SEC-1259: Improve consistency of authentication filter names.
This commit is contained in:
Luke Taylor
+2
-2
@@ -42,7 +42,7 @@ import org.springframework.web.filter.GenericFilterBean;
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class AnonymousProcessingFilter extends GenericFilterBean implements InitializingBean {
|
||||
public class AnonymousAuthenticationFilter extends GenericFilterBean implements InitializingBean {
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
@@ -144,7 +144,7 @@ public class AnonymousProcessingFilter extends GenericFilterBean implements Ini
|
||||
* simply to store the Anonymous authentication token.
|
||||
* <p>
|
||||
* Defaults to <code>true</code>, being the most optimal and appropriate
|
||||
* option – <code>AnonymousProcessingFilter</code> will clear the token at the end of each request,
|
||||
* option – <code>AnonymousAuthenticationFilter</code> will clear the token at the end of each request,
|
||||
* thus avoiding session creation overhead in a typical configuration.
|
||||
*
|
||||
*/
|
||||
+1
-1
@@ -26,7 +26,7 @@ import org.springframework.security.core.Authentication;
|
||||
*
|
||||
* <p>
|
||||
* Spring Security filters (namely {@link org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter} and
|
||||
* {@link RememberMeProcessingFilter} will call the methods provided by an implementation of this interface.
|
||||
* {@link RememberMeAuthenticationFilter} will call the methods provided by an implementation of this interface.
|
||||
* <p>
|
||||
* Implementations may implement any type of remember-me capability they wish.
|
||||
* Rolling cookies (as per <a href="http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice">
|
||||
|
||||
+1
-1
@@ -23,7 +23,7 @@ import org.springframework.util.Assert;
|
||||
* @version $Id$
|
||||
* @since 2.0
|
||||
*/
|
||||
public class RequestHeaderPreAuthenticatedProcessingFilter extends AbstractPreAuthenticatedProcessingFilter {
|
||||
public class RequestHeaderAuthenticationFilter extends AbstractPreAuthenticatedProcessingFilter {
|
||||
private String principalRequestHeader = "SM_USER";
|
||||
private String credentialsRequestHeader;
|
||||
|
||||
+1
-1
@@ -10,7 +10,7 @@ import org.springframework.security.web.authentication.preauth.AbstractPreAuthen
|
||||
* @author Luke Taylor
|
||||
* @version $Id$
|
||||
*/
|
||||
public class X509PreAuthenticatedProcessingFilter extends AbstractPreAuthenticatedProcessingFilter {
|
||||
public class X509AuthenticationFilter extends AbstractPreAuthenticatedProcessingFilter {
|
||||
private X509PrincipalExtractor principalExtractor = new SubjectDnX509PrincipalExtractor();
|
||||
|
||||
protected Object getPreAuthenticatedPrincipal(HttpServletRequest request) {
|
||||
+1
-1
@@ -53,7 +53,7 @@ import org.springframework.web.filter.GenericFilterBean;
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class RememberMeProcessingFilter extends GenericFilterBean implements ApplicationEventPublisherAware {
|
||||
public class RememberMeAuthenticationFilter extends GenericFilterBean implements ApplicationEventPublisherAware {
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
+1
-1
@@ -10,7 +10,7 @@ import org.springframework.security.core.userdetails.UserDetails;
|
||||
* Allows subclasses to modify the {@link GrantedAuthority} list that will be assigned to the principal
|
||||
* when they assume the identity of a different principal.
|
||||
*
|
||||
* <p>Configured against the {@link SwitchUserProcessingFilter}.
|
||||
* <p>Configured against the {@link SwitchUserFilter}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
|
||||
+7
-7
@@ -87,7 +87,7 @@ import org.springframework.web.filter.GenericFilterBean;
|
||||
* <tt>FilterSecurityInteceptor</tt> in the chain, in order to apply the correct constraints to the <tt>switchUserUrl</tt>.
|
||||
* Example:
|
||||
* <pre>
|
||||
* <bean id="switchUserProcessingFilter" class="org.springframework.security.ui.switchuser.SwitchUserProcessingFilter">
|
||||
* <bean id="switchUserProcessingFilter" class="org.springframework.security.web.authentication.SwitchUserFilter">
|
||||
* <property name="userDetailsService" ref="userDetailsService" />
|
||||
* <property name="switchUserUrl"><value>/j_spring_security_switch_user</value></property>
|
||||
* <property name="exitUserUrl"><value>/j_spring_security_exit_user</value></property>
|
||||
@@ -99,7 +99,7 @@ import org.springframework.web.filter.GenericFilterBean;
|
||||
*
|
||||
* @see org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority
|
||||
*/
|
||||
public class SwitchUserProcessingFilter extends GenericFilterBean implements ApplicationEventPublisherAware,
|
||||
public class SwitchUserFilter extends GenericFilterBean implements ApplicationEventPublisherAware,
|
||||
MessageSourceAware {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
@@ -239,7 +239,7 @@ public class SwitchUserProcessingFilter extends GenericFilterBean implements App
|
||||
|
||||
if (null == current) {
|
||||
throw new AuthenticationCredentialsNotFoundException(messages.getMessage(
|
||||
"SwitchUserProcessingFilter.noCurrentUser", "No current user associated with this request"));
|
||||
"SwitchUserFilter.noCurrentUser", "No current user associated with this request"));
|
||||
}
|
||||
|
||||
// check to see if the current user did actual switch to another user
|
||||
@@ -249,7 +249,7 @@ public class SwitchUserProcessingFilter extends GenericFilterBean implements App
|
||||
if (original == null) {
|
||||
logger.error("Could not find original user Authentication object!");
|
||||
throw new AuthenticationCredentialsNotFoundException(messages.getMessage(
|
||||
"SwitchUserProcessingFilter.noOriginalAuthentication",
|
||||
"SwitchUserFilter.noOriginalAuthentication",
|
||||
"Could not find original Authentication object"));
|
||||
}
|
||||
|
||||
@@ -344,7 +344,7 @@ public class SwitchUserProcessingFilter extends GenericFilterBean implements App
|
||||
*
|
||||
* @return <code>true</code> if the request requires a exit user, <code>false</code> otherwise.
|
||||
*
|
||||
* @see SwitchUserProcessingFilter#exitUserUrl
|
||||
* @see SwitchUserFilter#exitUserUrl
|
||||
*/
|
||||
protected boolean requiresExitUser(HttpServletRequest request) {
|
||||
String uri = stripUri(request);
|
||||
@@ -359,7 +359,7 @@ public class SwitchUserProcessingFilter extends GenericFilterBean implements App
|
||||
*
|
||||
* @return <code>true</code> if the request requires a switch, <code>false</code> otherwise.
|
||||
*
|
||||
* @see SwitchUserProcessingFilter#switchUserUrl
|
||||
* @see SwitchUserFilter#switchUserUrl
|
||||
*/
|
||||
protected boolean requiresSwitchUser(HttpServletRequest request) {
|
||||
String uri = stripUri(request);
|
||||
@@ -464,7 +464,7 @@ public class SwitchUserProcessingFilter extends GenericFilterBean implements App
|
||||
|
||||
/**
|
||||
* @param switchUserAuthorityChanger to use to fine-tune the authorities granted to subclasses (may be null if
|
||||
* SwitchUserProcessingFilter should not fine-tune the authorities)
|
||||
* SwitchUserFilter should not fine-tune the authorities)
|
||||
*/
|
||||
public void setSwitchUserAuthorityChanger(SwitchUserAuthorityChanger switchUserAuthorityChanger) {
|
||||
this.switchUserAuthorityChanger = switchUserAuthorityChanger;
|
||||
+2
-2
@@ -20,13 +20,13 @@ import org.springframework.security.core.authority.GrantedAuthorityImpl;
|
||||
|
||||
|
||||
/**
|
||||
* Custom <code>GrantedAuthority</code> used by {@link org.springframework.security.web.authentication.switchuser.SwitchUserProcessingFilter}<p>Stores
|
||||
* Custom <code>GrantedAuthority</code> used by {@link org.springframework.security.web.authentication.switchuser.SwitchUserFilter}<p>Stores
|
||||
* the <code>Authentication</code> object of the original user to be used later when 'exiting' from a user switch.</p>
|
||||
*
|
||||
* @author Mark St.Godard
|
||||
* @version $Id$
|
||||
*
|
||||
* @see org.springframework.security.web.authentication.switchuser.SwitchUserProcessingFilter
|
||||
* @see org.springframework.security.web.authentication.switchuser.SwitchUserFilter
|
||||
*/
|
||||
public class SwitchUserGrantedAuthority extends GrantedAuthorityImpl {
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
+2
-2
@@ -28,7 +28,7 @@ import org.springframework.util.Assert;
|
||||
|
||||
|
||||
/**
|
||||
* Used by the <code>ExceptionTraslationFilter</code> to commence authentication via the {@link BasicProcessingFilter}.
