From 086056f191bce7c0657ccef7a43fcdb18b7dded8 Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Tue, 27 Aug 2013 08:46:12 -0500 Subject: [PATCH] SEC-2289: Make compatible with Spring 4 as well There are a few subtle changes in Spring 4 that this commit addresses --- .../acls/jdbc/BasicLookupStrategyTests.java | 2 +- .../acls/jdbc/EhCacheBasedAclCacheTests.java | 2 +- .../EhCacheBasedTicketCacheTests.java | 2 +- .../cache/EhCacheBasedUserCacheTests.java | 2 +- .../OpenIDAuthenticationFilterTests.java | 11 +++--- .../web/util/AntPathRequestMatcherTests.java | 21 ++++++++--- .../web/util/RegexRequestMatcherTests.java | 35 ++++++++++--------- 7 files changed, 46 insertions(+), 29 deletions(-) diff --git a/acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java b/acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java index a44b35503a..2b85760e41 100644 --- a/acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java +++ b/acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java @@ -50,7 +50,7 @@ public class BasicLookupStrategyTests { //~ Methods ======================================================================================================== @BeforeClass public static void initCacheManaer() { - cacheManager = new CacheManager(); + cacheManager = CacheManager.create(); cacheManager.addCache(new Cache("basiclookuptestcache", 500, false, false, 30, 30)); } diff --git a/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java b/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java index 44b47e2486..13e69ac9f3 100644 --- a/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java +++ b/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java @@ -40,7 +40,7 @@ public class EhCacheBasedAclCacheTests { @BeforeClass public static void initCacheManaer() { - cacheManager = new CacheManager(); + cacheManager = CacheManager.create(); // Use disk caching immediately (to test for serialization issue reported in SEC-527) cacheManager.addCache(new Cache("ehcachebasedacltests", 0, true, false, 600, 300)); } diff --git a/cas/src/test/java/org/springframework/security/cas/authentication/EhCacheBasedTicketCacheTests.java b/cas/src/test/java/org/springframework/security/cas/authentication/EhCacheBasedTicketCacheTests.java index ae76b3d223..01bf1d9a3f 100644 --- a/cas/src/test/java/org/springframework/security/cas/authentication/EhCacheBasedTicketCacheTests.java +++ b/cas/src/test/java/org/springframework/security/cas/authentication/EhCacheBasedTicketCacheTests.java @@ -39,7 +39,7 @@ public class EhCacheBasedTicketCacheTests extends AbstractStatelessTicketCacheTe //~ Methods ======================================================================================================== @BeforeClass public static void initCacheManaer() { - cacheManager = new CacheManager(); + cacheManager = CacheManager.create(); cacheManager.addCache(new Cache("castickets", 500, false, false, 30, 30)); } diff --git a/core/src/test/java/org/springframework/security/core/userdetails/cache/EhCacheBasedUserCacheTests.java b/core/src/test/java/org/springframework/security/core/userdetails/cache/EhCacheBasedUserCacheTests.java index 8888dd4e95..978d8d9f1b 100644 --- a/core/src/test/java/org/springframework/security/core/userdetails/cache/EhCacheBasedUserCacheTests.java +++ b/core/src/test/java/org/springframework/security/core/userdetails/cache/EhCacheBasedUserCacheTests.java @@ -39,7 +39,7 @@ public class EhCacheBasedUserCacheTests { //~ Methods ======================================================================================================== @BeforeClass public static void initCacheManaer() { - cacheManager = new CacheManager(); + cacheManager = CacheManager.create(); cacheManager.addCache(new Cache("ehcacheusercachetests", 500, false, false, 30, 30)); } diff --git a/openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationFilterTests.java b/openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationFilterTests.java index 80adce08b3..711fa047d0 100644 --- a/openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationFilterTests.java +++ b/openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationFilterTests.java @@ -25,7 +25,7 @@ public class OpenIDAuthenticationFilterTests { private static final String REDIRECT_URL = "http://www.example.com/redirect"; private static final String CLAIMED_IDENTITY_URL = "http://www.example.com/identity"; private static final String REQUEST_PATH = "/j_spring_openid_security_check"; - private static final String FILTER_PROCESS_URL = "http://localhost:80" + REQUEST_PATH; + private static final String FILTER_PROCESS_URL = "http://localhost:8080" + REQUEST_PATH; private static final String DEFAULT_TARGET_URL = FILTER_PROCESS_URL; @Before @@ -46,6 +46,7 @@ public class OpenIDAuthenticationFilterTests { @Test public void testFilterOperation() throws Exception { MockHttpServletRequest req = new MockHttpServletRequest("GET", REQUEST_PATH); + req.setServerPort(8080); MockHttpServletResponse response = new MockHttpServletResponse(); req.setParameter("openid_identifier", " " + CLAIMED_IDENTITY_URL); @@ -55,7 +56,7 @@ public class OpenIDAuthenticationFilterTests { public String beginConsumption(HttpServletRequest req, String claimedIdentity, String returnToUrl, String realm) throws OpenIDConsumerException { assertEquals(CLAIMED_IDENTITY_URL, claimedIdentity); assertEquals(DEFAULT_TARGET_URL, returnToUrl); - assertEquals("http://localhost:80/", realm); + assertEquals("http://localhost:8080/", realm); return REDIRECT_URL; } }); @@ -66,7 +67,7 @@ public class OpenIDAuthenticationFilterTests { // Filter chain shouldn't proceed verify(fc, never()).