diff --git a/acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java b/acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java index 7b289f394e..8022a7b038 100644 --- a/acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java +++ b/acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java @@ -98,12 +98,8 @@ public class AclAuthorizationStrategyImpl implements AclAuthorizationStrategy { } // Iterate this principal's authorities to determine right - List auths = authentication.getAuthorities(); - - for (int i = 0; i < auths.size(); i++) { - if (requiredAuthority.equals(auths.get(i))) { - return; - } + if (authentication.getAuthorities().contains(requiredAuthority)) { + return; } // Try to get permission via ACEs within the ACL diff --git a/acl/src/main/java/org/springframework/security/acls/domain/SidRetrievalStrategyImpl.java b/acl/src/main/java/org/springframework/security/acls/domain/SidRetrievalStrategyImpl.java index 10ffcb767e..2604057585 100644 --- a/acl/src/main/java/org/springframework/security/acls/domain/SidRetrievalStrategyImpl.java +++ b/acl/src/main/java/org/springframework/security/acls/domain/SidRetrievalStrategyImpl.java @@ -16,6 +16,7 @@ package org.springframework.security.acls.domain; import java.util.ArrayList; +import java.util.Collection; import java.util.List; import org.springframework.security.access.hierarchicalroles.NullRoleHierarchy; @@ -51,7 +52,7 @@ public class SidRetrievalStrategyImpl implements SidRetrievalStrategy { //~ Methods ======================================================================================================== public List getSids(Authentication authentication) { - List authorities = roleHierarchy.getReachableGrantedAuthorities(authentication.getAuthorities()); + Collection authorities = roleHierarchy.getReachableGrantedAuthorities(authentication.getAuthorities()); List sids = new ArrayList(authorities.size() + 1); sids.add(new PrincipalSid(authentication)); diff --git a/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java b/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java index f08fe1406d..dd0e0ac0ef 100644 --- a/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java +++ b/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java @@ -15,17 +15,14 @@ package org.springframework.security.cas.authentication; -import org.jasig.cas.client.validation.Assertion; +import java.io.Serializable; +import java.util.Collection; +import org.jasig.cas.client.validation.Assertion; import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; - -import java.io.Serializable; -import java.util.Arrays; -import java.util.List; - /** * Represents a successful CAS Authentication. * @@ -45,14 +42,6 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken implemen //~ Constructors =================================================================================================== - /** - * @deprecated - */ - public CasAuthenticationToken(final String key, final Object principal, final Object credentials, - final GrantedAuthority[] authorities, final UserDetails userDetails, final Assertion assertion) { - this(key, principal, credentials, Arrays.asList(authorities), userDetails, assertion); - } - /** * Constructor. * @@ -71,7 +60,7 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken implemen * @throws IllegalArgumentException if a null was passed */ public CasAuthenticationToken(final String key, final Object principal, final Object credentials, - final List authorities, final UserDetails userDetails, final Assertion assertion) { + final Collection authorities, final UserDetails userDetails, final Assertion assertion) { super(authorities); if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal) || (credentials == null) diff --git a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java index 03de2a93e4..dc27051672 100644 --- a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java +++ b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java @@ -98,8 +98,8 @@ public class CasAuthenticationProviderTests { CasAuthenticationToken casResult = (CasAuthenticationToken) result; assertEquals(makeUserDetailsFromAuthoritiesPopulator(), casResult.getPrincipal()); assertEquals("ST-123", casResult.getCredentials()); - assertEquals(new GrantedAuthorityImpl("ROLE_A"), casResult.getAuthorities().get(0)); - assertEquals(new GrantedAuthorityImpl("ROLE_B"), casResult.getAuthorities().get(1)); + assertTrue(casResult.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_A"))); + assertTrue(casResult.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_B"))); assertEquals(cap.getKey().hashCode(), casResult.getKeyHash()); assertEquals("details", casResult.getDetails()); diff --git a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java index 6b5698af66..eeaabe9a4b 100644 --- a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java +++ b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java @@ -22,9 +22,9 @@ import junit.framework.TestCase; import org.jasig.cas.client.validation.Assertion; import org.jasig.cas.client.validation.AssertionImpl; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.cas.authentication.CasAuthenticationToken; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; +import org.springframework.security.core.authority.GrantedAuthorityImpl; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; @@ -109,8 +109,8 @@ public class CasAuthenticationTokenTests extends TestCase { assertEquals("key".hashCode(), token.getKeyHash()); assertEquals(makeUserDetails(), token.getPrincipal()); assertEquals("Password", token.getCredentials()); - assertEquals("ROLE_ONE", token.getAuthorities().get(0).getAuthority()); - assertEquals("ROLE_TWO", token.getAuthorities().get(1).getAuthority()); + assertTrue(token.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_ONE"))); + assertTrue(token.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_TWO"))); assertEquals(assertion, token.getAssertion()); assertEquals(makeUserDetails().getUsername(), token.getUserDetails().getUsername()); } diff --git a/core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRoot.java b/core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRoot.java index 4adb363acc..2ab7653837 100644 --- a/core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRoot.java +++ b/core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRoot.java @@ -1,7 +1,7 @@ package org.springframework.security.access.expression; +import java.util.Collection; import java.util.HashSet; -import java.util.List; import java.util.Set; import org.springframework.security.access.hierarchicalroles.RoleHierarchy; @@ -96,7 +96,7 @@ public abstract class SecurityExpressionRoot { private Set getAuthoritySet() { if (roles == null) { roles = new HashSet(); - List userAuthorities = authentication.getAuthorities(); + Collection userAuthorities = authentication.getAuthorities(); if (roleHierarchy != null) { userAuthorities = roleHierarchy.getReachableGrantedAuthorities(userAuthorities); diff --git a/core/src/main/java/org/springframework/security/access/hierarchicalroles/NullRoleHierarchy.java b/core/src/main/java/org/springframework/security/access/hierarchicalroles/NullRoleHierarchy.java index e5b871d099..d75381aeda 100644 --- a/core/src/main/java/org/springframework/security/access/hierarchicalroles/NullRoleHierarchy.java +++ b/core/src/main/java/org/springframework/security/access/hierarchicalroles/NullRoleHierarchy.java @@ -1,6 +1,6 @@ package org.springframework.security.access.hierarchicalroles; -import java.util.List; +import java.util.Collection; import org.springframework.security.core.GrantedAuthority; @@ -12,7 +12,7 @@ import org.springframework.security.core.GrantedAuthority; */ public final class NullRoleHierarchy implements RoleHierarchy { - public List getReachableGrantedAuthorities(List authorities) { + public Collection getReachableGrantedAuthorities(Collection authorities) { return authorities; } diff --git a/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchy.java b/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchy.java index 62abd13921..e69d949d46 100755 --- a/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchy.java +++ b/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchy.java @@ -14,7 +14,7 @@ package org.springframework.security.access.hierarchicalroles; -import java.util.List; +import java.util.Collection; import org.springframework.security.core.GrantedAuthority; @@ -40,6 +40,6 @@ public interface RoleHierarchy { * @param authorities - List of the directly assigned authorities. * @return List of all reachable authorities given the assigned authorities. */ - public List getReachableGrantedAuthorities(List authorities); + public Collection getReachableGrantedAuthorities(Collection authorities); } diff --git a/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java b/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java index b1ce26e159..5ba9d2fdca 100755 --- a/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java +++ b/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java @@ -15,15 +15,21 @@ package org.springframework.security.access.hierarchicalroles; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - +import java.util.ArrayList; +import java.util.Collection; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Set; import java.util.regex.Matcher; import java.util.regex.Pattern; -import java.util.*; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.GrantedAuthorityImpl; /** *

@@ -98,7 +104,7 @@ public class RoleHierarchyImpl implements RoleHierarchy { buildRolesReachableInOneOrMoreStepsMap(); } - public List getReachableGrantedAuthorities(List authorities) { + public Collection getReachableGrantedAuthorities(Collection authorities) { if (authorities == null || authorities.isEmpty()) { return null; } @@ -125,40 +131,40 @@ public class RoleHierarchyImpl implements RoleHierarchy { } // SEC-863 - private void addReachableRoles(Set reachableRoles, - GrantedAuthority authority) { - - Iterator iterator = reachableRoles.iterator(); - while (iterator.hasNext()) { - GrantedAuthority testAuthority = iterator.next(); - String testKey = testAuthority.getAuthority(); - if ((testKey != null) && (testKey.equals(authority.getAuthority()))) { - return; - } - } - reachableRoles.add(authority); - } + private void addReachableRoles(Set reachableRoles, + GrantedAuthority authority) { + + Iterator iterator = reachableRoles.iterator(); + while (iterator.hasNext()) { + GrantedAuthority testAuthority = iterator.next(); + String testKey = testAuthority.getAuthority(); + if ((testKey != null) && (testKey.equals(authority.getAuthority()))) { + return; + } + } + reachableRoles.add(authority); + } // SEC-863 - private Set getRolesReachableInOneOrMoreSteps( - GrantedAuthority authority) { - - if (authority.getAuthority() == null) { - return null; - } - - Iterator iterator = rolesReachableInOneOrMoreStepsMap.keySet().iterator(); - while (iterator.hasNext()) { - GrantedAuthority testAuthority = iterator.next(); - String testKey = testAuthority.getAuthority(); - if ((testKey != null) && (testKey.equals(authority.getAuthority()))) { - return rolesReachableInOneOrMoreStepsMap.get(testAuthority); - } - } - - return null; - } - + private Set getRolesReachableInOneOrMoreSteps( + GrantedAuthority authority) { + + if (authority.getAuthority() == null) { + return null; + } + + Iterator iterator = rolesReachableInOneOrMoreStepsMap.keySet().iterator(); + while (iterator.hasNext()) { + GrantedAuthority testAuthority = iterator.next(); + String testKey = testAuthority.getAuthority(); + if ((testKey != null) && (testKey.equals(authority.getAuthority()))) { + return rolesReachableInOneOrMoreStepsMap.get(testAuthority); + } + } + + return