|
||||
* Used by the <code>ExceptionTraslationFilter</code> to commence authentication via the {@link BasicAuthenticationFilter}.
|
||||
* <p>
|
||||
* Once a user agent is authenticated using BASIC authentication, logout requires that
|
||||
* the browser be closed or an unauthorized (401) header be sent. The simplest way of achieving the latter is to call
|
||||
@@ -38,7 +38,7 @@ import org.springframework.util.Assert;
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean {
|
||||
public class BasicAuthenticationEntryPoint implements AuthenticationEntryPoint, InitializingBean {
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
private String realmName;
|
||||
+4
-4
@@ -69,14 +69,14 @@ import org.springframework.web.filter.GenericFilterBean;
|
||||
* <p>
|
||||
* If authentication fails and <code>ignoreFailure</code> is <code>false</code> (the default), an {@link
|
||||
* AuthenticationEntryPoint} implementation is called (unless the <tt>ignoreFailure</tt> property is set to
|
||||
* <tt>true</tt>). Usually this should be {@link BasicProcessingFilterEntryPoint}, which will prompt the user to
|
||||
* <tt>true</tt>). Usually this should be {@link BasicAuthenticationEntryPoint}, which will prompt the user to
|
||||
* authenticate again via BASIC authentication.
|
||||
*
|
||||
* <p>
|
||||
* Basic authentication is an attractive protocol because it is simple and widely deployed. However, it still
|
||||
* transmits a password in clear text and as such is undesirable in many situations. Digest authentication is also
|
||||
* provided by Spring Security and should be used instead of Basic authentication wherever possible. See {@link
|
||||
* org.springframework.security.web.authentication.www.DigestProcessingFilter}.
|
||||
* org.springframework.security.web.authentication.www.DigestAuthenticationFilter}.
|
||||
* <p>
|
||||
* Note that if a {@link RememberMeServices} is set, this filter will automatically send back remember-me
|
||||
* details to the client. Therefore, subsequent requests will not need to present a BASIC authentication header as
|
||||
@@ -85,7 +85,7 @@ import org.springframework.web.filter.GenericFilterBean;
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class BasicProcessingFilter extends GenericFilterBean {
|
||||
public class BasicAuthenticationFilter extends GenericFilterBean {
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
@@ -195,7 +195,7 @@ public class BasicProcessingFilter extends GenericFilterBean {
|
||||
|
||||
// Handle unusual condition where an AnonymousAuthenticationToken is already present
|
||||
// This shouldn't happen very often, as BasicProcessingFitler is meant to be earlier in the filter
|
||||
// chain than AnonymousProcessingFilter. Nevertheless, presence of both an AnonymousAuthenticationToken
|
||||
// chain than AnonymousAuthenticationFilter. Nevertheless, presence of both an AnonymousAuthenticationToken
|
||||
// together with a BASIC authentication request header should indicate reauthentication using the
|
||||
// BASIC protocol is desirable. This behaviour is also consistent with that provided by form and digest,
|
||||
// both of which force re-authentication if the respective header is detected (and in doing so replace
|
||||
+3
-3
@@ -33,7 +33,7 @@ import org.springframework.core.Ordered;
|
||||
|
||||
/**
|
||||
* Used by the <code>SecurityEnforcementFilter</code> to commence authentication via the {@link
|
||||
* DigestProcessingFilter}.<p>The nonce sent back to the user agent will be valid for the period indicated by
|
||||
* DigestAuthenticationFilter}.<p>The nonce sent back to the user agent will be valid for the period indicated by
|
||||
* {@link #setNonceValiditySeconds(int)}. By default this is 300 seconds. Shorter times should be used if replay
|
||||
* attacks are a major concern. Larger values can be used if performance is a greater concern. This class correctly
|
||||
* presents the <code>stale=true</code> header when the nonce has expierd, so properly implemented user agents will
|
||||
@@ -42,10 +42,10 @@ import org.springframework.core.Ordered;
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class DigestProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered {
|
||||
public class DigestAuthenticationEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
private static final Log logger = LogFactory.getLog(DigestProcessingFilterEntryPoint.class);
|
||||
private static final Log logger = LogFactory.getLog(DigestAuthenticationEntryPoint.class);
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
+20
-20
@@ -63,29 +63,29 @@ import org.springframework.web.filter.GenericFilterBean;
|
||||
* <p>
|
||||
* This Digest implementation has been designed to avoid needing to store session state between invocations.
|
||||
* All session management information is stored in the "nonce" that is sent to the client by the {@link
|
||||
* DigestProcessingFilterEntryPoint}.
|
||||
* DigestAuthenticationEntryPoint}.
|
||||
* <p>
|
||||
* If authentication is successful, the resulting {@link org.springframework.security.core.Authentication Authentication}
|
||||
* object will be placed into the <code>SecurityContextHolder</code>.
|
||||
* <p>
|
||||
* If authentication fails, an {@link org.springframework.security.web.AuthenticationEntryPoint AuthenticationEntryPoint}
|
||||
* implementation is called. This must always be {@link DigestProcessingFilterEntryPoint}, which will prompt the user
|
||||
* implementation is called. This must always be {@link DigestAuthenticationEntryPoint}, which will prompt the user
|
||||
* to authenticate again via Digest authentication.
|
||||
* <p>
|
||||
* Note there are limitations to Digest authentication, although it is a more comprehensive and secure solution
|
||||
* than Basic authentication. Please see RFC 2617 section 4 for a full discussion on the advantages of Digest
|
||||
* authentication over Basic authentication, including commentary on the limitations that it still imposes.
|
||||
*/
|
||||
public class DigestProcessingFilter extends GenericFilterBean implements MessageSourceAware {
|
||||
public class DigestAuthenticationFilter extends GenericFilterBean implements MessageSourceAware {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
|
||||
private static final Log logger = LogFactory.getLog(DigestProcessingFilter.class);
|
||||
private static final Log logger = LogFactory.getLog(DigestAuthenticationFilter.class);
|
||||
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
private AuthenticationDetailsSource authenticationDetailsSource = new WebAuthenticationDetailsSource();
|
||||
private DigestProcessingFilterEntryPoint authenticationEntryPoint;
|
||||
private DigestAuthenticationEntryPoint authenticationEntryPoint;
|
||||
protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
|
||||
private UserCache userCache = new NullUserCache();
|
||||
private UserDetailsService userDetailsService;
|
||||
@@ -99,7 +99,7 @@ public class DigestProcessingFilter extends GenericFilterBean implements Message
|
||||
@Override
|
||||
public void afterPropertiesSet() {
|
||||
Assert.notNull(userDetailsService, "A UserDetailsService is required");
|
||||
Assert.notNull(authenticationEntryPoint, "A DigestProcessingFilterEntryPoint is required");
|
||||
Assert.notNull(authenticationEntryPoint, "A DigestAuthenticationEntryPoint is required");
|
||||
}
|
||||
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
@@ -136,7 +136,7 @@ public class DigestProcessingFilter extends GenericFilterBean implements Message
|
||||
}
|
||||
|
||||
fail(request, response,
|
||||
new BadCredentialsException(messages.getMessage("DigestProcessingFilter.missingMandatory",
|
||||
new BadCredentialsException(messages.getMessage("DigestAuthenticationFilter.missingMandatory",
|
||||
new Object[]{section212response}, "Missing mandatory digest value; received header {0}")));
|
||||
|
||||
return;
|
||||
@@ -150,7 +150,7 @@ public class DigestProcessingFilter extends GenericFilterBean implements Message
|
||||
}
|
||||
|
||||
fail(request, response,
|
||||
new BadCredentialsException(messages.getMessage("DigestProcessingFilter.missingAuth",
