regex.Pattern; public class FIDSToFilterChainMapConverter { private LinkedHashMap filterChainMap = new LinkedHashMap(); + private UrlMatcher matcher; - public FIDSToFilterChainMapConverter(FilterInvocationDefinitionSource source, ApplicationContext appContext) { + public FIDSToFilterChainMapConverter(DefaultFilterInvocationDefinitionSource fids, ApplicationContext appContext) { // TODO: Check if this is necessary. Retained from refactoring of FilterChainProxy - Assert.notNull(source.getConfigAttributeDefinitions(), "FilterChainProxy requires the " + + Assert.notNull(fids.getConfigAttributeDefinitions(), "FilterChainProxy requires the " + "FilterInvocationDefinitionSource to return a non-null response to getConfigAttributeDefinitions()"); - Assert.isTrue(source instanceof DefaultFilterInvocationDefinitionSource, - "Can't handle FilterInvocationDefinitionSource type " + source.getClass()); - - - DefaultFilterInvocationDefinitionSource fids = (DefaultFilterInvocationDefinitionSource)source; + matcher = fids.getUrlMatcher(); Map requestMap = fids.getRequestMap(); Iterator paths = requestMap.keySet().iterator(); @@ -64,4 +62,8 @@ public class FIDSToFilterChainMapConverter { public Map getFilterChainMap() { return filterChainMap; } + + public UrlMatcher getMatcher() { + return matcher; + } } diff --git a/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinition.java b/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinition.java deleted file mode 100644 index b7d9aecb09..0000000000 --- a/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinition.java +++ /dev/null @@ -1,27 +0,0 @@ -/* Copyright 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.intercept.web; - -/** - * Interface to join {@link FilterInvocationDefinitionMap} and - * {@link FilterInvocationDefinitionSource}. - * - * @author Carlos Sanchez - * @version $Id$ - * @since 1.1 - */ -public interface FilterInvocationDefinition extends FilterInvocationDefinitionMap, FilterInvocationDefinitionSource { -} diff --git a/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionMap.java b/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionMap.java deleted file mode 100644 index d7a4998c82..0000000000 --- a/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionMap.java +++ /dev/null @@ -1,36 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.intercept.web; - -import org.springframework.security.ConfigAttributeDefinition; - - -/** - * Exposes methods required so that a property editor can populate the relevant - * {@link FilterInvocationDefinitionSource}. - * - * @author Ben Alex - * @version $Id$ - */ -public interface FilterInvocationDefinitionMap { - //~ Methods ======================================================================================================== - - void addSecureUrl(String expression, ConfigAttributeDefinition attr); - - boolean isConvertUrlToLowercaseBeforeComparison(); - - void setConvertUrlToLowercaseBeforeComparison(boolean convertUrlToLowercaseBeforeComparison); -} diff --git a/core/src/main/java/org/springframework/security/intercept/web/PathBasedFilterInvocationDefinitionMap.java b/core/src/main/java/org/springframework/security/intercept/web/PathBasedFilterInvocationDefinitionMap.java deleted file mode 100644 index f9bd6fd6f4..0000000000 --- a/core/src/main/java/org/springframework/security/intercept/web/PathBasedFilterInvocationDefinitionMap.java +++ /dev/null @@ -1,70 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.intercept.web; - -import org.springframework.security.ConfigAttributeDefinition; -import org.springframework.security.util.AntUrlPathMatcher; - -/** - * Extends DefaultFilterInvocationDefinitionSource, configuring it with a {@link AntUrlPathMatcher} to match URLs - * using Apache Ant path-based patterns. - *

- * Apache Ant path expressions are used to match a HTTP request URL against a ConfigAttributeDefinition. - *

- * The order of registering the Ant paths using the {@link #addSecureUrl(String,ConfigAttributeDefinition)} is - * very important. The system will identify the first matching path for a given HTTP URL. It will not proceed - * to evaluate later paths if a match has already been found. Accordingly, the most specific paths should be - * registered first, with the most general paths registered last. - *

- * If no registered paths match the HTTP URL, null is returned. - *