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class)); } - + /** * Tests that the filter encodes any query parameters on the return_to URL. */ @@ -78,13 +79,13 @@ public class OpenIDAuthenticationFilterTests { MockHttpServletRequest req = new MockHttpServletRequest("GET", REQUEST_PATH); req.addParameter(paramName, paramValue); filter.setReturnToUrlParameters(Collections.singleton(paramName)); - + URI returnTo = new URI(filter.buildReturnToUrl(req)); String query = returnTo.getRawQuery(); assertEquals(1, count(query, '=')); assertEquals(0, count(query, '&')); } - + /** * Counts the number of occurrences of {@code c} in {@code s}. */ diff --git a/web/src/test/java/org/springframework/security/web/util/AntPathRequestMatcherTests.java b/web/src/test/java/org/springframework/security/web/util/AntPathRequestMatcherTests.java index 52205b524a..8612114019 100644 --- a/web/src/test/java/org/springframework/security/web/util/AntPathRequestMatcherTests.java +++ b/web/src/test/java/org/springframework/security/web/util/AntPathRequestMatcherTests.java @@ -16,15 +16,24 @@ import static org.fest.assertions.Assertions.assertThat; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; +import static org.mockito.Mockito.when; + +import javax.servlet.http.HttpServletRequest; import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.Mock; +import org.mockito.runners.MockitoJUnitRunner; import org.springframework.mock.web.MockHttpServletRequest; /** * @author Luke Taylor * @author Rob Winch */ +@RunWith(MockitoJUnitRunner.class) public class AntPathRequestMatcherTests { + @Mock + private HttpServletRequest request; @Test public void singleWildcardMatchesAnyPath() { @@ -65,8 +74,7 @@ public class AntPathRequestMatcherTests { @Test public void requestHasNullMethodMatches() { AntPathRequestMatcher matcher = new AntPathRequestMatcher("/something/*", "GET"); - MockHttpServletRequest request = createRequest("/something/here"); - request.setMethod(null); + HttpServletRequest request = createRequestWithNullMethod("/something/here"); assertTrue(matcher.matches(request)); } @@ -74,8 +82,7 @@ public class AntPathRequestMatcherTests { @Test public void requestHasNullMethodNoMatch() { AntPathRequestMatcher matcher = new AntPathRequestMatcher("/something/*", "GET"); - MockHttpServletRequest request = createRequest("/nomatch"); - request.setMethod(null); + HttpServletRequest request = createRequestWithNullMethod("/nomatch"); assertFalse(matcher.matches(request)); } @@ -142,6 +149,12 @@ public class AntPathRequestMatcherTests { new AntPathRequestMatcher("/blah", "GET").toString(); } + private HttpServletRequest createRequestWithNullMethod(String path) { + when(request.getQueryString()).thenReturn("doesntMatter"); + when(request.getServletPath()).thenReturn(path); + return request; + } + private MockHttpServletRequest createRequest(String path) { MockHttpServletRequest request = new MockHttpServletRequest(); request.setQueryString("doesntMatter"); diff --git a/web/src/test/java/org/springframework/security/web/util/RegexRequestMatcherTests.java b/web/src/test/java/org/springframework/security/web/util/RegexRequestMatcherTests.java index 9945f9c3de..af7aebc2c0 100644 --- a/web/src/test/java/org/springframework/security/web/util/RegexRequestMatcherTests.java +++ b/web/src/test/java/org/springframework/security/web/util/RegexRequestMatcherTests.java @@ -12,16 +12,26 @@ */ package org.springframework.security.web.util; -import static org.junit.Assert.*; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.mockito.Mockito.when; -import org.junit.*; +import javax.servlet.http.HttpServletRequest; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.Mock; +import org.mockito.runners.MockitoJUnitRunner; import org.springframework.mock.web.MockHttpServletRequest; /** * @author Luke Taylor * @author Rob Winch */ +@RunWith(MockitoJUnitRunner.class) public class RegexRequestMatcherTests { + @Mock + private HttpServletRequest request; @Test public void doesntMatchIfHttpMethodIsDifferent() throws Exception { @@ -57,8 +67,7 @@ public class RegexRequestMatcherTests { @Test public void requestHasNullMethodMatches() { RegexRequestMatcher matcher = new RegexRequestMatcher("/something/.*", "GET"); - MockHttpServletRequest request = createRequest("/something/here"); - request.setMethod(null); + HttpServletRequest request = createRequestWithNullMethod("/something/here"); assertTrue(matcher.matches(request)); } @@ -66,33 +75,27 @@ public class RegexRequestMatcherTests { @Test public void requestHasNullMethodNoMatch() { RegexRequestMatcher matcher = new RegexRequestMatcher("/something/.*", "GET"); - MockHttpServletRequest request = createRequest("/nomatch"); - request.setMethod(null); + HttpServletRequest request = createRequestWithNullMethod("/nomatch"); assertFalse(matcher.matches(request)); } @Test public void requestHasNullMethodAndNullMatcherMatches() { RegexRequestMatcher matcher = new RegexRequestMatcher("/something/.*", null); - MockHttpServletRequest request = createRequest("/something/here"); - request.setMethod(null); + HttpServletRequest request = createRequestWithNullMethod("/something/here"); assertTrue(matcher.matches(request)); } @Test public void requestHasNullMethodAndNullMatcherNoMatch() { RegexRequestMatcher matcher = new RegexRequestMatcher("/something/.*", null); - MockHttpServletRequest request = createRequest("/nomatch"); - request.setMethod(null); + HttpServletRequest request = createRequestWithNullMethod("/nomatch"); assertFalse(matcher.matches(request)); } - private MockHttpServletRequest createRequest(String path) { - MockHttpServletRequest request = new MockHttpServletRequest(); - request.setQueryString("doesntMatter"); - request.setServletPath(path); - request.setMethod("POST"); - + private HttpServletRequest createRequestWithNullMethod(String path) { + when(request.getQueryString()).thenReturn("doesntMatter"); + when(request.getServletPath()).thenReturn(path); return request; } }