|
||||
new BadCredentialsException(messages.getMessage("DigestAuthenticationFilter.missingAuth",
|
||||
new Object[]{section212response}, "Missing mandatory digest value; received header {0}")));
|
||||
|
||||
return;
|
||||
@@ -160,17 +160,17 @@ public class DigestProcessingFilter extends GenericFilterBean implements Message
|
||||
// Check realm name equals what we expected
|
||||
if (!this.getAuthenticationEntryPoint().getRealmName().equals(realm)) {
|
||||
fail(request, response,
|
||||
new BadCredentialsException(messages.getMessage("DigestProcessingFilter.incorrectRealm",
|
||||
new BadCredentialsException(messages.getMessage("DigestAuthenticationFilter.incorrectRealm",
|
||||
new Object[]{realm, this.getAuthenticationEntryPoint().getRealmName()},
|
||||
"Response realm name '{0}' does not match system realm name of '{1}'")));
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
// Check nonce was a Base64 encoded (as sent by DigestProcessingFilterEntryPoint)
|
||||
// Check nonce was a Base64 encoded (as sent by DigestAuthenticationEntryPoint)
|
||||
if (!Base64.isArrayByteBase64(nonce.getBytes())) {
|
||||
fail(request, response,
|
||||
new BadCredentialsException(messages.getMessage("DigestProcessingFilter.nonceEncoding",
|
||||
new BadCredentialsException(messages.getMessage("DigestAuthenticationFilter.nonceEncoding",
|
||||
new Object[]{nonce}, "Nonce is not encoded in Base64; received nonce {0}")));
|
||||
|
||||
return;
|
||||
@@ -184,7 +184,7 @@ public class DigestProcessingFilter extends GenericFilterBean implements Message
|
||||
|
||||
if (nonceTokens.length != 2) {
|
||||
fail(request, response,
|
||||
new BadCredentialsException(messages.getMessage("DigestProcessingFilter.nonceNotTwoTokens",
|
||||
new BadCredentialsException(messages.getMessage("DigestAuthenticationFilter.nonceNotTwoTokens",
|
||||
new Object[]{nonceAsPlainText}, "Nonce should have yielded two tokens but was {0}")));
|
||||
|
||||
return;
|
||||
@@ -197,7 +197,7 @@ public class DigestProcessingFilter extends GenericFilterBean implements Message
|
||||
nonceExpiryTime = new Long(nonceTokens[0]).longValue();
|
||||
} catch (NumberFormatException nfe) {
|
||||
fail(request, response,
|
||||
new BadCredentialsException(messages.getMessage("DigestProcessingFilter.nonceNotNumeric",
|
||||
new BadCredentialsException(messages.getMessage("DigestAuthenticationFilter.nonceNotNumeric",
|
||||
new Object[]{nonceAsPlainText},
|
||||
"Nonce token should have yielded a numeric first token, but was {0}")));
|
||||
|
||||
@@ -210,7 +210,7 @@ public class DigestProcessingFilter extends GenericFilterBean implements Message
|
||||
|
||||
if (!expectedNonceSignature.equals(nonceTokens[1])) {
|
||||
fail(request, response,
|
||||
new BadCredentialsException(messages.getMessage("DigestProcessingFilter.nonceCompromised",
|
||||
new BadCredentialsException(messages.getMessage("DigestAuthenticationFilter.nonceCompromised",
|
||||
new Object[]{nonceAsPlainText}, "Nonce token compromised {0}")));
|
||||
|
||||
return;
|
||||
@@ -229,7 +229,7 @@ public class DigestProcessingFilter extends GenericFilterBean implements Message
|
||||
user = userDetailsService.loadUserByUsername(username);
|
||||
} catch (UsernameNotFoundException notFound) {
|
||||
fail(request, response,
|
||||
new BadCredentialsException(messages.getMessage("DigestProcessingFilter.usernameNotFound",
|
||||
new BadCredentialsException(messages.getMessage("DigestAuthenticationFilter.usernameNotFound",
|
||||
new Object[]{username}, "Username {0} not found")));
|
||||
|
||||
return;
|
||||
@@ -262,7 +262,7 @@ public class DigestProcessingFilter extends GenericFilterBean implements Message
|
||||
} catch (UsernameNotFoundException notFound) {
|
||||
// Would very rarely happen, as user existed earlier
|
||||
fail(request, response,
|
||||
new BadCredentialsException(messages.getMessage("DigestProcessingFilter.usernameNotFound",
|
||||
new BadCredentialsException(messages.getMessage("DigestAuthenticationFilter.usernameNotFound",
|
||||
new Object[]{username}, "Username {0} not found")));
|
||||
}
|
||||
|
||||
@@ -281,7 +281,7 @@ public class DigestProcessingFilter extends GenericFilterBean implements Message
|
||||
}
|
||||
|
||||
fail(request, response,
|
||||
new BadCredentialsException(messages.getMessage("DigestProcessingFilter.incorrectResponse",
|
||||
new BadCredentialsException(messages.getMessage("DigestAuthenticationFilter.incorrectResponse",
|
||||
"Incorrect response")));
|
||||
return;
|
||||
}
|
||||
@@ -292,7 +292,7 @@ public class DigestProcessingFilter extends GenericFilterBean implements Message
|
||||
// but the request was otherwise appearing to be valid
|
||||
if (nonceExpiryTime < System.currentTimeMillis()) {
|
||||
fail(request, response,
|
||||
new NonceExpiredException(messages.getMessage("DigestProcessingFilter.nonceExpired",
|
||||
new NonceExpiredException(messages.getMessage("DigestAuthenticationFilter.nonceExpired",
|
||||
"Nonce has expired/timed out")));
|
||||
|
||||
return;
|
||||
@@ -331,7 +331,7 @@ public class DigestProcessingFilter extends GenericFilterBean implements Message
|
||||
authenticationEntryPoint.commence(request, response, failed);
|
||||
}
|
||||
|
||||
public DigestProcessingFilterEntryPoint getAuthenticationEntryPoint() {
|
||||
public DigestAuthenticationEntryPoint getAuthenticationEntryPoint() {
|
||||
return authenticationEntryPoint;
|
||||
}
|
||||
|
||||
@@ -348,7 +348,7 @@ public class DigestProcessingFilter extends GenericFilterBean implements Message
|
||||
this.authenticationDetailsSource = authenticationDetailsSource;
|
||||
}
|
||||
|
||||
public void setAuthenticationEntryPoint(DigestProcessingFilterEntryPoint authenticationEntryPoint) {
|
||||
public void setAuthenticationEntryPoint(DigestAuthenticationEntryPoint authenticationEntryPoint) {
|
||||
this.authenticationEntryPoint = authenticationEntryPoint;
|
||||
}
|
||||
|
||||
+23
-23
@@ -59,7 +59,7 @@ import org.springframework.security.web.savedrequest.DefaultSavedRequest;
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class AbstractProcessingFilterTests extends TestCase {
|
||||
public class AbstractAuthenticationProcessingFilterTests extends TestCase {
|
||||
SavedRequestAwareAuthenticationSuccessHandler successHandler;
|
||||
SimpleUrlAuthenticationFailureHandler failureHandler;
|
||||
//~ Methods ========================================================================================================
|
||||
@@ -122,7 +122,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
public void testDefaultProcessesFilterUrlMatchesWithPathParameter() {
|
||||
MockHttpServletRequest request = createMockRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
MockAbstractProcessingFilter filter = new MockAbstractProcessingFilter();
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter();
|
||||
filter.setFilterProcessesUrl("/j_spring_security_check");
|
||||
|
||||
request.setRequestURI("/mycontext/j_spring_security_check;jsessionid=I8MIONOSTHOR");
|
||||
@@ -141,7 +141,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
// Setup our test object, to deny access
|
||||
MockAbstractProcessingFilter filter = new MockAbstractProcessingFilter(false);
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter(false);
|
||||
filter.setAuthenticationFailureHandler(failureHandler);
|
||||
|
||||
// Test
|
||||
@@ -151,7 +151,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
assertNull(SecurityContextHolder.getContext().getAuthentication());
|
||||
|
||||
//Prepare again, this time using the exception mapping
|
||||
filter = new MockAbstractProcessingFilter(new AccountExpiredException("You're account is expired"));
|
||||
filter = new MockAuthenticationFilter(new AccountExpiredException("You're account is expired"));
|
||||
ExceptionMappingAuthenticationFailureHandler failureHandler = new ExceptionMappingAuthenticationFailureHandler();
|
||||
filter.setAuthenticationFailureHandler(failureHandler);
|
||||
Properties exceptionMappings = new Properties();
|
||||
@@ -180,7 +180,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