- * Note that as of 2.0, lower case URL comparisons are made by default, as this is the default strategy for - * AntUrlPathMatcher. - * - * @author Ben Alex - * @author Luke taylor - * @deprecated DefaultFilterInvocationDefinitionSource should now be used with an AntUrlPathMatcher instead. - * @version $Id$ - */ -public class PathBasedFilterInvocationDefinitionMap extends DefaultFilterInvocationDefinitionSource - implements FilterInvocationDefinition { - - //~ Constructors =================================================================================================== - - public PathBasedFilterInvocationDefinitionMap() { - super(new AntUrlPathMatcher()); - setStripQueryStringFromUrls(true); - } - - //~ Methods ======================================================================================================== - - public void addSecureUrl(String antPath, String method, ConfigAttributeDefinition attr) { - // SEC-501: If using lower case comparison, we should convert the paths to lower case - // as any upper case characters included by mistake will prevent the URL from ever being matched. - // This shouldn't be needed anymore. The property editor complains if there is upper case text in the URL - // and the namespace implementation does the conversion itself, so it is safe to use the parent class - // directly. - if (getUrlMatcher().requiresLowerCaseUrl()) { - antPath = antPath.toLowerCase(); - } - - super.addSecureUrl(antPath, method, attr); - } - - public void setConvertUrlToLowercaseBeforeComparison(boolean bool) { - ((AntUrlPathMatcher)getUrlMatcher()).setRequiresLowerCaseUrl(bool); - } -} diff --git a/core/src/main/java/org/springframework/security/intercept/web/RegExpBasedFilterInvocationDefinitionMap.java b/core/src/main/java/org/springframework/security/intercept/web/RegExpBasedFilterInvocationDefinitionMap.java deleted file mode 100644 index 0887e7f9fc..0000000000 --- a/core/src/main/java/org/springframework/security/intercept/web/RegExpBasedFilterInvocationDefinitionMap.java +++ /dev/null @@ -1,42 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.intercept.web; - -import org.springframework.security.util.RegexUrlPathMatcher; - - -/** - * Configures an {@link DefaultFilterInvocationDefinitionSource} with a regular expression URL matching strategy - * {@link RegexUrlPathMatcher}. - * - * @author Ben Alex - * @author Luke Taylor - * @deprecated - * @version $Id$ - */ -public class RegExpBasedFilterInvocationDefinitionMap extends DefaultFilterInvocationDefinitionSource - implements FilterInvocationDefinition { - - //~ Constructors =================================================================================================== - - public RegExpBasedFilterInvocationDefinitionMap() { - super(new RegexUrlPathMatcher()); - } - - public void setConvertUrlToLowercaseBeforeComparison(boolean bool) { - ((RegexUrlPathMatcher)getUrlMatcher()).setRequiresLowerCaseUrl(bool); - } -} diff --git a/core/src/main/java/org/springframework/security/providers/preauth/PreAuthenticatedUserDetailsService.java b/core/src/main/java/org/springframework/security/providers/preauth/PreAuthenticatedUserDetailsService.java index f905eca950..bfdfb2852c 100755 --- a/core/src/main/java/org/springframework/security/providers/preauth/PreAuthenticatedUserDetailsService.java +++ b/core/src/main/java/org/springframework/security/providers/preauth/PreAuthenticatedUserDetailsService.java @@ -15,13 +15,12 @@ public interface PreAuthenticatedUserDetailsService { /** * - * @param aPreAuthenticatedAuthenticationToken + * @param token * The pre-authenticated authentication token * @return UserDetails for the given authentication token. * @throws UsernameNotFoundException * if no user details can be found for the given authentication * token */ - UserDetails getUserDetails(PreAuthenticatedAuthenticationToken aPreAuthenticatedAuthenticationToken) - throws UsernameNotFoundException; + UserDetails getUserDetails(PreAuthenticatedAuthenticationToken token) throws UsernameNotFoundException; } diff --git a/core/src/main/java/org/springframework/security/util/AntUrlPathMatcher.java b/core/src/main/java/org/springframework/security/util/AntUrlPathMatcher.java index 9ffe7a1af9..1ad2e66f97 100644 --- a/core/src/main/java/org/springframework/security/util/AntUrlPathMatcher.java +++ b/core/src/main/java/org/springframework/security/util/AntUrlPathMatcher.java @@ -17,6 +17,14 @@ public class AntUrlPathMatcher implements UrlMatcher { private boolean requiresLowerCaseUrl = true; private PathMatcher pathMatcher = new AntPathMatcher(); + public AntUrlPathMatcher() { + this(true); + } + + public AntUrlPathMatcher(boolean requiresLowerCaseUrl) { + this.requiresLowerCaseUrl = requiresLowerCaseUrl; + } + public Object compile(String path) { if (requiresLowerCaseUrl) { return path.toLowerCase(); diff --git a/core/src/main/java/org/springframework/security/util/FilterChainProxy.java b/core/src/main/java/org/springframework/security/util/FilterChainProxy.java index 432555feff..9c3404c925 100644 --- a/core/src/main/java/org/springframework/security/util/FilterChainProxy.java +++ b/core/src/main/java/org/springframework/security/util/FilterChainProxy.java @@ -106,7 +106,7 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo /** Compiled pattern version of the filter chain map */ private Map filterChainMap; private UrlMatcher matcher = new AntUrlPathMatcher(); - private FilterInvocationDefinitionSource fids; + private DefaultFilterInvocationDefinitionSource fids; //~ Methods ======================================================================================================== @@ -114,7 +114,9 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo // Convert the FilterDefinitionSource to a filterChainMap if set if (fids != null) { Assert.isNull(uncompiledFilterChainMap, "Set the filterChainMap or FilterInvocationDefinitionSource but not both"); - setFilterChainMap(new FIDSToFilterChainMapConverter(fids, applicationContext).getFilterChainMap()); + FIDSToFilterChainMapConverter converter = new FIDSToFilterChainMapConverter(fids, applicationContext); + setFilterChainMap(converter.getFilterChainMap()); + setMatcher(converter.getMatcher()); fids = null; } @@ -238,10 +240,9 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo * @deprecated Use namespace configuration or call setFilterChainMap instead. */ public void setFilterInvocationDefinitionSource(FilterInvocationDefinitionSource fids) { - if( fids instanceof RegExpBasedFilterInvocationDefinitionMap) { - matcher = new RegexUrlPathMatcher(); - } - this.fids = fids; + Assert.isInstanceOf(DefaultFilterInvocationDefinitionSource.class, fids, + "Must be a DefaultFilterInvocationDefinitionSource"); + this.fids = (DefaultFilterInvocationDefinitionSource) fids; } /** diff --git a/core/src/test/java/org/springframework/security/intercept/web/PathBasedFilterInvocationDefinitionMapTests.java b/core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSourceTests.java similarity index 79% rename from core/src/test/java/org/springframework/security/intercept/web/PathBasedFilterInvocationDefinitionMapTests.java rename to core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSourceTests.java index 78f1635515..f7d8cd5539 100644 --- a/core/src/test/java/org/springframework/security/intercept/web/PathBasedFilterInvocationDefinitionMapTests.java +++ b/core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSourceTests.java @@ -18,43 +18,40 @@ package org.springframework.security.intercept.web; import org.springframework.security.ConfigAttributeDefinition; import org.springframework.security.MockFilterChain; import org.springframework.security.SecurityConfig; +import org.springframework.security.util.AntUrlPathMatcher; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.junit.Test; +import org.junit.Before; import static org.junit.Assert.*; import static org.junit.Assert.assertEquals; /** - * Tests parts of {@link PathBasedFilterInvocationDefinitionMap} not tested by {@link - * FilterInvocationDefinitionSourceEditorWithPathsTests}. + * Tests parts of {@link DefaultFilterInvocationDefinitionSource} not tested by {@link + * FilterInvocationDefinitionSourceEditorTests}. * * @author Ben Alex * @version $Id$ */ -public class PathBasedFilterInvocationDefinitionMapTests { +public class DefaultFilterInvocationDefinitionSourceTests { + DefaultFilterInvocationDefinitionSource map; //~ Methods ======================================================================================================== + @Before + public void createMap() { + map = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher()); + map.setStripQueryStringFromUrls(true); + } @Test public void convertUrlToLowercaseIsTrueByDefault() { - PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap(); assertTrue(map.isConvertUrlToLowercaseBeforeComparison()); } - @Test - public void convertUrlToLowercaseSetterRespected() { - PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap(); - map.setConvertUrlToLowercaseBeforeComparison(false); - assertFalse(map.isConvertUrlToLowercaseBeforeComparison()); - } - @Test public void lookupNotRequiringExactMatchSuccessIfNotMatching() { - PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap(); - map.setConvertUrlToLowercaseBeforeComparison(true); - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); map.addSecureUrl("/secure/super/**", def); @@ -70,8 +67,6 @@ public class PathBasedFilterInvocationDefinitionMapTests { */ @Test public void lookupNotRequiringExactMatchSucceedsIfSecureUrlPathContainsUpperCase() { - PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap(); - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); map.addSecureUrl("/SeCuRE/super/**", def); @@ -85,8 +80,7 @@ public class PathBasedFilterInvocationDefinitionMapTests { @Test public void