null; + } + /** * Parse input and build the map for the roles reachable in one step: the higher role will become a key that * references a set of the reachable lower roles. diff --git a/core/src/main/java/org/springframework/security/access/hierarchicalroles/UserDetailsWrapper.java b/core/src/main/java/org/springframework/security/access/hierarchicalroles/UserDetailsWrapper.java index de5ee39bf1..aab45cbef1 100755 --- a/core/src/main/java/org/springframework/security/access/hierarchicalroles/UserDetailsWrapper.java +++ b/core/src/main/java/org/springframework/security/access/hierarchicalroles/UserDetailsWrapper.java @@ -14,8 +14,9 @@ package org.springframework.security.access.hierarchicalroles; -import java.util.List; +import java.util.Collection; +import org.springframework.security.access.vote.RoleHierarchyVoter; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; @@ -48,7 +49,7 @@ public class UserDetailsWrapper implements UserDetails { return userDetails.isAccountNonLocked(); } - public List getAuthorities() { + public Collection getAuthorities() { return roleHierarchy.getReachableGrantedAuthorities(userDetails.getAuthorities()); } @@ -72,4 +73,4 @@ public class UserDetailsWrapper implements UserDetails { return userDetails; } -} \ No newline at end of file +} diff --git a/core/src/main/java/org/springframework/security/access/intercept/RunAsUserToken.java b/core/src/main/java/org/springframework/security/access/intercept/RunAsUserToken.java index 61ff9776ec..8880f6427b 100644 --- a/core/src/main/java/org/springframework/security/access/intercept/RunAsUserToken.java +++ b/core/src/main/java/org/springframework/security/access/intercept/RunAsUserToken.java @@ -16,8 +16,7 @@ package org.springframework.security.access.intercept; import java.util.Arrays; -import java.util.List; - +import java.util.Collection; import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.core.Authentication; @@ -45,7 +44,7 @@ public class RunAsUserToken extends AbstractAuthenticationToken { this(key, principal, credentials, Arrays.asList(authorities), originalAuthentication); } - public RunAsUserToken(String key, Object principal, Object credentials, List authorities, + public RunAsUserToken(String key, Object principal, Object credentials, Collection authorities, Class originalAuthentication) { super(authorities); this.keyHash = key.hashCode(); diff --git a/core/src/main/java/org/springframework/security/access/vote/LabelBasedAclVoter.java b/core/src/main/java/org/springframework/security/access/vote/LabelBasedAclVoter.java index e630f2f608..227a0cfb61 100644 --- a/core/src/main/java/org/springframework/security/access/vote/LabelBasedAclVoter.java +++ b/core/src/main/java/org/springframework/security/access/vote/LabelBasedAclVoter.java @@ -23,6 +23,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.core.Authentication; +import org.springframework.security.core.GrantedAuthority; import org.springframework.util.Assert; @@ -177,8 +178,8 @@ public class LabelBasedAclVoter extends AbstractAclVoter { */ List userLabels = new ArrayList(); - for (int i = 0; i < authentication.getAuthorities().size(); i++) { - String userLabel = authentication.getAuthorities().get(i).getAuthority(); + for (GrantedAuthority authority : authentication.getAuthorities()) { + String userLabel = authority.getAuthority(); if (labelMap.containsKey(userLabel)) { userLabels.add(userLabel); logger.debug("Adding " + userLabel + " to <<<" + authentication.getName() diff --git a/core/src/main/java/org/springframework/security/access/vote/RoleHierarchyVoter.java b/core/src/main/java/org/springframework/security/access/vote/RoleHierarchyVoter.java index 88a91297fe..6efee48cdc 100644 --- a/core/src/main/java/org/springframework/security/access/vote/RoleHierarchyVoter.java +++ b/core/src/main/java/org/springframework/security/access/vote/RoleHierarchyVoter.java @@ -1,6 +1,6 @@ package org.springframework.security.access.vote; -import java.util.List; +import java.util.Collection; import org.springframework.security.access.hierarchicalroles.RoleHierarchy; import org.springframework.security.core.Authentication; @@ -26,7 +26,7 @@ public class RoleHierarchyVoter extends RoleVoter { * Calls the RoleHierarchy to obtain the complete set of user authorities. */ @Override - List extractAuthorities(Authentication authentication) { + Collection extractAuthorities(Authentication authentication) { return roleHierarchy.getReachableGrantedAuthorities(authentication.getAuthorities()); } } diff --git a/core/src/main/java/org/springframework/security/access/vote/RoleVoter.java b/core/src/main/java/org/springframework/security/access/vote/RoleVoter.java index c3d96587d4..e70fe5b3e7 100644 --- a/core/src/main/java/org/springframework/security/access/vote/RoleVoter.java +++ b/core/src/main/java/org/springframework/security/access/vote/RoleVoter.java @@ -15,6 +15,7 @@ package org.springframework.security.access.vote; +import java.util.Collection; import java.util.List; import org.springframework.security.access.AccessDecisionVoter; @@ -94,7 +95,7 @@ public class RoleVoter implements AccessDecisionVoter { public int vote(Authentication authentication, Object object, List attributes) { int result = ACCESS_ABSTAIN; - List authorities = extractAuthorities(authentication); + Collection authorities = extractAuthorities(authentication); for (ConfigAttribute attribute : attributes) { if (this.supports(attribute)) { @@ -112,7 +113,7 @@ public class RoleVoter implements AccessDecisionVoter { return result; } - List extractAuthorities(Authentication authentication) { + Collection extractAuthorities(Authentication authentication) { return authentication.getAuthorities(); } } diff --git a/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java index 40a28f3a4c..6dbd9f95cd 100644 --- a/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java +++ b/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java @@ -16,8 +16,9 @@ package org.springframework.security.authentication; import java.security.Principal; +import java.util.ArrayList; +import java.util.Collection; import java.util.Collections; -import java.util.List; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; @@ -37,7 +38,7 @@ public abstract class AbstractAuthenticationToken implements Authentication { //~ Instance fields ================================================================================================ private Object details; - private final List authorities; + private final Collection authorities; private boolean authenticated = false; //~ Constructors =================================================================================================== @@ -52,17 +53,18 @@ public abstract class AbstractAuthenticationToken implements Authentication { * Authentication#getAuthorities()}null should only be * presented if the principal has not been authenticated). */ - public AbstractAuthenticationToken(List authorities) { + public AbstractAuthenticationToken(Collection authorities) { if (authorities == null) { this.authorities = null; } else { - for (int i = 0; i < authorities.size(); i++) { - if(authorities.get(i) == null) { - throw new IllegalArgumentException("Granted authority element " + i - + " is null - GrantedAuthority[] cannot contain any null elements"); + for (GrantedAuthority a: authorities) { + if(a == null) { + throw new IllegalArgumentException("Authorities collection cannot contain any null elements"); } } - this.authorities = Collections.unmodifiableList(authorities); + ArrayList temp = new ArrayList(authorities.size()); + temp.addAll(authorities); + this.authorities = Collections.unmodifiableList(temp); } } @@ -116,7 +118,7 @@ public abstract class AbstractAuthenticationToken implements Authentication { return this.isAuthenticated() == test.isAuthenticated(); } - public List getAuthorities() { + public Collection getAuthorities() { return authorities; } diff --git a/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationToken.java index ebe8177437..069ca11900 100644 --- a/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationToken.java +++ b/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationToken.java @@ -16,8 +16,7 @@ package org.springframework.security.authentication; import java.io.Serializable; -import java.util.Arrays; -import java.util.List; +import java.util.Collection; import org.springframework.security.core.GrantedAuthority; @@ -39,13 +38,6 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i //~ Constructors =================================================================================================== - /** - * @deprecated - */ - public RememberMeAuthenticationToken(String key, Object principal, GrantedAuthority[] authorities) { - this(key, principal, Arrays.asList(authorities)); - } - /** * Constructor. * @@ -55,7 +47,7 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i * * @throws IllegalArgumentException if a null was passed */ - public RememberMeAuthenticationToken(String key, Object principal, List authorities) { + public RememberMeAuthenticationToken(String key, Object principal, Collection authorities) { super(authorities); if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal)) { diff --git a/core/src/main/java/org/springframework/security/authentication/UsernamePasswordAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/UsernamePasswordAuthenticationToken.java index 9a5adff97c..e2f4353ed9 100644 --- a/core/src/main/java/org/springframework/security/authentication/UsernamePasswordAuthenticationToken.java +++ b/core/src/main/java/org/springframework/security/authentication/UsernamePasswordAuthenticationToken.java @@ -16,7 +16,7 @@ package org.springframework.security.authentication; import java.util.Arrays; -import java.util.List; +import java.util.Collection; import org.springframework.security.core.GrantedAuthority; @@ -69,7 +69,7 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT * @param credentials * @param authorities */ - public UsernamePasswordAuthenticationToken(Object principal, Object credentials, List authorities) { + public UsernamePasswordAuthenticationToken(Object principal, Object credentials, Collection authorities) { super(authorities); this.principal = principal; this.credentials = credentials; diff --git a/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManager.java b/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManager.java index 62d25685ac..5597a94a83 100644 --- a/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManager.java +++ b/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManager.java @@ -15,6 +15,8 @@ package org.springframework.security.authentication.rcp; +import java.util.Collection; + import org.springframework.security.core.GrantedAuthority; @@ -43,6 +45,6 @@ public interface RemoteAuthenticationManager { * * @throws RemoteAuthenticationException if the authentication failed. */ - GrantedAuthority[] attemptAuthentication(String username, String password) + Collection attemptAuthentication(String username, String password) throws RemoteAuthenticationException; } diff --git a/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManagerImpl.java b/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManagerImpl.java index c4f865a70c..afbd7e52f3 100644 --- a/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManagerImpl.java +++ b/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManagerImpl.java @@ -15,16 +15,13 @@ package org.springframework.security.authentication.rcp; -import java.util.List; - +import java.util.Collection; +import org.springframework.beans.factory.InitializingBean; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.GrantedAuthority; - -import