// Setup our test object, to grant access
|
||||
MockAbstractProcessingFilter filter = new MockAbstractProcessingFilter(true);
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter(true);
|
||||
filter.setFilterProcessesUrl("/j_OTHER_LOCATION");
|
||||
filter.setAuthenticationSuccessHandler(successHandler);
|
||||
|
||||
@@ -192,7 +192,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testGettersSetters() throws Exception {
|
||||
AbstractAuthenticationProcessingFilter filter = new MockAbstractProcessingFilter();
|
||||
AbstractAuthenticationProcessingFilter filter = new MockAuthenticationFilter();
|
||||
filter.setAuthenticationManager(mock(AuthenticationManager.class));
|
||||
filter.setFilterProcessesUrl("/p");
|
||||
filter.afterPropertiesSet();
|
||||
@@ -218,7 +218,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
// Setup our test object, to deny access
|
||||
MockAbstractProcessingFilter filter = new MockAbstractProcessingFilter(false);
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter(false);
|
||||
|
||||
// Test
|
||||
executeFilterInContainerSimulator(config, filter, request, response, chain);
|
||||
@@ -237,7 +237,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
// Setup our test object, to grant access
|
||||
MockAbstractProcessingFilter filter = new MockAbstractProcessingFilter(true);
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter(true);
|
||||
|
||||
filter.setFilterProcessesUrl("/j_mock_post");
|
||||
filter.setSessionAuthenticationStrategy(mock(SessionAuthenticationStrategy.class));
|
||||
@@ -256,7 +256,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testStartupDetectsInvalidAuthenticationManager() throws Exception {
|
||||
AbstractAuthenticationProcessingFilter filter = new MockAbstractProcessingFilter();
|
||||
AbstractAuthenticationProcessingFilter filter = new MockAuthenticationFilter();
|
||||
filter.setAuthenticationFailureHandler(failureHandler);
|
||||
successHandler.setDefaultTargetUrl("/");
|
||||
filter.setAuthenticationSuccessHandler(successHandler);
|
||||
@@ -271,7 +271,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testStartupDetectsInvalidFilterProcessesUrl() throws Exception {
|
||||
AbstractAuthenticationProcessingFilter filter = new MockAbstractProcessingFilter();
|
||||
AbstractAuthenticationProcessingFilter filter = new MockAuthenticationFilter();
|
||||
filter.setAuthenticationFailureHandler(failureHandler);
|
||||
filter.setAuthenticationManager(mock(AuthenticationManager.class));
|
||||
filter.setAuthenticationSuccessHandler(successHandler);
|
||||
@@ -297,7 +297,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
// Setup our test object, to grant access
|
||||
MockAbstractProcessingFilter filter = new MockAbstractProcessingFilter(true);
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter(true);
|
||||
filter.setFilterProcessesUrl("/j_mock_post");
|
||||
filter.setAuthenticationSuccessHandler(successHandler);
|
||||
|
||||
@@ -314,7 +314,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
response = new MockHttpServletResponse();
|
||||
|
||||
// Setup our test object, to deny access
|
||||
filter = new MockAbstractProcessingFilter(false);
|
||||
filter = new MockAuthenticationFilter(false);
|
||||
filter.setFilterProcessesUrl("/j_mock_post");
|
||||
filter.setAuthenticationFailureHandler(failureHandler);
|
||||
|
||||
@@ -337,7 +337,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
// Setup our test object, to grant access
|
||||
MockAbstractProcessingFilter filter = new MockAbstractProcessingFilter(true);
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter(true);
|
||||
filter.setFilterProcessesUrl("/j_mock_post");
|
||||
successHandler.setDefaultTargetUrl("/foobar");
|
||||
successHandler.setAlwaysUseDefaultTargetUrl(true);
|
||||
@@ -362,7 +362,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
// Setup our test object, to grant access
|
||||
MockAbstractProcessingFilter filter = new MockAbstractProcessingFilter(true);
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter(true);
|
||||
filter.setFilterProcessesUrl("/j_mock_post");
|
||||
|
||||
// Test
|
||||
@@ -382,7 +382,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
// Setup our test object, to grant access
|
||||
MockAbstractProcessingFilter filter = new MockAbstractProcessingFilter(true);
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter(true);
|
||||
successHandler.setDefaultTargetUrl("https://monkeymachine.co.uk/");
|
||||
successHandler.setAlwaysUseDefaultTargetUrl(true);
|
||||
filter.setAuthenticationSuccessHandler(successHandler);
|
||||
@@ -403,7 +403,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
// Reject authentication, so exception would normally be stored in session
|
||||
MockAbstractProcessingFilter filter = new MockAbstractProcessingFilter(false);
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter(false);
|
||||
filter.setAllowSessionCreation(false);
|
||||
filter.setAuthenticationFailureHandler(failureHandler);
|
||||
successHandler.setDefaultTargetUrl("http://monkeymachine.co.uk/");
|
||||
@@ -424,7 +424,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
MockFilterChain chain = new MockFilterChain(true);
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
MockAbstractProcessingFilter filter = new MockAbstractProcessingFilter(false);
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter(false);
|
||||
successHandler.setDefaultTargetUrl("http://monkeymachine.co.uk/");
|
||||
filter.setAuthenticationSuccessHandler(successHandler);
|
||||
|
||||
@@ -443,7 +443,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
MockFilterChain chain = new MockFilterChain(true);
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
MockAbstractProcessingFilter filter = new MockAbstractProcessingFilter(false);
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter(false);
|
||||
successHandler.setDefaultTargetUrl("http://monkeymachine.co.uk/");
|
||||
filter.setAuthenticationSuccessHandler(successHandler);
|
||||
filter.setAuthenticationFailureHandler(failureHandler);
|
||||
@@ -466,7 +466,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
MockFilterChain chain = new MockFilterChain(true);
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
MockAbstractProcessingFilter filter = new MockAbstractProcessingFilter(true);
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter(true);
|
||||
filter.setAuthenticationSuccessHandler(successHandler);
|
||||
successHandler.setDefaultTargetUrl("http://monkeymachine.co.uk/");
|
||||
successHandler.setTargetUrlParameter("targetUrl");
|
||||
@@ -480,25 +480,25 @@ public class AbstractProcessingFilterTests extends TestCase {
|
||||
|
||||
//~ Inner Classes ==================================================================================================
|
||||
|
||||
private class MockAbstractProcessingFilter extends AbstractAuthenticationProcessingFilter {
|
||||
private class MockAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
|
||||
private AuthenticationException exceptionToThrow;
|
||||
private boolean grantAccess;
|
||||
|
||||
public MockAbstractProcessingFilter(boolean grantAccess) {
|
||||
public MockAuthenticationFilter(boolean grantAccess) {
|
||||
this();
|
||||
setRememberMeServices(new NullRememberMeServices());
|
||||
this.grantAccess = grantAccess;
|
||||
this.exceptionToThrow = new BadCredentialsException("Mock requested to do so");
|
||||
}
|
||||
|
||||
public MockAbstractProcessingFilter(AuthenticationException exceptionToThrow) {
|
||||
public MockAuthenticationFilter(AuthenticationException exceptionToThrow) {
|
||||
this();
|
||||
setRememberMeServices(new NullRememberMeServices());
|
||||
this.grantAccess = false;
|
||||
this.exceptionToThrow = exceptionToThrow;
|
||||
}
|
||||
|
||||
private MockAbstractProcessingFilter() {
|
||||
private MockAuthenticationFilter() {
|
||||
super("/j_mock_post");
|
||||
}
|
||||
|
||||
+7
-7
@@ -40,12 +40,12 @@ import org.springframework.security.core.userdetails.memory.UserAttribute;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link AnonymousProcessingFilter}.