lookupRequiringExactMatchFailsIfNotMatching() { - PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap(); - map.setConvertUrlToLowercaseBeforeComparison(false); + map = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(false)); ConfigAttributeDefinition def = new ConfigAttributeDefinition(); def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); map.addSecureUrl("/secure/super/**", def); @@ -99,8 +93,7 @@ public class PathBasedFilterInvocationDefinitionMapTests { @Test public void lookupRequiringExactMatchIsSuccessful() { - PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap(); - map.setConvertUrlToLowercaseBeforeComparison(false); + map = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(false)); ConfigAttributeDefinition def = new ConfigAttributeDefinition(); def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); map.addSecureUrl("/SeCurE/super/**", def); @@ -113,7 +106,6 @@ public class PathBasedFilterInvocationDefinitionMapTests { @Test public void lookupRequiringExactMatchWithAdditionalSlashesIsSuccessful() { - PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap(); ConfigAttributeDefinition def = new ConfigAttributeDefinition(); def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); map.addSecureUrl("/someAdminPage.html**", def); @@ -126,7 +118,6 @@ public class PathBasedFilterInvocationDefinitionMapTests { @Test(expected = IllegalArgumentException.class) public void unknownHttpMethodIsRejected() { - PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap(); ConfigAttributeDefinition def = new ConfigAttributeDefinition(); def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); map.addSecureUrl("/someAdminPage.html**", "UNKNOWN", def); @@ -134,7 +125,6 @@ public class PathBasedFilterInvocationDefinitionMapTests { @Test public void httpMethodLookupSucceeds() { - PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap(); ConfigAttributeDefinition def = new ConfigAttributeDefinition(); def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); map.addSecureUrl("/somepage**", "GET", def); @@ -146,7 +136,6 @@ public class PathBasedFilterInvocationDefinitionMapTests { @Test public void requestWithDifferentHttpMethodDoesntMatch() { - PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap(); ConfigAttributeDefinition def = new ConfigAttributeDefinition(); def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); map.addSecureUrl("/somepage**", "GET", def); @@ -158,7 +147,7 @@ public class PathBasedFilterInvocationDefinitionMapTests { @Test public void httpMethodSpecificUrlTakesPrecedence() { - PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap(); + // Even though this is added before the method-specific def, the latter should match ConfigAttributeDefinition allMethodDef = new ConfigAttributeDefinition(); @@ -178,8 +167,7 @@ public class PathBasedFilterInvocationDefinitionMapTests { * Check fixes for SEC-321 */ @Test - public void extraQuestionMarkStillMatches() { - PathBasedFilterInvocationDefinitionMap map = new PathBasedFilterInvocationDefinitionMap(); + public void extraQuestionMarkStillMatches() { ConfigAttributeDefinition def = new ConfigAttributeDefinition(); def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); map.addSecureUrl("/someAdminPage.html*", def); diff --git a/core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorTests.java b/core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorTests.java index 6392633d57..9abe39457c 100644 --- a/core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorTests.java @@ -21,6 +21,7 @@ import org.springframework.security.ConfigAttributeDefinition; import org.springframework.security.MockFilterChain; import org.springframework.security.SecurityConfig; import org.springframework.security.util.RegexUrlPathMatcher; +import org.springframework.security.util.AntUrlPathMatcher; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; @@ -30,8 +31,8 @@ import java.util.regex.PatternSyntaxException; /** - * Tests {@link FilterInvocationDefinitionSourceEditor} and its associated default {@link - * RegExpBasedFilterInvocationDefinitionMap}. + * Tests {@link FilterInvocationDefinitionSourceEditor} and its associated default + * {@link DefaultFilterInvocationDefinitionSource}. * * @author Ben Alex * @version $Id$ @@ -273,4 +274,42 @@ public class FilterInvocationDefinitionSourceEditorTests extends TestCase { DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue(); assertEquals(2, map.getMapSize()); } + + public void testAntPathDirectiveIsDetected() { + FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor(); + editor.setAsText( + "PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER"); + + DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue(); + assertTrue(map.getUrlMatcher() instanceof