org.springframework.beans.factory.InitializingBean; - import org.springframework.util.Assert; @@ -48,14 +45,14 @@ public class RemoteAuthenticationManagerImpl implements RemoteAuthenticationMana Assert.notNull(this.authenticationManager, "authenticationManager is required"); } - public GrantedAuthority[] attemptAuthentication(String username, String password) + public Collection attemptAuthentication(String username, String password) throws RemoteAuthenticationException { UsernamePasswordAuthenticationToken request = new UsernamePasswordAuthenticationToken(username, password); try { - List authorities = authenticationManager.authenticate(request).getAuthorities(); + Collection authorities = authenticationManager.authenticate(request).getAuthorities(); - return authorities == null ? null : authorities.toArray(new GrantedAuthority[authorities.size()]); + return authorities; } catch (AuthenticationException authEx) { throw new RemoteAuthenticationException(authEx.getMessage()); } diff --git a/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProvider.java b/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProvider.java index 8d75d87afa..5d5a51d000 100644 --- a/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProvider.java +++ b/core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProvider.java @@ -15,17 +15,14 @@ package org.springframework.security.authentication.rcp; -import java.util.Arrays; - +import java.util.Collection; +import org.springframework.beans.factory.InitializingBean; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.GrantedAuthority; - -import org.springframework.beans.factory.InitializingBean; - import org.springframework.util.Assert; @@ -62,9 +59,9 @@ public class RemoteAuthenticationProvider implements AuthenticationProvider, Ini throws AuthenticationException { String username = authentication.getPrincipal().toString(); String password = authentication.getCredentials().toString(); - GrantedAuthority[] authorities = remoteAuthenticationManager.attemptAuthentication(username, password); + Collection authorities = remoteAuthenticationManager.attemptAuthentication(username, password); - return new UsernamePasswordAuthenticationToken(username, password, Arrays.asList(authorities)); + return new UsernamePasswordAuthenticationToken(username, password, authorities); } public RemoteAuthenticationManager getRemoteAuthenticationManager() { diff --git a/core/src/main/java/org/springframework/security/core/Authentication.java b/core/src/main/java/org/springframework/security/core/Authentication.java index 25aba7a439..bc7e320d2b 100644 --- a/core/src/main/java/org/springframework/security/core/Authentication.java +++ b/core/src/main/java/org/springframework/security/core/Authentication.java @@ -18,7 +18,7 @@ package org.springframework.security.core; import java.io.Serializable; import java.security.Principal; -import java.util.List; +import java.util.Collection; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.core.context.SecurityContextHolder; @@ -56,7 +56,7 @@ public interface Authentication extends Principal, Serializable { * * @return the authorities granted to the principal, or null if authentication has not been completed */ - List getAuthorities(); + Collection getAuthorities(); /** * The credentials that prove the principal is correct. This is usually a password, but could be anything diff --git a/core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java b/core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java index cc5371d296..6d6daf6e07 100644 --- a/core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java +++ b/core/src/main/java/org/springframework/security/core/authority/AuthorityUtils.java @@ -1,6 +1,7 @@ package org.springframework.security.core.authority; import java.util.ArrayList; +import java.util.Collection; import java.util.Collections; import java.util.HashSet; import java.util.List; @@ -35,10 +36,10 @@ public abstract class AuthorityUtils { * Converts an array of GrantedAuthority objects to a Set. * @return a Set of the Strings obtained from each call to GrantedAuthority.getAuthority() */ - public static Set authorityListToSet(List authorities) { - Set set = new HashSet(authorities.size()); + public static Set authorityListToSet(Collection userAuthorities) { + Set set = new HashSet(userAuthorities.size()); - for (GrantedAuthority authority: authorities) { + for (GrantedAuthority authority: userAuthorities) { set.add(authority.getAuthority()); } diff --git a/core/src/main/java/org/springframework/security/core/userdetails/User.java b/core/src/main/java/org/springframework/security/core/userdetails/User.java index 54961a79f5..cf30ef95ea 100644 --- a/core/src/main/java/org/springframework/security/core/userdetails/User.java +++ b/core/src/main/java/org/springframework/security/core/userdetails/User.java @@ -17,6 +17,7 @@ package org.springframework.security.core.userdetails; import java.util.ArrayList; import java.util.Arrays; +import java.util.Collection; import java.util.Collections; import java.util.List; import java.util.SortedSet; @@ -80,7 +81,7 @@ public class User implements UserDetails { * GrantedAuthority[] array */ public User(String username, String password, boolean enabled, boolean accountNonExpired, - boolean credentialsNonExpired, boolean accountNonLocked, List authorities) { + boolean credentialsNonExpired, boolean accountNonLocked, Collection authorities) { if (((username == null) || "".equals(username)) || (password == null)) { throw new IllegalArgumentException("Cannot pass null or empty values to constructor"); @@ -118,7 +119,7 @@ public class User implements UserDetails { && (this.isEnabled() == user.isEnabled())); } - public List getAuthorities() { + public Collection getAuthorities() { return authorities; } @@ -182,7 +183,7 @@ public class User implements UserDetails { return enabled; } - private static List sortAuthorities(List authorities) { + private static List sortAuthorities(Collection authorities) { Assert.notNull(authorities, "Cannot pass a null GrantedAuthority array"); // Ensure array iteration order is predictable (as per UserDetails.getAuthorities() contract and SEC-xxx) SortedSet sorter = new TreeSet(); diff --git a/core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java b/core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java index eb20638582..05a1bfb942 100644 --- a/core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java +++ b/core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java @@ -19,7 +19,7 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import java.io.Serializable; -import java.util.List; +import java.util.Collection; /** @@ -60,7 +60,7 @@ public interface UserDetails extends Serializable { * * @return the authorities, sorted by natural key (never null) */ - List getAuthorities(); + Collection getAuthorities(); /** * Returns the password used to authenticate the user. Cannot return null. diff --git a/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java b/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java index 145e398b57..94d0112fc9 100644 --- a/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java +++ b/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java @@ -25,6 +25,7 @@ import org.apache.commons.logging.LogFactory; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; +import java.util.Collection; import java.util.List; /** @@ -171,9 +172,8 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa } private void insertUserAuthorities(UserDetails user) { - for (int i=0; i < user.getAuthorities().size(); i++) { - getJdbcTemplate().update(createAuthoritySql, - new Object[] {user.getUsername(), user.getAuthorities().get(i).getAuthority()}); + for (GrantedAuthority auth : user.getAuthorities()) { + getJdbcTemplate().update(createAuthoritySql, user.getUsername(), auth.getAuthority()); } } @@ -437,12 +437,12 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa validateAuthorities(user.getAuthorities()); } - private void validateAuthorities(List authorities) { + private void validateAuthorities(Collection authorities) { Assert.notNull(authorities, "Authorities list must not be null"); - for (int i=0; i < authorities.size(); i++) { - Assert.notNull(authorities.get(i), "Authorities list contains a null entry"); - Assert.hasText(authorities.get(i).getAuthority(), "getAuthority() method must return a non-empty string"); + for (GrantedAuthority authority : authorities) { + Assert.notNull(authority, "Authorities list contains a null entry"); + Assert.hasText(authority.getAuthority(), "getAuthority() method must return a non-empty string"); } } } diff --git a/core/src/test/java/org/springframework/security/access/expression/SecurityExpressionRootTests.java b/core/src/test/java/org/springframework/security/access/expression/SecurityExpressionRootTests.java index 0b4d1aa900..d98189989c 100644 --- a/core/src/test/java/org/springframework/security/access/expression/SecurityExpressionRootTests.java +++ b/core/src/test/java/org/springframework/security/access/expression/SecurityExpressionRootTests.java @@ -2,7 +2,7 @@ package org.springframework.security.access.expression; import static org.junit.Assert.*; -import java.util.List; +import java.util.Collection; import org.junit.Test; import org.springframework.security.access.hierarchicalroles.RoleHierarchy; @@ -24,7 +24,7 @@ public class SecurityExpressionRootTests { new SecurityExpressionRoot(new TestingAuthenticationToken("joe", "pass", "A", "B")) {}; root.setRoleHierarchy(new RoleHierarchy() { - public List getReachableGrantedAuthorities(List authorities) { + public Collection getReachableGrantedAuthorities(Collection authorities) { return AuthorityUtils.createAuthorityList("C"); } }); diff --git a/core/src/test/java/org/springframework/security/access/hierarchicalroles/HierarchicalRolesTestHelper.java b/core/src/test/java/org/springframework/security/access/hierarchicalroles/HierarchicalRolesTestHelper.java index 0d363f4270..8feb138d15 100755 --- a/core/src/test/java/org/springframework/security/access/hierarchicalroles/HierarchicalRolesTestHelper.java +++ b/core/src/test/java/org/springframework/security/access/hierarchicalroles/HierarchicalRolesTestHelper.java @@ -15,6 +15,7 @@ package org.springframework.security.access.hierarchicalroles; import java.util.ArrayList; +import java.util.Collection; import java.util.List; import org.springframework.security.core.GrantedAuthority; @@ -27,7 +28,7 @@ import org.apache.commons.collections.CollectionUtils; */ public abstract class HierarchicalRolesTestHelper { - public static boolean containTheSameGrantedAuthorities(List authorities1, List authorities2) { + public static boolean containTheSameGrantedAuthorities(Collection authorities1, Collection authorities2) { if (authorities1 == null && authorities2 == null) { return true; } @@ -38,7 +39,7 @@ public abstract class HierarchicalRolesTestHelper { return CollectionUtils.isEqualCollection(authorities1, authorities2); } - public static boolean containTheSameGrantedAuthoritiesCompareByAuthorityString(List authorities1, List authorities2) { + public static boolean containTheSameGrantedAuthoritiesCompareByAuthorityString(Collection authorities1, Collection authorities2) { if (authorities1 == null && authorities2 == null) { return true; } @@ -46,10 +47,10 @@ public abstract class HierarchicalRolesTestHelper { if (authorities1 == null || authorities2 == null) { return false; } - return CollectionUtils.isEqualCollection(toListOfAuthorityStrings(authorities1), toListOfAuthorityStrings(authorities2)); + return CollectionUtils.isEqualCollection(toCollectionOfAuthorityStrings(authorities1), toCollectionOfAuthorityStrings(authorities2)); } - public static List toListOfAuthorityStrings(List authorities) { + public static List toCollectionOfAuthorityStrings(Collection authorities) { if (authorities == null) { return null; } diff --git a/core/src/test/java/org/springframework/security/access/hierarchicalroles/TestHelperTests.java b/core/src/test/java/org/springframework/security/access/hierarchicalroles/TestHelperTests.java index fbe292b7e6..db25aa27ab 100755 --- a/core/src/test/java/org/springframework/security/access/hierarchicalroles/TestHelperTests.java +++ b/core/src/test/java/org/springframework/security/access/hierarchicalroles/TestHelperTests.java @@ -17,6 +17,7 @@ package org.springframework.security.access.hierarchicalroles; import static org.junit.Assert.