|
||||
* Tests {@link AnonymousAuthenticationFilter}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class AnonymousProcessingFilterTests extends TestCase {
|
||||
public class AnonymousAuthenticationFilterTests extends TestCase {
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
@@ -71,7 +71,7 @@ public class AnonymousProcessingFilterTests extends TestCase {
|
||||
user.setPassword("anonymousUsername");
|
||||
user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS"));
|
||||
|
||||
AnonymousProcessingFilter filter = new AnonymousProcessingFilter();
|
||||
AnonymousAuthenticationFilter filter = new AnonymousAuthenticationFilter();
|
||||
filter.setUserAttribute(user);
|
||||
|
||||
try {
|
||||
@@ -83,7 +83,7 @@ public class AnonymousProcessingFilterTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testDetectsUserAttribute() throws Exception {
|
||||
AnonymousProcessingFilter filter = new AnonymousProcessingFilter();
|
||||
AnonymousAuthenticationFilter filter = new AnonymousAuthenticationFilter();
|
||||
filter.setKey("qwerty");
|
||||
|
||||
try {
|
||||
@@ -99,7 +99,7 @@ public class AnonymousProcessingFilterTests extends TestCase {
|
||||
user.setPassword("anonymousUsername");
|
||||
user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS"));
|
||||
|
||||
AnonymousProcessingFilter filter = new AnonymousProcessingFilter();
|
||||
AnonymousAuthenticationFilter filter = new AnonymousAuthenticationFilter();
|
||||
filter.setKey("qwerty");
|
||||
filter.setUserAttribute(user);
|
||||
assertTrue(filter.isRemoveAfterRequest());
|
||||
@@ -123,7 +123,7 @@ public class AnonymousProcessingFilterTests extends TestCase {
|
||||
user.setPassword("anonymousUsername");
|
||||
user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS"));
|
||||
|
||||
AnonymousProcessingFilter filter = new AnonymousProcessingFilter();
|
||||
AnonymousAuthenticationFilter filter = new AnonymousAuthenticationFilter();
|
||||
filter.setKey("qwerty");
|
||||
filter.setUserAttribute(user);
|
||||
filter.afterPropertiesSet();
|
||||
@@ -143,7 +143,7 @@ public class AnonymousProcessingFilterTests extends TestCase {
|
||||
user.setPassword("anonymousUsername");
|
||||
user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS"));
|
||||
|
||||
AnonymousProcessingFilter filter = new AnonymousProcessingFilter();
|
||||
AnonymousAuthenticationFilter filter = new AnonymousAuthenticationFilter();
|
||||
filter.setKey("qwerty");
|
||||
filter.setUserAttribute(user);
|
||||
filter.setRemoveAfterRequest(false); // set to non-default value
|
||||
+1
-1
@@ -36,7 +36,7 @@ import java.util.Map;
|
||||
* @author colin sampaleanu
|
||||
* @version $Id$
|
||||
*/
|
||||
public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
|
||||
public class LoginUrlAuthenticationEntryPointTests extends TestCase {
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public void testDetectsMissingLoginFormUrl() throws Exception {
|
||||
+61
-1
@@ -1,6 +1,6 @@
|
||||
package org.springframework.security.web.authentication.preauth;
|
||||
|
||||
import static org.junit.Assert.assertNull;
|
||||
import static org.junit.Assert.*;
|
||||
import static org.mockito.Matchers.any;
|
||||
import static org.mockito.Mockito.*;
|
||||
|
||||
@@ -9,6 +9,9 @@ import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.mockito.invocation.InvocationOnMock;
|
||||
import org.mockito.stubbing.Answer;
|
||||
import org.springframework.mock.web.MockFilterChain;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
@@ -55,4 +58,61 @@ public class AbstractPreAuthenticatedProcessingFilterTests {
|
||||
assertNull(SecurityContextHolder.getContext().getAuthentication());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testAfterPropertiesSet() {
|
||||
ConcretePreAuthenticatedProcessingFilter filter = new ConcretePreAuthenticatedProcessingFilter();
|
||||
try {
|
||||
filter.afterPropertiesSet();
|
||||
fail("AfterPropertiesSet didn't throw expected exception");
|
||||
} catch (IllegalArgumentException expected) {
|
||||
} catch (Exception unexpected) {
|
||||
fail("AfterPropertiesSet throws unexpected exception");
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDoFilterAuthenticated() throws Exception {
|
||||
testDoFilter(true);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDoFilterUnauthenticated() throws Exception {
|
||||
testDoFilter(false);
|
||||
}
|
||||
|
||||
private void testDoFilter(boolean grantAccess) throws Exception {
|
||||
MockHttpServletRequest req = new MockHttpServletRequest();
|
||||
MockHttpServletResponse res = new MockHttpServletResponse();
|
||||
getFilter(grantAccess).doFilter(req,res,new MockFilterChain());
|
||||
assertEquals(grantAccess, null != SecurityContextHolder.getContext().getAuthentication());
|
||||
}
|
||||
|
||||
private static ConcretePreAuthenticatedProcessingFilter getFilter(boolean grantAccess) throws Exception {
|
||||
ConcretePreAuthenticatedProcessingFilter filter = new ConcretePreAuthenticatedProcessingFilter();
|
||||
AuthenticationManager am = mock(AuthenticationManager.class);
|
||||
|
||||
if (!grantAccess) {
|
||||
when(am.authenticate(any(Authentication.class))).thenThrow(new BadCredentialsException(""));
|
||||
} else {
|
||||
when(am.authenticate(any(Authentication.class))).thenAnswer(new Answer<Authentication>() {
|
||||
public Authentication answer(InvocationOnMock invocation) throws Throwable {
|
||||
return (Authentication) invocation.getArguments()[0];
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
filter.setAuthenticationManager(am);
|
||||
filter.afterPropertiesSet();
|
||||
return filter;
|
||||
}
|
||||
|
||||
private static class ConcretePreAuthenticatedProcessingFilter extends AbstractPreAuthenticatedProcessingFilter {
|
||||
protected Object getPreAuthenticatedPrincipal(HttpServletRequest httpRequest) {
|
||||
return "testPrincipal";
|
||||
}
|
||||
protected Object getPreAuthenticatedCredentials(HttpServletRequest httpRequest) {
|
||||
return "testCredentials";
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
-87
@@ -1,87 +0,0 @@
|
||||
package org.springframework.security.web.authentication.preauth;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.fail;
|
||||
import static org.mockito.Matchers.any;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.junit.After;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.mockito.invocation.InvocationOnMock;
|
||||
import org.mockito.stubbing.Answer;
|
||||
import org.springframework.mock.web.MockFilterChain;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
|
||||
public class PreAuthenticatedProcessingFilterTests {
|
||||
@After
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testAfterPropertiesSet() {
|
||||
ConcretePreAuthenticatedProcessingFilter filter = new ConcretePreAuthenticatedProcessingFilter();
|
||||
try {
|
||||
filter.afterPropertiesSet();
|
||||
fail("AfterPropertiesSet didn't throw expected exception");
|
||||
} catch (IllegalArgumentException expected) {
|
||||
} catch (Exception unexpected) {
|
||||
fail("AfterPropertiesSet throws unexpected exception");
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDoFilterAuthenticated() throws Exception {
|
||||
testDoFilter(true);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDoFilterUnauthenticated() throws Exception {
|
||||
testDoFilter(false);
|
||||
}
|
||||
|
||||
private void testDoFilter(boolean grantAccess) throws Exception {
|
||||
MockHttpServletRequest req = new MockHttpServletRequest();
|
||||
MockHttpServletResponse res = new MockHttpServletResponse();
|
||||
getFilter(grantAccess).doFilter(req,res,new MockFilterChain());
|
||||
assertEquals(grantAccess,null!= SecurityContextHolder.getContext().getAuthentication());
|
||||
}
|
||||
|
||||
private static ConcretePreAuthenticatedProcessingFilter getFilter(boolean grantAccess) throws Exception {
|
||||
ConcretePreAuthenticatedProcessingFilter filter = new ConcretePreAuthenticatedProcessingFilter();
|
||||
AuthenticationManager am = mock(AuthenticationManager.class);
|
||||
|
||||
if (!grantAccess) {
|
||||
when(am.authenticate(any(Authentication.class))).thenThrow(new BadCredentialsException(""));
|
||||