AntUrlPathMatcher); + } + + public void testInvalidNameValueFailsToParse() { + FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor(); + + try { + // Use a "==" instead of an "=" + editor.setAsText(" PATTERN_TYPE_APACHE_ANT\r\n /secure/*==ROLE_SUPERVISOR,ROLE_TELLER \r\n"); + fail("Shouldn't be able to use '==' for config attribute."); + } catch (IllegalArgumentException expected) {} + } + + public void testSingleUrlParsing() throws Exception { + FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor(); + editor.setAsText("PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE,ANOTHER_ROLE"); + + DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue(); + + MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null); + httpRequest.setServletPath("/secure/super/very_secret.html"); + + ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest, + new MockHttpServletResponse(), new MockFilterChain())); + + ConfigAttributeDefinition expected = new ConfigAttributeDefinition(); + expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE")); + expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE")); + + assertEquals(expected, returned); + } } diff --git a/core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorWithPathsTests.java b/core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorWithPathsTests.java deleted file mode 100644 index 31ffba1365..0000000000 --- a/core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorWithPathsTests.java +++ /dev/null @@ -1,197 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.intercept.web; - -import junit.framework.TestCase; - -import org.springframework.security.ConfigAttributeDefinition; -import org.springframework.security.MockFilterChain; -import org.springframework.security.SecurityConfig; -import org.springframework.security.util.AntUrlPathMatcher; - -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; - -import java.util.Iterator; - - -/** - * Tests {@link FilterInvocationDefinitionSourceEditor} and its associated {@link - * PathBasedFilterInvocationDefinitionMap}. - * - * @author Ben Alex - * @version $Id$ - */ -public class FilterInvocationDefinitionSourceEditorWithPathsTests extends TestCase { - //~ Constructors =================================================================================================== - - public FilterInvocationDefinitionSourceEditorWithPathsTests() { - super(); - } - - public FilterInvocationDefinitionSourceEditorWithPathsTests(String arg0) { - super(arg0); - } - - //~ Methods ======================================================================================================== - - public void testAntPathDirectiveIsDetected() { - FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor(); - editor.setAsText( - "PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER"); - - DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue(); - assertTrue(map.getUrlMatcher() instanceof AntUrlPathMatcher); - } - - public void testConvertUrlToLowercaseDefaultSettingUnchangedByEditor() { - FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor(); - editor.setAsText( - "PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER"); - - DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue(); - assertFalse(map.getUrlMatcher().requiresLowerCaseUrl()); - } - - public void testConvertUrlToLowercaseSettingApplied() { - FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor(); - editor.setAsText( - "CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON\r\nPATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER"); - - DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue(); - assertTrue(map.getUrlMatcher().requiresLowerCaseUrl()); - } - - public void testInvalidNameValueFailsToParse() { - FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor(); - - try { - // Use a "==" instead of an "=" - editor.setAsText(" PATTERN_TYPE_APACHE_ANT\r\n /secure/*==ROLE_SUPERVISOR,ROLE_TELLER \r\n"); - fail("Shouldn't be able to use '==' for config attribute."); - } catch (IllegalArgumentException expected) {} - } - - public void testIterator() { - FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor(); - editor.setAsText( - "PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER"); - - DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue(); - Iterator iter = map.getConfigAttributeDefinitions(); - int counter = 0; - - while (iter.hasNext()) { - iter.next(); - counter++; - } - - assertEquals(2, counter); - } - - public void testMapReturnsNullWhenNoMatchFound() throws Exception { - FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor(); - editor.setAsText("PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE"); - - DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue(); - - MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null); - httpRequest.setServletPath("/totally/different/path/index.html"); - - ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest, - new MockHttpServletResponse(), new MockFilterChain())); - - assertEquals(null, returned); - } - - public void testMultiUrlParsing() { - FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor(); - editor.setAsText( - "PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE\r\n/secure/*=ROLE_SUPERVISOR,ROLE_TELLER"); - - DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue(); - assertEquals(2, map.getMapSize()); - } - - public void testOrderOfEntriesIsPreservedOrderA() { - FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor(); - editor.setAsText( - "PATTERN_TYPE_APACHE_ANT\r\n/secure/super/**=ROLE_WE_DONT_HAVE,ANOTHER_ROLE\r\n/secure/**=ROLE_SUPERVISOR,ROLE_TELLER"); - - DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue(); - - // Test ensures we match the first entry, not the second - MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null); - httpRequest.setServletPath("/secure/super/very_secret.html"); - - ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest, - new MockHttpServletResponse(), new MockFilterChain())); - - ConfigAttributeDefinition expected = new ConfigAttributeDefinition(); - expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE")); - expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE")); - - assertEquals(expected, returned); - } - - public void testOrderOfEntriesIsPreservedOrderB() { - FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor(); - editor.setAsText( - "PATTERN_TYPE_APACHE_ANT\r\n/secure/**=ROLE_SUPERVISOR,ROLE_TELLER\r\n/secure/super/**=ROLE_WE_DONT_HAVE"); - - DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue(); - - MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null); - httpRequest.setServletPath("/secure/super/very_secret.html"); - - ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest, - new MockHttpServletResponse(), new MockFilterChain())); - - ConfigAttributeDefinition expected = new ConfigAttributeDefinition(); - expected.addConfigAttribute(new SecurityConfig("ROLE_SUPERVISOR")); - expected.addConfigAttribute(new SecurityConfig("ROLE_TELLER")); - - assertEquals(expected, returned); - } - - public void testSingleUrlParsing() throws Exception { - FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor(); - editor.setAsText("PATTERN_TYPE_APACHE_ANT\r\n/secure/super/*=ROLE_WE_DONT_HAVE,ANOTHER_ROLE"); - - DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue(); - - MockHttpServletRequest httpRequest = new MockHttpServletRequest(null, null); - httpRequest.setServletPath("/secure/super/very_secret.html"); - - ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest, - new MockHttpServletResponse(), new MockFilterChain())); - - ConfigAttributeDefinition expected = new ConfigAttributeDefinition(); - expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE")); - expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE")); - - assertEquals(expected, returned); - } - - public void testWhitespaceAndCommentsAndLinesWithoutEqualsSignsAreIgnored() { - FilterInvocationDefinitionSourceEditor editor = new FilterInvocationDefinitionSourceEditor(); - editor.setAsText( - " PATTERN_TYPE_APACHE_ANT\r\n /secure/super/*=ROLE_WE_DONT_HAVE\r\n /secure/*=ROLE_SUPERVISOR,ROLE_TELLER \r\n \r\n \r\n // comment line \r\n \r\n"); - - DefaultFilterInvocationDefinitionSource map = (DefaultFilterInvocationDefinitionSource) editor.getValue(); - assertEquals(2, map.getMapSize()); - } -} diff --git a/core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java b/core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java index e81cf2bac7..591df7b61c 100644 --- a/core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java @@ -30,6 +30,8 @@ import org.springframework.security.MockAuthenticationManager; import org.springframework.security.MockRunAsManager; import org.springframework.security.RunAsManager; import org.springframework.security.SecurityConfig; +import org.springframework.security.util.AntUrlPathMatcher; +import org.springframework.security.util.RegexUrlPathMatcher; import org.springframework.security.context.SecurityContextHolder; import org.springframework.security.providers.UsernamePasswordAuthenticationToken; import org.springframework.mock.web.MockHttpServletRequest; @@ -75,11 +77,10 @@ public class FilterSecurityInterceptorTests extends TestCase { SecurityContextHolder.clearContext(); } - public void testEnsuresAccessDecisionManagerSupportsFilterInvocationClass() - throws Exception { + public void testEnsuresAccessDecisionManagerSupportsFilterInvocationClass() throws Exception { FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor(); interceptor.setAuthenticationManager(new MockAuthenticationManager()); - interceptor.setObjectDefinitionSource(new RegExpBasedFilterInvocationDefinitionMap()); + interceptor.setObjectDefinitionSource(new DefaultFilterInvocationDefinitionSource(new RegexUrlPathMatcher())); interceptor.setRunAsManager(new MockRunAsManager()); interceptor.setAccessDecisionManager(new AccessDecisionManager() { @@ -111,7 +112,7 @@ public class FilterSecurityInterceptorTests extends TestCase { FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor(); interceptor.setAccessDecisionManager(new MockAccessDecisionManager()); interceptor.setAuthenticationManager(new MockAuthenticationManager()); - interceptor.setObjectDefinitionSource(new RegExpBasedFilterInvocationDefinitionMap()); + interceptor.setObjectDefinitionSource(new DefaultFilterInvocationDefinitionSource(new RegexUrlPathMatcher())); interceptor.setRunAsManager(new RunAsManager() { public boolean supports(Class clazz) { @@ -177,7 +178,8 @@ public class FilterSecurityInterceptorTests extends TestCase { interceptor.setAccessDecisionManager(new MockAccessDecisionManager()); interceptor.setAuthenticationManager(new MockAuthenticationManager()); - RegExpBasedFilterInvocationDefinitionMap fidp = new RegExpBasedFilterInvocationDefinitionMap(); + DefaultFilterInvocationDefinitionSource fidp = + new DefaultFilterInvocationDefinitionSource(new RegexUrlPathMatcher()); interceptor.setObjectDefinitionSource(fidp); interceptor.setRunAsManager(new MockRunAsManager()); interceptor.afterPropertiesSet(); @@ -232,7 +234,8 @@ public class FilterSecurityInterceptorTests extends TestCase { List mappings = new ArrayList(1); mappings.add(mapping); - PathBasedFilterInvocationDefinitionMap filterInvocationDefinitionSource = new PathBasedFilterInvocationDefinitionMap(); + DefaultFilterInvocationDefinitionSource filterInvocationDefinitionSource + = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher()); filterInvocationDefinitionSource.setMappings(mappings); FilterSecurityInterceptor filter = new FilterSecurityInterceptor(); diff --git a/core/src/test/java/org/springframework/security/intercept/web/MockFilterInvocationDefinition.java b/core/src/test/java/org/springframework/security/intercept/web/MockFilterInvocationDefinition.java deleted file mode 100644 index bbbfc3673a..0000000000 --- a/core/src/test/java/org/springframework/security/intercept/web/MockFilterInvocationDefinition.java +++ /dev/null @@ -1,64 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.intercept.web; - -import java.util.HashMap; -import java.util.Iterator; -import java.util.Map; - -import org.springframework.security.ConfigAttributeDefinition; - -/** - * Mock for {@link FilterInvocationDefinitionMap} - * - * @author Carlos Sanchez - * @version $Id: MockFilterInvocationDefinitionSource.java 1496 2006-05-23 - * 13:38:33Z benalex $ - */ -public class MockFilterInvocationDefinition implements FilterInvocationDefinition { - - private Map secureUrls = new HashMap(); - - private boolean convertUrlToLowercaseBeforeComparison = false; - - public void addSecureUrl(String expression, ConfigAttributeDefinition attr) { - secureUrls.put(expression, attr); - } - - public boolean isConvertUrlToLowercaseBeforeComparison() { - return convertUrlToLowercaseBeforeComparison; - } - - public void setConvertUrlToLowercaseBeforeComparison(boolean convertUrlToLowercaseBeforeComparison) { - this.convertUrlToLowercaseBeforeComparison = convertUrlToLowercaseBeforeComparison; - } - - public ConfigAttributeDefinition getSecureUrl(String expression) { - return (ConfigAttributeDefinition) secureUrls.get(expression); - } - - public ConfigAttributeDefinition getAttributes(Object object) throws IllegalArgumentException { - return (ConfigAttributeDefinition) secureUrls.get(object); - } - - public Iterator getConfigAttributeDefinitions() { - return secureUrls.values().iterator(); - } - - public boolean supports(Class clazz) { - return true; - } -} diff --git a/core/src/test/java/org/springframework/security/intercept/web/RegExpBasedFilterDefinitionMapTests.java b/core/src/test/java/org/springframework/security/intercept/web/RegExpBasedFilterDefinitionMapTests.java deleted file mode 100644 index dcfafaf8c0..0000000000 --- a/core/src/test/java/org/springframework/security/intercept/web/RegExpBasedFilterDefinitionMapTests.java +++ /dev/null @@ -1,121 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.intercept.web; - -import junit.framework.TestCase; - -import org.springframework.security.ConfigAttributeDefinition; -import org.springframework.security.MockFilterChain; -import org.springframework.security.SecurityConfig; - -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; - - -/** - * Tests