*; import java.util.ArrayList; +import java.util.Collection; import java.util.List; import org.apache.commons.collections.CollectionUtils; @@ -56,11 +57,11 @@ public class TestHelperTests { // SEC-863 @Test public void testToListOfAuthorityStrings() { - List authorities1 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B"); - List authorities2 = AuthorityUtils.createAuthorityList("ROLE_B", "ROLE_A"); - List authorities3 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_C"); - List authorities4 = AuthorityUtils.createAuthorityList("ROLE_A"); - List authorities5 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_A"); + Collection authorities1 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B"); + Collection authorities2 = AuthorityUtils.createAuthorityList("ROLE_B", "ROLE_A"); + Collection authorities3 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_C"); + Collection authorities4 = AuthorityUtils.createAuthorityList("ROLE_A"); + Collection authorities5 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_A"); List authoritiesStrings1 = new ArrayList(); authoritiesStrings1.add("ROLE_A"); @@ -82,19 +83,19 @@ public class TestHelperTests { authoritiesStrings5.add("ROLE_A"); assertTrue(CollectionUtils.isEqualCollection( - HierarchicalRolesTestHelper.toListOfAuthorityStrings(authorities1), authoritiesStrings1)); + HierarchicalRolesTestHelper.toCollectionOfAuthorityStrings(authorities1), authoritiesStrings1)); assertTrue(CollectionUtils.isEqualCollection( - HierarchicalRolesTestHelper.toListOfAuthorityStrings(authorities2), authoritiesStrings2)); + HierarchicalRolesTestHelper.toCollectionOfAuthorityStrings(authorities2), authoritiesStrings2)); assertTrue(CollectionUtils.isEqualCollection( - HierarchicalRolesTestHelper.toListOfAuthorityStrings(authorities3), authoritiesStrings3)); + HierarchicalRolesTestHelper.toCollectionOfAuthorityStrings(authorities3), authoritiesStrings3)); assertTrue(CollectionUtils.isEqualCollection( - HierarchicalRolesTestHelper.toListOfAuthorityStrings(authorities4), authoritiesStrings4)); + HierarchicalRolesTestHelper.toCollectionOfAuthorityStrings(authorities4), authoritiesStrings4)); assertTrue(CollectionUtils.isEqualCollection( - HierarchicalRolesTestHelper.toListOfAuthorityStrings(authorities5), authoritiesStrings5)); + HierarchicalRolesTestHelper.toCollectionOfAuthorityStrings(authorities5), authoritiesStrings5)); } // SEC-863 diff --git a/core/src/test/java/org/springframework/security/access/intercept/RunAsManagerImplTests.java b/core/src/test/java/org/springframework/security/access/intercept/RunAsManagerImplTests.java index 7dbd7daf31..513bf7db53 100644 --- a/core/src/test/java/org/springframework/security/access/intercept/RunAsManagerImplTests.java +++ b/core/src/test/java/org/springframework/security/access/intercept/RunAsManagerImplTests.java @@ -15,12 +15,11 @@ package org.springframework.security.access.intercept; +import java.util.Set; + import junit.framework.TestCase; import org.springframework.security.access.SecurityConfig; -import org.springframework.security.access.intercept.RunAsManager; -import org.springframework.security.access.intercept.RunAsManagerImpl; -import org.springframework.security.access.intercept.RunAsUserToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.authority.AuthorityUtils; @@ -57,16 +56,18 @@ public class RunAsManagerImplTests extends TestCase { runAs.setKey("my_password"); runAs.setRolePrefix("FOOBAR_"); - Authentication resultingToken = runAs.buildRunAs(inputToken, new Object(), SecurityConfig.createList("RUN_AS_SOMETHING")); + Authentication result = runAs.buildRunAs(inputToken, new Object(), SecurityConfig.createList("RUN_AS_SOMETHING")); + + assertTrue("Should have returned a RunAsUserToken", result instanceof RunAsUserToken); + assertEquals(inputToken.getPrincipal(), result.getPrincipal()); + assertEquals(inputToken.getCredentials(), result.getCredentials()); + Set authorities = AuthorityUtils.authorityListToSet(result.getAuthorities()); - assertTrue("Should have returned a RunAsUserToken", resultingToken instanceof RunAsUserToken); - assertEquals(inputToken.getPrincipal(), resultingToken.getPrincipal()); - assertEquals(inputToken.getCredentials(), resultingToken.getCredentials()); - assertEquals("FOOBAR_RUN_AS_SOMETHING", resultingToken.getAuthorities().get(0).getAuthority()); - assertEquals("ONE", resultingToken.getAuthorities().get(1).getAuthority()); - assertEquals("TWO", resultingToken.getAuthorities().get(2).getAuthority()); + assertTrue(authorities.contains("FOOBAR_RUN_AS_SOMETHING")); + assertTrue(authorities.contains("ONE")); + assertTrue(authorities.contains("TWO")); - RunAsUserToken resultCast = (RunAsUserToken) resultingToken; + RunAsUserToken resultCast = (RunAsUserToken) result; assertEquals("my_password".hashCode(), resultCast.getKeyHash()); } @@ -77,19 +78,21 @@ public class RunAsManagerImplTests extends TestCase { RunAsManagerImpl runAs = new RunAsManagerImpl(); runAs.setKey("my_password"); - Authentication resultingToken = runAs.buildRunAs(inputToken, new Object(), SecurityConfig.createList("RUN_AS_SOMETHING")); + Authentication result = runAs.buildRunAs(inputToken, new Object(), SecurityConfig.createList("RUN_AS_SOMETHING")); - if (!(resultingToken instanceof RunAsUserToken)) { + if (!(result instanceof RunAsUserToken)) { fail("Should have returned a RunAsUserToken"); } - assertEquals(inputToken.getPrincipal(), resultingToken.getPrincipal()); - assertEquals(inputToken.getCredentials(), resultingToken.getCredentials()); - assertEquals("ROLE_RUN_AS_SOMETHING", resultingToken.getAuthorities().get(0).getAuthority()); - assertEquals("ROLE_ONE", resultingToken.getAuthorities().get(1).getAuthority()); - assertEquals("ROLE_TWO", resultingToken.getAuthorities().get(2).getAuthority()); + assertEquals(inputToken.getPrincipal(), result.getPrincipal()); + assertEquals(inputToken.getCredentials(), result.getCredentials()); + + Set authorities = AuthorityUtils.authorityListToSet(result.getAuthorities()); + assertTrue(authorities.contains("ROLE_RUN_AS_SOMETHING")); + assertTrue(authorities.contains("ROLE_ONE")); + assertTrue(authorities.contains("ROLE_TWO")); - RunAsUserToken resultCast = (RunAsUserToken) resultingToken; + RunAsUserToken resultCast = (RunAsUserToken) result; assertEquals("my_password".hashCode(), resultCast.getKeyHash()); } diff --git a/core/src/test/java/org/springframework/security/authentication/AbstractAuthenticationTokenTests.java b/core/src/test/java/org/springframework/security/authentication/AbstractAuthenticationTokenTests.java index 3482f73ff2..5d2190eae8 100644 --- a/core/src/test/java/org/springframework/security/authentication/AbstractAuthenticationTokenTests.java +++ b/core/src/test/java/org/springframework/security/authentication/AbstractAuthenticationTokenTests.java @@ -21,7 +21,6 @@ import java.util.List; import org.junit.Before; import org.junit.Test; -import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.authority.GrantedAuthorityImpl; @@ -48,7 +47,7 @@ public class AbstractAuthenticationTokenTests { @Test(expected=UnsupportedOperationException.class) public void testAuthoritiesAreImmutable() { MockAuthenticationImpl token = new MockAuthenticationImpl("Test", "Password", authorities); - List gotAuthorities = token.getAuthorities(); + List gotAuthorities = (List) token.getAuthorities(); assertNotSame(authorities, gotAuthorities); gotAuthorities.set(0, new GrantedAuthorityImpl("ROLE_SUPER_USER")); diff --git a/core/src/test/java/org/springframework/security/authentication/TestingAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/authentication/TestingAuthenticationProviderTests.java index ed520abc94..5ce1a7aaf6 100644 --- a/core/src/test/java/org/springframework/security/authentication/TestingAuthenticationProviderTests.java +++ b/core/src/test/java/org/springframework/security/authentication/TestingAuthenticationProviderTests.java @@ -20,6 +20,7 @@ import junit.framework.TestCase; import org.springframework.security.authentication.TestingAuthenticationProvider; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; +import org.springframework.security.core.authority.AuthorityUtils; /** * Tests {@link TestingAuthenticationProvider}. @@ -39,8 +40,8 @@ public class TestingAuthenticationProviderTests extends TestCase { TestingAuthenticationToken castResult = (TestingAuthenticationToken) result; assertEquals("Test", castResult.getPrincipal()); assertEquals("Password", castResult.getCredentials()); - assertEquals("ROLE_ONE", castResult.getAuthorities().get(0).getAuthority()); - assertEquals("ROLE_TWO", castResult.getAuthorities().get(1).getAuthority()); + assertTrue(AuthorityUtils.authorityListToSet(castResult.getAuthorities()).contains("ROLE_ONE")); + assertTrue(AuthorityUtils.authorityListToSet(castResult.getAuthorities()).contains("ROLE_TWO")); } public void testSupports() { diff --git a/core/src/test/java/org/springframework/security/authentication/UsernamePasswordAuthenticationTokenTests.java b/core/src/test/java/org/springframework/security/authentication/UsernamePasswordAuthenticationTokenTests.java index 84ca4fb468..1274c4220d 100644 --- a/core/src/test/java/org/springframework/security/authentication/UsernamePasswordAuthenticationTokenTests.java +++ b/core/src/test/java/org/springframework/security/authentication/UsernamePasswordAuthenticationTokenTests.java @@ -68,8 +68,8 @@ public class UsernamePasswordAuthenticationTokenTests { AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO")); assertEquals("Test", token.getPrincipal()); assertEquals("Password", token.getCredentials()); - assertEquals("ROLE_ONE", token.getAuthorities().get(0).getAuthority()); - assertEquals("ROLE_TWO", token.getAuthorities().get(1).getAuthority()); + assertTrue(AuthorityUtils.authorityListToSet(token.getAuthorities()).contains("ROLE_ONE")); + assertTrue(AuthorityUtils.authorityListToSet(token.getAuthorities()).contains("ROLE_TWO")); } @Test(expected=NoSuchMethodException.class) diff --git a/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationTokenTests.java b/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationTokenTests.java index 1a56852a6a..ef7185e520 100644 --- a/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationTokenTests.java +++ b/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationTokenTests.java @@ -76,8 +76,8 @@ public class AnonymousAuthenticationTokenTests extends TestCase { assertEquals("key".hashCode(), token.getKeyHash()); assertEquals("Test", token.getPrincipal()); assertEquals("", token.getCredentials()); - assertEquals("ROLE_ONE", token.getAuthorities().get(0).getAuthority()); - assertEquals("ROLE_TWO", token.getAuthorities().get(1).getAuthority()); + assertTrue(AuthorityUtils.authorityListToSet(token.getAuthorities()).contains("ROLE_ONE")); + assertTrue(AuthorityUtils.authorityListToSet(token.getAuthorities()).contains("ROLE_TWO")); assertTrue(token.isAuthenticated()); } diff --git