} else {
|
||||
when(am.authenticate(any(Authentication.class))).thenAnswer(new Answer<Authentication>() {
|
||||
public Authentication answer(InvocationOnMock invocation) throws Throwable {
|
||||
return (Authentication) invocation.getArguments()[0];
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
filter.setAuthenticationManager(am);
|
||||
filter.afterPropertiesSet();
|
||||
return filter;
|
||||
}
|
||||
|
||||
private static class ConcretePreAuthenticatedProcessingFilter extends AbstractPreAuthenticatedProcessingFilter {
|
||||
protected Object getPreAuthenticatedPrincipal(HttpServletRequest httpRequest) {
|
||||
return "testPrincipal";
|
||||
}
|
||||
protected Object getPreAuthenticatedCredentials(HttpServletRequest httpRequest) {
|
||||
return "testCredentials";
|
||||
}
|
||||
}
|
||||
}
|
||||
+6
-6
@@ -16,7 +16,7 @@ import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.authentication.preauth.PreAuthenticatedCredentialsNotFoundException;
|
||||
import org.springframework.security.web.authentication.preauth.RequestHeaderPreAuthenticatedProcessingFilter;
|
||||
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter;
|
||||
|
||||
/**
|
||||
*
|
||||
@@ -36,7 +36,7 @@ public class RequestHeaderPreAuthenticatedProcessingFilterTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
MockFilterChain chain = new MockFilterChain();
|
||||
RequestHeaderPreAuthenticatedProcessingFilter filter = new RequestHeaderPreAuthenticatedProcessingFilter();
|
||||
RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter();
|
||||
|
||||
filter.doFilter(request, response, chain);
|
||||
}
|
||||
@@ -47,7 +47,7 @@ public class RequestHeaderPreAuthenticatedProcessingFilterTests {
|
||||
request.addHeader("SM_USER", "cat");
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
MockFilterChain chain = new MockFilterChain();
|
||||
RequestHeaderPreAuthenticatedProcessingFilter filter = new RequestHeaderPreAuthenticatedProcessingFilter();
|
||||
RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter();
|
||||
filter.setAuthenticationManager(createAuthenticationManager());
|
||||
|
||||
filter.doFilter(request, response, chain);
|
||||
@@ -62,7 +62,7 @@ public class RequestHeaderPreAuthenticatedProcessingFilterTests {
|
||||
request.addHeader("myUsernameHeader", "wolfman");
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
MockFilterChain chain = new MockFilterChain();
|
||||
RequestHeaderPreAuthenticatedProcessingFilter filter = new RequestHeaderPreAuthenticatedProcessingFilter();
|
||||
RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter();
|
||||
filter.setAuthenticationManager(createAuthenticationManager());
|
||||
filter.setPrincipalRequestHeader("myUsernameHeader");
|
||||
|
||||
@@ -76,7 +76,7 @@ public class RequestHeaderPreAuthenticatedProcessingFilterTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
MockFilterChain chain = new MockFilterChain();
|
||||
RequestHeaderPreAuthenticatedProcessingFilter filter = new RequestHeaderPreAuthenticatedProcessingFilter();
|
||||
RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter();
|
||||
filter.setAuthenticationManager(createAuthenticationManager());
|
||||
filter.setCredentialsRequestHeader("myCredentialsHeader");
|
||||
request.addHeader("SM_USER", "cat");
|
||||
@@ -91,7 +91,7 @@ public class RequestHeaderPreAuthenticatedProcessingFilterTests {
|
||||
public void userIsReauthenticatedIfPrincipalChangesAndCheckForPrincipalChangesIsSet() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
RequestHeaderPreAuthenticatedProcessingFilter filter = new RequestHeaderPreAuthenticatedProcessingFilter();
|
||||
RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter();
|
||||
filter.setAuthenticationManager(createAuthenticationManager());
|
||||
filter.setCheckForPrincipalChanges(true);
|
||||
request.addHeader("SM_USER", "cat");
|
||||
|
||||
+7
-9
@@ -45,12 +45,12 @@ import org.springframework.security.web.authentication.RememberMeServices;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link RememberMeProcessingFilter}.
|
||||
* Tests {@link RememberMeAuthenticationFilter}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class RememberMeProcessingFilterTests extends TestCase {
|
||||
public class RememberMeAuthenticationFilterTests extends TestCase {
|
||||
Authentication remembered = new TestingAuthenticationToken("remembered", "password","ROLE_REMEMBERED");
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
@@ -63,17 +63,15 @@ public class RememberMeProcessingFilterTests extends TestCase {
|
||||
}
|
||||
|
||||
protected void setUp() throws Exception {
|
||||
super.setUp();
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
|
||||
protected void tearDown() throws Exception {
|
||||
super.tearDown();
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
|
||||
public void testDetectsAuthenticationManagerProperty() throws Exception {
|
||||
RememberMeProcessingFilter filter = new RememberMeProcessingFilter();
|
||||
RememberMeAuthenticationFilter filter = new RememberMeAuthenticationFilter();
|
||||
filter.setAuthenticationManager(mock(AuthenticationManager.class));
|
||||
filter.setRememberMeServices(new NullRememberMeServices());
|
||||
|
||||
@@ -90,7 +88,7 @@ public class RememberMeProcessingFilterTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testDetectsRememberMeServicesProperty() throws Exception {
|
||||
RememberMeProcessingFilter filter = new RememberMeProcessingFilter();
|
||||
RememberMeAuthenticationFilter filter = new RememberMeAuthenticationFilter();
|
||||
filter.setAuthenticationManager(mock(AuthenticationManager.class));
|
||||
|
||||
// check default is NullRememberMeServices
|
||||
@@ -117,7 +115,7 @@ public class RememberMeProcessingFilterTests extends TestCase {
|
||||
SecurityContextHolder.getContext().setAuthentication(originalAuth);
|
||||
|
||||
// Setup our filter correctly
|
||||
RememberMeProcessingFilter filter = new RememberMeProcessingFilter();
|
||||
RememberMeAuthenticationFilter filter = new RememberMeAuthenticationFilter();
|
||||
filter.setAuthenticationManager(mock(AuthenticationManager.class));
|
||||
filter.setRememberMeServices(new MockRememberMeServices(remembered));
|
||||
filter.afterPropertiesSet();
|
||||
@@ -134,7 +132,7 @@ public class RememberMeProcessingFilterTests extends TestCase {
|
||||
|
||||
public void testOperationWhenNoAuthenticationInContextHolder() throws Exception {
|
||||
|
||||
RememberMeProcessingFilter filter = new RememberMeProcessingFilter();
|
||||
RememberMeAuthenticationFilter filter = new RememberMeAuthenticationFilter();
|
||||
AuthenticationManager am = mock(AuthenticationManager.class);
|
||||
when(am.authenticate(remembered)).thenReturn(remembered);
|
||||
filter.setAuthenticationManager(am);
|
||||
@@ -153,7 +151,7 @@ public class RememberMeProcessingFilterTests extends TestCase {
|
||||
public void testOnUnsuccessfulLoginIsCalledWhenProviderRejectsAuth() throws Exception {
|
||||
final Authentication failedAuth = new TestingAuthenticationToken("failed", "");
|
||||
|
||||
RememberMeProcessingFilter filter = new RememberMeProcessingFilter() {
|
||||
RememberMeAuthenticationFilter filter = new RememberMeAuthenticationFilter() {
|
||||
protected void onUnsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) {
|
||||
super.onUnsuccessfulAuthentication(request, response, failed);
|
||||
SecurityContextHolder.getContext().setAuthentication(failedAuth);
|
||||
+25
-25
@@ -48,17 +48,17 @@ import org.springframework.security.web.DefaultRedirectStrategy;
|
||||
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.authentication.switchuser.SwitchUserAuthorityChanger;
|
||||
import org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority;
|
||||
import org.springframework.security.web.authentication.switchuser.SwitchUserProcessingFilter;
|
||||
import org.springframework.security.web.authentication.switchuser.SwitchUserFilter;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link org.springframework.security.web.authentication.switchuser.SwitchUserProcessingFilter}.
|
||||
* Tests {@link org.springframework.security.web.authentication.switchuser.SwitchUserFilter}.