parts of {@link RegExpBasedFilterInvocationDefinitionMap} not tested by {@link - * FilterInvocationDefinitionSourceEditorTests}. - * - * @author Ben Alex - * @version $Id$ - */ -public class RegExpBasedFilterDefinitionMapTests extends TestCase { - //~ Constructors =================================================================================================== - - public RegExpBasedFilterDefinitionMapTests() { - } - - public RegExpBasedFilterDefinitionMapTests(String arg0) { - super(arg0); - } - - //~ Methods ======================================================================================================== - - public void testConvertUrlToLowercaseIsFalseByDefault() { - RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap(); - assertFalse(map.isConvertUrlToLowercaseBeforeComparison()); - } - - public void testConvertUrlToLowercaseSetterRespected() { - RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap(); - map.setConvertUrlToLowercaseBeforeComparison(true); - assertTrue(map.isConvertUrlToLowercaseBeforeComparison()); - } - - public void testLookupNotRequiringExactMatchSuccessIfNotMatching() { - RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap(); - map.setConvertUrlToLowercaseBeforeComparison(true); - assertTrue(map.isConvertUrlToLowercaseBeforeComparison()); - - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); - map.addSecureUrl("\\A/secure/super.*\\Z", def); - - // Build a HTTP request - MockHttpServletRequest request = new MockHttpServletRequest(); - request.setRequestURI(null); - - MockHttpServletRequest req = request; - req.setServletPath("/SeCuRE/super/somefile.html"); - - FilterInvocation fi = new FilterInvocation(req, new MockHttpServletResponse(), new MockFilterChain()); - - ConfigAttributeDefinition response = map.lookupAttributes(fi.getRequestUrl()); - assertEquals(def, response); - } - - public void testLookupRequiringExactMatchFailsIfNotMatching() { - RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap(); - assertFalse(map.isConvertUrlToLowercaseBeforeComparison()); - - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); - map.addSecureUrl("\\A/secure/super.*\\Z", def); - - // Build a HTTP request - MockHttpServletRequest request = new MockHttpServletRequest(); - request.setRequestURI(null); - - MockHttpServletRequest req = request; - req.setServletPath("/SeCuRE/super/somefile.html"); - - FilterInvocation fi = new FilterInvocation(req, new MockHttpServletResponse(), new MockFilterChain()); - - ConfigAttributeDefinition response = map.lookupAttributes(fi.getRequestUrl()); - assertEquals(null, response); - } - - public void testLookupRequiringExactMatchIsSuccessful() { - RegExpBasedFilterInvocationDefinitionMap map = new RegExpBasedFilterInvocationDefinitionMap(); - assertFalse(map.isConvertUrlToLowercaseBeforeComparison()); - - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); - map.addSecureUrl("\\A/secure/super.*\\Z", def); - - // Build a HTTP request - MockHttpServletRequest request = new MockHttpServletRequest(); - request.setRequestURI(null); - - MockHttpServletRequest req = request; - req.setServletPath("/secure/super/somefile.html"); - - FilterInvocation fi = new FilterInvocation(req, new MockHttpServletResponse(), new MockFilterChain()); - - ConfigAttributeDefinition response = map.lookupAttributes(fi.getRequestUrl()); - assertEquals(def, response); - } -} diff --git a/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java b/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java index 6583135609..13c3e62134 100644 --- a/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java +++ b/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java @@ -30,7 +30,7 @@ import org.springframework.security.MockApplicationContext; import org.springframework.security.MockFilterConfig; import org.springframework.security.context.HttpSessionContextIntegrationFilter; import org.springframework.security.intercept.web.MockFilterInvocationDefinitionSource; -import org.springframework.security.intercept.web.PathBasedFilterInvocationDefinitionMap; +import org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource; import org.springframework.security.ui.webapp.AuthenticationProcessingFilter; import java.util.List; @@ -82,7 +82,8 @@ public class FilterChainProxyTests { ConfigAttributeDefinition cad = new ConfigAttributeDefinition(); cad.addConfigAttribute(new MockConfigAttribute()); - PathBasedFilterInvocationDefinitionMap fids = new PathBasedFilterInvocationDefinitionMap(); + DefaultFilterInvocationDefinitionSource fids = + new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher()); fids.addSecureUrl("/**", cad); filterChainProxy.setFilterInvocationDefinitionSource(fids);