a/core/src/test/java/org/springframework/security/authentication/dao/DaoAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/authentication/dao/DaoAuthenticationProviderTests.java index 7f6e232876..85cec8fa28 100644 --- a/core/src/test/java/org/springframework/security/authentication/dao/DaoAuthenticationProviderTests.java +++ b/core/src/test/java/org/springframework/security/authentication/dao/DaoAuthenticationProviderTests.java @@ -19,7 +19,8 @@ import java.util.List; import junit.framework.TestCase; - +import org.springframework.dao.DataAccessException; +import org.springframework.dao.DataRetrievalFailureException; import org.springframework.security.authentication.AccountExpiredException; import org.springframework.security.authentication.AuthenticationServiceException; import org.springframework.security.authentication.BadCredentialsException; @@ -28,7 +29,6 @@ import org.springframework.security.authentication.DisabledException; import org.springframework.security.authentication.LockedException; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.authentication.dao.DaoAuthenticationProvider; import org.springframework.security.authentication.encoding.ShaPasswordEncoder; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; @@ -41,10 +41,6 @@ import org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache import org.springframework.security.core.userdetails.cache.NullUserCache; -import org.springframework.dao.DataAccessException; -import org.springframework.dao.DataRetrievalFailureException; - - /** * Tests {@link DaoAuthenticationProvider}. * @@ -267,8 +263,8 @@ public class DaoAuthenticationProviderTests extends TestCase { UsernamePasswordAuthenticationToken castResult = (UsernamePasswordAuthenticationToken) result; assertEquals(User.class, castResult.getPrincipal().getClass()); assertEquals("koala", castResult.getCredentials()); - assertEquals("ROLE_ONE", castResult.getAuthorities().get(0).getAuthority()); - assertEquals("ROLE_TWO", castResult.getAuthorities().get(1).getAuthority()); + assertTrue(AuthorityUtils.authorityListToSet(castResult.getAuthorities()).contains("ROLE_ONE")); + assertTrue(AuthorityUtils.authorityListToSet(castResult.getAuthorities()).contains("ROLE_TWO")); assertEquals("192.168.0.1", castResult.getDetails()); } @@ -312,13 +308,12 @@ public class DaoAuthenticationProviderTests extends TestCase { fail("Should have returned instance of UsernamePasswordAuthenticationToken"); } - UsernamePasswordAuthenticationToken castResult = (UsernamePasswordAuthenticationToken) result; - assertEquals(User.class, castResult.getPrincipal().getClass()); + assertEquals(User.class, result.getPrincipal().getClass()); // We expect original credentials user submitted to be returned - assertEquals("koala", castResult.getCredentials()); - assertEquals("ROLE_ONE", castResult.getAuthorities().get(0).getAuthority()); - assertEquals("ROLE_TWO", castResult.getAuthorities().get(1).getAuthority()); + assertEquals("koala", result.getCredentials()); + assertTrue(AuthorityUtils.authorityListToSet(result.getAuthorities()).contains("ROLE_ONE")); + assertTrue(AuthorityUtils.authorityListToSet(result.getAuthorities()).contains("ROLE_TWO")); } public void testAuthenticatesWithForcePrincipalAsString() { diff --git a/core/src/test/java/org/springframework/security/authentication/jaas/JaasAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/authentication/jaas/JaasAuthenticationProviderTests.java index 6c4f8a3c8d..7f7a117b9d 100644 --- a/core/src/test/java/org/springframework/security/authentication/jaas/JaasAuthenticationProviderTests.java +++ b/core/src/test/java/org/springframework/security/authentication/jaas/JaasAuthenticationProviderTests.java @@ -23,6 +23,7 @@ import java.io.FileOutputStream; import java.io.PrintWriter; import java.net.URL; import java.security.Security; +import java.util.Collection; import java.util.List; import javax.security.auth.login.LoginContext; @@ -192,7 +193,7 @@ public class JaasAuthenticationProviderTests { assertNotNull(jaasProvider.getLoginConfig()); assertNotNull(jaasProvider.getLoginContextName()); - List list = auth.getAuthorities(); + Collection list = auth.getAuthorities(); assertTrue("GrantedAuthorities should contain ROLE_TEST1", list.contains(new GrantedAuthorityImpl("ROLE_TEST1"))); assertTrue("GrantedAuthorities should contain ROLE_TEST2", list.contains(new GrantedAuthorityImpl("ROLE_TEST2"))); @@ -201,11 +202,9 @@ public class JaasAuthenticationProviderTests { boolean foundit = false; - for (int i = 0; i < list.size(); i++) { - Object obj = list.get(i); - - if (obj instanceof JaasGrantedAuthority) { - JaasGrantedAuthority grant = (JaasGrantedAuthority) obj; + for (GrantedAuthority a : list) { + if (a instanceof JaasGrantedAuthority) { + JaasGrantedAuthority grant = (JaasGrantedAuthority) a; assertNotNull("Principal was null on JaasGrantedAuthority", grant.getPrincipal()); foundit = true; } diff --git a/core/src/test/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProviderTests.java index 81f8e995be..e8fc833574 100644 --- a/core/src/test/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProviderTests.java +++ b/core/src/test/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProviderTests.java @@ -15,16 +15,14 @@ package org.springframework.security.authentication.rcp; -import junit.framework.TestCase; +import java.util.Collection; +import junit.framework.TestCase; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.authentication.rcp.RemoteAuthenticationException; -import org.springframework.security.authentication.rcp.RemoteAuthenticationManager; -import org.springframework.security.authentication.rcp.RemoteAuthenticationProvider; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.GrantedAuthorityImpl; +import org.springframework.security.core.authority.AuthorityUtils; /** @@ -36,14 +34,6 @@ import org.springframework.security.core.authority.GrantedAuthorityImpl; public class RemoteAuthenticationProviderTests extends TestCase { //~ Methods ======================================================================================================== - public static void main(String[] args) { - junit.textui.TestRunner.run(RemoteAuthenticationProviderTests.class); - } - - public final void setUp() throws Exception { - super.setUp(); - } - public void testExceptionsGetPassedBackToCaller() { RemoteAuthenticationProvider provider = new RemoteAuthenticationProvider(); provider.setRemoteAuthenticationManager(new MockRemoteAuthenticationManager(false)); @@ -85,7 +75,7 @@ public class RemoteAuthenticationProviderTests extends TestCase { Authentication result = provider.authenticate(new UsernamePasswordAuthenticationToken("rod", "password")); assertEquals("rod", result.getPrincipal()); assertEquals("password", result.getCredentials()); - assertEquals("foo", result.getAuthorities().get(0).getAuthority()); + assertTrue(AuthorityUtils.authorityListToSet(result.getAuthorities()).contains("foo")); } public void testSupports() { @@ -102,10 +92,10 @@ public class RemoteAuthenticationProviderTests extends TestCase { this.grantAccess = grantAccess; } - public GrantedAuthority[] attemptAuthentication(String username, String password) + public Collection attemptAuthentication(String username, String password) throws RemoteAuthenticationException { if (grantAccess) { - return new GrantedAuthority[] {new GrantedAuthorityImpl("foo")}; + return AuthorityUtils.createAuthorityList("foo"); } else { throw new RemoteAuthenticationException("as requested"); } diff --git a/core/src/test/java/org/springframework/security/authentication/rememberme/RememberMeAuthenticationTokenTests.java b/core/src/test/java/org/springframework/security/authentication/rememberme/RememberMeAuthenticationTokenTests.java index f7c13e8400..b7b68f5ab1 100644 --- a/core/src/test/java/org/springframework/security/authentication/rememberme/RememberMeAuthenticationTokenTests.java +++ b/core/src/test/java/org/springframework/security/authentication/rememberme/RememberMeAuthenticationTokenTests.java @@ -75,8 +75,8 @@ public class RememberMeAuthenticationTokenTests extends TestCase { assertEquals("key".hashCode(), token.getKeyHash()); assertEquals("Test", token.getPrincipal()); assertEquals("", token.getCredentials()); - assertEquals("ROLE_ONE", token.getAuthorities().get(0).getAuthority()); - assertEquals("ROLE_TWO", token.getAuthorities().get(1).getAuthority()); + assertTrue(AuthorityUtils.authorityListToSet(token.getAuthorities()).contains("ROLE_ONE")); + assertTrue(AuthorityUtils.authorityListToSet(token.getAuthorities()).contains("ROLE_TWO")); assertTrue(token.isAuthenticated()); } diff --git a/core/src/test/java/org/springframework/security/core/userdetails/UserTests.java b/core/src/test/java/org/springframework/security/core/userdetails/UserTests.java index 79216d19ee..7af509dfe6 100644 --- a/core/src/test/java/org/springframework/security/core/userdetails/UserTests.java +++ b/core/src/test/java/org/springframework/security/core/userdetails/UserTests.java @@ -106,8 +106,8 @@ public class UserTests extends TestCase { assertEquals("rod", user.getUsername()); assertEquals("koala", user.getPassword()); assertTrue(user.isEnabled()); - assertEquals(new GrantedAuthorityImpl("ROLE_ONE"), user.getAuthorities().get(0)); - assertEquals(new GrantedAuthorityImpl("ROLE_TWO"), user.getAuthorities().get(1)); + assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_ONE")); + assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_TWO")); assertTrue(user.toString().indexOf("rod") != -1); } diff --git a/core/src/test/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImplTests.java b/core/src/test/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImplTests.java index 64afa203b6..696f00fec0 100644 --- a/core/src/test/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImplTests.java +++ b/core/src/test/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImplTests.java @@ -15,14 +15,12 @@ package org.springframework.security.core.userdetails.jdbc; -import java.util.HashSet; - import junit.framework.TestCase; import org.springframework.security.PopulatedDatabase; +import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl; /** @@ -59,18 +57,15 @@ public class JdbcDaoImplTests extends TestCase { assertEquals("koala", user.getPassword()); assertTrue(user.isEnabled()); - HashSet authorities = new HashSet(2); - authorities.add(user.getAuthorities().get(0).getAuthority()); - authorities.add(user.getAuthorities().get(1).getAuthority()); - assertTrue(authorities.contains("ROLE_TELLER")); - assertTrue(authorities.contains("ROLE_SUPERVISOR")); + assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_TELLER")); + assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_SUPERVISOR")); } public void testCheckDaoOnlyReturnsGrantedAuthoritiesGrantedToUser() throws Exception { JdbcDaoImpl dao = makePopulatedJdbcDao(); UserDetails user = dao.loadUserByUsername("scott"); - assertEquals("ROLE_TELLER", user.getAuthorities().get(0).getAuthority()); assertEquals(1, user.getAuthorities().size()); + assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_TELLER")); } public void testCheckDaoReturnsCorrectDisabledProperty() throws Exception { @@ -124,11 +119,8 @@ public class JdbcDaoImplTests extends TestCase { assertEquals("rod", user.getUsername()); assertEquals(2, user.getAuthorities().size()); - HashSet authorities = new HashSet(2); - authorities.add(user.getAuthorities().get(0).getAuthority()); - authorities.add(user.getAuthorities().get(1).getAuthority()); - assertTrue(authorities.contains("ARBITRARY_PREFIX_ROLE_TELLER")); - assertTrue(authorities.contains("ARBITRARY_PREFIX_ROLE_SUPERVISOR")); + assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ARBITRARY_PREFIX_ROLE_TELLER")); + assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ARBITRARY_PREFIX_ROLE_SUPERVISOR")); } public