|
||||
*
|
||||
* @author Mark St.Godard
|
||||
* @author Luke Taylor
|
||||
* @version $Id$
|
||||
*/
|
||||
public class SwitchUserProcessingFilterTests {
|
||||
public class SwitchUserFilterTests {
|
||||
private final static List<GrantedAuthority> ROLES_12 = AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO");
|
||||
|
||||
@Before
|
||||
@@ -83,9 +83,9 @@ public class SwitchUserProcessingFilterTests {
|
||||
|
||||
private Authentication switchToUser(String name) {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, name);
|
||||
request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, name);
|
||||
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setUserDetailsService(new MockUserDetailsService());
|
||||
|
||||
return filter.attemptSwitchUser(request);
|
||||
@@ -94,7 +94,7 @@ public class SwitchUserProcessingFilterTests {
|
||||
|
||||
@Test
|
||||
public void requiresExitUserMatchesCorrectly() {
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setExitUserUrl("/j_spring_security_my_exit_user");
|
||||
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
@@ -105,7 +105,7 @@ public class SwitchUserProcessingFilterTests {
|
||||
|
||||
@Test
|
||||
public void requiresSwitchMatchesCorrectly() {
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setSwitchUserUrl("/j_spring_security_my_switch_user");
|
||||
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
@@ -118,9 +118,9 @@ public class SwitchUserProcessingFilterTests {
|
||||
public void attemptSwitchToUnknownUserFails() throws Exception {
|
||||
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "user-that-doesnt-exist");
|
||||
request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "user-that-doesnt-exist");
|
||||
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setUserDetailsService(new MockUserDetailsService());
|
||||
filter.attemptSwitchUser(request);
|
||||
}
|
||||
@@ -154,9 +154,9 @@ public class SwitchUserProcessingFilterTests {
|
||||
public void switchToLockedAccountCausesRedirectToSwitchFailureUrl() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setRequestURI("/j_spring_security_switch_user");
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "mcgarrett");
|
||||
request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "mcgarrett");
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setTargetUrl("/target");
|
||||
filter.setUserDetailsService(new MockUserDetailsService());
|
||||
filter.afterPropertiesSet();
|
||||
@@ -171,7 +171,7 @@ public class SwitchUserProcessingFilterTests {
|
||||
// Now check for the redirect
|
||||
request.setContextPath("/mywebapp");
|
||||
request.setRequestURI("/mywebapp/j_spring_security_switch_user");
|
||||
filter = new SwitchUserProcessingFilter();
|
||||
filter = new SwitchUserFilter();
|
||||
filter.setTargetUrl("/target");
|
||||
filter.setUserDetailsService(new MockUserDetailsService());
|
||||
filter.setSwitchFailureUrl("/switchfailed");
|
||||
@@ -188,7 +188,7 @@ public class SwitchUserProcessingFilterTests {
|
||||
|
||||
@Test(expected=IllegalArgumentException.class)
|
||||
public void configMissingUserDetailsServiceFails() throws Exception {
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setSwitchUserUrl("/j_spring_security_switch_user");
|
||||
filter.setExitUserUrl("/j_spring_security_exit_user");
|
||||
filter.setTargetUrl("/main.jsp");
|
||||
@@ -197,7 +197,7 @@ public class SwitchUserProcessingFilterTests {
|
||||
|
||||
@Test(expected=IllegalArgumentException.class)
|
||||
public void testBadConfigMissingTargetUrl() throws Exception {
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setUserDetailsService(new MockUserDetailsService());
|
||||
filter.setSwitchUserUrl("/j_spring_security_switch_user");
|
||||
filter.setExitUserUrl("/j_spring_security_exit_user");
|
||||
@@ -207,7 +207,7 @@ public class SwitchUserProcessingFilterTests {
|
||||
@Test
|
||||
public void defaultProcessesFilterUrlMatchesUrlWithPathParameter() {
|
||||
MockHttpServletRequest request = createMockSwitchRequest();
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setSwitchUserUrl("/j_spring_security_switch_user");
|
||||
|
||||
request.setRequestURI("/webapp/j_spring_security_switch_user;jsessionid=8JHDUD723J8");
|
||||
@@ -232,7 +232,7 @@ public class SwitchUserProcessingFilterTests {
|
||||
request.setRequestURI("/j_spring_security_exit_user");
|
||||
|
||||
// setup filter
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setUserDetailsService(new MockUserDetailsService());
|
||||
filter.setExitUserUrl("/j_spring_security_exit_user");
|
||||
filter.setSuccessHandler(new SimpleUrlAuthenticationSuccessHandler("/webapp/someOtherUrl"));
|
||||
@@ -259,7 +259,7 @@ public class SwitchUserProcessingFilterTests {
|
||||
request.setRequestURI("/j_spring_security_exit_user");
|
||||
|
||||
// setup filter
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setUserDetailsService(new MockUserDetailsService());
|
||||
filter.setExitUserUrl("/j_spring_security_exit_user");
|
||||
|
||||
@@ -275,10 +275,10 @@ public class SwitchUserProcessingFilterTests {
|
||||
public void redirectToTargetUrlIsCorrect() throws Exception {
|
||||
MockHttpServletRequest request = createMockSwitchRequest();
|
||||
request.setContextPath("/webapp");
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
request.setRequestURI("/webapp/j_spring_security_switch_user");
|
||||
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setSwitchUserUrl("/j_spring_security_switch_user");
|
||||
filter.setSuccessHandler(new SimpleUrlAuthenticationSuccessHandler("/someOtherUrl"));
|
||||
filter.setUserDetailsService(new MockUserDetailsService());
|
||||
@@ -301,10 +301,10 @@ public class SwitchUserProcessingFilterTests {
|
||||
|
||||
MockHttpServletRequest request = createMockSwitchRequest();
|
||||
request.setContextPath("/webapp");
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
request.setRequestURI("/webapp/j_spring_security_switch_user");
|
||||
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setSwitchUserUrl("/j_spring_security_switch_user");
|
||||
SimpleUrlAuthenticationSuccessHandler switchSuccessHandler =
|
||||
new SimpleUrlAuthenticationSuccessHandler("/someOtherUrl");
|
||||
@@ -334,13 +334,13 @@ public class SwitchUserProcessingFilterTests {
|
||||
// http request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setRequestURI("/webapp/j_spring_security_switch_user");
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
|
||||
// http response
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
// setup filter
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setUserDetailsService(new MockUserDetailsService());
|
||||
filter.setSwitchUserUrl("/j_spring_security_switch_user");
|
||||
filter.setSuccessHandler(new SimpleUrlAuthenticationSuccessHandler("/webapp/someOtherUrl"));
|
||||
@@ -364,9 +364,9 @@ public class SwitchUserProcessingFilterTests {
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter(SwitchUserProcessingFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
|
||||
SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setUserDetailsService(new MockUserDetailsService());
|
||||
filter.setSwitchUserAuthorityChanger(new SwitchUserAuthorityChanger() {
|
||||
public Collection<GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, Collection<GrantedAuthority> authoritiesToBeGranted) {
|
||||
+9
-9
@@ -18,32 +18,32 @@ package org.springframework.security.web.authentication.www;
|
||||
import junit.framework.TestCase;
|
||||
|
||||
import org.springframework.security.authentication.DisabledException;
|
||||
import org.springframework.security.web.authentication.www.BasicProcessingFilterEntryPoint;
|
||||
import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link BasicProcessingFilterEntryPoint}.
|
||||
* Tests {@link BasicAuthenticationEntryPoint}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class BasicProcessingFilterEntryPointTests extends TestCase {
|
||||
public class BasicAuthenticationEntryPointTests extends TestCase {
|
||||
//~ Constructors ===================================================================================================
|
||||
|
||||
public BasicProcessingFilterEntryPointTests() {
|
||||
public BasicAuthenticationEntryPointTests() {
|
||||
super();
|
||||
}
|
||||
|
||||
public BasicProcessingFilterEntryPointTests(String arg0) {
|
||||
public BasicAuthenticationEntryPointTests(String arg0) {
|
||||
super(arg0);
|
||||
}
|
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
public static void main(String[] args) {
|
||||
junit.textui.TestRunner.run(BasicProcessingFilterEntryPointTests.class);
|
||||
junit.textui.TestRunner.run(BasicAuthenticationEntryPointTests.class);
|
||||
}
|
||||
|
||||
public final void setUp() throws Exception {
|
||||
@@ -51,7 +51,7 @@ public class BasicProcessingFilterEntryPointTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testDetectsMissingRealmName() throws Exception {
|
||||
BasicProcessingFilterEntryPoint ep = new BasicProcessingFilterEntryPoint();
|
||||
BasicAuthenticationEntryPoint ep = new BasicAuthenticationEntryPoint();
|
||||
|
||||
try {
|
||||
ep.afterPropertiesSet();
|
||||
@@ -62,13 +62,13 @@ public class BasicProcessingFilterEntryPointTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testGettersSetters() {
|
||||
BasicProcessingFilterEntryPoint ep = new BasicProcessingFilterEntryPoint();
|
||||
BasicAuthenticationEntryPoint ep = new BasicAuthenticationEntryPoint();
|
||||
ep.setRealmName("realm");
|
||||
assertEquals("realm", ep.getRealmName());
|
||||
}
|
||||
|
||||
public void testNormalOperation() throws Exception {
|
||||
BasicProcessingFilterEntryPoint ep = new BasicProcessingFilterEntryPoint();
|
||||
BasicAuthenticationEntryPoint ep = new BasicAuthenticationEntryPoint();
|
||||
|
||||
ep.setRealmName("hello");
|
||||
|
||||
+8
-8
@@ -46,15 +46,15 @@ import org.springframework.security.web.authentication.WebAuthenticationDetails;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link BasicProcessingFilter}.