void testGroupAuthoritiesAreLoadedCorrectly() throws Exception { diff --git a/core/src/test/java/org/springframework/security/core/userdetails/memory/UserMapEditorTests.java b/core/src/test/java/org/springframework/security/core/userdetails/memory/UserMapEditorTests.java index cfd929b350..0f62884a1c 100644 --- a/core/src/test/java/org/springframework/security/core/userdetails/memory/UserMapEditorTests.java +++ b/core/src/test/java/org/springframework/security/core/userdetails/memory/UserMapEditorTests.java @@ -17,6 +17,7 @@ package org.springframework.security.core.userdetails.memory; import junit.framework.TestCase; +import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.memory.UserMap; import org.springframework.security.core.userdetails.memory.UserMapEditor; @@ -63,8 +64,8 @@ public class UserMapEditorTests extends TestCase { UserMap map = (UserMap) editor.getValue(); assertEquals("rod", map.getUser("rod").getUsername()); assertEquals("koala", map.getUser("rod").getPassword()); - assertEquals("ROLE_ONE", map.getUser("rod").getAuthorities().get(0).getAuthority()); - assertEquals("ROLE_TWO", map.getUser("rod").getAuthorities().get(1).getAuthority()); + assertTrue(AuthorityUtils.authorityListToSet(map.getUser("rod").getAuthorities()).contains("ROLE_ONE")); + assertTrue(AuthorityUtils.authorityListToSet(map.getUser("rod").getAuthorities()).contains("ROLE_TWO")); assertTrue(map.getUser("rod").isEnabled()); } diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java index 504b57a1a7..a47662f052 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java @@ -15,7 +15,7 @@ package org.springframework.security.ldap.authentication; -import java.util.List; +import java.util.Collection; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -252,7 +252,7 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa try { DirContextOperations userData = getAuthenticator().authenticate(authentication); - List extraAuthorities = loadUserAuthorities(userData, username, password); + Collection extraAuthorities = loadUserAuthorities(userData, username, password); UserDetails user = userDetailsContextMapper.mapUserFromContext(userData, username, extraAuthorities); @@ -273,7 +273,7 @@ public class LdapAuthenticationProvider implements AuthenticationProvider, Messa } } - protected List loadUserAuthorities(DirContextOperations userData, String username, String password) { + protected Collection loadUserAuthorities(DirContextOperations userData, String username, String password) { return getAuthoritiesPopulator().getGrantedAuthorities(userData, username); } diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/NullLdapAuthoritiesPopulator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/NullLdapAuthoritiesPopulator.java index a67736a5d0..be7cf70e62 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/NullLdapAuthoritiesPopulator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/NullLdapAuthoritiesPopulator.java @@ -1,6 +1,6 @@ package org.springframework.security.ldap.authentication; -import java.util.List; +import java.util.Collection; import org.springframework.ldap.core.DirContextOperations; import org.springframework.security.core.GrantedAuthority; @@ -14,7 +14,7 @@ import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator; * @since 3.0 */ public final class NullLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator { - public List getGrantedAuthorities(DirContextOperations userDetails, String username) { + public Collection getGrantedAuthorities(DirContextOperations userDetails, String username) { return AuthorityUtils.NO_AUTHORITIES; } } diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/UserDetailsServiceLdapAuthoritiesPopulator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/UserDetailsServiceLdapAuthoritiesPopulator.java index 22713e3f51..03d9916cd1 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/UserDetailsServiceLdapAuthoritiesPopulator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/UserDetailsServiceLdapAuthoritiesPopulator.java @@ -1,6 +1,6 @@ package org.springframework.security.ldap.authentication; -import java.util.List; +import java.util.Collection; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.UserDetailsService; @@ -25,7 +25,7 @@ public class UserDetailsServiceLdapAuthoritiesPopulator implements LdapAuthoriti this.userDetailsService = userService; } - public List getGrantedAuthorities(DirContextOperations userData, String username) { + public Collection getGrantedAuthorities(DirContextOperations userData, String username) { return userDetailsService.loadUserByUsername(username).getAuthorities(); } } diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java index 344ff2ff31..7a933dfd5d 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulator.java @@ -29,6 +29,7 @@ import org.apache.commons.logging.LogFactory; import javax.naming.directory.SearchControls; import java.util.ArrayList; +import java.util.Collection; import java.util.Collections; import java.util.HashSet; import java.util.List; @@ -172,7 +173,7 @@ public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator * @param user the user who's authorities are required * @return the set of roles granted to the user. */ - public final List getGrantedAuthorities(DirContextOperations user, String username) { + public final Collection getGrantedAuthorities(DirContextOperations user, String username) { String userDn = user.getNameInNamespace(); if (logger.isDebugEnabled()) { diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/InetOrgPersonContextMapper.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/InetOrgPersonContextMapper.java index bcbc47f4da..c35cc9af82 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/InetOrgPersonContextMapper.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/InetOrgPersonContextMapper.java @@ -14,7 +14,7 @@ */ package org.springframework.security.ldap.userdetails; -import java.util.List; +import java.util.Collection; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; @@ -29,7 +29,7 @@ import org.springframework.util.Assert; */ public class InetOrgPersonContextMapper implements UserDetailsContextMapper { - public UserDetails mapUserFromContext(DirContextOperations ctx, String username, List authorities) { + public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection authorities) { InetOrgPerson.Essence p = new InetOrgPerson.Essence(ctx); p.setUsername(username); diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapAuthoritiesPopulator.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapAuthoritiesPopulator.java index bedb09b0bc..6eb141fde2 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapAuthoritiesPopulator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapAuthoritiesPopulator.java @@ -15,7 +15,7 @@ package org.springframework.security.ldap.userdetails; -import java.util.List; +import java.util.Collection; import org.springframework.security.core.GrantedAuthority; @@ -43,5 +43,5 @@ public interface LdapAuthoritiesPopulator { * @return the granted authorities for the given user. * */ - List getGrantedAuthorities(DirContextOperations userData, String username); + Collection getGrantedAuthorities(DirContextOperations userData, String username); } diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsImpl.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsImpl.java index 923ebc7a02..13cb273f5a 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsImpl.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsImpl.java @@ -16,7 +16,7 @@ package org.springframework.security.ldap.userdetails; import java.util.ArrayList; -import java.util.List; +import java.util.Collection; import javax.naming.Name; @@ -48,7 +48,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData private String dn; private String password; private String username; - private List authorities = AuthorityUtils.NO_AUTHORITIES; + private Collection authorities = AuthorityUtils.NO_AUTHORITIES; private boolean accountNonExpired = true; private boolean accountNonLocked = true; private boolean credentialsNonExpired = true; @@ -63,7 +63,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData //~ Methods ======================================================================================================== - public List getAuthorities() { + public Collection getAuthorities() { return authorities; } @@ -104,7 +104,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData } public String toString() { - StringBuffer sb = new StringBuffer(); + StringBuilder sb = new StringBuilder(); sb.append(super.toString()).append(": "); sb.append("Username: ").append(this.username).append("; "); sb.append("Password: [PROTECTED]; "); @@ -115,13 +115,16 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData if (this.getAuthorities() != null) { sb.append("Granted Authorities: "); + boolean first = true; - for (int i = 0; i < this.getAuthorities().size(); i++) { - if (i > 0) { + for (Object authority : this.getAuthorities()) { + if (first) { + first = false; + } else { sb.append(", "); } - sb.append(this.getAuthorities().get(i).toString()); + sb.append(authority.toString()); } } else { sb.append("Not granted any authorities"); @@ -137,7 +140,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData */ public static class Essence { protected LdapUserDetailsImpl instance = createTarget(); - private List mutableAuthorities = new ArrayList(); + private Collection mutableAuthorities = new ArrayList(); public Essence() { } @@ -190,7 +193,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData return newInstance; } - public List getGrantedAuthorities() { + public Collection getGrantedAuthorities() { return mutableAuthorities; } @@ -202,7 +205,7 @@ public class LdapUserDetailsImpl implements LdapUserDetails, PasswordPolicyData instance.accountNonLocked = accountNonLocked; } - public void setAuthorities(List authorities) { + public void setAuthorities(Collection authorities) { mutableAuthorities = authorities; } diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java index d304c3845e..593b872a7b 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java @@ -52,6 +52,7 @@ import javax.naming.directory.SearchControls; import javax.naming.directory.SearchResult; import javax.naming.ldap.LdapContext; import java.util.Arrays; +import java.util.Collection; import java.util.LinkedList; import java.util.List; import java.util.ListIterator; @@ -315,7 +316,7 @@ public class LdapUserDetailsManager implements UserDetailsManager { userDetailsMapper.mapUserToContext(user, ctx); } - protected void addAuthorities(DistinguishedName userDn, List authorities) { + protected void addAuthorities(DistinguishedName userDn, Collection authorities) { modifyAuthorities(userDn, authorities, DirContext.ADD_ATTRIBUTE); } @@ -323,11 +324,10 @@ public class LdapUserDetailsManager implements UserDetailsManager { modifyAuthorities(userDn, authorities, DirContext.REMOVE_ATTRIBUTE); } - private void modifyAuthorities(final DistinguishedName userDn, final List authorities, final int modType) { + private void modifyAuthorities(final DistinguishedName userDn, final Collection authorities, final int modType) { template.executeReadWrite(new ContextExecutor() { public Object executeWithContext(DirContext ctx) throws NamingException { - for(int i=0; i < authorities.size(); i++) { - GrantedAuthority authority = authorities.get(i); + for(GrantedAuthority authority : authorities) { String group = convertAuthorityToGroup(authority); DistinguishedName fullDn = LdapUtils.getFullDn(userDn, ctx); ModificationItem addGroup = new ModificationItem(modType, diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java index 932e6f0921..e1e59a6b57 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java @@ -15,7 +15,7 @@ package org.springframework.security.ldap.userdetails; -import java.util.List; +import java.util.Collection; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -46,7 +46,7 @@ public class LdapUserDetailsMapper implements UserDetailsContextMapper { //~ Methods ======================================================================================================== - public UserDetails mapUserFromContext(DirContextOperations ctx, String username, List authorities) { + public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection authorities) { String dn = ctx.getNameInNamespace(); logger.debug("Mapping user details from context with DN: " + dn); @@ -82,8 +82,8 @@ public class LdapUserDetailsMapper implements UserDetailsContextMapper { // Add the supplied authorities - for (int i=0; i < authorities.size(); i++) { - essence.addAuthority(authorities.get(i)); + for (GrantedAuthority authority : authorities) { + essence.addAuthority(authority); } // Check for PPolicy data diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/PersonContextMapper.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/PersonContextMapper.java index c0b65213fa..fa32664e03 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/PersonContextMapper.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/PersonContextMapper.java @@ -1,6 +1,6 @@ package org.springframework.security.ldap.userdetails; -import java.util.List; +import java.util.Collection; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; @@ -14,7 +14,7 @@ import org.springframework.util.Assert; */ public class PersonContextMapper implements UserDetailsContextMapper { - public UserDetails mapUserFromContext(DirContextOperations ctx, String username, List authorities) { + public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection authorities) { Person.Essence p = new Person.Essence(ctx); p.setUsername(username); diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/UserDetailsContextMapper.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/UserDetailsContextMapper.java index 883dd97cd6..81394b4d8e 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/UserDetailsContextMapper.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/UserDetailsContextMapper.java @@ -14,7 +14,7 @@ */ package org.springframework.security.ldap.userdetails; -import java.util.List; +import java.util.Collection; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; @@ -39,7 +39,7 @@ public interface UserDetailsContextMapper { * @param authority the list of authorities which the user should be given. * @return the user object. */ - UserDetails mapUserFromContext(DirContextOperations ctx, String username, List authority); + UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection authority); /** * Reverse of the above operation. Populates a context object from the supplied user object. diff --git a/ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java b/ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java index 47c212467c..b1514f1ec3 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java @@ -17,8 +17,7 @@ package org.springframework.security.ldap.authentication; import static org.junit.Assert.*; -import java.util.ArrayList; -import java.util.List; +import java.util.Collection; import org.jmock.Expectations; import org.jmock.Mockery; @@ -128,12 +127,8 @@ public class LdapAuthenticationProviderTests { assertEquals("ben", user.getUsername()); assertEquals("ben", populator.getRequestedUsername()); - ArrayList authorities = new ArrayList(); - authorities.add(user.getAuthorities().get(0).getAuthority()); - authorities.add(user.getAuthorities().get(1).getAuthority()); - - assertTrue(authorities.contains("ROLE_FROM_ENTRY")); - assertTrue(authorities.contains("ROLE_FROM_POPULATOR")); + assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_FROM_ENTRY")); + assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_FROM_POPULATOR")); } @Test @@ -157,7 +152,7 @@ public class LdapAuthenticationProviderTests { UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken("ben", "benspassword"); UserDetails user = (UserDetails) ldapProvider.authenticate(authRequest).getPrincipal(); assertEquals(1, user.getAuthorities().size()); - assertEquals("ROLE_FROM_ENTRY", user.getAuthorities().get(0).getAuthority()); + assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_FROM_ENTRY")); } //~ Inner Classes ================================================================================================== @@ -189,7 +184,7 @@ public class LdapAuthenticationProviderTests { class MockAuthoritiesPopulator implements LdapAuthoritiesPopulator { String username; - public List getGrantedAuthorities(DirContextOperations userCtx, String username) { + public Collection getGrantedAuthorities(DirContextOperations userCtx, String username) { this.username = username; return AuthorityUtils.createAuthorityList("ROLE_FROM_POPULATOR"); } diff --git a/ldap/src/test/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulatorTests.java b/ldap/src/test/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulatorTests.java index 8651c89022..e592c8ce1d 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulatorTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/populator/DefaultLdapAuthoritiesPopulatorTests.java @@ -16,19 +16,18 @@ package org.springframework.security.ldap.populator; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.ldap.AbstractLdapIntegrationTests; -import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator; - -import org.springframework.ldap.core.DirContextAdapter; -import org.springframework.ldap.core.DistinguishedName; +import static org.junit.Assert.*; -import java.util.HashSet; -import java.util.List; +import java.util.Collection; import java.util.Set; -import static org.junit.Assert.*; import org.junit.Test; +import org.springframework.ldap.core.DirContextAdapter; +import org.springframework.ldap.core.DistinguishedName; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.AuthorityUtils; +import org.springframework.security.ldap.AbstractLdapIntegrationTests; +import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator; /** @@ -53,9 +52,9 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio DirContextAdapter ctx = new DirContextAdapter(new DistinguishedName("cn=notfound")); - List authorities = populator.getGrantedAuthorities(ctx, "notfound"); + Collection authorities = populator.getGrantedAuthorities(ctx, "notfound"); assertEquals(1, authorities.size()); - assertEquals("ROLE_USER", authorities.get(0).getAuthority()); + assertTrue(AuthorityUtils.authorityListToSet(authorities).contains("ROLE_USER")); } @Test @@ -69,15 +68,12 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio DirContextAdapter ctx = new DirContextAdapter(new DistinguishedName("uid=ben,ou=people,dc=springframework,dc=org")); - List authorities = populator.getGrantedAuthorities(ctx, "ben"); + Set authorities = AuthorityUtils.authorityListToSet(populator.getGrantedAuthorities(ctx, "ben")); assertEquals("Should have 2 roles", 2, authorities.size()); - Set roles = new HashSet(); - roles.add(authorities.get(0).toString()); - roles.add(authorities.get(1).toString()); - assertTrue(roles.contains("ROLE_DEVELOPER")); - assertTrue(roles.contains("ROLE_MANAGER")); + assertTrue(authorities.contains("ROLE_DEVELOPER")); + assertTrue(authorities.contains("ROLE_MANAGER")); } @Test @@ -88,10 +84,10 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio DirContextAdapter ctx = new DirContextAdapter(new DistinguishedName("uid=ben,ou=people,dc=springframework,dc=org")); - List authorities = populator.getGrantedAuthorities(ctx, "manager"); + Set authorities = AuthorityUtils.authorityListToSet(populator.getGrantedAuthorities(ctx, "manager")); assertEquals("Should have 1 role", 1, authorities.size()); - assertEquals("ROLE_MANAGER", authorities.get(0).getAuthority()); + assertTrue(authorities.contains("ROLE_MANAGER")); } @Test @@ -101,14 +97,11 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio DirContextAdapter ctx = new DirContextAdapter(new DistinguishedName("uid=ben,ou=people,dc=springframework,dc=org")); - List authorities = populator.getGrantedAuthorities(ctx, "manager"); + Set authorities = AuthorityUtils.authorityListToSet(populator.getGrantedAuthorities(ctx, "manager")); assertEquals("Should have 2 roles", 2, authorities.size()); - Set roles = new HashSet(2); - roles.add(authorities.get(0).getAuthority()); - roles.add(authorities.get(1).getAuthority()); - assertTrue(roles.contains("ROLE_MANAGER")); - assertTrue(roles.contains("ROLE_DEVELOPER")); + assertTrue(authorities.contains("ROLE_MANAGER")); + assertTrue(authorities.contains("ROLE_DEVELOPER")); } @Test @@ -119,16 +112,12 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio DirContextAdapter ctx = new DirContextAdapter(new DistinguishedName("uid=ben,ou=people,dc=springframework,dc=org")); - List authorities = populator.getGrantedAuthorities(ctx, "manager"); + Set authorities = AuthorityUtils.authorityListToSet(populator.getGrantedAuthorities(ctx, "manager")); assertEquals("Should have 3 roles", 3, authorities.size()); - Set roles = new HashSet(3); - roles.add(authorities.get(0).getAuthority()); - roles.add(authorities.get(1).getAuthority()); - roles.add(authorities.get(2).getAuthority()); - assertTrue(roles.contains("ROLE_MANAGER")); - assertTrue(roles.contains("ROLE_DEVELOPER")); - assertTrue(roles.contains("ROLE_SUBMANAGER")); + assertTrue(authorities.contains("ROLE_MANAGER")); + assertTrue(authorities.contains("ROLE_SUBMANAGER")); + assertTrue(authorities.contains("ROLE_DEVELOPER")); } @Test @@ -139,9 +128,9 @@ public class DefaultLdapAuthoritiesPopulatorTests extends AbstractLdapIntegratio DirContextAdapter ctx = new DirContextAdapter(new DistinguishedName("cn=mouse\\, jerry,ou=people,dc=springframework,dc=org")); - List authorities = populator.getGrantedAuthorities(ctx, "notused"); + Set authorities = AuthorityUtils.authorityListToSet(populator.getGrantedAuthorities(ctx, "notused")); assertEquals("Should have 1 role", 1, authorities.size()); - assertEquals("ROLE_MANAGER", authorities.get(0).getAuthority()); + assertTrue(authorities.contains("ROLE_MANAGER")); } } diff --git a/ldap/src/test/java/org/springframework/security/ldap/populator/UserDetailsServiceLdapAuthoritiesPopulatorTests.java b/ldap/src/test/java/org/springframework/security/ldap/populator/UserDetailsServiceLdapAuthoritiesPopulatorTests.java index 6b0fb00f27..87fc0f52e7 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/populator/UserDetailsServiceLdapAuthoritiesPopulatorTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/populator/UserDetailsServiceLdapAuthoritiesPopulatorTests.java @@ -1,9 +1,9 @@ package org.springframework.security.ldap.populator; -import static org.junit.Assert.assertEquals; +import static org.junit.Assert.*; import static org.mockito.Mockito.