|
||||
* Tests {@link BasicAuthenticationFilter}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class BasicProcessingFilterTests {
|
||||
public class BasicAuthenticationFilterTests {
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
private BasicProcessingFilter filter;
|
||||
private BasicAuthenticationFilter filter;
|
||||
private AuthenticationManager manager;
|
||||
// private Mockery jmock = new JUnit4Mockery();
|
||||
|
||||
@@ -86,9 +86,9 @@ public class BasicProcessingFilterTests {
|
||||
when(manager.authenticate(rodRequest)).thenReturn(rod);
|
||||
when(manager.authenticate(not(eq(rodRequest)))).thenThrow(new BadCredentialsException(""));
|
||||
|
||||
filter = new BasicProcessingFilter();
|
||||
filter = new BasicAuthenticationFilter();
|
||||
filter.setAuthenticationManager(manager);
|
||||
filter.setAuthenticationEntryPoint(new BasicProcessingFilterEntryPoint());
|
||||
filter.setAuthenticationEntryPoint(new BasicAuthenticationEntryPoint());
|
||||
}
|
||||
|
||||
@After
|
||||
@@ -110,7 +110,7 @@ public class BasicProcessingFilterTests {
|
||||
|
||||
@Test
|
||||
public void testGettersSetters() {
|
||||
BasicProcessingFilter filter = new BasicProcessingFilter();
|
||||
BasicAuthenticationFilter filter = new BasicAuthenticationFilter();
|
||||
filter.setAuthenticationManager(manager);
|
||||
assertTrue(filter.getAuthenticationManager() != null);
|
||||
|
||||
@@ -166,14 +166,14 @@ public class BasicProcessingFilterTests {
|
||||
|
||||
@Test(expected=IllegalArgumentException.class)
|
||||
public void testStartupDetectsMissingAuthenticationEntryPoint() throws Exception {
|
||||
BasicProcessingFilter filter = new BasicProcessingFilter();
|
||||
BasicAuthenticationFilter filter = new BasicAuthenticationFilter();
|
||||
filter.setAuthenticationManager(manager);
|
||||
filter.afterPropertiesSet();
|
||||
}
|
||||
|
||||
@Test(expected=IllegalArgumentException.class)
|
||||
public void testStartupDetectsMissingAuthenticationManager() throws Exception {
|
||||
BasicProcessingFilter filter = new BasicProcessingFilter();
|
||||
BasicAuthenticationFilter filter = new BasicAuthenticationFilter();
|
||||
filter.setAuthenticationEntryPoint(mock(AuthenticationEntryPoint.class));
|
||||
filter.afterPropertiesSet();
|
||||
}
|
||||
+7
-7
@@ -28,12 +28,12 @@ import org.springframework.util.StringUtils;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link DigestProcessingFilterEntryPoint}.
|
||||
* Tests {@link DigestAuthenticationEntryPoint}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class DigestProcessingFilterEntryPointTests extends TestCase {
|
||||
public class DigestAuthenticationEntryPointTests extends TestCase {
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
private void checkNonceValid(String nonce) {
|
||||
@@ -51,7 +51,7 @@ public class DigestProcessingFilterEntryPointTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testDetectsMissingKey() throws Exception {
|
||||
DigestProcessingFilterEntryPoint ep = new DigestProcessingFilterEntryPoint();
|
||||
DigestAuthenticationEntryPoint ep = new DigestAuthenticationEntryPoint();
|
||||
ep.setRealmName("realm");
|
||||
|
||||
try {
|
||||
@@ -63,7 +63,7 @@ public class DigestProcessingFilterEntryPointTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testDetectsMissingRealmName() throws Exception {
|
||||
DigestProcessingFilterEntryPoint ep = new DigestProcessingFilterEntryPoint();
|
||||
DigestAuthenticationEntryPoint ep = new DigestAuthenticationEntryPoint();
|
||||
ep.setKey("dcdc");
|
||||
ep.setNonceValiditySeconds(12);
|
||||
|
||||
@@ -76,7 +76,7 @@ public class DigestProcessingFilterEntryPointTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testGettersSetters() {
|
||||
DigestProcessingFilterEntryPoint ep = new DigestProcessingFilterEntryPoint();
|
||||
DigestAuthenticationEntryPoint ep = new DigestAuthenticationEntryPoint();
|
||||
assertEquals(300, ep.getNonceValiditySeconds()); // 5 mins default
|
||||
ep.setRealmName("realm");
|
||||
assertEquals("realm", ep.getRealmName());
|
||||
@@ -87,7 +87,7 @@ public class DigestProcessingFilterEntryPointTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testNormalOperation() throws Exception {
|
||||
DigestProcessingFilterEntryPoint ep = new DigestProcessingFilterEntryPoint();
|
||||
DigestAuthenticationEntryPoint ep = new DigestAuthenticationEntryPoint();
|
||||
ep.setRealmName("hello");
|
||||
ep.setKey("key");
|
||||
|
||||
@@ -117,7 +117,7 @@ public class DigestProcessingFilterEntryPointTests extends TestCase {
|
||||
}
|
||||
|
||||
public void testOperationIfDueToStaleNonce() throws Exception {
|
||||
DigestProcessingFilterEntryPoint ep = new DigestProcessingFilterEntryPoint();
|
||||
DigestAuthenticationEntryPoint ep = new DigestAuthenticationEntryPoint();
|
||||
ep.setRealmName("hello");
|
||||
ep.setKey("key");
|
||||
|
||||
+10
-10
@@ -46,13 +46,13 @@ import org.springframework.util.StringUtils;
|
||||
|
||||
|
||||
/**
|
||||
* Tests {@link DigestProcessingFilter}.
|
||||
* Tests {@link DigestAuthenticationFilter}.
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @author Luke Taylor
|
||||
* @version $Id$
|
||||
*/
|
||||
public class DigestProcessingFilterTests {
|
||||
public class DigestAuthenticationFilterTests {
|
||||
//~ Static fields/initializers =====================================================================================
|
||||
|
||||
private static final String NC = "00000002";
|
||||
@@ -72,7 +72,7 @@ public class DigestProcessingFilterTests {
|
||||
//~ Instance fields ================================================================================================
|
||||
|
||||
// private ApplicationContext ctx;
|
||||
private DigestProcessingFilter filter;
|
||||
private DigestAuthenticationFilter filter;
|
||||
private MockHttpServletRequest request;
|
||||
|
||||
|
||||
@@ -124,11 +124,11 @@ public class DigestProcessingFilterTests {
|
||||
editor.setAsText("rod,ok=koala,ROLE_ONE,ROLE_TWO,enabled\r\n");
|
||||
dao.setUserMap((UserMap) editor.getValue());
|
||||
|
||||
DigestProcessingFilterEntryPoint ep = new DigestProcessingFilterEntryPoint();
|
||||
DigestAuthenticationEntryPoint ep = new DigestAuthenticationEntryPoint();
|
||||
ep.setRealmName(REALM);
|
||||
ep.setKey(KEY);
|
||||
|
||||
filter = new DigestProcessingFilter();
|
||||
filter = new DigestAuthenticationFilter();
|
||||
filter.setUserDetailsService(dao);
|
||||
filter.setAuthenticationEntryPoint(ep);
|
||||
|
||||
@@ -169,11 +169,11 @@ public class DigestProcessingFilterTests {
|
||||
|
||||
@Test
|
||||
public void testGettersSetters() {
|
||||
DigestProcessingFilter filter = new DigestProcessingFilter();
|
||||
DigestAuthenticationFilter filter = new DigestAuthenticationFilter();
|
||||
filter.setUserDetailsService(new InMemoryDaoImpl());
|
||||
assertTrue(filter.getUserDetailsService() != null);
|
||||
|
||||
filter.setAuthenticationEntryPoint(new DigestProcessingFilterEntryPoint());
|
||||
filter.setAuthenticationEntryPoint(new DigestAuthenticationEntryPoint());
|
||||
assertTrue(filter.getAuthenticationEntryPoint() != null);
|
||||
|
||||
filter.setUserCache(null);
|
||||
@@ -329,15 +329,15 @@ public class DigestProcessingFilterTests {
|
||||
|
||||
@Test(expected=IllegalArgumentException.class)
|
||||
public void startupDetectsMissingAuthenticationEntryPoint() throws Exception {
|
||||
DigestProcessingFilter filter = new DigestProcessingFilter();
|
||||
DigestAuthenticationFilter filter = new DigestAuthenticationFilter();
|
||||
filter.setUserDetailsService(new InMemoryDaoImpl());
|
||||
filter.afterPropertiesSet();
|
||||
}
|
||||
|
||||
@Test(expected=IllegalArgumentException.class)
|
||||
public void startupDetectsMissingUserDetailsService() throws Exception {
|
||||
DigestProcessingFilter filter = new DigestProcessingFilter();
|
||||
filter.setAuthenticationEntryPoint(new DigestProcessingFilterEntryPoint());
|
||||
DigestAuthenticationFilter filter = new DigestAuthenticationFilter();
|
||||
filter.setAuthenticationEntryPoint(new DigestAuthenticationEntryPoint());
|
||||
filter.afterPropertiesSet();
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user