*; -import java.util.List; +import java.util.Collection; import org.junit.Test; import org.springframework.ldap.core.DirContextAdapter; @@ -27,9 +27,9 @@ public class UserDetailsServiceLdapAuthoritiesPopulatorTests { when(user.getAuthorities()).thenReturn(AuthorityUtils.createAuthorityList("ROLE_USER")); UserDetailsServiceLdapAuthoritiesPopulator populator = new UserDetailsServiceLdapAuthoritiesPopulator(uds); - List auths = populator.getGrantedAuthorities(new DirContextAdapter(), "joe"); + Collection auths = populator.getGrantedAuthorities(new DirContextAdapter(), "joe"); assertEquals(1, auths.size()); - assertEquals("ROLE_USER", auths.get(0).getAuthority()); + assertTrue(AuthorityUtils.authorityListToSet(auths).contains("ROLE_USER")); } } diff --git a/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapperTests.java b/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapperTests.java index f5a5f85c8f..6e36efa7f2 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapperTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapperTests.java @@ -23,9 +23,6 @@ import junit.framework.TestCase; import org.springframework.ldap.core.DirContextAdapter; import org.springframework.ldap.core.DistinguishedName; import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.ldap.userdetails.LdapUserDetails; -import org.springframework.security.ldap.userdetails.LdapUserDetailsImpl; -import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper; /** * Tests {@link LdapUserDetailsMapper}. @@ -69,7 +66,7 @@ public class LdapUserDetailsMapperTests extends TestCase { LdapUserDetailsImpl user = (LdapUserDetailsImpl) mapper.mapUserFromContext(ctx, "ani", AuthorityUtils.NO_AUTHORITIES); assertEquals(1, user.getAuthorities().size()); - assertEquals("ROLE_X", user.getAuthorities().get(0).getAuthority()); + assertTrue(AuthorityUtils.authorityListToSet(user.getAuthorities()).contains("ROLE_X")); } public void testPasswordAttributeIsMappedCorrectly() throws Exception { diff --git a/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsServiceTests.java b/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsServiceTests.java index 61734b0fd9..5b670675c5 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsServiceTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsServiceTests.java @@ -2,7 +2,7 @@ package org.springframework.security.ldap.userdetails; import static org.junit.Assert.*; -import java.util.List; +import java.util.Collection; import java.util.Set; import org.junit.Test; @@ -58,7 +58,7 @@ public class LdapUserDetailsServiceTests { } class MockAuthoritiesPopulator implements LdapAuthoritiesPopulator { - public List getGrantedAuthorities(DirContextOperations userCtx, String username) { + public Collection getGrantedAuthorities(DirContextOperations userCtx, String username) { return AuthorityUtils.createAuthorityList("ROLE_FROM_POPULATOR"); } } diff --git a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java index 9a2368e591..c02f8e387d 100644 --- a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java +++ b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java @@ -15,6 +15,7 @@ package org.springframework.security.openid; import java.util.ArrayList; +import java.util.Collection; import java.util.List; import org.springframework.security.authentication.AbstractAuthenticationToken; @@ -55,7 +56,7 @@ public class OpenIDAuthenticationToken extends AbstractAuthenticationToken { * used by the OpenIDAuthenticationProvider. * */ - public OpenIDAuthenticationToken(Object principal, List authorities, + public OpenIDAuthenticationToken(Object principal, Collection authorities, String identityUrl, List attributes) { super(authorities); this.principal = principal; diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationToken.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationToken.java index 21d735be00..f9dfe6ad59 100755 --- a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationToken.java +++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationToken.java @@ -1,7 +1,6 @@ package org.springframework.security.web.authentication.preauth; -import java.util.Arrays; -import java.util.List; +import java.util.Collection; import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.core.GrantedAuthority; @@ -39,13 +38,6 @@ public class PreAuthenticatedAuthenticationToken extends AbstractAuthenticationT this.credentials = aCredentials; } - /** - * - * @deprecated - */ - public PreAuthenticatedAuthenticationToken(Object aPrincipal, Object aCredentials, GrantedAuthority[] anAuthorities) { - this(aPrincipal, aCredentials, Arrays.asList(anAuthorities)); - } /** * Constructor used for an authentication response. The {@link @@ -57,7 +49,7 @@ public class PreAuthenticatedAuthenticationToken extends AbstractAuthenticationT * @param anAuthorities * The granted authorities */ - public PreAuthenticatedAuthenticationToken(Object aPrincipal, Object aCredentials, List anAuthorities) { + public PreAuthenticatedAuthenticationToken(Object aPrincipal, Object aCredentials, Collection anAuthorities) { super(anAuthorities); this.principal = aPrincipal; this.credentials = aCredentials; diff --git a/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserAuthorityChanger.java b/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserAuthorityChanger.java index 1e17e2efa3..59df6247b6 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserAuthorityChanger.java +++ b/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserAuthorityChanger.java @@ -1,6 +1,6 @@ package org.springframework.security.web.authentication.switchuser; -import java.util.List; +import java.util.Collection; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; @@ -28,5 +28,5 @@ public interface SwitchUserAuthorityChanger { * * @return the modified list of granted authorities. */ - List modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, List authoritiesToBeGranted); + Collection modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, Collection authoritiesToBeGranted); } diff --git a/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserProcessingFilter.java b/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserProcessingFilter.java index d5908093b0..22d061463b 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserProcessingFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserProcessingFilter.java @@ -17,6 +17,7 @@ package org.springframework.security.web.authentication.switchuser; import java.io.IOException; import java.util.ArrayList; +import java.util.Collection; import java.util.List; import javax.servlet.FilterChain; @@ -290,7 +291,7 @@ public class SwitchUserProcessingFilter extends GenericFilterBean implements App GrantedAuthority switchAuthority = new SwitchUserGrantedAuthority(ROLE_PREVIOUS_ADMINISTRATOR, currentAuth); // get the original authorities - List orig = targetUser.getAuthorities(); + Collection orig = targetUser.getAuthorities(); // Allow subclasses to change the authorities to be granted if (switchUserAuthorityChanger != null) { @@ -323,7 +324,7 @@ public class SwitchUserProcessingFilter extends GenericFilterBean implements App Authentication original = null; // iterate over granted authorities and find the 'switch user' authority - List authorities = current.getAuthorities(); + Collection authorities = current.getAuthorities(); for (GrantedAuthority auth : authorities) { // check for switch user type of authority diff --git a/web/src/main/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestWrapper.java b/web/src/main/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestWrapper.java index f179a0539b..c9fbc1137e 100644 --- a/web/src/main/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestWrapper.java +++ b/web/src/main/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestWrapper.java @@ -17,7 +17,7 @@ package org.springframework.security.web.servletapi; import java.security.Principal; -import java.util.List; +import java.util.Collection; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; @@ -128,7 +128,7 @@ public class SecurityContextHolderAwareRequestWrapper extends HttpServletRequest return false; } - List authorities = auth.getAuthorities(); + Collection authorities = auth.getAuthorities(); if (authorities == null) { return false; diff --git a/web/src/test/java/org/springframework/security/web/authentication/AnonymousProcessingFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/AnonymousProcessingFilterTests.java index 3ff8b4a0f6..84a4b286d5 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/AnonymousProcessingFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/AnonymousProcessingFilterTests.java @@ -33,6 +33,7 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.authority.GrantedAuthorityImpl; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.memory.UserAttribute; @@ -45,15 +46,6 @@ import org.springframework.security.core.userdetails.memory.UserAttribute; * @version $Id$ */ public class AnonymousProcessingFilterTests extends TestCase { - //~ Constructors =================================================================================================== - - public AnonymousProcessingFilterTests() { - super(); - } - - public AnonymousProcessingFilterTests(String arg0) { - super(arg0); - } //~ Methods ======================================================================================================== @@ -164,7 +156,7 @@ public class AnonymousProcessingFilterTests extends TestCase { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); assertEquals("anonymousUsername", auth.getPrincipal()); - assertEquals(new GrantedAuthorityImpl("ROLE_ANONYMOUS"), auth.getAuthorities().get(0)); + assertTrue(AuthorityUtils.authorityListToSet(auth.getAuthorities()).contains("ROLE_ANONYMOUS")); SecurityContextHolder.getContext().setAuthentication(null); // so anonymous fires again // Now test operation if we have removeAfterRequest = true diff --git a/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationTokenTests.java b/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationTokenTests.java index e1015d53d3..56e7bf43cd 100755 --- a/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationTokenTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationTokenTests.java @@ -1,5 +1,6 @@ package org.springframework.security.web.authentication.preauth; +import java.util.Collection; import java.util.List; import junit.framework.TestCase; @@ -47,7 +48,7 @@ public class PreAuthenticatedAuthenticationTokenTests extends TestCase { assertEquals(credentials, token.getCredentials()); assertNull(token.getDetails()); assertNotNull(token.getAuthorities()); - List resultColl = token.getAuthorities(); + Collection resultColl = token.getAuthorities(); assertTrue("GrantedAuthority collections do not match; result: " + resultColl + ", expected: " + gas, gas.containsAll(resultColl) && resultColl.containsAll(gas)); diff --git a/web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserProcessingFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserProcessingFilterTests.java index e4b0ee2a89..7a3eec22f1 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserProcessingFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserProcessingFilterTests.java @@ -19,6 +19,7 @@ import static org.junit.Assert.*; import static org.mockito.Mockito.*; import java.util.ArrayList; +import java.util.Collection; import java.util.List; import javax.servlet.FilterChain; @@ -368,7 +369,7 @@ public class SwitchUserProcessingFilterTests { SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter(); filter.setUserDetailsService(new MockUserDetailsService()); filter.setSwitchUserAuthorityChanger(new SwitchUserAuthorityChanger() { - public List modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, List authoritiesToBeGranted) { + public Collection modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, Collection authoritiesToBeGranted) { List auths = new ArrayList(); auths.add(new GrantedAuthorityImpl("ROLE_NEW")); return auths; @@ -378,7 +379,7 @@ public class SwitchUserProcessingFilterTests { Authentication result = filter.attemptSwitchUser(request); assertTrue(result != null); assertEquals(2, result.getAuthorities().size()); - assertEquals("ROLE_NEW", result.getAuthorities().get(0).getAuthority()); + assertTrue(AuthorityUtils.authorityListToSet(result.getAuthorities()).contains("ROLE_NEW")); }